test: run secure store rpc tests on one thread

Author: mootz12

.github/workflows/rpc-tests.yml

@@ -49,12 +49,7 @@ jobs:
         # the login password doesn't matter, but the keyring must be unlocked for the tests to work
         # this is based on the ci workflow in the keyring crate repo
         run:
-          gnome-keyring-daemon --components=secrets --daemonize --unlock <<<
-          'foobar'
-      - name: Check GNOME Keyring
-        if: runner.os == 'Linux'
-        run: |
-          gnome-keyring-daemon
+          gnome-keyring-daemon --components=secrets --daemonize --unlock <<< 'foobar'
       - run: cargo build --features additional-libs
       - run: rustup target add wasm32v1-none
       - run: make build-test-wasms

cmd/crates/soroban-test/tests/it/integration/secure_store.rs

@@ -2,36 +2,49 @@ use predicates::prelude::predicate;
 use soroban_cli::tx::ONE_XLM;
 use soroban_test::{AssertExt, TestEnv};
 
-fn secure_store_key(sandbox: &TestEnv, name: &str) -> String {
+// All secure store tests are run within one test to avoid issues with multiple
+// tests trying to access the dbus at the same time which can lead to intermittent failures.
+#[tokio::test]
+async fn secure_store_key_management() {
+    let sandbox = &TestEnv::new();
+
+    let secure_key_name = "secure-store-test";
+
+    // generate a new secret key in secure store
     sandbox
         .new_assert_cmd("keys")
-        .args(["generate", "--fund", "--secure-store", name])
+        .args(["generate", secure_key_name, "--secure-store", "--fund"])
         .assert()
-        .success()
-        .stdout_as_str();
+        .success();
 
+    // validate that we cannot get the secret key back
     sandbox
         .new_assert_cmd("keys")
-        .args(["address", name])
+        .arg("secret")
+        .arg(secure_key_name)
         .assert()
-        .success()
-        .stdout_as_str()
-}
+        .stderr(predicate::str::contains("does not reveal secret key"))
+        .failure();
 
-// test that we can create a create-account tx and sign it with a secure-store key
-#[tokio::test]
-async fn create_account() {
-    let sandbox = &TestEnv::new();
-    let secure_store_address = secure_store_key(sandbox, "secure-store");
+    // validate that we can get the public key
+    let secure_store_address = sandbox
+        .new_assert_cmd("keys")
+        .args(["address", secure_key_name])
+        .assert()
+        .success()
+        .stdout_as_str();
+    assert!(secure_store_address.starts_with('G'));
 
+    // use the secure store key to fund a new account
+    let new_key_name = "new";
     sandbox
         .new_assert_cmd("keys")
-        .args(["generate", "new"])
+        .args(["generate", new_key_name])
         .assert()
         .success();
     let new_address = sandbox
         .new_assert_cmd("keys")
-        .args(["address", "new"])
+        .args(["address", new_key_name])
         .assert()
         .success()
         .stdout_as_str();
@@ -50,7 +63,7 @@ async fn create_account() {
             "--starting-balance",
             starting_balance.to_string().as_str(),
             "--source",
-            "secure-store",
+            secure_key_name,
         ])
         .assert()
         .success()
@@ -61,38 +74,4 @@ async fn create_account() {
 
     let new_account = client.get_account(&new_address).await.unwrap();
     assert_eq!(new_account.balance, starting_balance);
-}
-
-#[tokio::test]
-async fn get_secret_key() {
-    let sandbox = &TestEnv::new();
-    sandbox
-        .new_assert_cmd("keys")
-        .args(["generate", "secret-key-test", "--secure-store", "--fund"])
-        .assert()
-        .success();
-    sandbox
-        .new_assert_cmd("keys")
-        .arg("secret")
-        .arg("secret-key-test")
-        .assert()
-        .stderr(predicate::str::contains("does not reveal secret key"))
-        .failure();
-}
-
-#[tokio::test]
-async fn public_key_with_secure_store() {
-    let sandbox = &TestEnv::new();
-    sandbox
-        .new_assert_cmd("keys")
-        .args(["generate", "public-key-test", "--secure-store", "--fund"])
-        .assert()
-        .success();
-    sandbox
-        .new_assert_cmd("keys")
-        .arg("public-key")
-        .arg("public-key-test")
-        .assert()
-        .stdout(predicate::str::contains("G"))
-        .success();
-}
+}