Merge pull request #376 from release/2.1.0

Release `2.1.0` to `main`

.env.example

@@ -0,0 +1,49 @@
+# Generate a new keypair for the distribution account
+SEP10_SIGNING_PUBLIC_KEY=
+SEP10_SIGNING_PRIVATE_KEY=
+
+# Generate a new keypair for the distribution account
+DISTRIBUTION_PUBLIC_KEY=
+DISTRIBUTION_SEED=
+DISTRIBUTION_ACCOUNT_ENCRYPTION_PASSPHRASE=${DISTRIBUTION_SEED}
+CHANNEL_ACCOUNT_ENCRYPTION_PASSPHRASE=${DISTRIBUTION_SEED}
+
+# Anchor platform configuration
+ANCHOR_PLATFORM_BASE_PLATFORM_URL=http://localhost:8085
+ANCHOR_PLATFORM_BASE_SEP_URL=http://localhost:8080
+ANCHOR_PLATFORM_BASE_URL=http://localhost:8090
+
+CORS_ALLOWED_ORIGINS=*
+BASE_URL=http://stellar.local:8000
+SDP_UI_BASE_URL=http://stellar.local:3000
+DATABASE_URL="postgres://postgres@localhost:5432/sdp_mtn?sslmode=disable"
+
+LOG_LEVEL=info
+EC256_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJ3HNphPAEKHvtRjsl5Kjwc9tTMqS\n2pmYNybrLsxZ6cuQvg2yiEoXZixP2cJ77csHClXC6cb1wQp/BNGDvGKoPg==\n-----END PUBLIC KEY-----"
+EC256_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\nMIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgdo6o+tdFkF94B7z8\nnoybH6/zO3PryLLjLbj54/zOi4WhRANCAAQncc2mE8AQoe+1GOyXkqPBz21MypLa\nmZg3JusuzFnpy5C+DbKIShdmLE/ZwnvtywcKVcLpxvXBCn8E0YO8Yqg+\n-----END PRIVATE KEY-----"
+EMAIL_SENDER_TYPE=DRY_RUN
+SMS_SENDER_TYPE=DRY_RUN
+DISABLE_MFA=true
+DISABLE_RECAPTCHA=true
+RECAPTCHA_SITE_KEY=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI
+RECAPTCHA_SITE_SECRET_KEY=6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe
+SEP24_JWT_SECRET='jwt_secret_1234567890'
+ANCHOR_PLATFORM_OUTGOING_JWT_SECRET=mySdpToAnchorPlatformSecret
+
+# multi-tenant
+INSTANCE_NAME="SDP Testnet on Docker"
+ADMIN_PORT="8003"
+TENANT_XLM_BOOTSTRAP_AMOUNT=5
+ADMIN_ACCOUNT=SDP-admin
+ADMIN_API_KEY=api_key_1234567890
+
+# Event broker configuration
+EVENT_BROKER_TYPE=kafka
+BROKER_URLS=localhost:9094
+KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+CONSUMER_GROUP_ID=group-id
+
+# scheduler options
+ENABLE_SCHEDULER=false
+SCHEDULER_RECEIVER_INVITATION_JOB_SECONDS="10"
+SCHEDULER_PAYMENT_JOB_SECONDS="10"

.github/dependabot.yml

@@ -0,0 +1,41 @@
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "sunday"
+      time: "02:00"
+    open-pull-requests-limit: 2
+    groups:
+      minor-and-patch:
+        applies-to: version-updates
+        update-types:
+        - "patch"
+        - "minor"
+      major:
+        applies-to: version-updates
+        update-types:
+        - "major"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "sunday"
+      time: "02:00"
+    open-pull-requests-limit: 2
+    groups:
+      all-actions:
+        applies-to: version-updates
+        patterns: [ "*" ]
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "sunday"
+      time: "02:00"
+    open-pull-requests-limit: 2
+    groups:
+      all-docker:
+        applies-to: version-updates
+        patterns: [ "*" ]

.github/workflows/anchor_platform_integration_check.yml

@@ -19,6 +19,7 @@ jobs:
       DISTRIBUTION_PUBLIC_KEY: ${{ vars.DISTRIBUTION_PUBLIC_KEY }}
       DISTRIBUTION_SEED: ${{ vars.DISTRIBUTION_SEED }}
       CHANNEL_ACCOUNT_ENCRYPTION_PASSPHRASE: ${{ vars.DISTRIBUTION_SEED }}
+      DISTRIBUTION_ACCOUNT_ENCRYPTION_PASSPHRASE: ${{ vars.DISTRIBUTION_SEED }}
       SEP10_SIGNING_PUBLIC_KEY: ${{ vars.SEP10_SIGNING_PUBLIC_KEY }}
       SEP10_SIGNING_PRIVATE_KEY: ${{ vars.SEP10_SIGNING_PRIVATE_KEY }}
     steps:

