Skip to content

ci(NODE-4698): test csfle with mongocryptd #3684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 13 commits into from
May 26, 2023
Merged

ci(NODE-4698): test csfle with mongocryptd #3684

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
63795b2
ci(NODE-4698): start working on mongocryptd tasks
W-A-James May 24, 2023
76d129f
style(NODE-4698): remove comment
W-A-James May 24, 2023
6c2245c
ci(NODE-4698): add mongocryptd CI runs
W-A-James May 25, 2023
2012bd3
Merge branch 'main' into NODE-4698/test_crypt_shared_with_older_serve…
W-A-James May 25, 2023
48d97c4
ci(NODE-4698): remove unused function
W-A-James May 25, 2023
c44eb70
ci(NODE-4698): regen evergreen config
W-A-James May 25, 2023
bff5d08
refactor(NODE-4698): refactor ci gen script
W-A-James May 25, 2023
b9cc02b
style(NODE-4698): remove extra new line
W-A-James May 25, 2023
45e7e04
ci(NODE-4698): remove redundant environment variable initialization
W-A-James May 25, 2023
2f37fe3
ci(NODE-4698): regen config.yml
W-A-James May 25, 2023
d928ba2
ci(NODE-4698): only run on sharded cluster
W-A-James May 25, 2023
4d3a6b9
ci(NODE-4698): run on latest and rapid; make use of semver package
W-A-James May 26, 2023
422cb5d
style(NODE-4698): remove call to semver.coerce
W-A-James May 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 9 additions & 3 deletions .evergreen/config.in.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,7 @@ functions:
if [ -n "${CLIENT_ENCRYPTION}" ]; then
cat <<EOT > prepare_client_encryption.sh
export CLIENT_ENCRYPTION=${CLIENT_ENCRYPTION}
export RUN_WITH_MONGOCRYPTD=${RUN_WITH_MONGOCRYPTD}
export CSFLE_KMS_PROVIDERS='${CSFLE_KMS_PROVIDERS}'
export AWS_ACCESS_KEY_ID='${AWS_ACCESS_KEY_ID}'
export AWS_SECRET_ACCESS_KEY='${AWS_SECRET_ACCESS_KEY}'
Expand Down Expand Up @@ -218,10 +219,15 @@ functions:
export VERSION=${VERSION}
export DRIVERS_TOOLS=${DRIVERS_TOOLS}

source ${PROJECT_DIRECTORY}/.evergreen/prepare-crypt-shared-lib.sh

echo "CRYPT_SHARED_LIB_PATH: $CRYPT_SHARED_LIB_PATH"
if [ -z "${RUN_WITH_MONGOCRYPTD}" ]; then
# Set up crypt shared lib if we don't want to use mongocryptd
source ${PROJECT_DIRECTORY}/.evergreen/prepare-crypt-shared-lib.sh
echo "CRYPT_SHARED_LIB_PATH: $CRYPT_SHARED_LIB_PATH"
else
echo "CRYPT_SHARED_LIB_PATH not set; using mongocryptd"
fi

TEST_NPM_SCRIPT="${TEST_NPM_SCRIPT|check:integration-coverage}" \
MONGODB_URI="${MONGODB_URI}" \
AUTH=${AUTH} SSL=${SSL} TEST_CSFLE=true \
MONGODB_API_VERSION="${MONGODB_API_VERSION}" \
Expand Down
147 changes: 144 additions & 3 deletions .evergreen/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,7 @@ functions:
if [ -n "${CLIENT_ENCRYPTION}" ]; then
cat <<EOT > prepare_client_encryption.sh
export CLIENT_ENCRYPTION=${CLIENT_ENCRYPTION}
export RUN_WITH_MONGOCRYPTD=${RUN_WITH_MONGOCRYPTD}
export CSFLE_KMS_PROVIDERS='${CSFLE_KMS_PROVIDERS}'
export AWS_ACCESS_KEY_ID='${AWS_ACCESS_KEY_ID}'
export AWS_SECRET_ACCESS_KEY='${AWS_SECRET_ACCESS_KEY}'
Expand Down Expand Up @@ -187,10 +188,15 @@ functions:
export VERSION=${VERSION}
export DRIVERS_TOOLS=${DRIVERS_TOOLS}

