Skip to content

Add matrix testing for VSS authorizer variants #786

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
enigbe wants to merge 1 commit into from
Closed

Add matrix testing for VSS authorizer variants #786

enigbe wants to merge 1 commit into from

Conversation

@enigbe
Copy link
Contributor

@enigbe enigbe commented Feb 6, 2026

What this PR does

With the addition of a public key-based authenticator and the option to verify JWT tokens on vss-server, the default vss-server build now requires authentication, so our integration tests need to either provide valid headers or explicitly build for the no-opauthenticator. This is why the VSS CI has been failing lately.

To address this, we run VSS integration tests against multiple server authorizer configurations (noop, sig, jwt). Each matrix job builds vss-server with the appropriate flags and passes the corresponding cfg flag and features to the test runner.

The summary of changes introduced include:

  • Passing authorizer-specific cfg flags and features for test differentiation
  • The addition of test_utils feature with JWT- and signature-based header generation
  • The addition of RSA keypair fixtures for JWT signing and verification
  • The update of VSS-related tests to use auth-aware headers

@enigbe
Add matrix testing for authorizer variants
575aca5 
Run VSS integration tests against multiple server authorizer
configurations (noop, sig, jwt). Each matrix job builds the
vss-server with the appropriate flags and passes the corresponding
cfg flag to the test runner.

- Use release builds for vss-server
- Pass authorizer-specific cfg flags for test differentiation
- Add `test_utils` feature with JWT and signature-based header generation
- Add RSA keypair fixtures for JWT signing
- Update VSS tests to use auth-aware headers
@ldk-reviews-bot
Copy link

ldk-reviews-bot commented Feb 6, 2026
edited
Loading

I've assigned @tnull as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

@ldk-reviews-bot ldk-reviews-bot requested a review from tnull February 6, 2026 13:52
tnull
tnull reviewed Feb 6, 2026
View reviewed changes
Copy link
Collaborator

@tnull tnull left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, we're about to upstream VssStore to lightning-persister, and we're just waiting for #755 before doing that. So I'd rather not add more complexity here that we then have to migrate. Could make sense to add it to lightning-persister afterwards, although I have to say I'm not fully sold.

@enigbe
Copy link
Contributor Author

enigbe commented Feb 6, 2026

Figured I'd fix the failing test after noticing failure on commits in mine and other PRs. I'll just close this given that with #755 landing, we'd have no need for this.

@enigbe enigbe closed this Feb 6, 2026
@tnull
Copy link
Collaborator

tnull commented Feb 6, 2026

Figured I'd fix the failing test after noticing failure on commits in mine and other PRs. I'll just close this given that with #755 landing, we'd have no need for this.

Yeah, thank you for that!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tnull tnull tnull left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@enigbe @ldk-reviews-bot @tnull