remove CSFLE_KMS_PROVIDERS

Author: baileympearson

test/csfle-env.js

@@ -0,0 +1,46 @@
+'use strict';
+
+const { Binary } = require("bson");
+
+const csfleKMSProviders = {
+    "aws": {
+        "accessKeyId": process.env.FLE_AWS_KEY,
+        "secretAccessKey": process.env.FLE_AWS_SECRET
+    },
+    "azure": {
+        "tenantId": process.env.FLE_AZURE_TENANTID,
+        "clientId": process.env.FLE_AZURE_CLIENTID,
+        "clientSecret": process.env.FLE_AZURE_CLIENTSECRET
+    },
+    "gcp": {
+        "email": process.env.FLE_GCP_EMAIL,
+        "privateKey": process.env.FLE_GCP_PRIVATEKEY
+    },
+    "local": {
+        "key": Buffer.from("Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk", 'base64')
+    },
+    "kmip": {
+        "endpoint": "localhost:5698"
+    }
+}
+
+function getCSFLEKMSProviders() {
+    return structuredClone(
+        csfleKMSProviders
+    )
+}
+
+const keys = [
+    'FLE_AWS_KEY',
+    'FLE_AWS_SECRET',
+    'FLE_AZURE_TENANTID',
+    'FLE_AZURE_CLIENTID',
+    'FLE_AZURE_CLIENTSECRET',
+    'FLE_GCP_EMAIL',
+    'FLE_GCP_PRIVATEKEY'
+];
+
+module.exports = {
+    getCSFLEKMSProviders,
+    kmsCredentialsPresent: keys.every(key => typeof process.env[key] === 'string' && process.env[key].length > 0)
+}

test/integration/client-side-encryption/client_side_encryption.prose.06.corpus.test.ts

@@ -9,6 +9,7 @@ import * as path from 'path';
 import { ClientEncryption } from '../../../src/client-side-encryption/client_encryption';
 import { type MongoClient, WriteConcern } from '../../mongodb';
 import { getEncryptExtraOptions } from '../../tools/utils';
+import { getCSFLEKMSProviders } from '../../csfle-env';
 
 describe('Client Side Encryption Prose Corpus Test', function () {
   const metadata = {
@@ -25,17 +26,7 @@ describe('Client Side Encryption Prose Corpus Test', function () {
     });
   }
 
-  const CSFLE_KMS_PROVIDERS = process.env.CSFLE_KMS_PROVIDERS;
-  const kmsProviders = CSFLE_KMS_PROVIDERS ? EJSON.parse(CSFLE_KMS_PROVIDERS) : {};
-  kmsProviders.local = {
-    key: Buffer.from(
-      'Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk',
-      'base64'
-    )
-  };
-  kmsProviders.kmip = {
-    endpoint: 'localhost:5698'
-  };
+  const kmsProviders = getCSFLEKMSProviders();
 
   // TODO: build this into EJSON
   // TODO: make a custom chai assertion for this

test/integration/client-side-encryption/client_side_encryption.prose.21.automatic_data_encryption_keys.test.ts

@@ -4,7 +4,8 @@ import { expect } from 'chai';
 import { ClientEncryption } from '../../../src/client-side-encryption/client_encryption';
 /* eslint-disable @typescript-eslint/no-restricted-imports */
 import { MongoCryptCreateEncryptedCollectionError } from '../../../src/client-side-encryption/errors';
-import { BSON, Collection, type Db, MongoServerError } from '../../mongodb';
+import { Collection, type Db, MongoServerError } from '../../mongodb';
+import { getCSFLEKMSProviders, kmsCredentialsPresent } from '../../csfle-env';
 
 const metadata: MongoDBMetadataUI = {
   requires: {
@@ -33,14 +34,14 @@ describe('21. Automatic Data Encryption Keys', () => {
     beforeEach(async function () {
       client = this.configuration.newClient();
 