.github/workflows/ci.yml

@@ -36,10 +36,11 @@ jobs:
       - name: Run ./gomod.sh
         run: ./gomod.sh
 
-      - name: Install github.com/nishanths/[email protected] and golang.org/x/tools/cmd/[email protected]
+      - name: Install nishanths/[email protected], [email protected].0 and [email protected].0
         run: |
           go install github.com/nishanths/exhaustive/cmd/[email protected]
           go install golang.org/x/tools/cmd/[email protected]
+          go install golang.org/x/tools/cmd/[email protected]
 
       - name: Run `exhaustive`
         run: exhaustive -default-signifies-exhaustive ./...
@@ -55,6 +56,19 @@ jobs:
             echo "✅ No deadcode found"
           fi
 
+      - name: Run `goimports`
+        run: |
+          # Find all .go files excluding paths containing 'mock' and run goimports
+          non_compliant_files=$(find . -type f -name "*.go" ! -path "*mock*" | xargs goimports -local "github.com/stellar/stellar-disbursement-platform-backend" -l)
+
+          if [ -n "$non_compliant_files" ]; then
+            echo "🚨 The following files are not compliant with goimports:"
+            echo "$non_compliant_files"
+            exit 1
+          else
+            echo "✅ All files are compliant with goimports."
+          fi
+
   check-helm-readme:
     runs-on: ubuntu-latest
     steps:

.github/workflows/e2e_integration_test.yml

@@ -1,4 +1,4 @@
-name: E2E integration test
+name: Integration Tests
 
 on:
   push:
@@ -14,54 +14,89 @@ on:
 env:
   USER_EMAIL: "[email protected]"
   USER_PASSWORD: "mockPassword123!"
+  DISTRIBUTION_PUBLIC_KEY: ${{ vars.DISTRIBUTION_PUBLIC_KEY }}
+  DISTRIBUTION_SEED: ${{ vars.DISTRIBUTION_SEED }}
+  CHANNEL_ACCOUNT_ENCRYPTION_PASSPHRASE: ${{ vars.DISTRIBUTION_SEED }}
+  SEP10_SIGNING_PUBLIC_KEY: ${{ vars.SEP10_SIGNING_PUBLIC_KEY }}
+  SEP10_SIGNING_PRIVATE_KEY: ${{ vars.SEP10_SIGNING_PRIVATE_KEY }}
+  CIRCLE_API_KEY: ${{ vars.CIRCLE_API_KEY }}
+  CIRCLE_USDC_WALLET_ID: ${{ vars.CIRCLE_USDC_WALLET_ID }}
 
 jobs:
-  e2e-integration-test:
+  e2e:
     runs-on: ubuntu-latest
-    environment: "Receiver Registration - E2E Integration Tests"
+    strategy:
+      matrix:
+        platform:
+          - "Stellar"
+          - "Circle"
+        include:
+          - platform: "Stellar"
+            environment: "Receiver Registration - E2E Integration Tests (Stellar)"
+            DISTRIBUTION_ACCOUNT_TYPE: "DISTRIBUTION_ACCOUNT.STELLAR.ENV"
+          - platform: "Circle"
+            environment: "Receiver Registration - E2E Integration Tests (Circle)"
+            DISTRIBUTION_ACCOUNT_TYPE: "DISTRIBUTION_ACCOUNT.CIRCLE.DB_VAULT"
+    environment: ${{ matrix.environment }}
     env:
-      DISTRIBUTION_PUBLIC_KEY: ${{ vars.DISTRIBUTION_PUBLIC_KEY }}
-      DISTRIBUTION_SEED: ${{ vars.DISTRIBUTION_SEED }}
-      CHANNEL_ACCOUNT_ENCRYPTION_PASSPHRASE: ${{ vars.DISTRIBUTION_SEED }}
-      SEP10_SIGNING_PUBLIC_KEY: ${{ vars.SEP10_SIGNING_PUBLIC_KEY }}
-      SEP10_SIGNING_PRIVATE_KEY: ${{ vars.SEP10_SIGNING_PRIVATE_KEY }}
+      DISTRIBUTION_ACCOUNT_TYPE: ${{ matrix.DISTRIBUTION_ACCOUNT_TYPE }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - name: Cleanup data
-        working-directory: internal/integrationtests
+        working-directory: internal/integrationtests/docker
         run: docker-compose -f docker-compose-e2e-tests.yml down -v
+        shell: bash
 
       - name: Run Docker Compose for SDP, Anchor Platform and TSS
-        working-directory: internal/integrationtests
+        working-directory: internal/integrationtests/docker
         run: docker-compose -f docker-compose-e2e-tests.yml up --build -V -d
+        shell: bash
 
