Skip to content

Add capability registry address to user context #461

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
timothyF95 wants to merge 11 commits into
base: main
Choose a base branch
from
Open

Add capability registry address to user context #461

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
c8367bd
Fix context propagation in execute operations
timothyF95 May 28, 2026
c759f88
Fix unit test
timothyF95 May 29, 2026
1068206
Fix second unit test
timothyF95 May 29, 2026
25a0a56
Refactor of ctx prop
timothyF95 May 29, 2026
46af650
Use test handler to avoid ctx nil panics
timothyF95 May 29, 2026
173d08e
lint
timothyF95 May 29, 2026
d047162
Remove test handler
timothyF95 Jun 1, 2026
32dae74
Merge branch 'main' into fix/ctx-propagation-execute
timothyF95 Jun 1, 2026
9154b49
Add capability registry address to user context
timothyF95 Jun 1, 2026
6616b25
Merge branch 'main' into add-capreg-tenantcontext
timothyF95 Jun 2, 2026
c3f0c3c
Lint
timothyF95 Jun 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cmd/secrets/common/browser_flow.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -224,7 +224,7 @@ func (h *Handler) ExecuteBrowserVaultAuthorization(ctx context.Context, method s
})
var exchangeResp struct {
ExchangeAuthCodeToToken struct {
AccessToken string `json:"accessToken"`
AccessToken string `json:"accessToken"` // #nosec G117 -- OAuth token exchange response field
ExpiresIn int `json:"expiresIn"`
} `json:"exchangeAuthCodeToToken"`
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/workflow/hash/hash.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ type Inputs struct {
WorkflowName string
WorkflowPath string
OwnerFromSettings string
PrivateKey string
PrivateKey string // #nosec G117 -- workflow owner private key flag value, not persisted
SkipTypeChecks bool
RegistryType settings.RegistryType
DerivedOwner string
Expand Down
52 changes: 41 additions & 11 deletions internal/tenantctx/tenantctx.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,26 +38,39 @@ type Forwarder struct {
Address string `yaml:"address" json:"address"`
}

// OnChainContract is a chain selector and contract address pair.
type OnChainContract struct {
ChainSelector uint64 `yaml:"chain_selector" json:"chainSelector"`
Address string `yaml:"address" json:"address"`
}

// EnvironmentContext holds user context for a single CLI environment.
type EnvironmentContext struct {
TenantID string `yaml:"tenant_id"`
DefaultDonFamily string `yaml:"default_don_family"`
VaultGatewayURL string `yaml:"vault_gateway_url"`
Registries []*Registry `yaml:"registries"`
Forwarders []Forwarder `yaml:"forwarders,omitempty"`
TenantID string `yaml:"tenant_id"`
DefaultDonFamily string `yaml:"default_don_family"`
VaultGatewayURL string `yaml:"vault_gateway_url"`
CapabilitiesRegistry *OnChainContract `yaml:"capabilities_registry,omitempty"`
Registries []*Registry `yaml:"registries"`
Forwarders []Forwarder `yaml:"forwarders,omitempty"`
}

type gqlForwarder struct {
ChainSelector json.RawMessage `json:"chainSelector"`
Address string `json:"address"`
}

type gqlOnChainContract struct {
ChainSelector json.RawMessage `json:"chainSelector"`
Address string `json:"address"`
}

type getTenantConfigResponse struct {
GetTenantConfig struct {
TenantID string `json:"tenantId"`
DefaultDonFamily string `json:"defaultDonFamily"`
VaultGatewayURL string `json:"vaultGatewayUrl"`
Registries []struct {
TenantID string `json:"tenantId"`
DefaultDonFamily string `json:"defaultDonFamily"`
VaultGatewayURL string `json:"vaultGatewayUrl"`
CapabilitiesRegistry gqlOnChainContract `json:"capabilitiesRegistry"`
Registries []struct {
ID string `json:"id"`
Label string `json:"label"`
Type string `json:"type"`
Expand All @@ -74,6 +87,10 @@ const getTenantConfigQuery = `query GetTenantConfig {
tenantId
defaultDonFamily
vaultGatewayUrl
capabilitiesRegistry {
chainSelector
address
}
registries {
id
label
Expand Down Expand Up @@ -142,12 +159,25 @@ func FetchAndWriteContext(ctx context.Context, gqlClient *graphqlclient.Client,
forwarders = append(forwarders, Forwarder{ChainSelector: sel, Address: addr})
}

capRegSel, err := parseChainSelectorJSON(tc.CapabilitiesRegistry.ChainSelector)
if err != nil {
return fmt.Errorf("invalid capabilitiesRegistry chainSelector: %w", err)
}
capRegAddr := strings.TrimSpace(tc.CapabilitiesRegistry.Address)
if capRegAddr == "" {
return fmt.Errorf("capabilitiesRegistry address is empty")
}

envCtx := &EnvironmentContext{
TenantID: tc.TenantID,
DefaultDonFamily: tc.DefaultDonFamily,
VaultGatewayURL: tc.VaultGatewayURL,
Registries: registries,
Forwarders: forwarders,
CapabilitiesRegistry: &OnChainContract{
ChainSelector: capRegSel,
Address: capRegAddr,
},
Registries: registries,
Forwarders: forwarders,
}