-      if (typeof process.env.CSFLE_KMS_PROVIDERS !== 'string') {
+      if (!kmsCredentialsPresent) {
         if (this.currentTest) {
           this.currentTest.skipReason = 'This test requires env CSFLE_KMS_PROVIDERS to be set';
         }
         return this.currentTest?.skip();
       }
 
-      const { aws, local } = BSON.EJSON.parse(process.env.CSFLE_KMS_PROVIDERS);
+      const { aws, local } = getCSFLEKMSProviders();
 
       clientEncryption = new ClientEncryption(client, {
         keyVaultClient: client,

test/integration/client-side-encryption/client_side_encryption.prose.22.range_explicit_encryption.test.ts

@@ -8,11 +8,10 @@ import { Decimal128, type Document, Double, Long, type MongoClient } from '../..
 import { ClientEncryption } from '../../../src/client-side-encryption/client_encryption';
 /* eslint-disable @typescript-eslint/no-restricted-imports */
 import { MongoCryptError } from '../../../src/client-side-encryption/errors';
+import { getCSFLEKMSProviders } from '../../csfle-env';
 
 const getKmsProviders = () => {
-  const result = EJSON.parse(process.env.CSFLE_KMS_PROVIDERS || '{}') as unknown as {
-    local: unknown;
-  };
+  const result = getCSFLEKMSProviders();
 
   return { local: result.local };
 };
@@ -46,85 +45,85 @@ const prepareOptions = opts =>
 
