###################################################
# Test harness for remote signer from Tendermint
# Configure the version of Tendermint here against which you want to run
# integration tests
ARG TENDERMINT_VERSION=latest
FROM tendermint/tm-signer-harness:${TENDERMINT_VERSION} AS harness
USER root
RUN mkdir -p /harness
# We need this script to generate configuration for the KMS
COPY tests/support/gen-validator-integration-cfg.sh /harness/
# Generate the base configuration data for the Tendermint validator for use
# during integration testing. This will generate the data, by default, in the
# /tendermint directory.
RUN tendermint init --home=/harness && \
tm-signer-harness extract_key --tmhome=/harness --output=/harness/signing.key && \
cd /harness && \
chmod +x gen-validator-integration-cfg.sh && \
TMHOME=/harness sh ./gen-validator-integration-cfg.sh
###################################################
# Tendermint KMS Dockerfile
FROM centos:7 AS build
# Install/update RPMs
RUN yum update -y && \
yum groupinstall -y "Development Tools" && \
yum install -y \
centos-release-scl \
cmake \
epel-release \
libudev-devel \
libusbx-devel \
openssl-devel \
sudo && \
yum install -y --enablerepo=epel libsodium-devel && \
yum install -y --enablerepo=centos-sclo-rh llvm-toolset-7 && \
yum clean all && \
rm -rf /var/cache/yum
# Set environment variables to enable SCL packages (llvm-toolset-7)
ENV LD_LIBRARY_PATH=/opt/rh/llvm-toolset-7/root/usr/lib64
ENV PATH "/opt/rh/llvm-toolset-7/root/usr/bin:/opt/rh/llvm-toolset-7/root/usr/sbin:$PATH"
ENV PKG_CONFIG_PATH=/opt/rh/llvm-toolset-7/root/usr/lib64/pkgconfig
ENV X_SCLS llvm-toolset-7
# Create "developer" user
RUN useradd developer && \
echo 'developer ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/developer
# Switch to the "developer" user
USER developer
WORKDIR /home/developer
# Include cargo in the path
ENV PATH "$PATH:/home/developer/.cargo/bin"
# Install rustup
RUN curl https://sh.rustup.rs -sSf | sh -s -- -y && \
rustup update && \
rustup component add rustfmt && \
rustup component add clippy && \
cargo install cargo-audit
# Configure Rust environment variables
ENV RUSTFLAGS "-Ctarget-feature=+aes,+ssse3"
ENV RUST_BACKTRACE full
###################################################
# Remote validator integration testing
# We need the generated harness and Tendermint configuration
COPY --from=harness /harness /harness
# We need the test harness binary
COPY --from=harness /usr/bin/tm-signer-harness /usr/bin/tm-signer-harness
# We need a secret connection key
COPY tests/support/secret_connection.key /harness/
USER root
# Ensure the /harness folder has the right owner
RUN chown -R developer /harness
USER developer