feat(cat-gateway): Bumping to the latest cat-libs (#3544)

* wip

* wip

* fix

* add `admin_keys` catalyst signed docs settings

* wip

* wip

* wip

* wip

* fix

* fix lint

* fix

Author: Mr-Leshiy

catalyst-gateway/bin/Cargo.toml

@@ -15,12 +15,12 @@ repository.workspace = true
 workspace = true
 
 [dependencies]
-cardano-chain-follower = { version = "0.0.14", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "cardano-chain-follower/v0.0.14" }
-rbac-registration = { version = "0.0.10", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "rbac-registration/v0.0.10" }
-catalyst-signed-doc = { version = "0.0.7", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "catalyst-signed-doc/v0.0.7" }
+cardano-chain-follower = { version = "0.0.15", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "cardano-chain-follower/v0.0.15" }
+rbac-registration = { version = "0.0.11", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "rbac-registration/v0.0.11" }
+catalyst-signed-doc = { version = "0.0.8", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "catalyst-signed-doc/v0.0.8" }
 catalyst-signed-doc-v1 = { package = "catalyst-signed-doc", version = "0.0.4", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "catalyst-signed-doc/v.0.0.4" }
 c509-certificate = { version = "0.0.3", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "c509-certificate-v0.0.3" }
-catalyst-types = { version = "0.0.7", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "catalyst-types/v0.0.7" }
+catalyst-types = { version = "0.0.8", git = "https://github.com/input-output-hk/catalyst-libs.git", tag = "catalyst-types/v0.0.8" }
 
 clap = { version = "4.5.20", features = ["derive", "env"] }
 tracing = { version = "0.1.40", features = ["log"] }

catalyst-gateway/bin/src/db/event/signed_docs/tests/mod.rs

@@ -189,9 +189,9 @@ async fn filter_by_type(
     }
 }
 
-/// Pre-seeded Fund 14 documents `V3__signed_documents.sql` and
-/// `old_format_signed_doc.sql`
-const PRE_SEED_DATA: usize = 43;
+/// Pre-seeded documents `V3__signed_documents.sql`, `old_format_signed_doc.sql` and
+/// `test_signed_documents.sql`
+const PRE_SEED_DATA: usize = 45;
 
 async fn filter_all(docs: &[FullSignedDoc]) {
     let filter = DocsQueryFilter::all();

catalyst-gateway/bin/src/service/api/documents/common/mod.rs

@@ -49,6 +49,13 @@ impl catalyst_signed_doc::providers::CatalystSignedDocumentProvider for Validati
         self.doc_provider.try_get_last_doc(id).await
     }
 
+    async fn try_get_first_doc(
+        &self,
+        id: catalyst_signed_doc::UuidV7,
+    ) -> anyhow::Result<Option<CatalystSignedDocument>> {
+        self.doc_provider.try_get_first_doc(id).await
+    }
+
     fn future_threshold(&self) -> Option<std::time::Duration> {
         self.doc_provider.future_threshold()
     }
@@ -58,12 +65,14 @@ impl catalyst_signed_doc::providers::CatalystSignedDocumentProvider for Validati
     }
 }
 
-impl catalyst_signed_doc::providers::VerifyingKeyProvider for ValidationProvider {
-    async fn try_get_key(
+impl catalyst_signed_doc::providers::CatalystIdProvider for ValidationProvider {
+    async fn try_get_registered_key(
         &self,
         kid: &catalyst_signed_doc::CatalystId,
     ) -> anyhow::Result<Option<ed25519_dalek::VerifyingKey>> {
-        self.verifying_key_provider.try_get_key(kid).await
+        self.verifying_key_provider
+            .try_get_registered_key(kid)
+            .await
     }
 }
 
@@ -96,6 +105,17 @@ impl catalyst_signed_doc::providers::CatalystSignedDocumentProvider for DocProvi
         }
     }
 
