.evergreen/config/common.yml.erb
# When a task that used to pass starts to fail, go through all versions that
# may have been skipped to detect when the task started failing.
stepback: true
# Fail builds when pre tasks fail.
pre_error_fails_task: true
# Mark a failure as a system/bootstrap failure (purple box) rather then a task
# failure by default.
# Actual testing tasks are marked with `type: test`
command_type: system
# Protect ourself against rogue test case, or curl gone wild, that runs forever.
exec_timeout_secs: 3600
# What to do when evergreen hits the timeout (`post:` tasks are run automatically)
timeout:
- command: shell.exec
params:
script: |
true
functions:
"fetch source":
# Executes git clone and applies the submitted patch, if any
- command: git.get_project
params:
directory: "src"
- command: shell.exec
params:
working_dir: "src"
script: |
set -ex
git submodule update --init --recursive
"create expansions":
# Make an evergreen expansion file with dynamic values
- command: shell.exec
params:
working_dir: "src"
script: |
# Get the current unique version of this checkout
if [ "${is_patch}" = "true" ]; then
CURRENT_VERSION=$(git describe)-patch-${version_id}
else
CURRENT_VERSION=latest
fi
export DRIVERS_TOOLS="$(pwd)/.mod/drivers-evergreen-tools"
# Python has cygwin path problems on Windows. Detect prospective mongo-orchestration home directory
if [ "Windows_NT" = "$OS" ]; then # Magic variable in cygwin
export DRIVERS_TOOLS=$(cygpath -m $DRIVERS_TOOLS)
fi
export MONGO_ORCHESTRATION_HOME="$DRIVERS_TOOLS/.evergreen/orchestration"
export MONGODB_BINARIES="$DRIVERS_TOOLS/mongodb/bin"
export UPLOAD_BUCKET="${project}"
export PROJECT_DIRECTORY="$(pwd)"
cat <<EOT > expansion.yml
CURRENT_VERSION: "$CURRENT_VERSION"
DRIVERS_TOOLS: "$DRIVERS_TOOLS"
MONGO_ORCHESTRATION_HOME: "$MONGO_ORCHESTRATION_HOME"
MONGODB_BINARIES: "$MONGODB_BINARIES"
UPLOAD_BUCKET: "$UPLOAD_BUCKET"
PROJECT_DIRECTORY: "$PROJECT_DIRECTORY"
PREPARE_SHELL: |
set -o errexit
#set -o xtrace
export DRIVERS_TOOLS="$DRIVERS_TOOLS"
export MONGO_ORCHESTRATION_HOME="$MONGO_ORCHESTRATION_HOME"
export MONGODB_BINARIES="$MONGODB_BINARIES"
export UPLOAD_BUCKET="$UPLOAD_BUCKET"
export PROJECT_DIRECTORY="$PROJECT_DIRECTORY"
# TMPDIR cannot be too long, see
# https://github.com/broadinstitute/cromwell/issues/3647.
# Why is it even set at all?
#export TMPDIR="$MONGO_ORCHESTRATION_HOME/db"
export PATH="$MONGODB_BINARIES:$PATH"
export PROJECT="${project}"
export AUTH=${AUTH}
export SSL=${SSL}
export TOPOLOGY=${TOPOLOGY}
export COMPRESSOR=${COMPRESSOR}
export RVM_RUBY="${RVM_RUBY}"
export MONGODB_VERSION=${MONGODB_VERSION}
export CRYPT_SHARED_VERSION=${CRYPT_SHARED_VERSION}
export FCV=${FCV}
export MONGO_RUBY_DRIVER_LINT=${LINT}
export RETRY_READS=${RETRY_READS}
export RETRY_WRITES=${RETRY_WRITES}
export WITH_ACTIVE_SUPPORT="${WITH_ACTIVE_SUPPORT}"
export SINGLE_MONGOS="${SINGLE_MONGOS}"
export BSON="${BSON}"
export MMAPV1="${MMAPV1}"
export FLE="${FLE}"
