fix: improve security by using GitHub secrets for private key

- Update GitHub Actions workflow to use TEST_RELAY_PRIVATE_KEY secret
- Enhance entrypoint.sh service readiness checks
- Remove hardcoded private key references

Co-Authored-By: Nico Krause <[email protected]>

.github/workflows/test.yml

@@ -19,6 +19,8 @@ jobs:
         restore-keys: |
           ${{ runner.os }}-buildx-
     - name: Set up Docker Compose
+      env:
+        TEST_RELAY_PRIVATE_KEY: ${{ secrets.TEST_RELAY_PRIVATE_KEY }}
       uses: hoverkraft-tech/[email protected]
       with:
         compose-file: "docker-compose-test.yml"
@@ -35,4 +37,4 @@ jobs:
     - name: Running-Tests
       run: |  
         echo "🧪 Running tests..."
-        docker compose -f docker-compose-test.yml exec relay-service npm test
+        docker compose -f docker-compose-test.yml exec relay-service npm test

docker/entrypoint.sh

@@ -73,20 +73,19 @@ if [ "$1" == "generate-key" ]; then
     fi
     cat .env
 
-    # Wait for all services to be ready before starting
-    if ! wait_for_services; then
-        echo "Failed to connect to required services"
-        exit 1
-    fi
+    # When generating key, just do that and exit
+    echo "Private key generated: $key_output"
+    exit 0
 elif [ "$1" == "start" ]; then
     echo "Starting node..."
-    # Wait for all services to be ready before starting
-    if wait_for_services; then
-        npm run start
-    else
+    # Wait for services and start only once
+    if ! wait_for_services; then
         echo "Failed to connect to required services"
         exit 1
     fi
+
+    # Start the service (only once)
+    npm run start
 else
     echo "Invalid command. Use 'generate-key' or 'start'."
     exit 1