source ${PROJECT_DIRECTORY}/.evergreen/prepare-crypt-shared-lib.sh

echo "CRYPT_SHARED_LIB_PATH: $CRYPT_SHARED_LIB_PATH"
if [ -z "${RUN_WITH_MONGOCRYPTD}" ]; then
# Set up crypt shared lib if we don't want to use mongocryptd
source ${PROJECT_DIRECTORY}/.evergreen/prepare-crypt-shared-lib.sh
echo "CRYPT_SHARED_LIB_PATH: $CRYPT_SHARED_LIB_PATH"
else
echo "CRYPT_SHARED_LIB_PATH not set; using mongocryptd"
fi

TEST_NPM_SCRIPT="${TEST_NPM_SCRIPT|check:integration-coverage}" \
MONGODB_URI="${MONGODB_URI}" \
AUTH=${AUTH} SSL=${SSL} TEST_CSFLE=true \
MONGODB_API_VERSION="${MONGODB_API_VERSION}" \
Expand Down Expand Up @@ -3084,6 +3090,111 @@ tasks:
- func: add aws auth variables to file
- func: setup aws env
- func: run lambda handler example tests with aws auth
- name: test-latest-csfle-mongocryptd
tags:
- latest
- sharded_cluster
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
VERSION: latest
TOPOLOGY: sharded_cluster
AUTH: auth
- func: bootstrap kms servers
- func: run tests
vars:
TEST_NPM_SCRIPT: check:csfle
- name: test-rapid-csfle-mongocryptd
tags:
- rapid
- sharded_cluster
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
VERSION: rapid
TOPOLOGY: sharded_cluster
AUTH: auth
- func: bootstrap kms servers
- func: run tests
vars:
TEST_NPM_SCRIPT: check:csfle
- name: test-7.0-csfle-mongocryptd
tags:
- '7.0'
- sharded_cluster
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
VERSION: '7.0'
TOPOLOGY: sharded_cluster
AUTH: auth
- func: bootstrap kms servers
- func: run tests
vars:
TEST_NPM_SCRIPT: check:csfle
- name: test-6.0-csfle-mongocryptd
tags:
- '6.0'
- sharded_cluster
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
VERSION: '6.0'
TOPOLOGY: sharded_cluster
AUTH: auth
- func: bootstrap kms servers
- func: run tests
vars:
TEST_NPM_SCRIPT: check:csfle
- name: test-5.0-csfle-mongocryptd
tags:
- '5.0'
- sharded_cluster
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
VERSION: '5.0'
TOPOLOGY: sharded_cluster
AUTH: auth
- func: bootstrap kms servers
- func: run tests
vars:
TEST_NPM_SCRIPT: check:csfle
- name: test-4.4-csfle-mongocryptd
tags:
- '4.4'
- sharded_cluster
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
VERSION: '4.4'
TOPOLOGY: sharded_cluster
AUTH: auth
- func: bootstrap kms servers
- func: run tests
vars:
TEST_NPM_SCRIPT: check:csfle
- name: test-4.2-csfle-mongocryptd
tags:
- '4.2'
- sharded_cluster
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
VERSION: '4.2'
TOPOLOGY: sharded_cluster
AUTH: auth
- func: bootstrap kms servers
- func: run tests
vars:
TEST_NPM_SCRIPT: check:csfle
- name: run-mongosh-browser-repl
tags:
- run-mongosh-integration-tests
Expand Down Expand Up @@ -3716,6 +3827,36 @@ buildvariants:
- test-tls-support-5.0
- test-tls-support-4.4
- test-tls-support-4.2
- name: rhel8-node14-test-csfle-mongocryptd
display_name: rhel 8 Node14 test mongocryptd
run_on: rhel80-large
expansions:
CLIENT_ENCRYPTION: true
RUN_WITH_MONGOCRYPTD: true
NODE_LTS_VERSION: 14
tasks:
- test-latest-csfle-mongocryptd
- test-rapid-csfle-mongocryptd
- test-7.0-csfle-mongocryptd
- test-6.0-csfle-mongocryptd
- test-5.0-csfle-mongocryptd
- test-4.4-csfle-mongocryptd
- test-4.2-csfle-mongocryptd
- name: rhel8-node20-test-csfle-mongocryptd
display_name: rhel 8 Node20 test mongocryptd
run_on: rhel80-large
expansions:
CLIENT_ENCRYPTION: true
RUN_WITH_MONGOCRYPTD: true
NODE_LTS_VERSION: 14
tasks:
- test-latest-csfle-mongocryptd
- test-rapid-csfle-mongocryptd
- test-7.0-csfle-mongocryptd
- test-6.0-csfle-mongocryptd
- test-5.0-csfle-mongocryptd
- test-4.4-csfle-mongocryptd
- test-4.2-csfle-mongocryptd
- name: macos-1100
display_name: MacOS 11 Node20
run_on: macos-1100
Expand Down
48 changes: 48 additions & 0 deletions .evergreen/generate_evergreen_tasks.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
const fs = require('fs');
const yaml = require('js-yaml');
const semver = require('semver');
const { mongoshTasks } = require('./generate_mongosh_tasks');

