diff --git a/Dockerfile b/Dockerfile index 1e1cbd40..c03c66ad 100644 --- a/Dockerfile +++ b/Dockerfile @@ -91,7 +91,7 @@ EXPOSE 9000 # Health check HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \ - CMD test -f /data/distributed.db || exit 1 + CMD test -e /data/distributed.db || exit 1 # Default entrypoint ENTRYPOINT ["validator-node"] diff --git a/docker-compose.yml b/docker-compose.yml index fb27f880..6a1acaae 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -50,7 +50,7 @@ services: command: ["validator-node", "--data-dir", "/data", "--listen-addr", "/ip4/0.0.0.0/tcp/9000"] healthcheck: - test: ["CMD-SHELL", "test -f /data/distributed.db || exit 1"] + test: ["CMD-SHELL", "test -e /data/distributed.db || exit 1"] interval: 30s timeout: 10s retries: 3 diff --git a/scripts/test-comprehensive.sh b/scripts/test-comprehensive.sh new file mode 100755 index 00000000..ed3ee0e1 --- /dev/null +++ b/scripts/test-comprehensive.sh @@ -0,0 +1,232 @@ +#!/bin/bash +# ============================================================================= +# Platform Comprehensive Test Suite +# ============================================================================= +# Runs all tests including unit tests, integration tests, Docker tests, +# and multi-validator P2P network tests. +# +# Usage: +# ./scripts/test-comprehensive.sh +# +# Requirements: +# - Docker daemon running +# - Rust toolchain installed +# - Network access for Bittensor integration tests +# ============================================================================= + +set -e + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +# Test result counters +PASSED=0 +FAILED=0 +SKIPPED=0 + +# Log functions +log_info() { + echo -e "${BLUE}[INFO]${NC} $1" +} + +log_success() { + echo -e "${GREEN}[PASS]${NC} $1" + ((PASSED++)) +} + +log_failure() { + echo -e "${RED}[FAIL]${NC} $1" + ((FAILED++)) +} + +log_warning() { + echo -e "${YELLOW}[WARN]${NC} $1" +} + +log_skip() { + echo -e "${YELLOW}[SKIP]${NC} $1" + ((SKIPPED++)) +} + +# Header +echo "=============================================================================" +echo " Platform Comprehensive Test Suite" +echo "=============================================================================" +echo "" +date +echo "" + +# ============================================================================= +# Phase 1: Build +# ============================================================================= +echo "" +echo "=============================================================================" +echo "Phase 1: Build (cargo build --release)" +echo "=============================================================================" + +log_info "Building workspace..." +if cargo build --release 2>&1; then + log_success "Build completed successfully" +else + log_failure "Build failed" + exit 1 +fi + +# ============================================================================= +# Phase 2: Unit Tests +# ============================================================================= +echo "" +echo "=============================================================================" +echo "Phase 2: Unit Tests (cargo test --workspace)" +echo "=============================================================================" + +log_info "Running unit tests..." +if cargo test --workspace --release 2>&1 | tee /tmp/unit_tests.log; then + UNIT_RESULTS=$(grep -E "^test result:" /tmp/unit_tests.log | tail -1) + log_success "Unit tests completed: $UNIT_RESULTS" +else + log_failure "Unit tests failed" +fi + +# ============================================================================= +# Phase 3: Docker Integration Tests +# ============================================================================= +echo "" +echo "=============================================================================" +echo "Phase 3: Docker Integration Tests" +echo "=============================================================================" + +# Check Docker availability +if docker info > /dev/null 2>&1; then + log_info "Docker daemon available" + + # Secure Container Runtime tests + log_info "Running secure-container-runtime Docker tests..." + if cargo test -p secure-container-runtime --release -- --ignored 2>&1 | tee /tmp/docker_tests.log; then + log_success "Secure container runtime Docker tests passed" + else + log_failure "Secure container runtime Docker tests failed" + fi + + # Challenge Orchestrator Docker tests + log_info "Running challenge-orchestrator Docker tests..." + if cargo test -p challenge-orchestrator --release -- --ignored 2>&1; then + log_success "Challenge orchestrator Docker tests passed" + else + log_failure "Challenge orchestrator Docker tests failed" + fi +else + log_skip "Docker not available, skipping Docker tests" +fi + +# ============================================================================= +# Phase 4: Bittensor Integration Tests +# ============================================================================= +echo "" +echo "=============================================================================" +echo "Phase 4: Bittensor Integration Tests" +echo "=============================================================================" + +log_info "Running Bittensor integration tests (requires network)..." +if timeout 120 cargo test -p platform-bittensor --release -- --ignored 2>&1; then + log_success "Bittensor integration tests passed" +else + log_warning "Bittensor integration tests failed or timed out (may require network)" +fi + +# ============================================================================= +# Phase 5: Security Policy Tests +# ============================================================================= +echo "" +echo "=============================================================================" +echo "Phase 5: Security Policy Tests" +echo "=============================================================================" + +log_info "Verifying security policies..." + +# Test that Docker socket mounting is blocked +log_info "Testing Docker socket mount blocking..." +if cargo test -p secure-container-runtime test_default_policy_blocks_docker_socket --release 2>&1; then + log_success "Docker socket mount blocking verified" +else + log_failure "Docker socket mount blocking test failed" +fi + +# Test image whitelist +log_info "Testing image whitelist enforcement..." +if cargo test -p secure-container-runtime test_strict_policy_blocks_non_whitelisted_images --release 2>&1; then + log_success "Image whitelist enforcement verified" +else + log_failure "Image whitelist enforcement test failed" +fi + +# Test resource limits +log_info "Testing resource limit enforcement..." +if cargo test -p secure-container-runtime test_policy_enforces_resource_limits --release 2>&1; then + log_success "Resource limit enforcement verified" +else + log_failure "Resource limit enforcement test failed" +fi + +# ============================================================================= +# Phase 6: P2P Consensus Tests +# ============================================================================= +echo "" +echo "=============================================================================" +echo "Phase 6: P2P Consensus Tests" +echo "=============================================================================" + +log_info "Running P2P consensus unit tests..." +if cargo test -p platform-p2p-consensus --release 2>&1 | tee /tmp/p2p_tests.log; then + P2P_RESULTS=$(grep -E "^test result:" /tmp/p2p_tests.log | tail -1) + log_success "P2P consensus tests: $P2P_RESULTS" +else + log_failure "P2P consensus tests failed" +fi + +# ============================================================================= +# Phase 7: Storage Tests +# ============================================================================= +echo "" +echo "=============================================================================" +echo "Phase 7: Storage Tests" +echo "=============================================================================" + +log_info "Running storage tests..." +if cargo test -p platform-storage --release 2>&1; then + log_success "Storage tests passed" +else + log_failure "Storage tests failed" +fi + +log_info "Running distributed storage tests..." +if cargo test -p platform-distributed-storage --release 2>&1; then + log_success "Distributed storage tests passed" +else + log_failure "Distributed storage tests failed" +fi + +# ============================================================================= +# Summary +# ============================================================================= +echo "" +echo "=============================================================================" +echo " Test Summary" +echo "=============================================================================" +echo "" +echo -e " ${GREEN}Passed:${NC} $PASSED" +echo -e " ${RED}Failed:${NC} $FAILED" +echo -e " ${YELLOW}Skipped:${NC} $SKIPPED" +echo "" + +if [ $FAILED -eq 0 ]; then + echo -e "${GREEN}All tests passed!