Persisting Scan Urls in the Validator App (#3254)

[ci]

Signed-off-by: Pasindu Tennage <pasindu.tennage@digitalasset.com>

Author: pasindutennage-da

apps/app/src/test/scala/org/lfdecentralizedtrust/splice/integration/plugins/UseToxiproxy.scala

@@ -1,6 +1,6 @@
 package org.lfdecentralizedtrust.splice.integration.plugins.toxiproxy
 
-import org.lfdecentralizedtrust.splice.config.{SpliceConfig, ParticipantClientConfig}
+import org.lfdecentralizedtrust.splice.config.{ParticipantClientConfig, SpliceConfig}
 import org.lfdecentralizedtrust.splice.sv.config.SvParticipantClientConfig
 import org.lfdecentralizedtrust.splice.environment.SpliceEnvironment
 import org.lfdecentralizedtrust.splice.scan.admin.api.client.BftScanConnection.BftScanClientConfig
@@ -167,7 +167,7 @@ case class UseToxiproxy(
                         BftScanClientConfig.TrustSingle(newUrl, amuletRulesCacheTimeToLive)
                       ),
                     )
-                  case BftScanClientConfig.Bft(seedUrls, _, amuletRulesCacheTimeToLive) =>
+                  case BftScanClientConfig.Bft(seedUrls, _, amuletRulesCacheTimeToLive, _) =>
                     val newUrl = addScanAppHttpProxy(n.unwrap, seedUrls.head, basePortBump)
                     (
                       n,
@@ -182,6 +182,7 @@ case class UseToxiproxy(
                           _,
                           amuletRulesCacheTimeToLive,
                           scansRefreshInterval,
+                          _,
                         ) =>
                     val newUrl = addScanAppHttpProxy(n.unwrap, seedUrls.head, basePortBump)
                     (

apps/app/src/test/scala/org/lfdecentralizedtrust/splice/integration/tests/BftScanConnectionIntegrationTest.scala

@@ -1,20 +1,30 @@
+// Copyright (c) 2025 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
 package org.lfdecentralizedtrust.splice.integration.tests
 
+import cats.data.{NonEmptyList, OptionT}
+import com.digitalasset.canton.config.NonNegativeFiniteDuration
 import com.digitalasset.canton.logging.SuppressionRule
 import com.digitalasset.canton.{HasActorSystem, HasExecutionContext}
 import org.apache.pekko.http.scaladsl.Http
+import org.apache.pekko.http.scaladsl.model.Uri
 import org.apache.pekko.http.scaladsl.model.headers.{Authorization, OAuth2BearerToken}
 import org.lfdecentralizedtrust.splice.codegen.java.splice.api.token.transferinstructionv1.TransferInstruction
+import org.lfdecentralizedtrust.splice.config.ConfigTransforms
 import org.lfdecentralizedtrust.splice.http.v0.wallet as http
 import org.lfdecentralizedtrust.splice.http.v0.wallet.AcceptTokenStandardTransferResponse
 import org.lfdecentralizedtrust.splice.integration.EnvironmentDefinition
 import org.lfdecentralizedtrust.splice.integration.tests.SpliceTests.IntegrationTest
+import org.lfdecentralizedtrust.splice.scan.admin.api.client.BftScanConnection.BftScanClientConfig
 import org.lfdecentralizedtrust.splice.util.{SvTestUtil, WalletTestUtil}
+import org.lfdecentralizedtrust.splice.validator.store.ValidatorConfigProvider.ScanUrlInternalConfig
 import org.lfdecentralizedtrust.tokenstandard.transferinstruction
 import org.lfdecentralizedtrust.tokenstandard.transferinstruction.v1.GetTransferInstructionAcceptContextResponse
 import org.lfdecentralizedtrust.tokenstandard.transferinstruction.v1.definitions.GetChoiceContextRequest
 import org.slf4j.event.Level
 
+import scala.concurrent.Future
 import scala.jdk.CollectionConverters.*
 import scala.jdk.OptionConverters.*
 
@@ -30,6 +40,19 @@ class BftScanConnectionIntegrationTest
   override def environmentDefinition: SpliceEnvironmentDefinition =
     EnvironmentDefinition
       .simpleTopology4Svs(this.getClass.getSimpleName)
+      .addConfigTransforms((_, config) =>
+        ConfigTransforms.updateAllValidatorConfigs {
+          case (name, c) if name == "aliceValidator" =>
+            val dbEnabledConfig = BftScanClientConfig.Bft(
+              seedUrls = NonEmptyList.of(
+                Uri("http://127.0.0.1:5012")
+              ),
+              scansRefreshInterval = NonNegativeFiniteDuration.ofSeconds(60),
+            )
+            c.copy(scanClient = dbEnabledConfig)
+          case (_, c) => c
+        }(config)
+      )
       .withManualStart
 