const {
Expand Down Expand Up @@ -461,6 +462,52 @@ for (const {
}
}

// Running CSFLE tests with mongocryptd
const MONGOCRYPTD_CSFLE_TASKS = MONGODB_VERSIONS
.filter(mongoVersion => ['latest', 'rapid'].includes(mongoVersion)
|| semver.gte(`${mongoVersion}.0`, '4.2.0'))
.map((mongoVersion) => {
return {
name: `test-${mongoVersion}-csfle-mongocryptd`,
tags: [mongoVersion, 'sharded_cluster'],
commands: [
{ func: 'install dependencies' },
{
func: 'bootstrap mongo-orchestration',
vars: {
VERSION: mongoVersion,
TOPOLOGY: 'sharded_cluster',
AUTH: 'auth'
}
},
{ func: 'bootstrap kms servers' },
{
func: 'run tests',
vars: {
TEST_NPM_SCRIPT: 'check:csfle'
}
}
]
}
});

for (const nodeVersion of [LOWEST_LTS, LATEST_LTS]) {
const name = `rhel8-node${nodeVersion}-test-csfle-mongocryptd`;
const displayName = `rhel 8 Node${nodeVersion} test mongocryptd`;
BUILD_VARIANTS.push({
name,
display_name: displayName,
run_on: DEFAULT_OS,
expansions: {
CLIENT_ENCRYPTION: true,
RUN_WITH_MONGOCRYPTD: true,
NODE_LTS_VERSION: LOWEST_LTS
},
tasks:
MONGOCRYPTD_CSFLE_TASKS.map(task => task.name)
});
}

BUILD_VARIANTS.push({
name: 'macos-1100',
display_name: `MacOS 11 Node${LATEST_LTS}`,
Expand Down Expand Up @@ -730,6 +777,7 @@ fileData.tasks = (fileData.tasks || [])
.concat(SINGLETON_TASKS)
.concat(AUTH_DISABLED_TASKS)
.concat(AWS_LAMBDA_HANDLER_TASKS)
.concat(MONGOCRYPTD_CSFLE_TASKS)
.concat(mongoshTasks);

fileData.buildvariants = (fileData.buildvariants || []).concat(BUILD_VARIANTS);
Expand Down