diff --git a/.evergreen/.evg.yml b/.evergreen/.evg.yml index 5102ce130b0..989df45d44b 100644 --- a/.evergreen/.evg.yml +++ b/.evergreen/.evg.yml @@ -227,24 +227,29 @@ functions: type: test params: working_dir: "src" + env: + AWS_ACCESS_KEY_ID: ${aws_access_key_id} + AWS_SECRET_ACCESS_KEY: ${aws_secret_access_key} + AWS_DEFAULT_REGION: us-east-1 + AZURE_TENANT_ID: ${azure_tenant_id} + AZURE_CLIENT_ID: ${azure_client_id} + AZURE_CLIENT_SECRET: ${azure_client_secret} + GCP_EMAIL: ${gcp_email} + GCP_PRIVATE_KEY: ${gcp_private_key} + AZUREKMS_KEY_VAULT_ENDPOINT: ${testazurekms_keyvaultendpoint} + AZUREKMS_KEY_NAME: ${testazurekms_keyname} script: | ${PREPARE_SHELL} - export AWS_ACCESS_KEY_ID=${aws_access_key_id} - export AWS_SECRET_ACCESS_KEY=${aws_secret_access_key} - export AWS_DEFAULT_REGION=us-east-1 + . ${DRIVERS_TOOLS}/.evergreen/csfle/set-temp-creds.sh + + export AWS_TEMP_ACCESS_KEY_ID=$CSFLE_AWS_TEMP_ACCESS_KEY_ID + export AWS_TEMP_SECRET_ACCESS_KEY=$CSFLE_AWS_TEMP_SECRET_ACCESS_KEY + export AWS_TEMP_SESSION_TOKEN=$CSFLE_AWS_TEMP_SESSION_TOKEN + export CRYPT_SHARED_LIB_PATH=${CRYPT_SHARED_LIB_PATH} + AUTH="${AUTH}" SSL="${SSL}" MONGODB_URI="${MONGODB_URI}" SAFE_FOR_MULTI_MONGOS="${SAFE_FOR_MULTI_MONGOS}" TOPOLOGY="${TOPOLOGY}" \ - COMPRESSOR="${COMPRESSOR}" JAVA_VERSION="${JAVA_VERSION}" \ - AWS_ACCESS_KEY_ID=${aws_access_key_id} AWS_SECRET_ACCESS_KEY=${aws_secret_access_key} \ - AWS_TEMP_ACCESS_KEY_ID=$CSFLE_AWS_TEMP_ACCESS_KEY_ID \ - AWS_TEMP_SECRET_ACCESS_KEY=$CSFLE_AWS_TEMP_SECRET_ACCESS_KEY \ - AWS_TEMP_SESSION_TOKEN=$CSFLE_AWS_TEMP_SESSION_TOKEN \ - AZURE_TENANT_ID=${azure_tenant_id} AZURE_CLIENT_ID=${azure_client_id} AZURE_CLIENT_SECRET=${azure_client_secret} \ - GCP_EMAIL=${gcp_email} GCP_PRIVATE_KEY=${gcp_private_key} \ - AZUREKMS_KEY_VAULT_ENDPOINT=${testazurekms_keyvaultendpoint} \ - AZUREKMS_KEY_NAME=${testazurekms_keyname} \ - REQUIRE_API_VERSION=${REQUIRE_API_VERSION} \ - CRYPT_SHARED_LIB_PATH="${CRYPT_SHARED_LIB_PATH}" \ + COMPRESSOR="${COMPRESSOR}" JAVA_VERSION="${JAVA_VERSION}" REQUIRE_API_VERSION=${REQUIRE_API_VERSION} \ .evergreen/run-tests.sh "run load-balancer tests": @@ -784,52 +789,65 @@ functions: type: test params: working_dir: "src" + env: + AWS_ACCESS_KEY_ID: ${aws_access_key_id} + AWS_SECRET_ACCESS_KEY: ${aws_secret_access_key} script: | ${PREPARE_SHELL} set +o xtrace - MONGODB_URI="${MONGODB_URI}" AWS_ACCESS_KEY_ID=${aws_access_key_id} AWS_SECRET_ACCESS_KEY=${aws_secret_access_key} \ - .evergreen/run-csfle-aws-from-environment.sh + MONGODB_URI="${MONGODB_URI}" .evergreen/run-csfle-aws-from-environment.sh "run csfle tests with mongocryptd": - command: shell.exec type: test params: working_dir: "src" + env: + AWS_ACCESS_KEY_ID: ${aws_access_key_id} + AWS_SECRET_ACCESS_KEY: ${aws_secret_access_key} + AWS_DEFAULT_REGION: us-east-1 + AZURE_TENANT_ID: ${azure_tenant_id} + AZURE_CLIENT_ID: ${azure_client_id} + AZURE_CLIENT_SECRET: ${azure_client_secret} + GCP_EMAIL: ${gcp_email} + GCP_PRIVATE_KEY: ${gcp_private_key} + AZUREKMS_KEY_VAULT_ENDPOINT: ${testazurekms_keyvaultendpoint} + AZUREKMS_KEY_NAME: ${testazurekms_keyname} script: | ${PREPARE_SHELL} - export AWS_ACCESS_KEY_ID=${aws_access_key_id} - export AWS_SECRET_ACCESS_KEY=${aws_secret_access_key} - export AWS_DEFAULT_REGION=us-east-1 . ${DRIVERS_TOOLS}/.evergreen/csfle/set-temp-creds.sh - MONGODB_URI="${MONGODB_URI}" \ - JAVA_VERSION="${JAVA_VERSION}" \ - AWS_ACCESS_KEY_ID=${aws_access_key_id} AWS_SECRET_ACCESS_KEY=${aws_secret_access_key} \ - AWS_TEMP_ACCESS_KEY_ID=$CSFLE_AWS_TEMP_ACCESS_KEY_ID \ - AWS_TEMP_SECRET_ACCESS_KEY=$CSFLE_AWS_TEMP_SECRET_ACCESS_KEY \ - AWS_TEMP_SESSION_TOKEN=$CSFLE_AWS_TEMP_SESSION_TOKEN \ - AZURE_TENANT_ID=${azure_tenant_id} AZURE_CLIENT_ID=${azure_client_id} AZURE_CLIENT_SECRET=${azure_client_secret} \ - GCP_EMAIL=${gcp_email} GCP_PRIVATE_KEY=${gcp_private_key} \ - AZUREKMS_KEY_VAULT_ENDPOINT=${testazurekms_keyvaultendpoint} \ - AZUREKMS_KEY_NAME=${testazurekms_keyname} \ - .evergreen/run-csfle-tests-with-mongocryptd.sh + + export AWS_TEMP_ACCESS_KEY_ID=$CSFLE_AWS_TEMP_ACCESS_KEY_ID + export AWS_TEMP_SECRET_ACCESS_KEY=$CSFLE_AWS_TEMP_SECRET_ACCESS_KEY + export AWS_TEMP_SESSION_TOKEN=$CSFLE_AWS_TEMP_SESSION_TOKEN + + MONGODB_URI="${MONGODB_URI}" JAVA_VERSION="${JAVA_VERSION}" .evergreen/run-csfle-tests-with-mongocryptd.sh "publish snapshot": - command: shell.exec type: test params: working_dir: "src" + env: + NEXUS_USERNAME: ${nexus_username} + NEXUS_PASSWORD: ${nexus_password} + SIGNING_PASSWORD: ${signing_password} + SIGNING_KEY: ${gpg_ascii_armored} script: | - # DO NOT ECHO WITH XTRACE (which PREPARE_SHELL does) - RELEASE=false PROJECT_DIRECTORY=${PROJECT_DIRECTORY} NEXUS_USERNAME=${nexus_username} NEXUS_PASSWORD=${nexus_password} SIGNING_PASSWORD=${signing_password} SIGNING_KEY="${gpg_ascii_armored}" .evergreen/publish.sh + RELEASE=false