   "init fast enough even if there are unavailable scans" in { implicit env =>
@@ -66,7 +89,9 @@ class BftScanConnectionIntegrationTest
           .forall(msg =>
             msg
               .contains(s"Failed to connect to scan of ${getSvName(2)} (http://localhost:5112).") ||
-              msg.contains("Encountered 4 consecutive transient failures")
+              msg.contains("Encountered 4 consecutive transient failures") || msg.contains(
+                "Failed to connect to scan of FAILED Seed URL #0 (http://localhost:5112)."
+              )
           ) should be(true)).withClue(s"Actual Logs: $logs"),
     )
 
@@ -157,4 +182,81 @@ class BftScanConnectionIntegrationTest
     }
   }
 
+  "validator onboarding and recovery succeed with internal config turned on" in { implicit env =>
+    startAllSync(
+      sv1Backend,
+      sv1ScanBackend,
+      sv2Backend,
+      sv2ScanBackend,
+      sv3Backend,
+      sv3ScanBackend,
+      sv4Backend,
+      sv4ScanBackend,
+    )
+
+    loggerFactory.assertEventuallyLogsSeq(SuppressionRule.LevelAndAbove(Level.INFO))(
+      {
+        aliceValidatorBackend.startSync()
+      },
+      logs => {
+        val aliceValidatorLogs = logs.filter(_.loggerName.contains("validator=aliceValidator"))
+        val messages = aliceValidatorLogs.map(_.message)
+        withClue("Validator should first bootstrap with 1 and then 4 scans") {
+          messages.filter(_.contains(bootstrapsWith1UrlLog)) should have length 1
+          messages.filter(_.contains(bootstrapsWith4UrlsLog)) should have length 1
+        }.withClue(
+          s"Actual Logs: \n ${messages.filter(_.contains(bootstrapsWith1UrlLog))} \n ${messages
+              .filter(_.contains(bootstrapsWith4UrlsLog))}"
+        )
+      },
+    )
+
+    val persistedState: OptionT[Future, Seq[ScanUrlInternalConfig]] =
+      aliceValidatorBackend.appState.configProvider.getScanUrlInternalConfig()
+
+    val expectedConfigs = Seq(
+      ScanUrlInternalConfig(getSvName(1), "http://localhost:5012"),
+      ScanUrlInternalConfig(getSvName(2), "http://localhost:5112"),
+      ScanUrlInternalConfig(getSvName(3), "http://localhost:5212"),
+      ScanUrlInternalConfig(getSvName(4), "http://localhost:5312"),
+    )
+
+    withClue("Persisted state should contain the expected internal scan configurations") {
+      persistedState.value.futureValue.value should contain theSameElementsAs expectedConfigs
+    }
+
+    loggerFactory.assertEventuallyLogsSeq(SuppressionRule.LevelAndAbove(Level.INFO))(
+      {
+        aliceValidatorBackend.stop()
+        aliceValidatorBackend.startSync()
+      },
+      logs => {
+        val aliceValidatorLogs = logs.filter(_.loggerName.contains("validator=aliceValidator"))
+        val messages = aliceValidatorLogs.map(_.message)
+        withClue(
+          "Validator should bootstrap with all the scan urls persisted to the internal store"
+        ) {
+          messages.filter(_.contains(bootstrapsWith1UrlLog)) should have length 0
+          messages.filter(_.contains(bootstrapsWith4UrlsLog)) should have length 2
+        }.withClue(
+          s"Actual Logs: \n ${messages.filter(_.contains(bootstrapsWith1UrlLog))} \n ${messages
+              .filter(_.contains(bootstrapsWith4UrlsLog))} "
+        )
+      },
+    )
+
+    withClue("Alice's validator should be able to onboard a user after establishing connections.") {
+      eventuallySucceeds() {
+        aliceValidatorBackend.onboardUser(aliceWalletClient.config.ledgerApiUser)
+      }
+    }
+
+  }
+
+  private val bootstrapsWith1UrlLog =
+    s"Validator bootstrapping with 1 seed URLs: List(http://127.0.0.1:5012)"
+
+  private val bootstrapsWith4UrlsLog =
+    s"Validator bootstrapping with 4 seed URLs: List(http://localhost:5012, http://localhost:5112, http://localhost:5212, http://localhost:5312)"
+
 }

apps/scan/src/main/scala/org/lfdecentralizedtrust/splice/scan/admin/api/client/BftScanConnection.scala

