#!/bin/bash set -euo pipefail # Policy Filter Integration Test # This script runs the relay with the example policy and tests event filtering # Config PORT=${PORT:-34568} URL=${URL:-ws://127.0.0.1:${PORT}} LOG=/tmp/orly-policy-filter.out PID=/tmp/orly-policy-filter.pid DATADIR=$(mktemp -d) CONFIG_DIR="$HOME/.config/ORLY_POLICY_TEST" cleanup() { trap - EXIT if [[ -f "$PID" ]]; then kill -INT "$(cat "$PID")" 2>/dev/null || true rm -f "$PID" fi rm -rf "$DATADIR" rm -rf "$CONFIG_DIR" } trap cleanup EXIT echo "๐Ÿงช Policy Filter Integration Test" echo "==================================" # Create config directory mkdir -p "$CONFIG_DIR" # Generate keys using Go helper echo "๐Ÿ”‘ Generating test keys..." KEYGEN_TMP=$(mktemp) cat > "$KEYGEN_TMP.go" <<'EOF' package main import ( "encoding/json" "fmt" p256k1signer "p256k1.mleku.dev/signer" "next.orly.dev/pkg/encoders/hex" ) func main() { // Generate allowed signer allowedSigner := p256k1signer.NewP256K1Signer() if err := allowedSigner.Generate(); err != nil { panic(err) } allowedPubkeyHex := hex.Enc(allowedSigner.Pub()) allowedSecHex := hex.Enc(allowedSigner.Sec()) // Generate unauthorized signer unauthorizedSigner := p256k1signer.NewP256K1Signer() if err := unauthorizedSigner.Generate(); err != nil { panic(err) } unauthorizedPubkeyHex := hex.Enc(unauthorizedSigner.Pub()) unauthorizedSecHex := hex.Enc(unauthorizedSigner.Sec()) result := map[string]string{ "allowedPubkey": allowedPubkeyHex, "allowedSec": allowedSecHex, "unauthorizedPubkey": unauthorizedPubkeyHex, "unauthorizedSec": unauthorizedSecHex, } jsonBytes, _ := json.Marshal(result) fmt.Println(string(jsonBytes)) } EOF # Run from the project root directory SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" cd "$PROJECT_ROOT" KEYS=$(go run -tags=cgo "$KEYGEN_TMP.go" 2>&1 | grep -E '^\{.*\}$' || true) rm -f "$KEYGEN_TMP.go" cd - > /dev/null ALLOWED_PUBKEY=$(echo "$KEYS" | jq -r '.allowedPubkey') ALLOWED_SEC=$(echo "$KEYS" | jq -r '.allowedSec') UNAUTHORIZED_PUBKEY=$(echo "$KEYS" | jq -r '.unauthorizedPubkey') UNAUTHORIZED_SEC=$(echo "$KEYS" | jq -r '.unauthorizedSec') echo "โœ… Generated keys:" echo " Allowed pubkey: $ALLOWED_PUBKEY" echo " Unauthorized pubkey: $UNAUTHORIZED_PUBKEY" # Create policy JSON with generated keys echo "๐Ÿ“ Creating policy.json..." cat > "$CONFIG_DIR/policy.json" <"$LOG" 2>&1 & echo $! >"$PID" # Wait for relay to start sleep 3 if ! ps -p "$(cat "$PID")" >/dev/null 2>&1; then echo "โŒ Relay failed to start; logs:" >&2 sed -n '1,200p' "$LOG" >&2 exit 1 fi echo "โœ… Relay started (PID: $(cat "$PID"))" # Build test client echo "๐Ÿ”จ Building test client..." go build -o cmd/policyfiltertest/policyfiltertest ./cmd/policyfiltertest # Export keys for test client export ALLOWED_PUBKEY export ALLOWED_SEC export UNAUTHORIZED_PUBKEY export UNAUTHORIZED_SEC # Run tests echo "๐Ÿงช Running policy filter tests..." set +e cmd/policyfiltertest/policyfiltertest -url "${URL}" -allowed-pubkey "$ALLOWED_PUBKEY" -allowed-sec "$ALLOWED_SEC" -unauthorized-pubkey "$UNAUTHORIZED_PUBKEY" -unauthorized-sec "$UNAUTHORIZED_SEC" TEST_RESULT=$? set -e # Check logs for "policy rule is inactive" messages echo "๐Ÿ“‹ Checking logs for policy rule inactivity..." if grep -q "policy rule is inactive" "$LOG"; then echo "โš ๏ธ WARNING: Found 'policy rule is inactive' messages in logs" grep "policy rule is inactive" "$LOG" | head -5 else echo "โœ… No 'policy rule is inactive' messages found (good)" fi # Check logs for policy filtered events echo "๐Ÿ“‹ Checking logs for policy filtered events..." if grep -q "policy filtered out event" "$LOG"; then echo "โœ… Found policy filtered events (expected):" grep "policy filtered out event" "$LOG" | head -5 fi if [ $TEST_RESULT -eq 0 ]; then echo "โœ… All tests passed!" exit 0 else echo "โŒ Tests failed with exit code $TEST_RESULT" echo "๐Ÿ“‹ Last 50 lines of relay log:" tail -50 "$LOG" exit $TEST_RESULT fi