export FORK="${FORK}"
export SOLO="${SOLO}"
export EXTRA_URI_OPTIONS="${EXTRA_URI_OPTIONS}"
export API_VERSION_REQUIRED="${API_VERSION_REQUIRED}"
export DOCKER_DISTRO="${DOCKER_DISTRO}"
export STRESS="${STRESS}"
export OCSP_ALGORITHM="${OCSP_ALGORITHM}"
export OCSP_STATUS="${OCSP_STATUS}"
export OCSP_DELEGATE="${OCSP_DELEGATE}"
export OCSP_MUST_STAPLE="${OCSP_MUST_STAPLE}"
export OCSP_CONNECTIVITY="${OCSP_CONNECTIVITY}"
export OCSP_VERIFIER="${OCSP_VERIFIER}"
export ATLAS_REPLICA_SET_URI="${atlas_replica_set_uri}"
export ATLAS_SHARDED_URI="${atlas_sharded_uri}"
export ATLAS_FREE_TIER_URI="${atlas_free_tier_uri}"
export ATLAS_TLS11_URI="${atlas_tls11_uri}"
export ATLAS_TLS12_URI="${atlas_tls12_uri}"
export ATLAS_SERVERLESS_URI="${atlas_serverless_uri}"
export ATLAS_SERVERLESS_LB_URI="${atlas_serverless_lb_uri}"
export RVM_RUBY="${RVM_RUBY}"
export SERVERLESS_ATLAS_USER="${SERVERLESS_ATLAS_USER}"
export SERVERLESS_ATLAS_PASSWORD="${SERVERLESS_ATLAS_PASSWORD}"
EOT
# See what we've done
cat expansion.yml
# Load the expansion file to make an evergreen variable with the current
# unique version
- command: expansions.update
params:
file: src/expansion.yml
"export AWS auth credentials":
- command: shell.exec
type: test
params:
silent: true
working_dir: "src"
script: |
cat <<EOT > .env.private
IAM_AUTH_ASSUME_AWS_ACCOUNT="${iam_auth_assume_aws_account}"
IAM_AUTH_ASSUME_AWS_SECRET_ACCESS_KEY="${iam_auth_assume_aws_secret_access_key}"
IAM_AUTH_ASSUME_ROLE_NAME="${iam_auth_assume_role_name}"
IAM_AUTH_EC2_INSTANCE_ACCOUNT="${iam_auth_ec2_instance_account}"
IAM_AUTH_EC2_INSTANCE_PROFILE="${iam_auth_ec2_instance_profile}"
IAM_AUTH_EC2_INSTANCE_SECRET_ACCESS_KEY="${iam_auth_ec2_instance_secret_access_key}"
IAM_AUTH_ECS_ACCOUNT="${iam_auth_ecs_account}"
IAM_AUTH_ECS_ACCOUNT_ARN="${iam_auth_ecs_account_arn}"
IAM_AUTH_ECS_CLUSTER="${iam_auth_ecs_cluster}"
IAM_AUTH_ECS_SECRET_ACCESS_KEY="${iam_auth_ecs_secret_access_key}"
IAM_AUTH_ECS_SECURITY_GROUP="${iam_auth_ecs_security_group}"
IAM_AUTH_ECS_SUBNET_A="${iam_auth_ecs_subnet_a}"
IAM_AUTH_ECS_SUBNET_B="${iam_auth_ecs_subnet_b}"
IAM_AUTH_ECS_TASK_DEFINITION="${iam_auth_ecs_task_definition_ubuntu2004}"
IAM_WEB_IDENTITY_ISSUER="${iam_web_identity_issuer}"
IAM_WEB_IDENTITY_JWKS_URI="${iam_web_identity_jwks_uri}"
IAM_WEB_IDENTITY_RSA_KEY="${iam_web_identity_rsa_key}"
IAM_WEB_IDENTITY_TOKEN_FILE="${iam_web_identity_token_file}"
IAM_AUTH_ASSUME_WEB_ROLE_NAME="${iam_auth_assume_web_role_name}"
EOT
"export FLE credentials":
- command: shell.exec
type: test
params:
silent: true
working_dir: "src"
script: |
cat <<EOT > .env.private
MONGO_RUBY_DRIVER_AWS_KEY="${fle_aws_key}"
MONGO_RUBY_DRIVER_AWS_SECRET="${fle_aws_secret}"
MONGO_RUBY_DRIVER_AWS_REGION="${fle_aws_region}"
MONGO_RUBY_DRIVER_AWS_ARN="${fle_aws_arn}"
MONGO_RUBY_DRIVER_AZURE_TENANT_ID="${fle_azure_tenant_id}"
MONGO_RUBY_DRIVER_AZURE_CLIENT_ID="${fle_azure_client_id}"
MONGO_RUBY_DRIVER_AZURE_CLIENT_SECRET="${fle_azure_client_secret}"
MONGO_RUBY_DRIVER_AZURE_IDENTITY_PLATFORM_ENDPOINT="${fle_azure_identity_platform_endpoint}"
MONGO_RUBY_DRIVER_AZURE_KEY_VAULT_ENDPOINT="${fle_azure_key_vault_endpoint}"
MONGO_RUBY_DRIVER_AZURE_KEY_NAME="${fle_azure_key_name}"
MONGO_RUBY_DRIVER_GCP_EMAIL="${fle_gcp_email}"
MONGO_RUBY_DRIVER_GCP_PRIVATE_KEY="${fle_gcp_private_key}"
MONGO_RUBY_DRIVER_GCP_PROJECT_ID="${fle_gcp_project_id}"
MONGO_RUBY_DRIVER_GCP_LOCATION="${fle_gcp_location}"
MONGO_RUBY_DRIVER_GCP_KEY_RING="${fle_gcp_key_ring}"
MONGO_RUBY_DRIVER_GCP_KEY_NAME="${fle_gcp_key_name}"
MONGO_RUBY_DRIVER_MONGOCRYPTD_PORT="${fle_mongocryptd_port}"
EOT
"export Kerberos credentials":
- command: shell.exec
type: test
params:
silent: true
working_dir: "src"
script: |
cat <<EOT > .env.private
SASL_HOST=${sasl_host}
SASL_PORT=${sasl_port}
SASL_USER=${sasl_user}
SASL_PASS=${sasl_pass}
SASL_DB=${sasl_db}
PRINCIPAL=${principal}
KERBEROS_DB=${kerberos_db}
KEYTAB_BASE64=${keytab_base64}
EOT
"exec script" :
- command: shell.exec
type: test
params:
working_dir: "src"
script: |
${PREPARE_SHELL}
sh ${PROJECT_DIRECTORY}/${file}
"upload mo artifacts":
- command: shell.exec
params:
script: |
${PREPARE_SHELL}
find $MONGO_ORCHESTRATION_HOME -name \*.log\* | xargs tar czf mongodb-logs.tar.gz
- command: s3.put
params:
aws_key: ${aws_key}
aws_secret: ${aws_secret}
local_file: mongodb-logs.tar.gz
remote_file: ${UPLOAD_BUCKET}/${build_variant}/${revision}/${version_id}/${build_id}/logs/${task_id}-${execution}-mongodb-logs.tar.gz
bucket: mciuploads
permissions: public-read
content_type: ${content_type|application/x-gzip}
display_name: "mongodb-logs.tar.gz"
"upload working dir":
- command: archive.targz_pack
params:
target: "working-dir.tar.gz"
source_dir: ${PROJECT_DIRECTORY}/
include:
- "./**"
- command: s3.put
params:
aws_key: ${aws_key}
aws_secret: ${aws_secret}
local_file: working-dir.tar.gz
remote_file: ${UPLOAD_BUCKET}/${build_variant}/${revision}/${version_id}/${build_id}/artifacts/${task_id}-${execution}-working-dir.tar.gz
bucket: mciuploads
permissions: public-read
content_type: ${content_type|application/x-gzip}
display_name: "working-dir.tar.gz"
- command: archive.targz_pack
params:
target: "drivers-dir.tar.gz"
source_dir: ${DRIVERS_TOOLS}
include:
- "./**"
- command: s3.put
params:
aws_key: ${aws_key}
aws_secret: ${aws_secret}
local_file: drivers-dir.tar.gz
remote_file: ${UPLOAD_BUCKET}/${build_variant}/${revision}/${version_id}/${build_id}/artifacts/${task_id}-${execution}-drivers-dir.tar.gz
bucket: mciuploads
permissions: public-read
content_type: ${content_type|application/x-gzip}
display_name: "drivers-dir.tar.gz"
"upload test results to s3":
- command: s3.put
params:
aws_key: ${aws_key}
aws_secret: ${aws_secret}
# src is the relative path to repo checkout,
# This is specified in this yaml file earlier.
local_file: ./src/tmp/rspec.json
display_name: rspec.json
remote_file: ${UPLOAD_BUCKET}/${version_id}/${build_id}/artifacts/${build_variant}/rspec.json