 const dataTypes: ReadonlyArray<{
   type:
-    | 'DecimalNoPrecision'
-    | 'DecimalPrecision'
-    | 'DoubleNoPrecision'
-    | 'DoublePrecision'
-    | 'Long'
-    | 'Int'
-    | 'Date';
+  | 'DecimalNoPrecision'
+  | 'DecimalPrecision'
+  | 'DoubleNoPrecision'
+  | 'DoublePrecision'
+  | 'Long'
+  | 'Int'
+  | 'Date';
   rangeOptions: Document;
   factory: (number) => unknown;
 }> = [
-  {
-    type: 'DecimalNoPrecision',
-    rangeOptions: prepareOptions({
-      sparsity: { $numberLong: '1' },
-      trimFactor: { $numberInt: '1' }
-    }),
-    factory: value => new Decimal128(value.toString())
-  },
-  {
-    type: 'DecimalPrecision',
-    rangeOptions: prepareOptions({
-      min: { $numberDecimal: '0' },
-      max: { $numberDecimal: '200' },
-      trimFactor: { $numberInt: '1' },
-      sparsity: { $numberLong: '1' },
-      precision: 2
-    }),
-    factory: value => new Decimal128(value.toString())
-  },
-  {
-    type: 'DoubleNoPrecision',
-    rangeOptions: prepareOptions({
-      trimFactor: { $numberInt: '1' },
-      sparsity: { $numberLong: '1' }
-    }),
-    factory: value => new Double(value)
-  },
-  {
-    type: 'DoublePrecision',
-    rangeOptions: prepareOptions({
-      min: { $numberDouble: '0' },
-      max: { $numberDouble: '200' },
-      trimFactor: { $numberInt: '1' },
-      sparsity: { $numberLong: '1' },
-      precision: 2
-    }),
-    factory: value => new Double(value)
-  },
-  {
-    type: 'Date',
-    rangeOptions: prepareOptions({
-      min: { $date: { $numberLong: '0' } },
-      max: { $date: { $numberLong: '200' } },
-      trimFactor: { $numberInt: '1' },
-      sparsity: { $numberLong: '1' }
-    }),
-    factory: value => new Date(value)
-  },
-  {
-    type: 'Int',
-    rangeOptions: prepareOptions({
-      min: { $numberInt: '0' },
-      max: { $numberInt: '200' },
-      trimFactor: { $numberInt: '1' },
-      sparsity: { $numberLong: '1' }
-    }),
-    factory: value => value
-  },
-  {
-    type: 'Long',
-    rangeOptions: prepareOptions({
-      min: { $numberLong: '0' },
-      max: { $numberLong: '200' },
-      trimFactor: { $numberInt: '1' },
-      sparsity: { $numberLong: '1' }
-    }),
-    factory: value => Long.fromNumber(value)
-  }
-];
+    {
+      type: 'DecimalNoPrecision',
+      rangeOptions: prepareOptions({
+        sparsity: { $numberLong: '1' },
+        trimFactor: { $numberInt: '1' }
+      }),
+      factory: value => new Decimal128(value.toString())
+    },
+    {
+      type: 'DecimalPrecision',
+      rangeOptions: prepareOptions({
+        min: { $numberDecimal: '0' },
+        max: { $numberDecimal: '200' },
+        trimFactor: { $numberInt: '1' },
+        sparsity: { $numberLong: '1' },
+        precision: 2
+      }),
+      factory: value => new Decimal128(value.toString())
+    },
+    {
+      type: 'DoubleNoPrecision',
+      rangeOptions: prepareOptions({
+        trimFactor: { $numberInt: '1' },
+        sparsity: { $numberLong: '1' }
+      }),
+      factory: value => new Double(value)
+    },
+    {
+      type: 'DoublePrecision',
+      rangeOptions: prepareOptions({
+        min: { $numberDouble: '0' },
+        max: { $numberDouble: '200' },
+        trimFactor: { $numberInt: '1' },
+        sparsity: { $numberLong: '1' },
+        precision: 2
+      }),
+      factory: value => new Double(value)
+    },
+    {
+      type: 'Date',
+      rangeOptions: prepareOptions({
+        min: { $date: { $numberLong: '0' } },
+        max: { $date: { $numberLong: '200' } },
+        trimFactor: { $numberInt: '1' },
+        sparsity: { $numberLong: '1' }
+      }),
+      factory: value => new Date(value)
+    },
+    {
+      type: 'Int',
+      rangeOptions: prepareOptions({
+        min: { $numberInt: '0' },
+        max: { $numberInt: '200' },
+        trimFactor: { $numberInt: '1' },
+        sparsity: { $numberLong: '1' }
+      }),
+      factory: value => value
+    },
+    {
+      type: 'Long',
+      rangeOptions: prepareOptions({
+        min: { $numberLong: '0' },
+        max: { $numberLong: '200' },
+        trimFactor: { $numberInt: '1' },
+        sparsity: { $numberLong: '1' }
+      }),
+      factory: value => Long.fromNumber(value)
+    }
+  ];
 
 const basePath = '/test/spec/client-side-encryption/etc/data';
 

test/integration/client-side-encryption/client_side_encryption.prose.23.range_encryption_defaults.test.ts

@@ -2,7 +2,8 @@ import { expect } from 'chai';
 
 /* eslint-disable @typescript-eslint/no-restricted-imports */
 import { ClientEncryption } from '../../../src/client-side-encryption/client_encryption';
-import { type Binary, EJSON, Int32, Long } from '../../mongodb';
+import { type Binary, Int32, Long } from '../../mongodb';
+import { getCSFLEKMSProviders } from '../../csfle-env';
 
 const metaData: MongoDBMetadataUI = {
   requires: {
@@ -17,10 +18,8 @@ const metaData: MongoDBMetadataUI = {
   }
 };
 