       - name: Install curl
         run: sudo apt-get update && sudo apt-get install -y curl
+        shell: bash
 
       - name: Create integration test data
         run: |
           docker exec e2e-sdp-api bash -c "./stellar-disbursement-platform integration-tests create-data"
+        shell: bash
 
-      - name: Restart anchor platform
+      - name: Restart Anchor Platform
         run: |
           docker restart e2e-anchor-platform
+        shell: bash
 
-      - name: Wait for anchor platform localhost:8080/health
-        timeout-minutes: 5
+      - name: Wait for Anchor Platform at both localhost:8080/health and localhost:8085/health
         run: |
-          until curl --output /dev/null --silent --head --fail http://localhost:8080/health; do
-            echo 'Waiting for anchor-platform to be up and running...'
-            sleep 15
-          done
-          echo 'Anchor-platform is up and running.'
+          wait_for_server() {
+            local endpoint=$1
+            local max_wait_time=$2
+
+            SECONDS=0
+            while ! curl -s $endpoint > /dev/null; do
+              echo "Waiting for server at $endpoint to be up... $SECONDS seconds elapsed"
+              sleep 4
+              if [ $SECONDS -ge $max_wait_time ]; then
+                echo "Server at $endpoint is not up after $max_wait_time seconds."
+                exit 1
+              fi
+            done
+            echo "Server at $endpoint is up."
+          }
+
+          wait_for_server http://localhost:8080/health 120
+          wait_for_server http://localhost:8085/health 120
+        shell: bash
 
       - name: Start integration test command
         run: |
           docker exec e2e-sdp-api bash -c "./stellar-disbursement-platform integration-tests start"
+        shell: bash
 
       - name: Docker logs
         if: always()
-        working-directory: internal/integrationtests
+        working-directory: internal/integrationtests/docker
         run: docker-compose -f docker-compose-e2e-tests.yml logs && docker-compose -f docker-compose-e2e-tests.yml down
+        shell: bash