${NC}" + exit 0 +else + echo -e "${RED}Some tests failed. Please review the output above.${NC}" + exit 1 +fi diff --git a/tests/docker/Dockerfile.test-validator b/tests/docker/Dockerfile.test-validator new file mode 100644 index 00000000..223768c9 --- /dev/null +++ b/tests/docker/Dockerfile.test-validator @@ -0,0 +1,63 @@ +# ============================================================================= +# Platform Test Validator Docker Image +# ============================================================================= +# Lightweight build for testing multi-validator P2P network +# Uses pre-built binary from cargo build --release +# ============================================================================= + +FROM rust:1.92-bookworm AS builder + +# Install dependencies +RUN apt-get update && apt-get install -y \ + pkg-config \ + libssl-dev \ + protobuf-compiler \ + cmake \ + clang \ + libclang-dev \ + && rm -rf /var/lib/apt/lists/* + +WORKDIR /app + +# Copy workspace files +COPY Cargo.toml Cargo.lock ./ +COPY crates ./crates +COPY bins ./bins +COPY tests ./tests + +# Build release binary +RUN cargo build --release --bin validator-node + +# Runtime stage +FROM debian:bookworm-slim + +# Install runtime dependencies +RUN apt-get update && apt-get install -y \ + ca-certificates \ + libssl3 \ + curl \ + && rm -rf /var/lib/apt/lists/* + +# Copy binary from builder +COPY --from=builder /app/target/release/validator-node /usr/local/bin/validator-node + +# Create data directory +RUN mkdir -p /data && chmod 755 /data + +# Environment defaults +ENV RUST_LOG=info,validator_node=debug,platform_p2p_consensus=info +ENV DATA_DIR=/data +ENV NETUID=100 + +# Expose P2P port +EXPOSE 9000 + +# Health check +HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \ + CMD test -e /data/distributed.db || exit 1 + +# Entry point script to handle arguments +COPY tests/docker/entrypoint-test.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/tests/docker/docker-compose.multi-validator.yml b/tests/docker/docker-compose.multi-validator.yml new file mode 100644 index 00000000..41e13487 --- /dev/null +++ b/tests/docker/docker-compose.multi-validator.yml @@ -0,0 +1,158 @@ +# ============================================================================= +# Platform Multi-Validator Test Network +# ============================================================================= +# For comprehensive production-like testing with 4 validators in P2P network +# +# Usage: +# docker compose -f tests/docker/docker-compose.multi-validator.yml up --build -d +# docker compose -f tests/docker/docker-compose.multi-validator.yml logs -f +# docker compose -f tests/docker/docker-compose.multi-validator.yml down -v +# ============================================================================= + +services: + # ========================================================================== + # Validator 1 (Bootstrap node) + # ========================================================================== + validator-1: + build: + context: ../.. + dockerfile: tests/docker/Dockerfile.test-validator + container_name: platform-validator-1 + hostname: validator-1 + environment: + - RUST_LOG=info,validator_node=debug,platform_p2p_consensus=debug + - DATA_DIR=/data + - VALIDATOR_SECRET_KEY=0x0000000000000000000000000000000000000000000000000000000000000001 + - P2P_LISTEN_ADDR=/ip4/0.0.0.0/tcp/9000 + - NETUID=100 + - NO_BITTENSOR=true + ports: + - "9001:9000" + volumes: + - validator1-data:/data + networks: + platform-test: + ipv4_address: 172.28.1.1 + healthcheck: + test: ["CMD-SHELL", "test -e /data/distributed.db || exit 1"] + interval: 10s + timeout: 5s + retries: 6 + start_period: 15s + + # ========================================================================== + # Validator 