@@ -870,6 +870,7 @@ object BftScanConnection {
     protected val initialScanConnections: Seq[SingleScanConnection]
     protected val initialFailedConnections: Map[Uri, Throwable]
     protected val connectionBuilder: Uri => Future[SingleScanConnection]
+    protected val scanUrlsChangedCallback: Seq[(String, String)] => Future[Unit]
     protected val getScans: BftScanConnection => Future[Seq[DsoScan]]
     val scansRefreshInterval: NonNegativeFiniteDuration
     val retryProvider: RetryProvider
@@ -944,10 +945,16 @@ object BftScanConnection {
 
         filteredScans = filterScans(scansInDsoRules)
 
+        dsoScanSeq: Seq[(String, String)] = filteredScans.map(scan =>
+          (scan.svName, scan.publicUrl.toString)
+        )
+
+        _ = scanUrlsChangedCallback(dsoScanSeq)
+
         newState <- computeNewState(retriedCurrentState, filteredScans)
       } yield {
         currentScanConnectionsRef.set(newState)
-        logger.info(s"Updated scan list to $newState")
+        logger.info(s"Updated scan list with ${dsoScanSeq.length} scans: $newState")
 
         val connections = newState.scanConnections
         validateState(newState)
@@ -993,7 +1000,6 @@ object BftScanConnection {
               attemptToClose(connection)
             }
           }
-
           BftState(
             (currentScanConnections -- removedScans) ++ newScansSuccessfulConnections,
             (currentFailed -- removedScans) ++ newScansFailedConnections,
@@ -1064,6 +1070,7 @@ object BftScanConnection {
       override val initialScanConnections: Seq[SingleScanConnection],
       override val initialFailedConnections: Map[Uri, Throwable],
       override val connectionBuilder: Uri => Future[SingleScanConnection],
+      protected val scanUrlsChangedCallback: Seq[(String, String)] => Future[Unit],
       override val getScans: BftScanConnection => Future[Seq[DsoScan]],
       override val scansRefreshInterval: NonNegativeFiniteDuration,
       override val retryProvider: RetryProvider,
@@ -1090,6 +1097,7 @@ object BftScanConnection {
       override val initialScanConnections: Seq[SingleScanConnection],
       override val initialFailedConnections: Map[Uri, Throwable],
       override val connectionBuilder: Uri => Future[SingleScanConnection],
+      protected val scanUrlsChangedCallback: Seq[(String, String)] => Future[Unit],
       override val getScans: BftScanConnection => Future[Seq[DsoScan]],
       override val scansRefreshInterval: NonNegativeFiniteDuration,
       override val retryProvider: RetryProvider,
@@ -1180,12 +1188,16 @@ object BftScanConnection {
       retryProvider: RetryProvider,
       loggerFactory: NamedLoggerFactory,
       builder: (Uri, NonNegativeFiniteDuration) => Future[SingleScanConnection],
+      refreshScanUrlsCallback: Seq[(String, String)] => Future[Unit],
   )(implicit
       ec: ExecutionContextExecutor,
       tc: TraceContext,
       mat: Materializer,
   ): Future[BftScanConnection] = {
     val logger = loggerFactory.getTracedLogger(getClass)
+
+    logger.info(s"Validator bootstrapping with ${seedUrls.size} seed URLs: ${seedUrls.toList}")
+
     for {
       initialSeedConnections <- seedUrls.traverse(uri =>
         builder(uri, amuletRulesCacheTimeToLive).transformWith {
@@ -1211,6 +1223,7 @@ object BftScanConnection {
             successfulSeedConnections,
             failedSeeds.toMap,
             uri => builder(uri, amuletRulesCacheTimeToLive),
+            refreshScanUrlsCallback,
             Bft.getScansInDsoRules,
             scansRefreshInterval,
             retryProvider,
@@ -1238,6 +1251,9 @@ object BftScanConnection {
       clock: Clock,
       retryProvider: RetryProvider,
       loggerFactory: NamedLoggerFactory,
+      lastPersistedScanUrlList: () => Future[Option[List[(String, String)]]] = () =>
+        Future.successful(None),
+      persistScanUrlsCallback: Seq[(String, String)] => Future[Unit] = _ => Future.unit,
   )(implicit
       ec: ExecutionContextExecutor,
       tc: TraceContext,
@@ -1263,21 +1279,38 @@ object BftScanConnection {
           loggerFactory,
         )
 
