Canton - support Docker-internal networking (NONEVM-3773) (#816)

This:
- Adds an (optional) `InternalEndpoints *ParticipantEndpoints` to a
Canton `Participant`
	- It will automatically be populated when using the CTFProvider
- When using the RPC provider, it is optional and will only be populated
when specified in the input
- Make the RPC provider's `JSONLedgerAPIURL` & `ValidatorAPIURL` URLs
optional since they might not be available in all settings
- Bump CTF to:
https://github.com/smartcontractkit/chainlink-testing-framework/releases/tag/framework%2Fv0.15.0

Author: friedemannf

.changeset/neat-cameras-clap.md

@@ -0,0 +1,6 @@
+---
+"chainlink-deployments-framework": minor
+---
+
+Add InternalEndpoints to Canton Chain
+Bump CTF to v0.15.0

chain/canton/canton_chain.go

@@ -36,6 +36,8 @@ type Participant struct {
 	Name string
 	// The endpoints to interact with the participant's APIs
 	Endpoints ParticipantEndpoints
+	// Optional (Docker) internal endpoints to interact with the participant's APIs
+	InternalEndpoints *ParticipantEndpoints
 	// The set of service clients to interact with the participant's Ledger API.
 	// All clients are ready-to-use and are already configured with the correct authentication.
 	LedgerServices LedgerServiceClients

chain/canton/provider/ctf_provider.go

@@ -99,7 +99,7 @@ func (p *CTFChainProvider) Initialize(ctx context.Context) (chain.BlockChain, er
 	}
 
 	// Test HTTP health endpoint
-	for i, participant := range output.NetworkSpecificData.CantonEndpoints.Participants {
+	for i, participant := range output.NetworkSpecificData.CantonData.ExternalEndpoints.Participants {
 		req, err := http.NewRequestWithContext(ctx, http.MethodGet, participant.HTTPHealthCheckURL+"/health", nil)
 		require.NoError(p.t, err)
 		resp, err := http.DefaultClient.Do(req)
@@ -110,10 +110,10 @@ func (p *CTFChainProvider) Initialize(ctx context.Context) (chain.BlockChain, er
 
 	p.chain = &canton.Chain{
 		ChainMetadata: canton.ChainMetadata{Selector: p.selector},
-		Participants:  make([]canton.Participant, len(output.NetworkSpecificData.CantonEndpoints.Participants)),
+		Participants:  make([]canton.Participant, len(output.NetworkSpecificData.CantonData.ExternalEndpoints.Participants)),
 	}
 
-	for i, participantEndpoints := range output.NetworkSpecificData.CantonEndpoints.Participants {
+	for i, participantEndpoints := range output.NetworkSpecificData.CantonData.ExternalEndpoints.Participants {
 		// Create an InsecureStaticProvider that always returns the same JWT token for the participant
 		authProvider := authentication.NewInsecureStaticProvider(participantEndpoints.JWT)
 		tokenSource := authProvider.TokenSource()
@@ -159,6 +159,12 @@ func (p *CTFChainProvider) Initialize(ctx context.Context) (chain.BlockChain, er
 				AdminAPIURL:      participantEndpoints.AdminAPIURL,
 				ValidatorAPIURL:  participantEndpoints.ValidatorAPIURL,
 			},
+			InternalEndpoints: &canton.ParticipantEndpoints{
+				JSONLedgerAPIURL: output.NetworkSpecificData.CantonData.InternalEndpoints.Participants[i].JSONLedgerAPIURL,
+				GRPCLedgerAPIURL: output.NetworkSpecificData.CantonData.InternalEndpoints.Participants[i].GRPCLedgerAPIURL,
+				AdminAPIURL:      output.NetworkSpecificData.CantonData.InternalEndpoints.Participants[i].AdminAPIURL,
+				ValidatorAPIURL:  output.NetworkSpecificData.CantonData.InternalEndpoints.Participants[i].ValidatorAPIURL,
+			},
 			LedgerServices: ledgerServices,
 			AdminServices:  &adminServices,
 			TokenSource:    tokenSource,

chain/canton/provider/ctf_provider_test.go

@@ -116,6 +116,12 @@ func Test_CTFChainProvider_Initialize(t *testing.T) {
 					// Test that admin service client can be called
 					_, err = participant.AdminServices.Package.ListDars(t.Context(), &participantv30.ListDarsRequest{})
 					require.NoError(t, err)
+					// Test that the internal endpoints have been populated
+					require.NotNil(t, participant.InternalEndpoints)
+					assert.NotEmpty(t, participant.InternalEndpoints.JSONLedgerAPIURL)
+					assert.NotEmpty(t, participant.InternalEndpoints.GRPCLedgerAPIURL)
+					assert.NotEmpty(t, participant.InternalEndpoints.AdminAPIURL)
+					assert.NotEmpty(t, participant.InternalEndpoints.ValidatorAPIURL)
 				}
 
