[pull] develop from smartcontractkit:develop#257
Merged
pull[bot] merged 3 commits intobit-cook:developfrom Mar 25, 2026
Merged
Conversation
…ieval and cross-namespace E2E tests (#21660) * Remove vault.secrets.get from gateway and add workflow-based secret retrieval tests Remove the `vault.secrets.get` method from the gateway surface entirely: - Remove `GetSupportedMethods()` dev-build conditional that exposed the method - Remove `handleSecretsGet()` and `getEncryptionKeys()` from the gateway handler - Remove the `MethodSecretsGet` case from the gateway-side handler and aggregator - Remove the now-unused `capRegistry` field from `GatewayHandler` Replace the commented-out gateway-based get test with a WASM workflow that calls `runtime.GetSecret()`, and add cross-namespace E2E coverage proving that secrets with the same ID in different namespaces are fully independent (create, get, update, list, delete all scoped to their namespace). Made-with: Cursor * Harden negative test and registry update in vault E2E - In the vaultsecret WASM workflow, check that the GetSecret error specifically contains "key does not exist" instead of accepting any error as proof the secret was deleted. This prevents config-propagation, transport, or decryption failures from masking real bugs. - In updateVaultCapabilityConfigInRegistry, replace the fire-and-sleep pattern with sethClient.WaitMined + receipt status assertion so a reverted or stuck tx fails the test immediately instead of causing a downstream workflow flake. Made-with: Cursor * Fix CI failures: goimports, go.md, and vault DON lookup - Fix goimports import ordering in v2_vault_don_test.go - Add vaultsecret module to go.md dependency graph - Fix updateVaultCapabilityConfigInRegistry to dynamically find the DON that has vault@1.0.0 instead of hardcoding "workflow-don", which fails in the workflow-gateway-capabilities topology where vault lives on "capabilities-don" Made-with: Cursor * fix: add MethodConfigs for vault capability to enable remote execution in multi-DON topology In the workflow-gateway-capabilities topology, the vault capability runs on a separate capabilities-don. Without MethodConfigs, the launcher treats vault as a V1 capability and passes nil transmissionConfig. Since secrets.go doesn't set Config on the CapabilityRequest, the V1 fallback path fails with "cannot unwrap nil values.Map" when extracting transmission config. Adding RemoteExecutableConfig for the vault.secrets.get method ensures the V2 Don2Don framework is used, which sets transmissionConfig from the on-chain registry config rather than requiring it per-request. * Address review feedback: parallelize vault tests, use seth.Decode, reduce sleeps - Split ExecuteVaultTest into two parallel subtests (basic_crud + cross_namespace), each with its own per-test keys, ChIP sink, and channels. Follows the same pattern as HTTP Action tests. When parallelEnabled && fanoutEnabled, both subtests run concurrently. - Replace manual deployerKey/deployerOpts + WaitMined + receipt check with a deployer seth client and sethClient.Decode() per Tofel's review. - Remove redundant 30s "Vault DON ready" sleep. - Reduce registry syncer wait from 30s to 15s (polls every 12s). - Reduce allowlist sleep from 10s to 6s (polls every 5s). - Remove unused consensus workflow deployment from vault test setup. * Fix OwnershipLinkDoesNotExist error in vault subtests Each subtest creates a new per-test key that hasn't completed the linkOwner flow on the workflow registry. Call creworkflow.LinkOwner() explicitly before any allowlistRequest operations. Made-with: Cursor
* minor. * minor. * minor.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )