Skip to content

test(NODE-6771): sync non-lb-connection-establishment test #4426

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Feb 24, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 0 additions & 34 deletions .evergreen/prepare-crypt-shared-lib.sh

This file was deleted.

7 changes: 3 additions & 4 deletions .evergreen/setup-fle.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,9 @@ bash ${DRIVERS_TOOLS}/.evergreen/csfle/setup-secrets.sh
source secrets-export.sh

if [ -z "${RUN_WITH_MONGOCRYPTD}" ]; then
# Set up crypt shared lib if we don't want to use mongocryptd
bash .evergreen/prepare-crypt-shared-lib.sh
source crypt_shared.sh
echo "CRYPT_SHARED_LIB_PATH: $CRYPT_SHARED_LIB_PATH"
echo "crypt shared: $CRYPT_SHARED_LIB_PATH"
else
rm $CRYPT_SHARED_LIB_PATH
unset CRYPT_SHARED_LIB_PATH
echo "CRYPT_SHARED_LIB_PATH not set; using mongocryptd"
fi
Original file line number Diff line number Diff line change
Expand Up @@ -1146,7 +1146,8 @@ describe('Client Side Encryption Prose Tests', metadata, function () {
mongocryptdSpawnArgs: [
'--pidfilepath=bypass-spawning-mongocryptd.pid',
'--port=27021'
]
],
cryptSharedLibSearchPaths: []
}
}
}
Expand Down
6 changes: 4 additions & 2 deletions test/integration/client-side-encryption/driver.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -718,6 +718,7 @@ describe('CSOT', function () {
keyVaultClient,
keyVaultNamespace: 'keyvault.datakeys',
kmsProviders: getLocalKmsProvider(),
extraOptions: getEncryptExtraOptions(),
schemaMap: {
'test.test': {
bsonType: 'object',
Expand Down Expand Up @@ -771,14 +772,15 @@ describe('CSOT', function () {
autoEncryption: {
keyVaultClient,
keyVaultNamespace: 'admin.datakeys',
kmsProviders: getLocalKmsProvider()
kmsProviders: getLocalKmsProvider(),
extraOptions: getEncryptExtraOptions()
}
}
);
});

afterEach(async function () {
await encryptedClient.close();
await encryptedClient?.close();
});

it('the command succeeds', metadata, async function () {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,8 @@ describe('CSOT spec unit tests', function () {
mongocryptdSpawnArgs: [
`--pidfilepath=${new ObjectId().toHexString()}.pid`,
'--port=27020'
]
],
cryptSharedLibSearchPaths: []
},
keyVaultNamespace: 'admin.datakeys',
kmsProviders: {
Expand Down
4 changes: 3 additions & 1 deletion test/integration/crud/crud.prose.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import {
MongoInvalidArgumentError,
MongoServerError
} from '../../mongodb';
import { getEncryptExtraOptions } from '../../tools/utils';
import { filterForCommands } from '../shared';

describe('CRUD Prose Spec Tests', () => {
Expand Down Expand Up @@ -1023,7 +1024,8 @@ describe('CRUD Prose Spec Tests', () => {
accessKeyId: 'foo',
secretAccessKey: 'bar'
}
}
},
extraOptions: getEncryptExtraOptions()
}
}
);
Expand Down
13 changes: 13 additions & 0 deletions test/spec/load-balancers/non-lb-connection-establishment.json
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,19 @@
"tests": [
{
"description": "operations against non-load balanced clusters fail if URI contains loadBalanced=true",
"runOnRequirements": [
{
"maxServerVersion": "8.0.99",
"topologies": [
"single"
]
},
{
"topologies": [
"sharded"
]
}
],
"operations": [
{
"name": "runCommand",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,11 @@ tests:
# If the server is not configured to be behind a load balancer and the URI contains loadBalanced=true, the driver
# should error during the connection handshake because the server's hello response does not contain a serviceId field.
- description: operations against non-load balanced clusters fail if URI contains loadBalanced=true
runOnRequirements:
- maxServerVersion: 8.0.99 # DRIVERS-3108: Skip test on >=8.1 mongod. SERVER-85804 changes a non-LB mongod to close connection.
topologies: [ single ]
- topologies: [ sharded ]

operations:
- name: runCommand
object: *lbTrueDatabase
Expand Down
45 changes: 42 additions & 3 deletions test/tools/runner/filters/client_encryption_filter.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,44 @@ import * as process from 'process';
import { satisfies } from 'semver';

import { kmsCredentialsPresent } from '../../../csfle-kms-providers';
import { type MongoClient } from '../../../mongodb';
import { type AutoEncrypter, MongoClient } from '../../../mongodb';
import { Filter } from './filter';

function getCryptSharedVersion(): AutoEncrypter['cryptSharedLibVersionInfo'] | null {
try {
const mc = new MongoClient('mongodb://localhost:27017', {
autoEncryption: {
kmsProviders: {
local: {
key: Buffer.alloc(96)
}
},
extraOptions: {
cryptSharedLibPath: process.env.CRYPT_SHARED_LIB_PATH
}
}
});
return mc.autoEncrypter.cryptSharedLibVersionInfo;
} catch {
try {
const mc = new MongoClient('mongodb://localhost:27017', {
autoEncryption: {
kmsProviders: {
local: {
key: Buffer.alloc(96)
}
}
}
});
return mc.autoEncrypter.cryptSharedLibVersionInfo;
} catch {
// squash errors
}
}

return null;
}

/**
* Filter for whether or not a test needs / doesn't need Client Side Encryption
*
Expand All @@ -24,15 +59,18 @@ export class ClientSideEncryptionFilter extends Filter {
enabled: boolean;
static version = null;
static libmongocrypt: string | null = null;
static cryptShared: AutoEncrypter['cryptSharedLibVersionInfo'] | null = null;

override async initializeFilter(client: MongoClient, context: Record<string, any>) {
let mongodbClientEncryption;
let mongodbClientEncryption: typeof import('mongodb-client-encryption');
try {
// eslint-disable-next-line @typescript-eslint/no-require-imports
mongodbClientEncryption = require('mongodb-client-encryption');
ClientSideEncryptionFilter.libmongocrypt = (
mongodbClientEncryption as typeof import('mongodb-client-encryption')
).MongoCrypt.libmongocryptVersion;

ClientSideEncryptionFilter.cryptShared = getCryptSharedVersion();
} catch (failedToGetFLELib) {
if (process.env.TEST_CSFLE) {
console.error({ failedToGetFLELib });
Expand All @@ -53,7 +91,8 @@ export class ClientSideEncryptionFilter extends Filter {
enabled: this.enabled,
mongodbClientEncryption,
version: ClientSideEncryptionFilter.version,
libmongocrypt: ClientSideEncryptionFilter.libmongocrypt
libmongocrypt: ClientSideEncryptionFilter.libmongocrypt,
cryptShared: ClientSideEncryptionFilter.cryptShared
};
}

Expand Down
4 changes: 1 addition & 3 deletions test/tools/runner/hooks/configuration.ts
Original file line number Diff line number Diff line change
Expand Up @@ -176,9 +176,7 @@ const testConfigBeforeHook = async function () {
auth: process.env.AUTH === 'auth',
tls: process.env.SSL === 'ssl',
csfle: {
enabled: this.configuration.clientSideEncryption.enabled,
version: this.configuration.clientSideEncryption.version,
libmongocrypt: this.configuration.clientSideEncryption.libmongocrypt
...this.configuration.clientSideEncryption
},
serverApi: MONGODB_API_VERSION,
atlas: process.env.ATLAS_CONNECTIVITY != null,
Expand Down