content_type: application/json
permissions: public-read
bucket: mciuploads
# AWS does not appear to support on-the-fly gzip encoding; compress
# the results manually and upload a compressed file.
# Typical size reduction: 50 MB -> 800 KB
- command: shell.exec
params:
script: |
gzip <src/tmp/rspec.json >src/tmp/rspec.json.gz
- command: s3.put
params:
aws_key: ${aws_key}
aws_secret: ${aws_secret}
# src is the relative path to repo checkout,
# This is specified in this yaml file earlier.
local_file: ./src/tmp/rspec.json.gz
display_name: rspec.json.gz
remote_file: ${UPLOAD_BUCKET}/${version_id}/${build_id}/artifacts/${build_variant}/rspec.json.gz
content_type: application/gzip
permissions: public-read
bucket: mciuploads
- command: shell.exec
params:
script: |
xz -9 <src/tmp/rspec.json >src/tmp/rspec.json.xz
- command: s3.put
params:
aws_key: ${aws_key}
aws_secret: ${aws_secret}
# src is the relative path to repo checkout,
# This is specified in this yaml file earlier.
local_file: ./src/tmp/rspec.json.xz
display_name: rspec.json.xz
remote_file: ${UPLOAD_BUCKET}/${version_id}/${build_id}/artifacts/${build_variant}/rspec.json.xz
content_type: application/x-xz
permissions: public-read
bucket: mciuploads
"upload test results":
- command: attach.xunit_results
params:
file: ./src/tmp/rspec.xml
"delete private environment":
- command: shell.exec
type: test
params:
silent: true
working_dir: "src"
script: |
rm -f .env.private
"build and test docker image":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
set -x
.evergreen/test-on-docker -d ${os} MONGODB_VERSION=${mongodb-version} TOPOLOGY=${topology} RVM_RUBY=${ruby} -s .evergreen/run-tests.sh TEST_CMD=true ${PRELOAD_ARG}
"run benchmarks":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
TEST_CMD="bundle exec rake driver_bench" PERFORMANCE_RESULTS_FILE="$PROJECT_DIRECTORY/perf.json" .evergreen/run-tests.sh
- command: perf.send
params:
file: "${PROJECT_DIRECTORY}/perf.json"
"run tests":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
# Needed for generating temporary aws credentials.
if [ -n "${FLE}" ];
then
export AWS_ACCESS_KEY_ID="${fle_aws_key}"
export AWS_SECRET_ACCESS_KEY="${fle_aws_secret}"
export AWS_DEFAULT_REGION="${fle_aws_region}"
fi
.evergreen/run-tests.sh
"run tests via docker":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
# Needed for generating temporary aws credentials.
if [ -n "${FLE}" ];
then
export AWS_ACCESS_KEY_ID="${fle_aws_key}"
export AWS_SECRET_ACCESS_KEY="${fle_aws_secret}"
export AWS_DEFAULT_REGION="${fle_aws_region}"
fi
.evergreen/run-tests-docker.sh
"run AWS auth tests":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
.evergreen/run-tests-aws-auth.sh
"run Kerberos unit tests":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
.evergreen/run-tests-kerberos-unit.sh
"run Kerberos integration tests":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
.evergreen/run-tests-kerberos-integration.sh
"run Atlas tests":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
AUTH=${AUTH} SSL=${SSL} TOPOLOGY=${TOPOLOGY} RVM_RUBY="${RVM_RUBY}" ATLAS_REPLICA_SET_URI=${atlas_replica_set_uri} ATLAS_SHARDED_URI=${atlas_sharded_uri} ATLAS_FREE_TIER_URI=${atlas_free_tier_uri} ATLAS_TLS11_URI=${atlas_tls11_uri} ATLAS_TLS12_URI=${atlas_tls12_uri} ATLAS_SERVERLESS_URI=${atlas_serverless_uri} ATLAS_SERVERLESS_LB_URI=${atlas_serverless_lb_uri} .evergreen/run-tests-atlas.sh
"run serverless tests":
- command: shell.exec
type: test
params:
shell: bash
working_dir: "src"