.github/workflows/singletenant_to_multitenant_db_migration_test.yml

@@ -0,0 +1,145 @@
+name: Single-tenant to Multi-tenant
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+      - "release/**"
+      - "releases/**"
+      - "hotfix/**"
+  pull_request:
+
+env:
+  USER_EMAIL: "[email protected]"
+  USER_PASSWORD: "mockPassword123!"
+  DATABASE_URL: "postgres://postgres@db:5432/e2e-sdp?sslmode=disable"
+  DISTRIBUTION_ACCOUNT_TYPE: "DISTRIBUTION_ACCOUNT.STELLAR.ENV"
+  DISTRIBUTION_PUBLIC_KEY: ${{ vars.DISTRIBUTION_PUBLIC_KEY }}
+  DISTRIBUTION_SEED: ${{ vars.DISTRIBUTION_SEED }}
+  CHANNEL_ACCOUNT_ENCRYPTION_PASSPHRASE: ${{ vars.DISTRIBUTION_SEED }}
+  SEP10_SIGNING_PUBLIC_KEY: ${{ vars.SEP10_SIGNING_PUBLIC_KEY }}
+  SEP10_SIGNING_PRIVATE_KEY: ${{ vars.SEP10_SIGNING_PRIVATE_KEY }}
+
+jobs:
+  db-migration:
+    runs-on: ubuntu-latest
+    environment: "Receiver Registration - E2E Integration Tests (Stellar)"
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Cleanup data
+        working-directory: internal/integrationtests/docker
+        run: docker-compose -f docker-compose-e2e-tests.yml down -v
+        shell: bash
+
+      - name: Run Docker Compose for SDP, Anchor Platform and TSS
+        working-directory: internal/integrationtests/docker
+        run: docker-compose -f docker-compose-e2e-tests.yml up --build -V -d
+        shell: bash
+
+      - name: Install curl
+        run: sudo apt-get update && sudo apt-get install -y curl
+        shell: bash
+
+      - name: Copy DB Dump to Container and Restore
+        run: |
+          docker cp internal/integrationtests/resources/single_tenant_dump.sql e2e-sdp-v2-database:/tmp/single_tenant_dump.sql
+          docker exec e2e-sdp-v2-database bash -c "psql -d $DATABASE_URL -f /tmp/single_tenant_dump.sql"
+
+      - name: Provision New Tenant
+        run: |
+          adminAccount="SDP-admin"
+          adminApiKey="api_key_1234567890"
+          encodedCredentials=$(echo -n "$adminAccount:$adminApiKey" | base64)
+          AuthHeader="Authorization: Basic $encodedCredentials"
+          tenant="migrated-tenant"
+          baseURL="http://$tenant.stellar.local:8000"
+          sdpUIBaseURL="http://$tenant.stellar.local:3000"
+          ownerEmail="init_owner@$tenant.local"
+          AdminTenantURL="http://localhost:8003/tenants"
+          response=$(curl -s -w "\n%{http_code}" -X POST $AdminTenantURL \
+            -H "Content-Type: application/json" \
+            -H "$AuthHeader" \
+            -d '{
+              "name": "'"$tenant"'",
+              "organization_name": "'"$tenant"'",
+              "base_url": "'"$baseURL"'",
+              "sdp_ui_base_url": "'"$sdpUIBaseURL"'",
+              "owner_email": "'"$ownerEmail"'",
+              "owner_first_name": "jane",
+              "owner_last_name": "doe",
+              "distribution_account_type": "DISTRIBUTION_ACCOUNT.STELLAR.DB_VAULT"
+            }')
+
+          http_code=$(echo "$response" | tail -n1)
+          response_body=$(echo "$response" | sed '$d')
+
+          if [[ "$http_code" -ge 200 && "$http_code" -lt 300 ]]; then
+              echo "✅ Tenant $tenant created successfully."
+              echo "🔗 You can now reset the password for the owner $ownerEmail on $sdpUIBaseURL/forgot-password"
+              echo "Response body: $response_body"
+          else
+              echo "❌ Failed to create tenant $tenant. HTTP status code: $http_code"
+              echo "Server response: $response_body"
+              exit 1
+          fi
+
+      - name: Run Migration
+        run: |
+          docker exec e2e-sdp-v2-database bash -c "psql -d $DATABASE_URL -c \"SELECT admin.migrate_tenant_data_from_v1_to_v2('migrated-tenant');\""
+
+      - name: Verify Row Counts
+        run: |
+          submitter_public_count=$(docker exec e2e-sdp-v2-database bash -c "psql -d $DATABASE_URL -t -c 'SELECT COUNT(*) FROM public.submitter_transactions;'")
+          submitter_tss_count=$(docker exec e2e-sdp-v2-database bash -c "psql -d $DATABASE_URL -t -c 'SELECT COUNT(*) FROM tss.submitter_transactions;'")
+          receiver_public_count=$(docker exec e2e-sdp-v2-database bash -c "psql -d $DATABASE_URL -t -c 'SELECT COUNT(*) FROM public.receivers;'")
+          receiver_migrated_count=$(docker exec e2e-sdp-v2-database bash -c "psql -d $DATABASE_URL -t -c 'SELECT COUNT(*) FROM \"sdp_migrated-tenant\".receivers;'")
+
+          if [ "$submitter_public_count" -eq "$submitter_tss_count" ] && [ "$submitter_public_count" -gt 0 ]; then
+              echo "✅ submitter_transactions row counts match and are greater than zero."
+          else
+              echo "❌ submitter_transactions row counts do not match or are not greater than zero."
+              exit 1
+          fi
+
+          if [ "$receiver_public_count" -eq "$receiver_migrated_count" ] && [ "$receiver_public_count" -gt 0 ]; then
+              echo "✅ receivers row counts match and are greater than zero."
+          else
+              echo "❌ receivers row counts do not match or are not greater than zero."
+              exit 1
+          fi
+
+      - name: Exclude Deprecated Tables
+        run: |
+          docker exec e2e-sdp-v2-database bash -c "psql -d $DATABASE_URL -c \"
+            BEGIN TRANSACTION;
+              DROP TABLE public.messages CASCADE;
+              DROP TABLE public.payments CASCADE;
+              DROP TABLE public.disbursements CASCADE;
+              DROP TABLE public.receiver_verifications CASCADE;
+              DROP TABLE public.receiver_wallets CASCADE;
+              DROP TABLE public.auth_user_password_reset CASCADE;
+              DROP TABLE public.auth_user_mfa_codes CASCADE;
+              DROP TABLE public.receivers CASCADE;
+              DROP TABLE public.auth_users CASCADE;
+              DROP TABLE public.wallets_assets CASCADE;
+              DROP TABLE public.assets CASCADE;
+              DROP TABLE public.wallets CASCADE;
+              DROP TABLE public.organizations CASCADE;
+              DROP TABLE public.gorp_migrations CASCADE;
+              DROP TABLE public.auth_migrations CASCADE;
+              DROP TABLE public.countries CASCADE;
+              DROP TABLE public.submitter_transactions CASCADE;
+              DROP TABLE public.channel_accounts CASCADE;
+            COMMIT;
+          \""
+
+      - name: Docker logs
+        if: always()
+        working-directory: internal/integrationtests/docker
+        run: |
+          docker-compose -f docker-compose-e2e-tests.yml logs
+          docker-compose -f docker-compose-e2e-tests.yml down -v
+        shell: bash