-const getKmsProviders = (): { local: { key: string } } => {
-  const result = EJSON.parse(process.env.CSFLE_KMS_PROVIDERS || '{}') as unknown as {
-    local: { key: string };
-  };
+const getKmsProviders = (): { local: { key: Buffer } } => {
+  const result = getCSFLEKMSProviders();
 
   return { local: result.local };
 };

test/integration/client-side-encryption/client_side_encryption.prose.test.js

@@ -19,9 +19,10 @@ const { ClientEncryption } = require('../../../src/client-side-encryption/client
 const {
   ClientSideEncryptionFilter
 } = require('../../tools/runner/filters/client_encryption_filter');
+const { getCSFLEKMSProviders } = require('../../csfle-env');
 
 const getKmsProviders = (localKey, kmipEndpoint, azureEndpoint, gcpEndpoint) => {
-  const result = BSON.EJSON.parse(process.env.CSFLE_KMS_PROVIDERS || '{}');
+  const result = getCSFLEKMSProviders();
   if (localKey) {
     result.local = { key: localKey };
   }

test/integration/client-side-encryption/driver.test.ts

@@ -29,6 +29,7 @@ import {
   sleep
 } from '../../tools/utils';
 import { filterForCommands } from '../shared';
+import { getCSFLEKMSProviders } from '../../csfle-env';
 
 const metadata: MongoDBMetadataUI = {
   requires: {
@@ -37,12 +38,8 @@ const metadata: MongoDBMetadataUI = {
   }
 };
 
-const getLocalKmsProvider = (): { local: { key: Binary } } => {
-  const { local } = EJSON.parse(process.env.CSFLE_KMS_PROVIDERS || '{}') as {
-    local: { key: Binary };
-    [key: string]: unknown;
-  };
-
+const getLocalKmsProvider = (): { local: { key: Buffer } } => {
+  const { local } = getCSFLEKMSProviders();
   return { local };
 };
 
@@ -53,41 +50,6 @@ describe('Client Side Encryption Functional', function () {
   const keyVaultCollName = 'datakeys';
   const keyVaultNamespace = `${keyVaultDbName}.${keyVaultCollName}`;
 
-  it('CSFLE_KMS_PROVIDERS should be valid EJSON', function () {
-    const CSFLE_KMS_PROVIDERS = process.env.CSFLE_KMS_PROVIDERS;
-    if (typeof CSFLE_KMS_PROVIDERS === 'string') {
-      /**
-       * The shape of CSFLE_KMS_PROVIDERS is as follows:
-       *
-       * ```ts
-       * interface CSFLE_kms_providers {
-       *    aws: {
-       *      accessKeyId: string;
-       *      secretAccessKey: string;
-       *   };
-       *   azure: {
-       *     tenantId: string;
-       *     clientId: string;
-       *     clientSecret: string;
-       *   };
-       *   gcp: {
-       *     email: string;
-       *     privateKey: string;
-       *   };
-       *   local: {
-       *     // EJSON handle converting this, its actually the canonical -> { $binary: { base64: string; subType: string } }
-       *     // **NOTE**: The dollar sign has to be escaped when using this as an ENV variable
-       *     key: Binary;
-       *   }
-       * }
-       * ```
-       */
-      expect(() => EJSON.parse(CSFLE_KMS_PROVIDERS)).to.not.throw(SyntaxError);
-    } else {
-      this.skip();
-    }
-  });
-
   describe('Collection', metadata, function () {
     describe('#bulkWrite()', metadata, function () {
       context('when encryption errors', function () {
@@ -640,10 +602,8 @@ describe('Range Explicit Encryption with JS native types', function () {
     }
   };
 
-  const getKmsProviders = (): { local: { key: string } } => {
-    const result = EJSON.parse(process.env.CSFLE_KMS_PROVIDERS || '{}') as unknown as {
-      local: { key: string };
-    };
+  const getKmsProviders = (): { local: { key: Buffer } } => {
+    const result = getCSFLEKMSProviders();
 
     return { local: result.local };
   };
@@ -1135,7 +1095,7 @@ describe('CSOT', function () {
       };
 
       beforeEach(async function () {
-        local_key = { local: EJSON.parse(process.env.CSFLE_KMS_PROVIDERS).local };
+        local_key = { local: getCSFLEKMSProviders().local };
         client = this.configuration.newClient({ timeoutMS });
         await client.connect();
         await client.db('keyvault').createCollection('datakeys');