Fix end-to-end tests for recent Synapse features (#8159)

* Ensure a useful logfile gets recorded for synapse startup failures

* Update synapse config to stop complaining about key servers

* Add flag to turn on registrations again

From matrix-org/synapse#12091

test/end-to-end-tests/pick-synapse-log-file.js

@@ -0,0 +1,26 @@
+/*
+Copyright 2022 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+const path = require('path');
+
+// used from run.sh as getopts doesn't support long parameters
+const idx = process.argv.indexOf("--log-directory");
+if (idx !== -1) {
+    const value = process.argv[idx + 1];
+    process.stdout.write(path.join(path.resolve(value), 'homeserver.log'));
+} else {
+    process.stdout.write(path.join(process.cwd(), 'homeserver.log'));
+}

test/end-to-end-tests/run.sh

@@ -10,6 +10,8 @@ echo "Please first run $BASE_DIR/install.sh"
 fi
 
 has_custom_app=$(node has-custom-app.js $@)
+synapse_log_file=$(node pick-synapse-log-file.js $@)
+touch $synapse_log_file
 
 if [ ! -d "element/element-web" ] && [ $has_custom_app -ne "1" ]; then
     echo "Please provide an instance of Element to test against by passing --app-url <url> or running $BASE_DIR/element/install.sh"
@@ -25,13 +27,14 @@ stop_servers() {
 
 handle_error() {
 	EXIT_CODE=$?
+	echo "Tests fell over with a non-zero exit code: stopping servers"
 	stop_servers
 	exit $EXIT_CODE
 }
 
 trap 'handle_error' ERR
 
-./synapse/start.sh
+LOGFILE=$synapse_log_file ./synapse/start.sh
 reg_secret=`./synapse/getcfg.sh registration_shared_secret`
 if [ $has_custom_app -ne "1" ]; then
     ./element/start.sh

test/end-to-end-tests/synapse/config-templates/consent/homeserver.yaml

@@ -633,6 +633,12 @@ uploads_path: "{{SYNAPSE_ROOT}}uploads"
 #
 enable_registration: true
 
+# Enable registration without email or captcha verification. Note: this option is *not* recommended,
+# as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect
+# unless `enable_registration` is also enabled.
+#
+enable_registration_without_verification: true
+
 # The user must provide all of the below types of 3PID when registering.
 #
 #registrations_require_3pid:
@@ -792,13 +798,50 @@ signing_key_path: "{{SYNAPSE_ROOT}}localhost.signing.key"
 
 # The trusted servers to download signing keys from.
 #
-#perspectives:
-#  servers:
-#    "matrix.org":
-#      verify_keys:
-#        "ed25519:auto":
-#          key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"
+# When we need to fetch a signing key, each server is tried in parallel.
+#
+# Normally, the connection to the key server is validated via TLS certificates.
+# Additional security can be provided by configuring a `verify key`, which
+# will make synapse check that the response is signed by that key.
+#
+# This setting supercedes an older setting named `perspectives`. The old format
+# is still supported for backwards-compatibility, but it is deprecated.
+#
+# 'trusted_key_servers' defaults to matrix.org, but using it will generate a
+# warning on start-up. To suppress this warning, set
+# 'suppress_key_server_warning' to true.
+#
+# Options for each entry in the list include:
+#
+#    server_name: the name of the server. required.
+#
+#    verify_keys: an optional map from key id to base64-encoded public key.
+#       If specified, we will check that the response is signed by at least
+#       one of the given keys.
+#
+#    accept_keys_insecurely: a boolean. Normally, if `verify_keys` is unset,
+#       and federation_verify_certificates is not `true`, synapse will refuse
+#       to start, because this would allow anyone who can spoof DNS responses
+#       to masquerade as the trusted key server. If you know what you are doing
+#       and are sure that your network environment provides a secure connection
+#       to the key server, you can set this to `true` to override this
+#       behaviour.
+#
+# An example configuration might look like:
+#
+#trusted_key_servers:
+#  - server_name: "my_trusted_server.example.com"
+#    verify_keys:
+#      "ed25519:auto": "abcdefghijklmnopqrstuvwxyzabcdefghijklmopqr"
+#  - server_name: "my_other_trusted_server.example.com"
+#
+trusted_key_servers:
+    - server_name: "matrix.org"
 
+# Uncomment the following to disable the warning that is emitted when the
+# trusted_key_servers include 'matrix.org'. See above.
+#
+suppress_key_server_warning: true
 
 # Enable SAML2 for registration and login. Uses pysaml2.
 #

test/end-to-end-tests/synapse/start.sh

@@ -5,11 +5,5 @@ BASE_DIR=$(cd $(dirname $0) && pwd)
 cd $BASE_DIR
 cd installations/consent/env/bin/
 source activate
-LOGFILE=$(mktemp)
 echo "Synapse log file at $LOGFILE"
 ./synctl start 2> $LOGFILE
-EXIT_CODE=$?
-if [ $EXIT_CODE -ne 0 ]; then
-	cat $LOGFILE
-fi
-exit $EXIT_CODE