Skip to content

Commit 761f853

Browse files
durrandurran
authored
test(NODE-4382): update fle setup in test readme (#3302)
1 parent de35a62 commit 761f853

File tree

1 file changed

+44
-0
lines changed

1 file changed

+44
-0
lines changed

test/readme.md

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -332,6 +332,10 @@ The following steps will walk you through how to run the tests for CSFLE.
332332
| `AWS_REGION` | The AWS region where the KMS resides (e.g., `us-east-1`) |
333333
| `AWS_CMK_ID` | The Customer Master Key for the KMS |
334334
| `CSFLE_KMS_PROVIDERS` | The raw EJSON description of the KMS providers. An example of the format is provided below. |
335+
| KMIP_TLS_CA_FILE | /path/to/mongodb-labs/drivers-evergreen-tools/.evergreen/x509gen/ca.pem
336+
|
337+
| KMIP_TLS_CERT_FILE | /path/to/mongodb-labs/drivers-evergreen-tools/.evergreen/x509gen/client.pem
338+
335339

336340
The value of the `CSFLE_KMS_PROVIDERS` variable will have the following format:
337341

@@ -357,6 +361,46 @@ The following steps will walk you through how to run the tests for CSFLE.
357361
}
358362
}
359363
```
364+
1. Start the KMIP servers:
365+
366+
`DRIVERS_TOOLS="/path/to/mongodb-labs/drivers-evergreen-tools" .evergreen/run-kms-servers.sh`
367+
368+
1. Ensure default ~/.aws/config is present:
369+
370+
```
371+
[default]
372+
aws_access_key_id=AWS_ACCESS_KEY_ID
373+
aws_secret_access_key=AWS_SECRET_ACCESS_KEY
374+
```
375+
376+
1. Set temporary AWS credentials
377+
378+
```
379+
pip3 install boto3
380+
PYTHON="python3" source /path/to/mongodb-labs/drivers-evergreen-tools/.evergreen/csfle/set-temp-creds.sh
381+
```
382+
383+
Alternatively for fish users the following script can be substituted for set-temp-creds.sh:
384+
385+
```fish
386+
function set_aws_creds
387+
set PYTHON_SCRIPT "\
388+
import boto3
389+
client = boto3.client('sts')
390+
credentials = client.get_session_token()['Credentials']
391+
print (credentials['AccessKeyId'] + ' ' + credentials['SecretAccessKey'] + ' ' + credentials['SessionToken'])"
392+
393+
echo $PYTHON_SCRIPT | python3 -
394+
end
395+
396+
set CREDS (set_aws_creds)
397+
398+
set CSFLE_AWS_TEMP_ACCESS_KEY_ID (echo $CREDS | awk '{print $1}')
399+
set CSFLE_AWS_TEMP_SECRET_ACCESS_KEY (echo $CREDS | awk '{print $2}')
400+
set CSFLE_AWS_TEMP_SESSION_TOKEN (echo $CREDS | awk '{print $3}')
401+
402+
set -e CREDS
403+
```
360404

361405
1. Run the functional tests:
362406

0 commit comments

Comments
 (0)