+    async fn try_get_first_doc(
+        &self,
+        id: catalyst_signed_doc::UuidV7,
+    ) -> anyhow::Result<Option<CatalystSignedDocument>> {
+        match FullSignedDoc::retrieve(&id.uuid(), Some(&id.uuid())).await {
+            Ok(doc) => Ok(Some(doc.raw().try_into()?)),
+            Err(err) if err.is::<NotFoundError>() => Ok(None),
+            Err(err) => Err(err),
+        }
+    }
+
     fn future_threshold(&self) -> Option<std::time::Duration> {
         let signed_doc_cfg = Settings::signed_doc_cfg();
         Some(signed_doc_cfg.future_threshold())
@@ -141,8 +161,8 @@ pub(crate) struct VerifyingKeyProvider(
     HashMap<catalyst_signed_doc::CatalystId, ed25519_dalek::VerifyingKey>,
 );
 
-impl catalyst_signed_doc::providers::VerifyingKeyProvider for VerifyingKeyProvider {
-    async fn try_get_key(
+impl catalyst_signed_doc::providers::CatalystIdProvider for VerifyingKeyProvider {
+    async fn try_get_registered_key(
         &self,
         kid: &catalyst_signed_doc::CatalystId,
     ) -> anyhow::Result<Option<ed25519_dalek::VerifyingKey>> {

catalyst-gateway/bin/src/settings/mod.rs

@@ -200,7 +200,7 @@ static ENV_VARS: LazyLock<EnvVars> = LazyLock::new(|| {
         service_id: StringEnvVar::new("SERVICE_ID", calculate_service_uuid().into()),
         client_id_key: StringEnvVar::new("CLIENT_ID_KEY", CLIENT_ID_KEY_DEFAULT.into()),
         api_host_names: string_to_api_host_names(
-            &StringEnvVar::new_optional("c", false)
+            &StringEnvVar::new_optional("API_HOST_NAMES", false)
                 .map(|v| v.as_string())
                 .unwrap_or_default(),
         ),

catalyst-gateway/bin/src/settings/signed_doc.rs

@@ -1,6 +1,9 @@
 //! Command line and environment variable settings for the Catalyst Signed Docs
 
-use std::time::Duration;
+use std::{collections::HashMap, str::FromStr, time::Duration};
+
+use hex::FromHex;
+use itertools::Itertools;
 
 use super::str_env_var::StringEnvVar;
 
@@ -18,6 +21,11 @@ pub(crate) struct EnvVars {
 
     /// The Catalyst Signed Document threshold, document cannot be too far behind.
     past_threshold: Duration,
+
+    /// The Catalyst Signed Document Admin keys map from the `SIGNED_DOC_ADMIN_KEYS` env
+    /// var. Each Admin key entry is a pair of `CatalystId` string and hex encoded
+    /// `VerifyingKey` separated by ';' character.
+    admin_keys: HashMap<catalyst_signed_doc::CatalystId, ed25519_dalek::VerifyingKey>,
 }
 
 impl EnvVars {
@@ -29,9 +37,16 @@ impl EnvVars {
         let past_threshold =
             StringEnvVar::new_as_duration("SIGNED_DOC_PAST_THRESHOLD", DEFAULT_PAST_THRESHOLD);
 
+        let admin_keys = string_to_admin_keys(
+            &StringEnvVar::new_optional("SIGNED_DOC_ADMIN_KEYS", false)
+                .map(|v| v.as_string())
+                .unwrap_or_default(),
+        );
+
         Self {
             future_threshold,
             past_threshold,
+            admin_keys,
         }
     }
 