 				// Check that subsequent calls to Initialize don't re-initialize the chain

chain/canton/provider/rpc_provider.go

@@ -22,8 +22,27 @@ type RPCChainProviderConfig struct {
 // ParticipantConfig is the configuration of a single participant.
 // It contains the configuration details to connect and authenticate against a participant's APIs.
 type ParticipantConfig struct {
-	// (HTTP) The URL to access the participant's JSON Ledger API
+	// The endpoints used to connect to this participant's APIs.
+	Endpoints
+	// The (Docker) internal endpoints used to connect to the participant's APIs.
+	// If Specified, the resulting chain will have its InternalEndpoints field populated with these values.
+	// This is useful when having to connect Canton from within another Docker container.
+	// Optional
+	InternalEndpoints *Endpoints
+	// The UserID of the user that should be used for accessing the participant's API endpoints.
+	// Required
+	UserID string
+	// The PartyID of the party that should be used for accessing the participant's API endpoints.
+	// Required
+	PartyID string
+	// An authentication.Provider implementation that provides the credentials for authenticating with the participant's API endpoints.
 	// Required
+	AuthProvider authentication.Provider
+}
+
+type Endpoints struct {
+	// (HTTP) The URL to access the participant's JSON Ledger API
+	// Optional
 	// https://docs.digitalasset.com/build/3.5/reference/json-api/json-api.html
 	JSONLedgerAPIURL string
 	// (gRPC) The URL to access the participant's gRPC Ledger API
@@ -35,34 +54,19 @@ type ParticipantConfig struct {
 	// https://docs.digitalasset.com/operate/3.5/howtos/configure/apis/admin_api.html
 	AdminAPIURL string
 	// (HTTP) The URL to access the participant's Validator API
-	// Required
+	// Optional
 	// https://docs.sync.global/app_dev/validator_api/index.html
 	ValidatorAPIURL string
-	// The UserID of the user that should be used for accessing the participant's API endpoints.
-	// Required
-	UserID string
-	// The PartyID of the party that should be used for accessing the participant's API endpoints.
-	// Required
-	PartyID string
-	// An authentication.Provider implementation that provides the credentials for authenticating with the participant's API endpoints.
-	// Required
-	AuthProvider authentication.Provider
 }
 
 func (c RPCChainProviderConfig) validate() error {
 	if len(c.Participants) == 0 {
 		return errors.New("no participants specified")
 	}
 	for i, participant := range c.Participants {
-		if participant.JSONLedgerAPIURL == "" {
-			return fmt.Errorf("participant %d has no JSON Ledger API URL set", i+1)
-		}
 		if participant.GRPCLedgerAPIURL == "" {
 			return fmt.Errorf("participant %d has no gRPC Ledger API URL set", i+1)
 		}
-		if participant.ValidatorAPIURL == "" {
-			return fmt.Errorf("participant %d has no Validator API URL set", i+1)
-		}
 		if participant.UserID == "" {
 			return fmt.Errorf("participant %d has no User ID set", i+1)
 		}
@@ -140,6 +144,17 @@ func (p *RPCChainProvider) Initialize(_ context.Context) (chain.BlockChain, erro
 			adminServices = &services
 		}
 
+		// Populate internal endpoints (if set)
+		var internalEndpoints *canton.ParticipantEndpoints
+		if participant.InternalEndpoints != nil {
+			internalEndpoints = &canton.ParticipantEndpoints{
+				JSONLedgerAPIURL: participant.InternalEndpoints.JSONLedgerAPIURL,
+				GRPCLedgerAPIURL: participant.InternalEndpoints.GRPCLedgerAPIURL,
+				AdminAPIURL:      participant.InternalEndpoints.AdminAPIURL,
+				ValidatorAPIURL:  participant.InternalEndpoints.ValidatorAPIURL,
+			}
+		}
+
 		p.chain.Participants[i] = canton.Participant{
 			Name: fmt.Sprintf("Participant %v", i+1),
 			Endpoints: canton.ParticipantEndpoints{
@@ -148,11 +163,12 @@ func (p *RPCChainProvider) Initialize(_ context.Context) (chain.BlockChain, erro
 				AdminAPIURL:      participant.AdminAPIURL,
 				ValidatorAPIURL:  participant.ValidatorAPIURL,
 			},
-			LedgerServices: ledgerServices,
-			AdminServices:  adminServices,
-			TokenSource:    tokenSource,
-			UserID:         participant.UserID,
-			PartyID:        participant.PartyID,
+			InternalEndpoints: internalEndpoints,
+			LedgerServices:    ledgerServices,
+			AdminServices:     adminServices,
+			TokenSource:       tokenSource,
+			UserID:            participant.UserID,
+			PartyID:           participant.PartyID,
 		}
 	}