PROJECT_DIRECTORY=${PROJECT_DIRECTORY} .evergreen/publish.sh "publish release": - command: shell.exec type: test params: working_dir: "src" + env: + NEXUS_USERNAME: ${nexus_username} + NEXUS_PASSWORD: ${nexus_password} + SIGNING_PASSWORD: ${signing_password} + SIGNING_KEY: ${gpg_ascii_armored} script: | - # DO NOT ECHO WITH XTRACE (which PREPARE_SHELL does) - RELEASE=true PROJECT_DIRECTORY=${PROJECT_DIRECTORY} NEXUS_USERNAME=${nexus_username} NEXUS_PASSWORD=${nexus_password} SIGNING_PASSWORD=${signing_password} SIGNING_KEY="${gpg_ascii_armored}" .evergreen/publish.sh + RELEASE=true PROJECT_DIRECTORY=${PROJECT_DIRECTORY} .evergreen/publish.sh "cleanup": - command: shell.exec diff --git a/.evergreen/run-csfle-tests-with-mongocryptd.sh b/.evergreen/run-csfle-tests-with-mongocryptd.sh index 95a23402e95..7927ec5eb85 100755 --- a/.evergreen/run-csfle-tests-with-mongocryptd.sh +++ b/.evergreen/run-csfle-tests-with-mongocryptd.sh @@ -49,19 +49,14 @@ provision_ssl () { provision_ssl echo "Running tests with Java ${JAVA_VERSION}" + ./gradlew -version -# By not specifying the path to the `crypt_shared` via the `org.mongodb.test.crypt.shared.lib.path` Java system property, +# By not specifying the path to the `crypt_shared` via the `CRYPT_SHARED_LIB_PATH` Java system property, # we force the driver to start `mongocryptd` instead of loading and using `crypt_shared`. ./gradlew -PjavaVersion=${JAVA_VERSION} -Dorg.mongodb.test.uri=${MONGODB_URI} \ - -Dorg.mongodb.test.fle.on.demand.credential.test.failure.enabled="true" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.azure.keyVaultEndpoint="${AZUREKMS_KEY_VAULT_ENDPOINT}" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.azure.keyName="${AZUREKMS_KEY_NAME}" \ - -Dorg.mongodb.test.awsAccessKeyId=${AWS_ACCESS_KEY_ID} -Dorg.mongodb.test.awsSecretAccessKey=${AWS_SECRET_ACCESS_KEY} \ - -Dorg.mongodb.test.tmpAwsAccessKeyId=${AWS_TEMP_ACCESS_KEY_ID} -Dorg.mongodb.test.tmpAwsSecretAccessKey=${AWS_TEMP_SECRET_ACCESS_KEY} -Dorg.mongodb.test.tmpAwsSessionToken=${AWS_TEMP_SESSION_TOKEN} \ - -Dorg.mongodb.test.azureTenantId=${AZURE_TENANT_ID} -Dorg.mongodb.test.azureClientId=${AZURE_CLIENT_ID} -Dorg.mongodb.test.azureClientSecret=${AZURE_CLIENT_SECRET} \ - -Dorg.mongodb.test.gcpEmail=${GCP_EMAIL} -Dorg.mongodb.test.gcpPrivateKey=${GCP_PRIVATE_KEY} \ ${GRADLE_EXTRA_VARS} \ + -Dorg.mongodb.test.fle.on.demand.credential.test.failure.enabled=true \ --stacktrace --info --continue \ driver-legacy:test \ --tests "*.Client*Encryption*" \ diff --git a/.evergreen/run-fle-on-demand-credential-test.sh b/.evergreen/run-fle-on-demand-credential-test.sh index d0132b6c1ac..df70ef67cb7 100755 --- a/.evergreen/run-fle-on-demand-credential-test.sh +++ b/.evergreen/run-fle-on-demand-credential-test.sh @@ -20,20 +20,16 @@ if ! which java ; then sudo apt install openjdk-17-jdk -y fi +export PROVIDER=${PROVIDER} + ./gradlew -Dorg.mongodb.test.uri="${MONGODB_URI}" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.success.enabled="true" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.azure.keyVaultEndpoint="${AZUREKMS_KEY_VAULT_ENDPOINT}" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.azure.keyName="${AZUREKMS_KEY_NAME}" \ - -Dorg.mongodb.test.fle.on.demand.credential.provider="${PROVIDER}" \ + -Dorg.mongodb.test.fle.on.demand.credential.test.success.enabled=true \ --stacktrace --debug --info driver-sync:test --tests ClientSideEncryptionOnDemandCredentialsTest first=$? echo $first ./gradlew -Dorg.mongodb.test.uri="${MONGODB_URI}" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.success.enabled="true" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.azure.keyVaultEndpoint="${AZUREKMS_KEY_VAULT_ENDPOINT}" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.azure.keyName="${AZUREKMS_KEY_NAME}" \ - -Dorg.mongodb.test.fle.on.demand.credential.provider="${PROVIDER}" \ + -Dorg.mongodb.test.fle.on.demand.credential.test.success.enabled=true \ --stacktrace --debug --info driver-reactive-streams:test --tests ClientSideEncryptionOnDemandCredentialsTest second=$? echo $second diff --git a/.evergreen/run-tests.sh b/.evergreen/run-tests.sh index eb897ef68a5..06a31098177 100755 --- a/.evergreen/run-tests.sh +++ b/.evergreen/run-tests.sh @@ -141,15 +141,8 @@ if [ "$SLOW_TESTS_ONLY" == "true" ]; then --stacktrace --info testSlowOnly else ./gradlew -PjavaVersion=${JAVA_VERSION} -Dorg.mongodb.test.uri=${MONGODB_URI} \ - -Dorg.mongodb.test.fle.on.demand.credential.test.failure.enabled="true" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.azure.keyVaultEndpoint="${AZUREKMS_KEY_VAULT_ENDPOINT}" \ - -Dorg.mongodb.test.fle.on.demand.credential.test.azure.keyName="${AZUREKMS_KEY_NAME}" \ - -Dorg.mongodb.test.awsAccessKeyId=${AWS_ACCESS_KEY_ID} -Dorg.mongodb.test.awsSecretAccessKey=${AWS_SECRET_ACCESS_KEY} \ - -Dorg.mongodb.test.tmpAwsAccessKeyId=${AWS_TEMP_ACCESS_KEY_ID} -Dorg.mongodb.test.tmpAwsSecretAccessKey=${AWS_TEMP_SECRET_ACCESS_KEY} -Dorg.mongodb.test.tmpAwsSessionToken=${AWS_TEMP_SESSION_TOKEN} \ - -Dorg.mongodb.test.azureTenantId=${AZURE_TENANT_ID} -Dorg.mongodb.test.azureClientId=${AZURE_CLIENT_ID} -Dorg.mongodb.test.azureClientSecret=${AZURE_CLIENT_SECRET} \ - -Dorg.mongodb.test.gcpEmail=${GCP_EMAIL} -Dorg.mongodb.test.gcpPrivateKey=${GCP_PRIVATE_KEY} \ ${MULTI_MONGOS_URI_SYSTEM_PROPERTY} ${API_VERSION} ${GRADLE_EXTRA_VARS} ${ASYNC_TYPE} \ - -Dorg.mongodb.test.crypt.shared.lib.path=${CRYPT_SHARED_LIB_PATH} \ ${JAVA_SYSPROP_NETTY_SSL_PROVIDER} \ + -Dorg.mongodb.test.fle.on.demand.credential.test.failure.enabled=true \ --stacktrace --info --continue test fi diff --git a/driver-core/src/test/functional/com/mongodb/ClusterFixture.java b/driver-core/src/test/functional/com/mongodb/ClusterFixture.java index 09bc55a1215..fe76ef68668 100644 --- a/driver-core/src/test/functional/com/mongodb/ClusterFixture.java +++ b/driver-core/src/test/functional/com/mongodb/ClusterFixture.java @@ -201,7 +201,7 @@ public static boolean hasEncryptionTestsEnabled() { List requiredSystemProperties = asList("awsAccessKeyId", "awsSecretAccessKey", "azureTenantId", "azureClientId", "azureClientSecret", "gcpEmail", "gcpPrivateKey", "tmpAwsAccessKeyId", "tmpAwsSecretAccessKey", "tmpAwsSessionToken"); return requiredSystemProperties.stream() - .map(name -> System.getProperty("org.mongodb.test." + name, "")) + .map(name -> getEnv("org.mongodb.test." + name, "")) .filter(s -> !s.isEmpty()) .count() == requiredSystemProperties.size(); } @@ -228,6 +228,16 @@ public void run() { } } + public static String getEnv(final String name, final String defaultValue) { + String value = getEnv(name); + return value == null ? defaultValue : value; + } + + @Nullable + public static String getEnv(final String name) { + return System.getenv(name); + } + public static boolean getOcspShouldSucceed() { return Integer.parseInt(System.getProperty(MONGODB_OCSP_SHOULD_SUCCEED)) == 1; } @@ -541,7 +551,7 @@ public static boolean isAuthenticated() { } public static boolean isClientSideEncryptionTest() { - return !System.getProperty("org.mongodb.test.awsAccessKeyId", "").isEmpty(); + return !getEnv("AWS_ACCESS_KEY_ID", "").isEmpty(); } public static boolean isAtlasSearchTest() { diff --git a/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientEncryptionDataKeyAndDoubleEncryptionTest.java b/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientEncryptionDataKeyAndDoubleEncryptionTest.java index 113316614de..2e212fb25c6 100644 --- a/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientEncryptionDataKeyAndDoubleEncryptionTest.java +++ b/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientEncryptionDataKeyAndDoubleEncryptionTest.java @@ -40,6 +40,7 @@ import java.util.HashMap; import java.util.Map; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.hasEncryptionTestsEnabled; import static com.mongodb.ClusterFixture.serverVersionAtLeast; import static com.mongodb.client.Fixture.getMongoClientSettingsBuilder; @@ -81,17 +82,17 @@ public void setUp() { // Step 2: Create encrypted client and client encryption Map> kmsProviders = new HashMap>() {{ put("aws", new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); put("azure", new HashMap() {{ - put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + put("tenantId", getEnv("AZURE_TENANT_ID")); + put("clientId", getEnv("AZURE_CLIENT_ID")); + put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); }}); put("gcp", new HashMap() {{ - put("email", System.getProperty("org.mongodb.test.gcpEmail")); - put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + put("email", getEnv("GCP_EMAIL")); + put("privateKey", getEnv("GCP_PRIVATE_KEY")); }}); put("local", new HashMap() {{ put("key", "Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBM" diff --git a/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientSideEncryptionBsonSizeLimitsSpecification.groovy b/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientSideEncryptionBsonSizeLimitsSpecification.groovy index 19a3b704524..c044e8e1f56 100644 --- a/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientSideEncryptionBsonSizeLimitsSpecification.groovy +++ b/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientSideEncryptionBsonSizeLimitsSpecification.groovy @@ -53,7 +53,7 @@ class ClientSideEncryptionBsonSizeLimitsSpecification extends FunctionalSpecific def setup() { assumeTrue(serverVersionAtLeast(4, 2)) assumeTrue('Key vault tests disabled', - !System.getProperty('org.mongodb.test.awsAccessKeyId', '').isEmpty()) + !System.getProperty('AWS_ACCESS_KEY_ID', '').isEmpty()) drop(keyVaultNamespace) drop(autoEncryptingCollectionNamespace) diff --git a/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientSideEncryptionCorpusTest.java b/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientSideEncryptionCorpusTest.java index 39240540f09..9a44252b938 100644 --- a/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientSideEncryptionCorpusTest.java +++ b/driver-reactive-streams/src/test/functional/com/mongodb/reactivestreams/client/ClientSideEncryptionCorpusTest.java @@ -48,6 +48,7 @@ import java.util.Map; import static com.mongodb.ClusterFixture.TIMEOUT_DURATION; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.hasEncryptionTestsEnabled; import static com.mongodb.ClusterFixture.serverVersionAtLeast; import static com.mongodb.reactivestreams.client.Fixture.getMongoClientBuilderFromConnectionString; @@ -109,20 +110,20 @@ public void setUp() throws IOException, URISyntaxException { // Step 4: Configure our objects Map> kmsProviders = new HashMap>() {{ put("aws", new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); put("azure", new HashMap() {{ - put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + put("tenantId", getEnv("AZURE_TENANT_ID")); + put("clientId", getEnv("AZURE_CLIENT_ID")); + put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); }}); put("gcp", new HashMap() {{ - put("email", System.getProperty("org.mongodb.test.gcpEmail")); - put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + put("email", getEnv("GCP_EMAIL")); + put("privateKey", getEnv("GCP_PRIVATE_KEY")); }}); put("kmip", new HashMap() {{ - put("endpoint", System.getProperty("org.mongodb.test.kmipEndpoint", "localhost:5698")); + put("endpoint", getEnv("org.mongodb.test.kmipEndpoint", "localhost:5698")); }}); put("local", new HashMap() {{ put("key", "Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBM" diff --git a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientEncryptionCustomEndpointTest.java b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientEncryptionCustomEndpointTest.java index 005bdce2b4e..9826c592190 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientEncryptionCustomEndpointTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientEncryptionCustomEndpointTest.java @@ -40,6 +40,7 @@ import java.util.List; import java.util.Map; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.hasEncryptionTestsEnabled; import static com.mongodb.ClusterFixture.serverVersionAtLeast; import static com.mongodb.client.Fixture.getMongoClientSettings; @@ -82,18 +83,18 @@ public void setUp() { Map> kmsProviders = new HashMap>() {{ put("aws", new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); put("azure", new HashMap() {{ - put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + put("tenantId", getEnv("AZURE_TENANT_ID")); + put("clientId", getEnv("AZURE_CLIENT_ID")); + put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); put("identityPlatformEndpoint", "login.microsoftonline.com:443"); }}); put("gcp", new HashMap() {{ - put("email", System.getProperty("org.mongodb.test.gcpEmail")); - put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + put("email", getEnv("GCP_EMAIL")); + put("privateKey", getEnv("GCP_PRIVATE_KEY")); put("endpoint", "oauth2.googleapis.com:443"); }}); put("kmip", new HashMap() {{ @@ -108,14 +109,14 @@ public void setUp() { Map> invalidKmsProviders = new HashMap>() {{ put("azure", new HashMap() {{ - put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + put("tenantId", getEnv("AZURE_TENANT_ID")); + put("clientId", getEnv("AZURE_CLIENT_ID")); + put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); put("identityPlatformEndpoint", "doesnotexist.invalid:443"); }}); put("gcp", new HashMap() {{ - put("email", System.getProperty("org.mongodb.test.gcpEmail")); - put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + put("email", getEnv("GCP_EMAIL")); + put("privateKey", getEnv("GCP_PRIVATE_KEY")); put("endpoint", "doesnotexist.invalid:443"); }}); put("kmip", new HashMap() {{ diff --git a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientEncryptionRewrapManyDataKeyProseTest.java b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientEncryptionRewrapManyDataKeyProseTest.java index ae4c2393366..5d95580399e 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientEncryptionRewrapManyDataKeyProseTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientEncryptionRewrapManyDataKeyProseTest.java @@ -42,6 +42,7 @@ import java.util.Map; import java.util.Set; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.hasEncryptionTestsEnabled; import static com.mongodb.ClusterFixture.serverVersionAtLeast; import static com.mongodb.client.Fixture.getMongoClient; @@ -77,18 +78,18 @@ public abstract class AbstractClientEncryptionRewrapManyDataKeyProseTest { private static final Map> KMS_PROVIDERS = new HashMap>() {{ put("aws", new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); put("azure", new HashMap() {{ - put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + put("tenantId", getEnv("AZURE_TENANT_ID")); + put("clientId", getEnv("AZURE_CLIENT_ID")); + put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); put("identityPlatformEndpoint", "login.microsoftonline.com:443"); }}); put("gcp", new HashMap() {{ - put("email", System.getProperty("org.mongodb.test.gcpEmail")); - put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + put("email", getEnv("GCP_EMAIL")); + put("privateKey", getEnv("GCP_PRIVATE_KEY")); put("endpoint", "oauth2.googleapis.com:443"); }}); put("kmip", new HashMap() {{ diff --git a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionAutoDataKeysTest.java b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionAutoDataKeysTest.java index ae9f0f313c5..8e71e712284 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionAutoDataKeysTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionAutoDataKeysTest.java @@ -46,6 +46,7 @@ import java.util.function.Supplier; import java.util.stream.Stream; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.isServerlessTest; import static com.mongodb.ClusterFixture.isStandalone; import static com.mongodb.ClusterFixture.serverVersionAtLeast; @@ -204,8 +205,8 @@ private enum KmsProvider { ), AWS("aws", kmsProviderProperties -> { - kmsProviderProperties.put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - kmsProviderProperties.put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + kmsProviderProperties.put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + kmsProviderProperties.put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }, createEncryptedCollectionParams -> createEncryptedCollectionParams.masterKey(BsonDocument.parse( "{" @@ -219,7 +220,7 @@ private enum KmsProvider { private final Supplier createEncryptedCollectionParamsSupplier; private static Set detect() { - String awsAccessKeyId = System.getProperty("org.mongodb.test.awsAccessKeyId"); + String awsAccessKeyId = getEnv("AWS_ACCESS_KEY_ID"); return awsAccessKeyId != null && !awsAccessKeyId.isEmpty() ? EnumSet.allOf(KmsProvider.class) : EnumSet.of(KmsProvider.LOCAL); diff --git a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionAwsCredentialFromEnvironmentTest.java b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionAwsCredentialFromEnvironmentTest.java index 308cb1f8959..51a80e7739d 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionAwsCredentialFromEnvironmentTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionAwsCredentialFromEnvironmentTest.java @@ -39,6 +39,7 @@ import java.util.function.Supplier; import java.util.stream.Stream; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.isClientSideEncryptionTest; import static com.mongodb.ClusterFixture.serverVersionAtLeast; import static com.mongodb.client.Fixture.getMongoClientSettingsBuilder; @@ -108,8 +109,8 @@ public void testGetCredentialsFromSupplier() { Map>> kmsProviderPropertySuppliers = new HashMap>>() {{ put("aws", () -> new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); }}; @@ -199,8 +200,8 @@ public void shouldIgnoreSupplierIfKmsProviderMapValueIsNotEmpty() { Map> kmsProviders = new HashMap>() {{ put("aws", new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); }}; diff --git a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionKmsTlsTest.java b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionKmsTlsTest.java index 932af13d173..da400a206c2 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionKmsTlsTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionKmsTlsTest.java @@ -36,6 +36,7 @@ import java.util.HashMap; import java.util.Map; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.hasEncryptionTestsEnabled; import static com.mongodb.ClusterFixture.serverVersionAtLeast; import static com.mongodb.client.Fixture.getMongoClientSettings; @@ -156,18 +157,18 @@ public void testThatCustomSslContextIsUsed() { private HashMap> getKmsProviders() { return new HashMap>() {{ put("aws", new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); put("azure", new HashMap() {{ - put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + put("tenantId", getEnv("AZURE_TENANT_ID")); + put("clientId", getEnv("AZURE_CLIENT_ID")); + put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); put("identityPlatformEndpoint", "login.microsoftonline.com:443"); }}); put("gcp", new HashMap() {{ - put("email", System.getProperty("org.mongodb.test.gcpEmail")); - put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + put("email", getEnv("GCP_EMAIL")); + put("privateKey", getEnv("GCP_PRIVATE_KEY")); put("endpoint", "oauth2.googleapis.com:443"); }}); put("kmip", new HashMap() {{ diff --git a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionOnDemandCredentialsTest.java b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionOnDemandCredentialsTest.java index e0260bac12d..1eaaa3accae 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionOnDemandCredentialsTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionOnDemandCredentialsTest.java @@ -30,6 +30,7 @@ import java.util.HashMap; import java.util.Map; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.assertions.