script: |
${PREPARE_SHELL}
# Needed for generating temporary aws credentials.
if [ -n "${FLE}" ];
then
export AWS_ACCESS_KEY_ID="${fle_aws_key}"
export AWS_SECRET_ACCESS_KEY="${fle_aws_secret}"
export AWS_DEFAULT_REGION="${fle_aws_region}"
fi
CRYPT_SHARED_LIB_PATH="${CRYPT_SHARED_LIB_PATH}" SERVERLESS=1 SSL=ssl RVM_RUBY="${RVM_RUBY}" SINGLE_MONGOS="${SINGLE_MONGOS}" SERVERLESS_URI="${SERVERLESS_URI}" FLE="${FLE}" SERVERLESS_MONGODB_VERSION="${SERVERLESS_MONGODB_VERSION}" .evergreen/run-tests-serverless.sh
pre:
- func: "fetch source"
- func: "create expansions"
post:
- func: "delete private environment"
# Removed, causing timeouts
# - func: "upload working dir"
- func: "upload mo artifacts"
#- func: "upload test results"
- func: "upload test results to s3"
task_groups:
- name: serverless_task_group
setup_group_can_fail_task: true
setup_group_timeout_secs: 1800 # 30 minutes
setup_group:
- func: "fetch source"
- func: "create expansions"
- command: ec2.assume_role
params:
role_arn: ${aws_test_secrets_role}
- command: shell.exec
params:
shell: "bash"
script: |
${PREPARE_SHELL}
bash ${DRIVERS_TOOLS}/.evergreen/serverless/setup-secrets.sh
bash ${DRIVERS_TOOLS}/.evergreen/serverless/create-instance.sh
- command: expansions.update
params:
file: serverless-expansion.yml
teardown_task:
- command: shell.exec
params:
script: |
${PREPARE_SHELL}
bash ${DRIVERS_TOOLS}/.evergreen/serverless/delete-instance.sh
- func: "upload test results"
tasks:
- "test-serverless"
- name: serverless_next_task_group
setup_group_can_fail_task: true
setup_group_timeout_secs: 1800 # 30 minutes
setup_group:
- func: "fetch source"
- func: "create expansions"
- command: ec2.assume_role
params:
role_arn: ${aws_test_secrets_role}
- command: shell.exec
params:
shell: "bash"
script: |
${PREPARE_SHELL}
bash ${DRIVERS_TOOLS}/.evergreen/serverless/setup-secrets.sh serverless_next
bash ${DRIVERS_TOOLS}/.evergreen/serverless/create-instance.sh
- command: expansions.update
params:
file: serverless-expansion.yml
teardown_task:
- command: shell.exec
params:
script: |
${PREPARE_SHELL}
bash ${DRIVERS_TOOLS}/.evergreen/serverless/setup-secrets.sh serverless_next
bash ${DRIVERS_TOOLS}/.evergreen/serverless/delete-instance.sh
- func: "upload test results"
tasks:
- "test-serverless"
- name: testatlas_task_group
setup_group_can_fail_task: true
setup_group_timeout_secs: 1800 # 30 minutes
setup_group:
- func: fetch source
- func: create expansions
- command: shell.exec
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
echo "Setting up Atlas cluster"
DRIVERS_ATLAS_PUBLIC_API_KEY="${DRIVERS_ATLAS_PUBLIC_API_KEY}" \
DRIVERS_ATLAS_PRIVATE_API_KEY="${DRIVERS_ATLAS_PRIVATE_API_KEY}" \
DRIVERS_ATLAS_GROUP_ID="${DRIVERS_ATLAS_GROUP_ID}" \
DRIVERS_ATLAS_LAMBDA_USER="${DRIVERS_ATLAS_LAMBDA_USER}" \
DRIVERS_ATLAS_LAMBDA_PASSWORD="${DRIVERS_ATLAS_LAMBDA_PASSWORD}" \
LAMBDA_STACK_NAME="dbx-ruby-lambda" \
MONGODB_VERSION="7.0" \
task_id="${task_id}" \
execution="${execution}" \
$DRIVERS_TOOLS/.evergreen/atlas/setup-atlas-cluster.sh
echo "MONGODB_URI=${MONGODB_URI}"
- command: expansions.update
params:
file: src/atlas-expansion.yml
teardown_group:
- command: shell.exec
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
DRIVERS_ATLAS_PUBLIC_API_KEY="${DRIVERS_ATLAS_PUBLIC_API_KEY}" \
DRIVERS_ATLAS_PRIVATE_API_KEY="${DRIVERS_ATLAS_PRIVATE_API_KEY}" \
DRIVERS_ATLAS_GROUP_ID="${DRIVERS_ATLAS_GROUP_ID}" \
