diff --git a/.github/workflows/encryption-tests.yml b/.github/workflows/encryption-tests.yml index 263ebaedc11..521aae66abb 100644 --- a/.github/workflows/encryption-tests.yml +++ b/.github/workflows/encryption-tests.yml @@ -31,7 +31,5 @@ jobs: node-version: latest - name: Install Dependencies run: npm install - - name: Install mongodb-client-encryption - run: npm install mongodb-client-encryption - name: Run Tests run: npm run test-encryption diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 06073758d97..103d03a6efa 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -46,7 +46,8 @@ If you have a question about Mongoose (not a bug report) please post it to eithe * execute `npm run test-tsd` to run the typescript tests * execute `npm run ts-benchmark` to run the typescript benchmark "performance test" for a single time. * execute `npm run ts-benchmark-watch` to run the typescript benchmark "performance test" while watching changes on types folder. Note: Make sure to commit all changes before executing this command. -* in order to run tests that require an cluster with encryption locally, run `npm run test-encryption`. Alternatively, you can start an encrypted cluster using the `scripts/configure-cluster-with-encryption.sh` file. +* in order to run tests that require an cluster with encryption locally, run `npm run test-encryption`. Alternatively, you can start an encrypted cluster using the `scripts/configure-cluster-with-encryption.sh` file. +* These scripts can take a few minutes to run. If a encryption script is exited prematurely, restart the shell and delete the `data/` directory to ensure clean-up. ## Documentation diff --git a/scripts/configure-cluster-with-encryption.sh b/scripts/configure-cluster-with-encryption.sh index 4584920ed40..9c4adf330b9 100644 --- a/scripts/configure-cluster-with-encryption.sh +++ b/scripts/configure-cluster-with-encryption.sh @@ -8,6 +8,9 @@ export CWD=$(pwd); mkdir data cd data +# install encryption dependency +npm install mongodb-client-encryption > /dev/null + # note: # we're using drivers-evergreen-tools which is a repo used by MongoDB drivers to start clusters for testing. # if you'd like to make changes to the cluster settings, edit the exported variables below. diff --git a/scripts/run-encryption-tests.sh b/scripts/run-encryption-tests.sh index 0209292168d..60b7dfae245 100755 --- a/scripts/run-encryption-tests.sh +++ b/scripts/run-encryption-tests.sh @@ -4,36 +4,20 @@ export CWD=$(pwd); +# install encryption dependency +npm install mongodb-client-encryption > /dev/null + # set up mongodb cluster and encryption configuration if the data/ folder does not exist # note: for tooling, cluster set-up and configuration look into the 'scripts/configure-cluster-with-encryption.sh' script - if [ -d "data" ]; then cd data else source $CWD/scripts/configure-cluster-with-encryption.sh fi -# extracts MONGOOSE_TEST_URI and CRYPT_SHARED_LIB_PATH from .yml file into environment variables for this test run -read -r -d '' SOURCE_SCRIPT << EOM -const fs = require('fs'); -const file = fs.readFileSync('mo-expansion.yml', { encoding: 'utf-8' }) - .trim().split('\\n'); -const regex = /^(?.*): "(?.*)"$/; -const variables = file.map( - (line) => regex.exec(line.trim()).groups -).map( - ({key, value}) => \`export \${key}='\${value}'\` -).join('\n'); - -process.stdout.write(variables); -process.stdout.write('\n'); -EOM - -node --eval "$SOURCE_SCRIPT" | tee expansions.sh -source expansions.sh - -export MONGOOSE_TEST_URI=$MONGODB_URI - # run encryption tests cd .. npx mocha --exit ./test/encryption/*.test.js + +# uninstall encryption dependency +npm uninstall mongodb-client-encryption > /dev/null \ No newline at end of file diff --git a/test/encryption/encryption.test.js b/test/encryption/encryption.test.js index 14e18306d94..a3b562e80aa 100644 --- a/test/encryption/encryption.test.js +++ b/test/encryption/encryption.test.js @@ -1,12 +1,31 @@ 'use strict'; const assert = require('assert'); -const mdb = require('mongodb'); +const mongodb = require('mongodb'); +const fs = require('fs'); const isBsonType = require('../../lib/helpers/isBsonType'); const LOCAL_KEY = Buffer.from('Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk', 'base64'); describe('ci', () => { + + const cachedUri = process.env.MONGOOSE_TEST_URI; + const cachedLib = process.env.CRYPT_SHARED_LIB_PATH; + + before(function() { + const cwd = process.cwd(); + const file = fs.readFileSync(cwd + '/data/mo-expansion.yml', { encoding: 'utf-8' }).trim().split('\n'); + const regex = /^(?.*): "(?.*)"$/; + const variables = file.map((line) => regex.exec(line.trim()).groups).reduce((acc, { key, value }) => ({ ...acc, [key]: value }), {}); + process.env.CRYPT_SHARED_LIB_PATH = variables.CRYPT_SHARED_LIB_PATH; + process.env.MONGOOSE_TEST_URI = variables.MONGODB_URI; + }); + + after(function() { + process.env.CRYPT_SHARED_LIB_PATH = cachedLib; + process.env.MONGOOSE_TEST_URI = cachedUri; + }); + describe('environmental variables', () => { it('MONGOOSE_TEST_URI is set', async function() { const uri = process.env.MONGOOSE_TEST_URI; @@ -26,16 +45,16 @@ describe('ci', () => { let unencryptedClient; beforeEach(async function() { - keyVaultClient = new mdb.MongoClient(process.env.MONGOOSE_TEST_URI); + keyVaultClient = new mongodb.MongoClient(process.env.MONGOOSE_TEST_URI); await keyVaultClient.connect(); await keyVaultClient.db('keyvault').collection('datakeys'); - const clientEncryption = new mdb.ClientEncryption(keyVaultClient, { + const clientEncryption = new mongodb.ClientEncryption(keyVaultClient, { keyVaultNamespace: 'keyvault.datakeys', kmsProviders: { local: { key: LOCAL_KEY } } }); dataKey = await clientEncryption.createDataKey('local'); - encryptedClient = new mdb.MongoClient( + encryptedClient = new mongodb.MongoClient( process.env.MONGOOSE_TEST_URI, { autoEncryption: { @@ -66,7 +85,7 @@ describe('ci', () => { } ); - unencryptedClient = new mdb.MongoClient(process.env.MONGOOSE_TEST_URI); + unencryptedClient = new mongodb.MongoClient(process.env.MONGOOSE_TEST_URI); }); afterEach(async function() {