go/oasis-test-runner: Generalize key manager upgrade scenario

The key manager upgrade scenario has been refactored to retrieve
the entity's nonce and the key manager's old deployments from
the consensus layer. This modification enables the test to be used
in cross-version test scenarios, where the nonce and the deployments
are defined in the pre-upgrade scenario.

go/oasis-test-runner/scenario/e2e/e2e.go

@@ -3,6 +3,7 @@ package e2e
 
 import (
 	"bytes"
+	"context"
 	"crypto/sha256"
 	"encoding/json"
 	"fmt"
@@ -13,7 +14,10 @@ import (
 
 	flag "github.com/spf13/pflag"
 
+	"github.com/oasisprotocol/oasis-core/go/common/crypto/signature"
+	"github.com/oasisprotocol/oasis-core/go/common/entity"
 	"github.com/oasisprotocol/oasis-core/go/common/logging"
+	consensus "github.com/oasisprotocol/oasis-core/go/consensus/api"
 	"github.com/oasisprotocol/oasis-core/go/consensus/api/transaction"
 	consensusGenesis "github.com/oasisprotocol/oasis-core/go/consensus/genesis"
 	genesis "github.com/oasisprotocol/oasis-core/go/genesis/api"
@@ -23,6 +27,8 @@ import (
 	"github.com/oasisprotocol/oasis-core/go/oasis-test-runner/oasis"
 	"github.com/oasisprotocol/oasis-core/go/oasis-test-runner/oasis/cli"
 	"github.com/oasisprotocol/oasis-core/go/oasis-test-runner/scenario"
+	registry "github.com/oasisprotocol/oasis-core/go/registry/api"
+	staking "github.com/oasisprotocol/oasis-core/go/staking/api"
 )
 
 const (
@@ -183,6 +189,33 @@ func (sc *Scenario) GetExportedGenesisFiles(skipCompute bool) ([]string, error)
 	return files, nil
 }
 
+func (sc *Scenario) GetTestEntityNonce(ctx context.Context) (uint64, error) {
+	ent, _, err := entity.TestEntity()
+	if err != nil {
+		return 0, err
+	}
+	return sc.GetEntityNonce(ctx, ent)
+}
+
+func (sc *Scenario) GetEntityNonce(ctx context.Context, ent *entity.Entity) (uint64, error) {
+	addr := staking.NewAddress(ent.ID)
+	return sc.Net.ClientController().Consensus.GetSignerNonce(ctx, &consensus.GetSignerNonceRequest{
+		Height:         consensus.HeightLatest,
+		AccountAddress: addr,
+	})
+}
+
+func (sc *Scenario) GetEntityNonceByID(ctx context.Context, id signature.PublicKey) (uint64, error) {
+	ent, err := sc.Net.ClientController().Registry.GetEntity(ctx, &registry.IDQuery{
+		Height: consensus.HeightLatest,
+		ID:     id,
+	})
+	if err != nil {
+		return 0, err
+	}
+	return sc.GetEntityNonce(ctx, ent)
+}
+
 // Flag for consensus state reset.
 const (
 	PreserveValidatorRuntimeStorage uint8 = iota

go/oasis-test-runner/scenario/e2e/runtime/keymanager_upgrade.go

@@ -238,16 +238,23 @@ func (sc *KmUpgradeImpl) Run(childEnv *env.Env) error {
 		return err
 	}
 
+	// Fetch nonce.
+	nonce, err := sc.GetTestEntityNonce(ctx)
+	if err != nil {
+		return err
+	}
+	sc.nonce = nonce
+
 	// Generate and update a policy that will allow replication for the new
 	// keymanager.
-	if err := sc.applyUpgradePolicy(childEnv); err != nil {
+	if err = sc.applyUpgradePolicy(childEnv); err != nil {
 		return fmt.Errorf("updating policies: %w", err)
 	}
 
 	// Start the new keymanager.
 	sc.Logger.Info("starting new keymanager")
 	newKm := sc.Net.Keymanagers()[1]
-	if err := newKm.Start(); err != nil {
+	if err = newKm.Start(); err != nil {
 		return fmt.Errorf("starting new key-manager: %w", err)
 	}
 
@@ -257,9 +264,17 @@ func (sc *KmUpgradeImpl) Run(childEnv *env.Env) error {
 		return fmt.Errorf("failed to get current epoch: %w", err)
 	}
 
+	// Fetch old deployment.
+	oldRtDsc, err := sc.Net.Controller().Registry.GetRuntime(ctx, &registry.GetRuntimeQuery{
+		Height: consensus.HeightLatest,
+		ID:     sc.Net.Runtimes()[2].ID(),
+	})
+	if err != nil {
+		return fmt.Errorf("failed to get runtime descriptor: %w", err)
+	}
+
 	// Update runtime to include the new enclave identity.
 	sc.Logger.Info("updating keymanager runtime descriptor")
-	oldRtDsc := sc.Net.Runtimes()[0].ToRuntimeDescriptor()
 	newRt := sc.Net.Runtimes()[2]
 	rtDsc := newRt.ToRuntimeDescriptor()
 	rtDsc.Deployments[0].ValidFrom = epoch + 1