LAMBDA_STACK_NAME="dbx-ruby-lambda" \
task_id="${task_id}" \
execution="${execution}" \
$DRIVERS_TOOLS/.evergreen/atlas/teardown-atlas-cluster.sh
tasks:
- test-full-atlas-task
- name: test_aws_lambda_task_group
setup_group_can_fail_task: true
setup_group_timeout_secs: 1800 # 30 minutes
setup_group:
- func: fetch source
- func: create expansions
- command: shell.exec
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
echo "Setting up Atlas cluster"
DRIVERS_ATLAS_PUBLIC_API_KEY="${DRIVERS_ATLAS_PUBLIC_API_KEY}" \
DRIVERS_ATLAS_PRIVATE_API_KEY="${DRIVERS_ATLAS_PRIVATE_API_KEY}" \
DRIVERS_ATLAS_GROUP_ID="${DRIVERS_ATLAS_GROUP_ID}" \
DRIVERS_ATLAS_LAMBDA_USER="${DRIVERS_ATLAS_LAMBDA_USER}" \
DRIVERS_ATLAS_LAMBDA_PASSWORD="${DRIVERS_ATLAS_LAMBDA_PASSWORD}" \
LAMBDA_STACK_NAME="dbx-ruby-lambda" \
MONGODB_VERSION="7.0" \
task_id="${task_id}" \
execution="${execution}" \
$DRIVERS_TOOLS/.evergreen/atlas/setup-atlas-cluster.sh
- command: expansions.update
params:
file: src/atlas-expansion.yml
teardown_group:
- command: shell.exec
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
DRIVERS_ATLAS_PUBLIC_API_KEY="${DRIVERS_ATLAS_PUBLIC_API_KEY}" \
DRIVERS_ATLAS_PRIVATE_API_KEY="${DRIVERS_ATLAS_PRIVATE_API_KEY}" \
DRIVERS_ATLAS_GROUP_ID="${DRIVERS_ATLAS_GROUP_ID}" \
LAMBDA_STACK_NAME="dbx-ruby-lambda" \
task_id="${task_id}" \
execution="${execution}" \
$DRIVERS_TOOLS/.evergreen/atlas/teardown-atlas-cluster.sh
tasks:
- test-aws-lambda-deployed
- name: testgcpkms_task_group
setup_group_can_fail_task: true
setup_group_timeout_secs: 1800 # 30 minutes
setup_group:
- func: fetch source
- func: "create expansions"
- command: shell.exec
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
echo '${testgcpkms_key_file}' > /tmp/testgcpkms_key_file.json
export GCPKMS_KEYFILE=/tmp/testgcpkms_key_file.json
export GCPKMS_DRIVERS_TOOLS=$DRIVERS_TOOLS
export GCPKMS_SERVICEACCOUNT="${testgcpkms_service_account}"
export GCPKMS_MACHINETYPE="e2-standard-4"
.evergreen/csfle/gcpkms/create-and-setup-instance.sh
# Load the GCPKMS_GCLOUD, GCPKMS_INSTANCE, GCPKMS_REGION, and GCPKMS_ZONE expansions.
- command: expansions.update
params:
file: src/testgcpkms-expansions.yml
teardown_group:
- command: shell.exec
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
export GCPKMS_GCLOUD=${GCPKMS_GCLOUD}
export GCPKMS_PROJECT=${GCPKMS_PROJECT}
export GCPKMS_ZONE=${GCPKMS_ZONE}
export GCPKMS_INSTANCENAME=${GCPKMS_INSTANCENAME}
.evergreen/csfle/gcpkms/delete-instance.sh
tasks:
- testgcpkms-task
- name: testazurekms_task_group
setup_group_can_fail_task: true
setup_group_timeout_secs: 1800 # 30 minutes
setup_group:
- func: fetch source
- func: "create expansions"
- command: shell.exec
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
export AZUREKMS_VMNAME_PREFIX=RUBY
export AZUREKMS_CLIENTID="${testazurekms_clientid}"
export AZUREKMS_TENANTID="${testazurekms_tenantid}"
export AZUREKMS_SECRET="${testazurekms_secret}"
export AZUREKMS_DRIVERS_TOOLS=$DRIVERS_TOOLS
export AZUREKMS_RESOURCEGROUP="${testazurekms_resourcegroup}"
echo '${testazurekms_publickey}' > /tmp/testazurekms_public_key_file
export AZUREKMS_PUBLICKEYPATH="/tmp/testazurekms_public_key_file"
echo '${testazurekms_privatekey}' > /tmp/testazurekms_private_key_file
chmod 600 /tmp/testazurekms_private_key_file
export AZUREKMS_PRIVATEKEYPATH="/tmp/testazurekms_private_key_file"
export AZUREKMS_SCOPE="${testazurekms_scope}"