@@ -46,4 +61,59 @@ impl EnvVars {
     pub(crate) fn past_threshold(&self) -> Duration {
         self.past_threshold
     }
+
+    /// The Catalyst Signed Document Admin keys map.
+    #[allow(dead_code)]
+    pub(crate) fn admin_keys(
+        &self
+    ) -> &HashMap<catalyst_signed_doc::CatalystId, ed25519_dalek::VerifyingKey> {
+        &self.admin_keys
+    }
+}
+
+/// Transform a string list of admin keys into a map.
+/// Each Admin key entry is a pair of `CatalystId` string and hex encoded
+/// `VerifyingKey` separated by ';' character.
+fn string_to_admin_keys(
+    admin_keys: &str
+) -> HashMap<catalyst_signed_doc::CatalystId, ed25519_dalek::VerifyingKey> {
+    admin_keys
+        .split(',')
+        // filters out at the beginning all empty entries, because they all would be invalid and
+        // filtered out anyway
+        .filter(|s| !s.is_empty())
+        .filter_map(|s| {
+            // split `CatalystId` and `VerifyingKey` by `;` character.
+            let Some((id, key)) = s.split(';').collect_tuple() else {
+                tracing::error!(entry = s, "Invalid admin key entry");
+                return None;
+            };
+
+            let id = catalyst_signed_doc::CatalystId::from_str(id)
+                .inspect_err(|err| {
+                    tracing::error!(
+                        err = ?err,
+                        "Cannot parse Admin CatalystId entry, skipping the value..."
+                    );
+                })
+                .ok()?;
+
+            // Strip the prefix and convert to 32 bytes array
+            let key = key
+                .strip_prefix("0x")
+                .ok_or(anyhow::anyhow!(
+                    "Admin key hex value does not start with '0x'"
+                ))
+                .and_then(|s| Ok(Vec::from_hex(s)?))
+                .and_then(|bytes| Ok(bytes.as_slice().try_into()?))
+                .inspect_err(|err| {
+                    tracing::error!(
+                        err = ?err,
+                        "Cannot parse Admin VerifyingKey entry, skipping the value..."
+                    );
+                })
+                .ok()?;
+            Some((id, key))
+        })
+        .collect()
 }

catalyst-gateway/event-db/seed/test_signed_documents.sql

@@ -0,0 +1,32 @@
+-- Catalyst Signed Documents test data
+
+INSERT INTO signed_docs (
+  id,
+  ver,
+  type,
+  authors,
+  metadata,
+  payload,
+  raw
+)
+VALUES
+-- Proposal Form Template document
+(
+  '0199e71b-4025-7323-bc4a-d39e35762521',
+  '0199e71b-4025-7323-bc4a-d39e35762521',
+  '0ce8ab38-9258-4fbc-a62e-7faa6e58318f',
+  ARRAY[]::TEXT [],
+  '{"content-encoding":"br","content-type":"application/json","id":"0199e71b-4025-7323-bc4a-d39e35762521","type":"0ce8ab38-9258-4fbc-a62e-7faa6e58318f","ver":"0199e71b-4025-7323-bc4a-d39e35762521","parameters":[{"id":"0199e71b-401e-7160-9139-a398c4d7b8fa","ver":"0199e71b-401e-7160-9139-a398c4d7b8fa","cid":"0x"}]}', -- noqa: LT05
+  '{}',
+  DECODE('d8628458aea603776170706c69636174696f6e2f736368656d612b6a736f6e6a706172616d65746572738183d825500199e71b401e71609139a398c4d7b8fad825500199e71b401e71609139a398c4d7b8faa163636964d82a4063766572d825500199e71b40257323bc4ad39e35762521626964d825500199e71b40257323bc4ad39e3576252170636f6e74656e742d656e636f64696e676262726474797065d825500ce8ab3892584fbca62e7faa6e58318fa0468b00807b7d038183584ba104584769642e636174616c7973743a2f2f63617264616e6f2f485562336e69537751656a4c64366857596179684150567a63694a2d7150625a4a6457534e7837715f33672f3130352f30a05840a7844bd49c79c4a7f2425a52bc16f1a853d6110342b4bd0f7a87098fc02519c5c9ec5e1fece64e9b2249dea17f61a8fd1ab30bbd6e04324a4d77d6ab0e2cd501', 'hex') -- noqa: LT05
+),
+-- Brand Parameters document
+(
+  '0199e71b-401e-7160-9139-a398c4d7b8fa',
+  '0199e71b-401e-7160-9139-a398c4d7b8fa',
+  '3e4808cc-c86e-467b-9702-d60baa9d1fca',
+  ARRAY[]::TEXT [],
+  '{"content-encoding":"br","content-type":"application/json","id":"0199e71b-401e-7160-9139-a398c4d7b8fa","type":"3e4808cc-c86e-467b-9702-d60baa9d1fca","ver":"0199e71b-401e-7160-9139-a398c4d7b8fa","template":[{"id":"0199e71b-401d-7362-848b-a4090b1f3862","ver":"0199e71b-401d-7362-848b-a4090b1f3862","cid":"0x"}]}', -- noqa: LT05
+  '{}',
+  DECODE('d8628458a5a670636f6e74656e742d656e636f64696e6762627203706170706c69636174696f6e2f6a736f6e626964d825500199e71b401e71609139a398c4d7b8fa6874656d706c6174658183d825500199e71b401d7362848ba4090b1f3862d825500199e71b401d7362848ba4090b1f3862a163636964d82a406474797065d825503e4808ccc86e467b9702d60baa9d1fca63766572d825500199e71b401e71609139a398c4d7b8faa0468b00807b7d038183584ba104584769642e636174616c7973743a2f2f63617264616e6f2f6150766c4b387269455659757a69767470456f4469356f35494a37576733537643354f796e716750484d772f3130352f30a0584014bee2346bd6c78b7a443c17805d985c290a2aad53ff5bb12e05b6b165349365d9255af3a13fe7bfdf3afbf5f7011e2de48906d83b315b3ff71fb0b1fe7b1a07', 'hex') -- noqa: LT05
+);