contextMap := map[string]*EnvironmentContext{
Expand Down
24 changes: 24 additions & 0 deletions internal/tenantctx/tenantctx_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,10 @@ func gqlResponseOnChainAndPrivate() map[string]any {
"tenantId": "42",
"defaultDonFamily": "zone-a",
"vaultGatewayUrl": "https://gateway.example.com/",
"capabilitiesRegistry": map[string]any{
"chainSelector": "16015286601757825753",
"address": "0x7f3191EaF73429177bAB3bAc5c36Ed2D5E39985f",
},
"registries": []any{
map[string]any{
"id": "ethereum-testnet-sepolia",
Expand Down Expand Up @@ -77,6 +81,10 @@ func gqlResponsePrivateOnly() map[string]any {
"tenantId": "99",
"defaultDonFamily": "zone-b",
"vaultGatewayUrl": "https://gateway-private.example.com/",
"capabilitiesRegistry": map[string]any{
"chainSelector": "5009297550715157269",
"address": "0x76c9cf548b4179F8901cda1f8623568b58215E62",
},
"registries": []any{
map[string]any{
"id": "private",
Expand Down Expand Up @@ -177,6 +185,16 @@ func TestFetchAndWriteContext_OnChainAndPrivate(t *testing.T) {
if f.Address != "0x15fC6ae953E024d975e77382eEeC56A9101f9F88" {
t.Errorf("forwarder address = %q, want Sepolia mock forwarder", f.Address)
}

if envCtx.CapabilitiesRegistry == nil {
t.Fatal("expected capabilitiesRegistry to be populated")
}
if envCtx.CapabilitiesRegistry.ChainSelector != 16015286601757825753 {
t.Errorf("capabilitiesRegistry chain selector = %d, want %d", envCtx.CapabilitiesRegistry.ChainSelector, uint64(16015286601757825753))
}
if envCtx.CapabilitiesRegistry.Address != "0x7f3191EaF73429177bAB3bAc5c36Ed2D5E39985f" {
t.Errorf("capabilitiesRegistry address = %q, want staging mainline cap reg", envCtx.CapabilitiesRegistry.Address)
}
}

func TestFetchAndWriteContext_PrivateOnly(t *testing.T) {
Expand Down Expand Up @@ -205,6 +223,12 @@ func TestFetchAndWriteContext_PrivateOnly(t *testing.T) {
if len(envCtx.Forwarders) != 0 {
t.Errorf("expected 0 forwarders, got %d", len(envCtx.Forwarders))
}
if envCtx.CapabilitiesRegistry == nil {
t.Fatal("expected capabilitiesRegistry to be populated")
}
if envCtx.CapabilitiesRegistry.ChainSelector != 5009297550715157269 {
t.Errorf("capabilitiesRegistry chain selector = %d, want %d", envCtx.CapabilitiesRegistry.ChainSelector, uint64(5009297550715157269))
}
}

func TestParseChainSelectorJSON(t *testing.T) {
Expand Down
16 changes: 16 additions & 0 deletions test/multi_command_flows/workflow_private_registry.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,10 @@ func workflowDeployPrivateRegistry(t *testing.T, tc TestConfig) string {
"tenantId": "42",
"defaultDonFamily": "test-don",
"vaultGatewayUrl": "https://vault.example.test",
"capabilitiesRegistry": map[string]any{
"chainSelector": "6433500567565415381",
"address": "0x5FbDB2315678afecb367f032d93F642f64180aa3",
},
"registries": []map[string]any{
{
"id": "reg-test",
Expand Down Expand Up @@ -325,6 +329,10 @@ func workflowPausePrivateRegistry(t *testing.T, tc TestConfig) string {
"tenantId": "42",
"defaultDonFamily": "test-don",
"vaultGatewayUrl": "https://vault.example.test",
"capabilitiesRegistry": map[string]any{
"chainSelector": "6433500567565415381",
"address": "0x5FbDB2315678afecb367f032d93F642f64180aa3",
},
"registries": []map[string]any{
{
"id": "reg-test",
Expand Down Expand Up @@ -495,6 +503,10 @@ func workflowActivatePrivateRegistry(t *testing.T, tc TestConfig) string {
"tenantId": "42",
"defaultDonFamily": "test-don",
"vaultGatewayUrl": "https://vault.example.test",
"capabilitiesRegistry": map[string]any{
"chainSelector": "6433500567565415381",
"address": "0x5FbDB2315678afecb367f032d93F642f64180aa3",
},
"registries": []map[string]any{
{
"id": "reg-test",
Expand Down Expand Up @@ -665,6 +677,10 @@ func workflowDeletePrivateRegistry(t *testing.T, tc TestConfig) string {
"tenantId": "42",
"defaultDonFamily": "test-don",
"vaultGatewayUrl": "https://vault.example.test",
"capabilitiesRegistry": map[string]any{
"chainSelector": "6433500567565415381",
"address": "0x5FbDB2315678afecb367f032d93F642f64180aa3",
},
"registries": []map[string]any{
{
"id": "reg-test",
Expand Down
Loading