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.assertThrows; @@ -40,7 +41,7 @@ public abstract class AbstractClientSideEncryptionOnDemandCredentialsTest { @Test @EnabledIfSystemProperty(named = "org.mongodb.test.fle.on.demand.credential.test.success.enabled", matches = "true") public void testSuccess() { - String kmsProvider = System.getProperty("org.mongodb.test.fle.on.demand.credential.provider"); + String kmsProvider = getEnv("PROVIDER"); try (ClientEncryption clientEncryption = initClientEncryption(kmsProvider)) { clientEncryption.createDataKey(kmsProvider, getDataKeyOptions(kmsProvider)); } @@ -85,8 +86,8 @@ private DataKeyOptions getDataKeyOptions(final String kmsProvider) { return new DataKeyOptions().masterKey(BsonDocument.parse( "{projectId: \"devprod-drivers\", location: \"global\", keyRing: \"key-ring-csfle\", keyName: \"key-name-csfle\"}")); case "azure": - String keyVaultEndpoint = System.getProperty("org.mongodb.test.fle.on.demand.credential.test.azure.keyVaultEndpoint"); - String keyName = System.getProperty("org.mongodb.test.fle.on.demand.credential.test.azure.keyName"); + String keyVaultEndpoint = getEnv("AZUREKMS_KEY_VAULT_ENDPOINT"); + String keyName = getEnv("AZUREKMS_KEY_NAME"); return new DataKeyOptions().masterKey(new BsonDocument() .append("keyVaultEndpoint", new BsonString(keyVaultEndpoint)) .append("keyName", new BsonString(keyName))); diff --git a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionTest.java b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionTest.java index 9c14640cb4b..64f9568e4ed 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/AbstractClientSideEncryptionTest.java @@ -51,6 +51,7 @@ import java.util.Map; import java.util.Optional; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.hasEncryptionTestsEnabled; import static com.mongodb.JsonTestServerVersionChecker.skipTest; import static com.mongodb.client.CommandMonitoringTestHelper.assertEventsEquality; @@ -221,29 +222,29 @@ public void setUp() { kmsProvidersMap.put(kmsProviderKey.startsWith("aws") ? "aws" : kmsProviderKey, kmsProviderMap); switch (kmsProviderKey) { case "aws": - kmsProviderMap.put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - kmsProviderMap.put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + kmsProviderMap.put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + kmsProviderMap.put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); break; case "awsTemporary": - kmsProviderMap.put("accessKeyId", System.getProperty("org.mongodb.test.tmpAwsAccessKeyId")); - kmsProviderMap.put("secretAccessKey", System.getProperty("org.mongodb.test.tmpAwsSecretAccessKey")); - kmsProviderMap.put("sessionToken", System.getProperty("org.mongodb.test.tmpAwsSessionToken")); + kmsProviderMap.put("accessKeyId", getEnv("AWS_TEMP_ACCESS_KEY_ID")); + kmsProviderMap.put("secretAccessKey", getEnv("AWS_TEMP_SECRET_ACCESS_KEY")); + kmsProviderMap.put("sessionToken", getEnv("AWS_TEMP_SESSION_TOKEN")); break; case "awsTemporaryNoSessionToken": - kmsProviderMap.put("accessKeyId", System.getProperty("org.mongodb.test.tmpAwsAccessKeyId")); - kmsProviderMap.put("secretAccessKey", System.getProperty("org.mongodb.test.tmpAwsSecretAccessKey")); + kmsProviderMap.put("accessKeyId", getEnv("AWS_TEMP_ACCESS_KEY_ID")); + kmsProviderMap.put("secretAccessKey", getEnv("AWS_TEMP_SECRET_ACCESS_KEY")); break; case "azure": - kmsProviderMap.put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - kmsProviderMap.put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - kmsProviderMap.put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + kmsProviderMap.put("tenantId", getEnv("AZURE_TENANT_ID")); + kmsProviderMap.put("clientId", getEnv("AZURE_CLIENT_ID")); + kmsProviderMap.put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); break; case "gcp": - kmsProviderMap.put("email", System.getProperty("org.mongodb.test.gcpEmail")); - kmsProviderMap.put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + kmsProviderMap.put("email", getEnv("GCP_EMAIL")); + kmsProviderMap.put("privateKey", getEnv("GCP_PRIVATE_KEY")); break; case "kmip": - kmsProviderMap.put("endpoint", System.getProperty("org.mongodb.test.kmipEndpoint", "localhost:5698")); + kmsProviderMap.put("endpoint", getEnv("org.mongodb.test.kmipEndpoint", "localhost:5698")); break; case "local": kmsProviderMap.put("key", kmsProviderOptions.getBinary("key").getData()); @@ -384,7 +385,7 @@ public static Collection data() throws URISyntaxException, IOException } static Optional cryptSharedLibPathSysPropValue() { - String value = System.getProperty("org.mongodb.test.crypt.shared.lib.path", ""); + String value = getEnv("CRYPT_SHARED_LIB_PATH", ""); return value.isEmpty() ? Optional.empty() : Optional.of(value); } } diff --git a/driver-sync/src/test/functional/com/mongodb/client/ClientEncryptionDataKeyAndDoubleEncryptionTest.java b/driver-sync/src/test/functional/com/mongodb/client/ClientEncryptionDataKeyAndDoubleEncryptionTest.java index 58c932ba885..e4d81a9b0d8 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/ClientEncryptionDataKeyAndDoubleEncryptionTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/ClientEncryptionDataKeyAndDoubleEncryptionTest.java @@ -39,6 +39,7 @@ import java.util.HashMap; import java.util.Map; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.hasEncryptionTestsEnabled; import static com.mongodb.ClusterFixture.serverVersionAtLeast; import static com.mongodb.client.Fixture.getMongoClientSettingsBuilder; @@ -81,17 +82,17 @@ public void setUp() { // Step 2: Create encrypted client and client encryption Map> kmsProviders = new HashMap>() {{ put("aws", new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); put("azure", new HashMap() {{ - put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + put("tenantId", getEnv("AZURE_TENANT_ID")); + put("clientId", getEnv("AZURE_CLIENT_ID")); + put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); }}); put("gcp", new HashMap() {{ - put("email", System.getProperty("org.mongodb.test.gcpEmail")); - put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + put("email", getEnv("GCP_EMAIL")); + put("privateKey", getEnv("GCP_PRIVATE_KEY")); }}); put("local", new HashMap() {{ put("key", "Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBM" diff --git a/driver-sync/src/test/functional/com/mongodb/client/ClientSideEncryptionCorpusTest.java b/driver-sync/src/test/functional/com/mongodb/client/ClientSideEncryptionCorpusTest.java index 17b68a87ccb..4570540c7e1 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/ClientSideEncryptionCorpusTest.java +++ b/driver-sync/src/test/functional/com/mongodb/client/ClientSideEncryptionCorpusTest.java @@ -45,6 +45,7 @@ import java.util.HashMap; import java.util.Map; +import static com.mongodb.ClusterFixture.getEnv; import static com.mongodb.ClusterFixture.hasEncryptionTestsEnabled; import static com.mongodb.ClusterFixture.serverVersionAtLeast; import static com.mongodb.client.Fixture.getMongoClientSettings; @@ -103,20 +104,20 @@ public void setUp() throws IOException, URISyntaxException { // Step 4: Configure our objects Map> kmsProviders = new HashMap>() {{ put("aws", new HashMap() {{ - put("accessKeyId", System.getProperty("org.mongodb.test.awsAccessKeyId")); - put("secretAccessKey", System.getProperty("org.mongodb.test.awsSecretAccessKey")); + put("accessKeyId", getEnv("AWS_ACCESS_KEY_ID")); + put("secretAccessKey", getEnv("AWS_SECRET_ACCESS_KEY")); }}); put("azure", new HashMap() {{ - put("tenantId", System.getProperty("org.mongodb.test.azureTenantId")); - put("clientId", System.getProperty("org.mongodb.test.azureClientId")); - put("clientSecret", System.getProperty("org.mongodb.test.azureClientSecret")); + put("tenantId", getEnv("AZURE_TENANT_ID")); + put("clientId", getEnv("AZURE_CLIENT_ID")); + put("clientSecret", getEnv("AZURE_CLIENT_SECRET")); }}); put("gcp", new HashMap() {{ - put("email", System.getProperty("org.mongodb.test.gcpEmail")); - put("privateKey", System.getProperty("org.mongodb.test.gcpPrivateKey")); + put("email", getEnv("GCP_EMAIL")); + put("privateKey", getEnv("GCP_PRIVATE_KEY")); }}); put("kmip", new HashMap() {{ - put("endpoint", System.getProperty("org.mongodb.test.kmipEndpoint", "localhost:5698")); + put("endpoint", getEnv("org.mongodb.test.kmipEndpoint", "localhost:5698")); }}); put("local", new HashMap() {{ put("key", "Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBM" diff --git a/driver-sync/src/test/functional/com/mongodb/client/ClientSideEncryptionExternalKeyVaultSpecification.groovy b/driver-sync/src/test/functional/com/mongodb/client/ClientSideEncryptionExternalKeyVaultSpecification.groovy index da7086dc91e..3f59638e562 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/ClientSideEncryptionExternalKeyVaultSpecification.groovy +++ b/driver-sync/src/test/functional/com/mongodb/client/ClientSideEncryptionExternalKeyVaultSpecification.groovy @@ -59,16 +59,16 @@ class ClientSideEncryptionExternalKeyVaultSpecification extends FunctionalSpecif def setup() { assumeTrue(serverVersionAtLeast(4, 2)) assumeTrue('Key vault tests disabled', - System.getProperty('org.mongodb.test.awsAccessKeyId') != null - && !System.getProperty('org.mongodb.test.awsAccessKeyId').isEmpty()) + System.getProperty('AWS_ACCESS_KEY_ID') != null + && !System.getProperty('AWS_ACCESS_KEY_ID').isEmpty()) dataKeyCollection.drop() dataCollection.drop() def providerProperties = ['local': ['key': Base64.getDecoder().decode('Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN' + '3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk')], - 'aws' : ['accessKeyId' : System.getProperty('org.mongodb.test.awsAccessKeyId'), - 'secretAccessKey': System.getProperty('org.mongodb.test.awsSecretAccessKey')] + 'aws' : ['accessKeyId' : System.getProperty('AWS_ACCESS_KEY_ID'), + 'secretAccessKey': System.getProperty('AWS_SECRET_ACCESS_KEY')] ] autoEncryptingClient = MongoClients.create(getMongoClientSettingsBuilder() diff --git a/driver-sync/src/test/functional/com/mongodb/client/unified/UnifiedClientEncryptionHelper.java b/driver-sync/src/test/functional/com/mongodb/client/unified/UnifiedClientEncryptionHelper.java index 0ed5f2f1dda..d7ac0450844 100644 --- a/driver-sync/src/test/functional/com/mongodb/client/unified/UnifiedClientEncryptionHelper.java +++ b/driver-sync/src/test/functional/com/mongodb/client/unified/UnifiedClientEncryptionHelper.java @@ -34,6 +34,7 @@ import java.util.Map; import java.util.function.Supplier; +import static com.mongodb.ClusterFixture.getEnv; import static java.lang.Math.toIntExact; public final class UnifiedClientEncryptionHelper { @@ -59,30 +60,30 @@ static Map> createKmsProvidersMap(final BsonDocument Map kmsProviderMap = new HashMap<>(); switch (kmsProviderKey) { case "aws": - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "accessKeyId", "org.mongodb.test.awsAccessKeyId"); - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "secretAccessKey", "org.mongodb.test.awsSecretAccessKey"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "accessKeyId", "AWS_ACCESS_KEY_ID"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "secretAccessKey", "AWS_SECRET_ACCESS_KEY"); break; case "awsTemporary": - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "accessKeyId", "org.mongodb.test.tmpAwsAccessKeyId"); - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "secretAccessKey", "org.mongodb.test.tmpAwsSecretAccessKey"); - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "sessionToken", "org.mongodb.test.tmpAwsSessionToken"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "accessKeyId", "AWS_TEMP_ACCESS_KEY_ID"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "secretAccessKey", "AWS_TEMP_SECRET_ACCESS_KEY"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "sessionToken", "AWS_TEMP_SESSION_TOKEN"); break; case "awsTemporaryNoSessionToken": - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "accessKeyId", "org.mongodb.test.tmpAwsAccessKeyId"); - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "secretAccessKey", "org.mongodb.test.tmpAwsSecretAccessKey"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "accessKeyId", "AWS_TEMP_ACCESS_KEY_ID"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "secretAccessKey", "AWS_TEMP_SECRET_ACCESS_KEY"); break; case "azure": - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "tenantId", "org.mongodb.test.azureTenantId"); - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "clientId", "org.mongodb.test.azureClientId"); - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "clientSecret", "org.mongodb.test.azureClientSecret"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "tenantId", "AZURE_TENANT_ID"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "clientId", "AZURE_CLIENT_ID"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "clientSecret", "AZURE_CLIENT_SECRET"); break; case "gcp": - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "email", "org.mongodb.test.gcpEmail"); - setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "privateKey", "org.mongodb.test.gcpPrivateKey"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "email", "GCP_EMAIL"); + setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "privateKey", "GCP_PRIVATE_KEY"); break; case "kmip": setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "endpoint", () -> - System.getProperty("org.mongodb.test.kmipEndpoint", "localhost:5698")); + getEnv("org.mongodb.test.kmipEndpoint", "localhost:5698")); break; case "local": setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, "key", UnifiedClientEncryptionHelper::localKmsProviderKey); @@ -104,8 +105,8 @@ public static byte[] localKmsProviderKey() { private static void setKmsProviderProperty(final Map kmsProviderMap, final BsonDocument kmsProviderOptions, final String key, final String propertyName) { setKmsProviderProperty(kmsProviderMap, kmsProviderOptions, key, () -> { - if (System.getProperties().containsKey(propertyName)) { - return System.getProperty(propertyName); + if (getEnv(propertyName) != null) { + return getEnv(propertyName); } throw new UnsupportedOperationException("Missing system property for: " + key); });