catalyst-gateway/tests/api_tests/Earthfile

@@ -1,8 +1,8 @@
 VERSION 0.8
 
 IMPORT github.com/input-output-hk/catalyst-ci/earthly/python:v3.5.20 AS python-ci
-IMPORT github.com/input-output-hk/catalyst-libs/rust:catalyst-signed-doc/v.0.0.6-refinery-fix AS cat-libs-rust
-IMPORT github.com/input-output-hk/catalyst-libs/rust:catalyst-signed-doc/v.0.0.4-refinery-fix AS dep-cat-libs-rust
+IMPORT github.com/input-output-hk/catalyst-libs/rust:catalyst-signed-doc/v0.0.8 AS cat-libs-rust
+IMPORT github.com/input-output-hk/catalyst-libs/rust:catalyst-signed-doc/v.0.0.4-fix-earthly-build AS dep-cat-libs-rust
 IMPORT github.com/input-output-hk/catalyst-storage AS cat-storage
 
 builder:

catalyst-gateway/tests/api_tests/utils/signed_doc.py

@@ -60,8 +60,8 @@ def build_and_sign(
         )
 
 
-CATEGORY_ID = "0194d490-30bf-7473-81c8-a0eaef369619"
-PROPOSAL_FORM_TEMPLATE_ID = "0194d492-1daa-75b5-b4a4-5cf331cd8d1a"
+BRAND_ID = "0199e71b-401e-7160-9139-a398c4d7b8fa"
+PROPOSAL_FORM_TEMPLATE_ID = "0199e71b-4025-7323-bc4a-d39e35762521"
 
 
 # return a Proposal document which is already published to the cat-gateway and the corresponding RoleID
@@ -87,7 +87,7 @@ def __proposal_doc_factory() -> tuple[SignedDocument, RoleID]:
                 }
             ],
             # referenced to the defined category id, comes from the 'templates/data.rs' file
-            "parameters": [{"id": CATEGORY_ID, "ver": CATEGORY_ID, "cid": "0x"}],
+            "parameters": [{"id": BRAND_ID, "ver": BRAND_ID, "cid": "0x"}],
         }
         with open("./test_data/signed_docs/proposal.json", "r") as proposal_json_file:
             proposal_json = json.load(proposal_json_file)

catalyst-gateway/tests/docker-compose.yml

@@ -19,7 +19,11 @@ services:
     ports:
       - 5432:5432
     healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_PASSWORD}"]
+      test:
+        [
+          "CMD-SHELL",
+          "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_PASSWORD}",
+        ]
       interval: 10s
       timeout: 5s
       retries: 10
@@ -60,6 +64,7 @@ services:
       - DB_USER_PASSWORD=CHANGE_ME
 
       - INIT_AND_DROP_DB=false
+      - WITH_SEED_DATA=.
       - WITH_MIGRATIONS=true
     restart: "no"
     depends_on:
@@ -130,7 +135,13 @@ services:
       - "18090:18090"
       - "9999:9999"
     healthcheck:
-      test: [ "CMD", "sh", "-c", "echo 'show info' | socat tcp:localhost:9999 stdio | grep -q ^Name" ]
+      test:
+        [
+          "CMD",
+          "sh",
+          "-c",
+          "echo 'show info' | socat tcp:localhost:9999 stdio | grep -q ^Name",
+        ]
       interval: 10s
       timeout: 3s
       retries: 3