-      case ts @ BftScanClientConfig.BftCustom(_, _, _, _, _) =>
+      case ts @ BftScanClientConfig.BftCustom(_, _, _, _, _, _) =>
         // We bootstrap with the set of provided seed-urls.
         // Since not all trusted SV seeds are provided (most likely), they will not be used in the initial scan connection checking.
         // In the future, add a new threshold for how many trusted seed-urls should be there.
-
         for {
+          lastPersistedScans <- lastPersistedScanUrlList()
+          bootstrapUris: NonEmptyList[Uri] =
+            if (ts.useLastKnownConnectionsForInitialization) {
+              lastPersistedScans match {
+                case Some(list) if list.nonEmpty =>
+                  val urlStrings: List[String] = list.map(_._2)
+                  val uris: List[Uri] = urlStrings.map(u => Uri(u))
+                  NonEmptyList.fromList(uris).getOrElse {
+                    ts.seedUrls
+                  }
+                case _ =>
+                  ts.seedUrls
+              }
+            } else {
+              ts.seedUrls
+            }
           tempBftConnection <- bootstrapWithSeedNodes(
-            ts.seedUrls,
+            bootstrapUris,
             ts.amuletRulesCacheTimeToLive,
             spliceLedgerClient,
             ts.scansRefreshInterval,
             clock,
             retryProvider,
             loggerFactory,
             builder,
+            if (ts.useLastKnownConnectionsForInitialization) { persistScanUrlsCallback }
+            else { _ => Future.unit },
           )
 
           // Use the temporary connection to get a consensus on the full list of scans
@@ -1318,6 +1351,8 @@ object BftScanConnection {
             connections,
             failed.toMap,
             uri => builder(uri, ts.amuletRulesCacheTimeToLive),
+            if (ts.useLastKnownConnectionsForInitialization) { persistScanUrlsCallback }
+            else { _ => Future.unit },
             Bft.getScansInDsoRules,
             ts.scansRefreshInterval,
             retryProvider,
@@ -1352,18 +1387,36 @@ object BftScanConnection {
           )
         } yield bftConnection
 
-      case bft @ BftScanClientConfig.Bft(_, _, _) =>
+      case bft @ BftScanClientConfig.Bft(_, _, _, _) =>
         for {
+          lastPersistedScans <- lastPersistedScanUrlList()
+          bootstrapUris: NonEmptyList[Uri] =
+            if (bft.useLastKnownConnectionsForInitialization) {
+              lastPersistedScans match {
+                case Some(list) if list.nonEmpty =>
+                  val urlStrings: List[String] = list.map(_._2)
+                  val uris: List[Uri] = urlStrings.map(u => Uri(u))
+                  NonEmptyList.fromList(uris).getOrElse {
+                    bft.seedUrls
+                  }
+                case _ =>
+                  bft.seedUrls
+              }
+            } else {
+              bft.seedUrls
+            }
 
           bftConnection <- bootstrapWithSeedNodes(
-            bft.seedUrls,
+            bootstrapUris,
             bft.amuletRulesCacheTimeToLive,
             spliceLedgerClient,
             bft.scansRefreshInterval,
             clock,
             retryProvider,
             loggerFactory,
             builder,
+            if (bft.useLastKnownConnectionsForInitialization) { persistScanUrlsCallback }
+            else { _ => Future.unit },
           )
           _ <- retryProvider.waitUntil(
             RetryFor.WaitingOnInitDependency,
@@ -1437,6 +1490,7 @@ object BftScanConnection {
         connections,
         failed.toMap,
         uri => builder(uri, amuletRulesCacheTimeToLive),
+        _ => Future.unit,
         _ => Bft.getPeerScansFromStore(store, svName),
         scansRefreshInterval,
         retryProvider,
@@ -1505,6 +1559,7 @@ object BftScanConnection {
           ScanAppClientConfig.DefaultAmuletRulesCacheTimeToLive,
         scansRefreshInterval: NonNegativeFiniteDuration =
           ScanAppClientConfig.DefaultScansRefreshInterval,
+        useLastKnownConnectionsForInitialization: Boolean = true,
     ) extends BftScanClientConfig {
       def setAmuletRulesCacheTimeToLive(ttl: NonNegativeFiniteDuration): BftCustom =
         copy(amuletRulesCacheTimeToLive = ttl)
@@ -1516,6 +1571,7 @@ object BftScanConnection {
           ScanAppClientConfig.DefaultScansRefreshInterval,
         amuletRulesCacheTimeToLive: NonNegativeFiniteDuration =
           ScanAppClientConfig.DefaultAmuletRulesCacheTimeToLive,
+        useLastKnownConnectionsForInitialization: Boolean = true,
     ) extends BftScanClientConfig {
       def setAmuletRulesCacheTimeToLive(ttl: NonNegativeFiniteDuration): Bft =
         copy(amuletRulesCacheTimeToLive = ttl)

apps/scan/src/test/scala/org/lfdecentralizedtrust/splice/scan/admin/api/client/BftScanConnectionTest.scala

@@ -209,6 +209,7 @@ class BftScanConnectionTest
         initialConnections,
         initialFailedConnections,
         connectionBuilder,
+        _ => Future.unit,
         Bft.getScansInDsoRules,
         NonNegativeFiniteDuration.ofSeconds(refreshSeconds),
         retryProvider,