From fd63d23d61703e2357b5bbdbe10f4dbbacf4fe70 Mon Sep 17 00:00:00 2001
From: Andreas Braun <andreas.braun@mongodb.com>
Date: Mon, 26 May 2025 10:43:33 +0200
Subject: [PATCH 1/2] PHPLIB-1678: Fix failing builds (#1702)

* Use assume_role command before accessing secrets for atlas-data-lake tests

* Increase task timeout to 30 minutes

* Include AWS expansions when pulling mongohoused image
---
 .evergreen/config.yml            | 4 ++--
 .evergreen/config/functions.yml  | 1 +
 .evergreen/config/test-tasks.yml | 3 +++
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/.evergreen/config.yml b/.evergreen/config.yml
index 2c7fcb3b9..490093811 100644
--- a/.evergreen/config.yml
+++ b/.evergreen/config.yml
@@ -9,9 +9,9 @@ command_type: system
 # Fail builds when pre tasks fail.
 pre_error_fails_task: true
 
-# Protect ourselves against rogue test case that runs forever. Tasks are killed after 20 minutes, which shouldn't occur
+# Protect ourselves against rogue test case that runs forever. Tasks are killed after 30 minutes, which shouldn't occur
 # under normal circumstances.
-exec_timeout_secs: 1200
+exec_timeout_secs: 1800
 
 # These pre and post rules apply to all tasks not part of a task group, which should only ever be tests against local
 # MongoDB instances. All other tasks that require special preparation should be run from within a task group
diff --git a/.evergreen/config/functions.yml b/.evergreen/config/functions.yml
index 4fc2ba686..2312b7afa 100644
--- a/.evergreen/config/functions.yml
+++ b/.evergreen/config/functions.yml
@@ -158,6 +158,7 @@ functions:
   "bootstrap mongohoused":
     - command: shell.exec
       params:
+        include_expansions_in_env: [AWS_SECRET_ACCESS_KEY, AWS_ACCESS_KEY_ID, AWS_SESSION_TOKEN]
         script: |
           cd ${DRIVERS_TOOLS}/.evergreen/atlas_data_lake
 
diff --git a/.evergreen/config/test-tasks.yml b/.evergreen/config/test-tasks.yml
index 5519561c4..83b301c08 100644
--- a/.evergreen/config/test-tasks.yml
+++ b/.evergreen/config/test-tasks.yml
@@ -25,6 +25,9 @@ tasks:
 
   - name: "test-atlas-data-lake"
     commands:
+      - command: ec2.assume_role
+        params:
+          role_arn: ${aws_test_secrets_role}
       - func: "bootstrap mongohoused"
       - func: "run atlas data lake test"
 

From c5b87c0ecc10b42be8a254fb0b2cb03dd49ce319 Mon Sep 17 00:00:00 2001
From: Andreas Braun <andreas.braun@mongodb.com>
Date: Mon, 26 May 2025 15:21:49 +0200
Subject: [PATCH 2/2] PHPLIB-1674: Fix timeouts in CSE custom endpoint test
 (#1706)

---
 tests/SpecTests/ClientSideEncryptionSpecTest.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/tests/SpecTests/ClientSideEncryptionSpecTest.php b/tests/SpecTests/ClientSideEncryptionSpecTest.php
index b4d2986e2..8a8735547 100644
--- a/tests/SpecTests/ClientSideEncryptionSpecTest.php
+++ b/tests/SpecTests/ClientSideEncryptionSpecTest.php
@@ -762,7 +762,7 @@ public function testCustomEndpoint(Closure $test): void
             'kmsProviders' => [
                 'azure' => Context::getAzureCredentials() + ['identityPlatformEndpoint' => 'doesnotexist.invalid:443'],
                 'gcp' => Context::getGCPCredentials() + ['endpoint' => 'doesnotexist.invalid:443'],
-                'kmip' => ['endpoint' => 'doesnotexist.local:5698'],
+                'kmip' => ['endpoint' => 'doesnotexist.invalid:5698'],
             ],
             'tlsOptions' => [
                 'kmip' => Context::getKmsTlsOptions(),
@@ -810,9 +810,9 @@ static function (self $test, ClientEncryption $clientEncryption, ClientEncryptio
         ];
 
         yield 'Test 4' => [
-            static function (self $test, ClientEncryption $clientEncryption, ClientEncryption $clientEncryptionInvalid) use ($awsMasterKey): void {
+            static function (self $test, ClientEncryption $clientEncryption, ClientEncryption $clientEncryptionInvalid) use ($kmipMasterKey): void {
                 $test->expectException(ConnectionException::class);
-                $clientEncryption->createDataKey('aws', ['masterKey' => $awsMasterKey + ['endpoint' => 'kms.us-east-1.amazonaws.com:12345']]);
+                $clientEncryption->createDataKey('kmip', ['masterKey' => $kmipMasterKey + ['endpoint' => 'localhost:12345']]);
             },
         ];
 
@@ -873,7 +873,7 @@ static function (self $test, ClientEncryption $clientEncryption, ClientEncryptio
                 $test->assertSame('test', $clientEncryption->decrypt($encrypted));
 
                 $test->expectException(RuntimeException::class);
-                $test->expectExceptionMessageMatches('#doesnotexist.local#');
+                $test->expectExceptionMessageMatches('#doesnotexist.invalid#');
                 $clientEncryptionInvalid->createDataKey('kmip', ['masterKey' => $kmipMasterKey]);
             },
         ];
@@ -890,10 +890,10 @@ static function (self $test, ClientEncryption $clientEncryption, ClientEncryptio
 
         yield 'Test 12' => [
             static function (self $test, ClientEncryption $clientEncryption, ClientEncryption $clientEncryptionInvalid) use ($kmipMasterKey): void {
-                $kmipMasterKey['endpoint'] = 'doesnotexist.local:5698';
+                $kmipMasterKey['endpoint'] = 'doesnotexist.invalid:5698';
 
                 $test->expectException(RuntimeException::class);
-                $test->expectExceptionMessageMatches('#doesnotexist.local#');
+                $test->expectExceptionMessageMatches('#doesnotexist.invalid#');
                 $clientEncryption->createDataKey('kmip', ['masterKey' => $kmipMasterKey]);
             },
         ];