.evergreen/csfle/azurekms/create-and-setup-vm.sh
# Load the AZUREKMS_GCLOUD, AZUREKMS_INSTANCE, AZUREKMS_REGION, and AZUREKMS_ZONE expansions.
- command: expansions.update
params:
file: src/testazurekms-expansions.yml
teardown_group:
- command: expansions.update
params:
file: src/testazurekms-expansions.yml
- command: shell.exec
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
export AZUREKMS_RESOURCEGROUP="${testazurekms_resourcegroup}"
.evergreen/csfle/azurekms/delete-vm.sh
tasks:
- testazurekms-task
tasks:
- name: "test-atlas"
commands:
- func: "run Atlas tests"
- name: "test-serverless"
commands:
- func: "export FLE credentials"
- func: "run serverless tests"
- name: "test-docker"
commands:
- func: "build and test docker image"
- name: "test-mlaunch"
commands:
- func: "run tests"
- name: "driver-bench"
commands:
- func: "run benchmarks"
- name: "test-via-docker"
commands:
- func: "run tests via docker"
- name: "test-kerberos-integration"
commands:
- func: "export Kerberos credentials"
- func: "run Kerberos integration tests"
- name: "test-kerberos"
commands:
- func: "run Kerberos unit tests"
- name: "test-fle"
commands:
- func: "export FLE credentials"
- func: "run tests"
- name: "test-fle-via-docker"
commands:
- func: "export FLE credentials"
- func: "run tests via docker"
- name: "test-aws-auth"
commands:
- func: "export AWS auth credentials"
- func: "run AWS auth tests"
- name: "test-full-atlas-task"
commands:
- command: shell.exec
type: test
params:
working_dir: "src"
shell: "bash"
script: |
${PREPARE_SHELL}
MONGODB_URI="${MONGODB_URI}" .evergreen/run-tests-atlas-full.sh
- name: "testgcpkms-task"
commands:
- command: shell.exec
type: setup
params:
working_dir: "src"
shell: "bash"
script: |
${PREPARE_SHELL}
echo "Copying files ... begin"
export GCPKMS_GCLOUD=${GCPKMS_GCLOUD}
export GCPKMS_PROJECT=${GCPKMS_PROJECT}
export GCPKMS_ZONE=${GCPKMS_ZONE}
export GCPKMS_INSTANCENAME=${GCPKMS_INSTANCENAME}
tar czf /tmp/mongo-ruby-driver.tgz .
GCPKMS_SRC=/tmp/mongo-ruby-driver.tgz GCPKMS_DST=$GCPKMS_INSTANCENAME: .evergreen/csfle/gcpkms/copy-file.sh
echo "Copying files ... end"
echo "Untarring file ... begin"
GCPKMS_CMD="tar xf mongo-ruby-driver.tgz" .evergreen/csfle/gcpkms/run-command.sh
echo "Untarring file ... end"
- command: shell.exec
type: test
params:
working_dir: "src"
shell: "bash"
script: |
${PREPARE_SHELL}
export GCPKMS_GCLOUD=${GCPKMS_GCLOUD}
export GCPKMS_PROJECT=${GCPKMS_PROJECT}
export GCPKMS_ZONE=${GCPKMS_ZONE}
export GCPKMS_INSTANCENAME=${GCPKMS_INSTANCENAME}
GCPKMS_CMD="TEST_FLE_GCP_AUTO=1 RVM_RUBY=ruby-3.1 FLE=helper TOPOLOGY=standalone MONGODB_VERSION=6.0 MONGO_RUBY_DRIVER_GCP_EMAIL="${fle_gcp_email}" MONGO_RUBY_DRIVER_GCP_PRIVATE_KEY='${fle_gcp_private_key}' MONGO_RUBY_DRIVER_GCP_PROJECT_ID='${fle_gcp_project_id}' MONGO_RUBY_DRIVER_GCP_LOCATION='${fle_gcp_location}' MONGO_RUBY_DRIVER_GCP_KEY_RING='${fle_gcp_key_ring}' MONGO_RUBY_DRIVER_GCP_KEY_NAME='${fle_gcp_key_name}' ./.evergreen/run-tests-gcp.sh" .evergreen/csfle/gcpkms/run-command.sh
- name: "testazurekms-task"
commands:
- command: shell.exec
type: setup
params:
working_dir: "src"
shell: "bash"
script: |
${PREPARE_SHELL}
echo "Copying files ... begin"
export AZUREKMS_RESOURCEGROUP=${testazurekms_resourcegroup}
export AZUREKMS_VMNAME=${AZUREKMS_VMNAME}
export AZUREKMS_PRIVATEKEYPATH="/tmp/testazurekms_private_key_file"
tar czf /tmp/mongo-ruby-driver.tgz .