2 + # ========================================================================== + validator-2: + build: + context: ../.. + dockerfile: tests/docker/Dockerfile.test-validator + container_name: platform-validator-2 + hostname: validator-2 + environment: + - RUST_LOG=info,validator_node=debug,platform_p2p_consensus=debug + - DATA_DIR=/data + - VALIDATOR_SECRET_KEY=0x0000000000000000000000000000000000000000000000000000000000000002 + - P2P_LISTEN_ADDR=/ip4/0.0.0.0/tcp/9000 + - NETUID=100 + - NO_BITTENSOR=true + - BOOTSTRAP_PEERS=/ip4/172.28.1.1/tcp/9000 + ports: + - "9002:9000" + volumes: + - validator2-data:/data + networks: + platform-test: + ipv4_address: 172.28.1.2 + depends_on: + validator-1: + condition: service_started + healthcheck: + test: ["CMD-SHELL", "test -e /data/distributed.db || exit 1"] + interval: 10s + timeout: 5s + retries: 6 + start_period: 15s + + # ========================================================================== + # Validator 3 + # ========================================================================== + validator-3: + build: + context: ../.. + dockerfile: tests/docker/Dockerfile.test-validator + container_name: platform-validator-3 + hostname: validator-3 + environment: + - RUST_LOG=info,validator_node=debug,platform_p2p_consensus=debug + - DATA_DIR=/data + - VALIDATOR_SECRET_KEY=0x0000000000000000000000000000000000000000000000000000000000000003 + - P2P_LISTEN_ADDR=/ip4/0.0.0.0/tcp/9000 + - NETUID=100 + - NO_BITTENSOR=true + - BOOTSTRAP_PEERS=/ip4/172.28.1.1/tcp/9000 + ports: + - "9003:9000" + volumes: + - validator3-data:/data + networks: + platform-test: + ipv4_address: 172.28.1.3 + depends_on: + validator-1: + condition: service_started + healthcheck: + test: ["CMD-SHELL", "test -e /data/distributed.db || exit 1"] + interval: 10s + timeout: 5s + retries: 6 + start_period: 15s + + # ========================================================================== + # Validator 4 + # ========================================================================== + validator-4: + build: + context: ../.. + dockerfile: tests/docker/Dockerfile.test-validator + container_name: platform-validator-4 + hostname: validator-4 + environment: + - RUST_LOG=info,validator_node=debug,platform_p2p_consensus=debug + - DATA_DIR=/data + - VALIDATOR_SECRET_KEY=0x0000000000000000000000000000000000000000000000000000000000000004 + - P2P_LISTEN_ADDR=/ip4/0.0.0.0/tcp/9000 + - NETUID=100 + - NO_BITTENSOR=true + - BOOTSTRAP_PEERS=/ip4/172.28.1.1/tcp/9000 + ports: + - "9004:9000" + volumes: + - validator4-data:/data + networks: + platform-test: + ipv4_address: 172.28.1.4 + depends_on: + validator-1: + condition: service_started + healthcheck: + test: ["CMD-SHELL", "test -e /data/distributed.db || exit 1"] + interval: 10s + timeout: 5s + retries: 6 + start_period: 15s + +volumes: + validator1-data: + validator2-data: + validator3-data: + validator4-data: + +networks: + platform-test: + driver: bridge + ipam: + driver: default + config: + - subnet: 172.28.0.0/16 + gateway: 172.28.0.1 diff --git a/tests/docker/entrypoint-test.sh b/tests/docker/entrypoint-test.sh new file mode 100755 index 00000000..20da320b --- /dev/null +++ b/tests/docker/entrypoint-test.sh @@ -0,0 +1,35 @@ +#!/bin/bash +# ============================================================================= +# Platform Test Validator Entrypoint +# ============================================================================= +# Handles environment variables and starts the validator node +# ============================================================================= + +set -e + +# Build command arguments +ARGS="--data-dir ${DATA_DIR:-/data}" +ARGS="$ARGS --listen-addr ${P2P_LISTEN_ADDR:-/ip4/0.0.0.0/tcp/9000}" + +if [ -n "$VALIDATOR_SECRET_KEY" ]; then + ARGS="$ARGS --secret-key $VALIDATOR_SECRET_KEY" +fi + +if [ -n "$NETUID" ]; then + ARGS="$ARGS --netuid $NETUID" +fi + +if [ -n "$BOOTSTRAP_PEERS" ]; then + # Split by comma and add each peer + IFS=',' read -ra PEERS <<< "$BOOTSTRAP_PEERS" + for peer in "${PEERS[@]}"; do + ARGS="$ARGS --bootstrap $peer" + done +fi + +if [ "$NO_BITTENSOR" = "true" ]; then + ARGS="$ARGS --no-bittensor" +fi + +echo "Starting validator-node with args: $ARGS" +exec validator-node $ARGS