AZUREKMS_SRC=/tmp/mongo-ruby-driver.tgz AZUREKMS_DST="~/" .evergreen/csfle/azurekms/copy-file.sh
echo "Copying files ... end"
echo "Untarring file ... begin"
AZUREKMS_CMD="tar xf mongo-ruby-driver.tgz" .evergreen/csfle/azurekms/run-command.sh
echo "Untarring file ... end"
- command: shell.exec
type: test
params:
working_dir: "src"
shell: "bash"
script: |
${PREPARE_SHELL}
export AZUREKMS_RESOURCEGROUP=${testazurekms_resourcegroup}
export AZUREKMS_VMNAME=${AZUREKMS_VMNAME}
export AZUREKMS_PRIVATEKEYPATH="/tmp/testazurekms_private_key_file"
AZUREKMS_CMD="TEST_FLE_AZURE_AUTO=1 RVM_RUBY=ruby-3.1 FLE=helper TOPOLOGY=standalone MONGODB_VERSION=6.0 MONGO_RUBY_DRIVER_AZURE_TENANT_ID="${MONGO_RUBY_DRIVER_AZURE_TENANT_ID}" MONGO_RUBY_DRIVER_AZURE_CLIENT_ID="${MONGO_RUBY_DRIVER_AZURE_CLIENT_ID}" MONGO_RUBY_DRIVER_AZURE_CLIENT_SECRET="${MONGO_RUBY_DRIVER_AZURE_CLIENT_SECRET}" MONGO_RUBY_DRIVER_AZURE_IDENTITY_PLATFORM_ENDPOINT="${MONGO_RUBY_DRIVER_AZURE_IDENTITY_PLATFORM_ENDPOINT}" MONGO_RUBY_DRIVER_AZURE_KEY_VAULT_ENDPOINT="${testazurekms_keyvaultendpoint}" MONGO_RUBY_DRIVER_AZURE_KEY_NAME="${testazurekms_keyname}" ./.evergreen/run-tests-azure.sh" .evergreen/csfle/azurekms/run-command.sh
- name: "test-aws-lambda-deployed"
commands:
- command: ec2.assume_role
params:
role_arn: ${LAMBDA_AWS_ROLE_ARN}
duration_seconds: 3600
- command: shell.exec
type: test
params:
working_dir: "src"
shell: "bash"
script: |
${PREPARE_SHELL}
export MONGODB_URI=${MONGODB_URI}
.evergreen/run-tests-deployed-lambda.sh
env:
TEST_LAMBDA_DIRECTORY: ${PROJECT_DIRECTORY}/spec/faas/ruby-sam-app
AWS_REGION: us-east-1
PROJECT_DIRECTORY: ${PROJECT_DIRECTORY}
DRIVERS_TOOLS: ${DRIVERS_TOOLS}
DRIVERS_ATLAS_PUBLIC_API_KEY: ${DRIVERS_ATLAS_PUBLIC_API_KEY}
DRIVERS_ATLAS_PRIVATE_API_KEY: ${DRIVERS_ATLAS_PRIVATE_API_KEY}
DRIVERS_ATLAS_LAMBDA_USER: ${DRIVERS_ATLAS_LAMBDA_USER}
DRIVERS_ATLAS_LAMBDA_PASSWORD: ${DRIVERS_ATLAS_LAMBDA_PASSWORD}
DRIVERS_ATLAS_GROUP_ID: ${DRIVERS_ATLAS_GROUP_ID}
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
AWS_SESSION_TOKEN: ${AWS_SESSION_TOKEN}
LAMBDA_STACK_NAME: "dbx-ruby-lambda"
RVM_RUBY: ruby-3.2
MONGODB_URI: ${MONGODB_URI}