From c2ca35ca96e348b487deab2686970afd32dde038 Mon Sep 17 00:00:00 2001 From: Andreas Braun Date: Mon, 3 Mar 2025 12:08:57 +0100 Subject: [PATCH 1/9] Add GitHub Actions workflow for merge ups (#1962) --- .github/workflows/merge-up.yml | 37 ++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .github/workflows/merge-up.yml diff --git a/.github/workflows/merge-up.yml b/.github/workflows/merge-up.yml new file mode 100644 index 0000000000..eb73eba7f6 --- /dev/null +++ b/.github/workflows/merge-up.yml @@ -0,0 +1,37 @@ +name: Merge up + +on: + push: + branches: + - release/*.* + - v* + +permissions: + id-token: write + contents: write + pull-requests: write + +jobs: + merge-up: + environment: release + name: Create merge up pull request + runs-on: ubuntu-latest + + steps: + - uses: mongodb-labs/drivers-github-tools/secure-checkout@v2 + with: + app_id: ${{ vars.APP_ID }} + private_key: ${{ secrets.APP_PRIVATE_KEY }} + # Make sure to include fetch-depth 0 so all branches are fetched, not + # just the current one + fetch-depth: 0 + + - name: Create pull request + id: create-pull-request + uses: alcaeus/automatic-merge-up-action@main + with: + ref: ${{ github.ref_name }} + branchNamePattern: 'release/.' + devBranchNamePattern: 'v' + fallbackBranch: 'master' + enableAutoMerge: true From 785d9430eb12b5006f8a44a81695c61b6c54f9ce Mon Sep 17 00:00:00 2001 From: Andreas Braun Date: Tue, 4 Mar 2025 13:25:46 +0100 Subject: [PATCH 2/9] Use different credentials for merge-up PRs (#1968) --- .github/workflows/merge-up.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/merge-up.yml b/.github/workflows/merge-up.yml index eb73eba7f6..1ba5980ade 100644 --- a/.github/workflows/merge-up.yml +++ b/.github/workflows/merge-up.yml @@ -13,15 +13,14 @@ permissions: jobs: merge-up: - environment: release name: Create merge up pull request runs-on: ubuntu-latest steps: - uses: mongodb-labs/drivers-github-tools/secure-checkout@v2 with: - app_id: ${{ vars.APP_ID }} - private_key: ${{ secrets.APP_PRIVATE_KEY }} + app_id: ${{ vars.PR_APP_ID }} + private_key: ${{ secrets.PR_APP_PRIVATE_KEY }} # Make sure to include fetch-depth 0 so all branches are fetched, not # just the current one fetch-depth: 0 From 7d03307bb6fdd6095490f153144a8780d95f37b6 Mon Sep 17 00:00:00 2001 From: Qingyang Hu <103950869+qingyang-hu@users.noreply.github.com> Date: Wed, 5 Mar 2025 14:18:12 -0500 Subject: [PATCH 3/9] GODRIVER-3476 Escape for Regex Options. (#1929) --- bson/bson_test.go | 14 ++++++++++++-- bson/bsonrw/extjson_writer.go | 7 ++++--- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/bson/bson_test.go b/bson/bson_test.go index e2c1bf9e8b..6c004b1df0 100644 --- a/bson/bson_test.go +++ b/bson/bson_test.go @@ -19,6 +19,7 @@ import ( "go.mongodb.org/mongo-driver/bson/bsoncodec" "go.mongodb.org/mongo-driver/bson/bsonoptions" "go.mongodb.org/mongo-driver/bson/bsontype" + "go.mongodb.org/mongo-driver/bson/primitive" "go.mongodb.org/mongo-driver/internal/assert" "go.mongodb.org/mongo-driver/x/bsonx/bsoncore" ) @@ -226,11 +227,20 @@ func TestMapCodec(t *testing.T) { } func TestExtJSONEscapeKey(t *testing.T) { - doc := D{{Key: "\\usb#", Value: int32(1)}} + doc := D{ + { + Key: "\\usb#", + Value: int32(1), + }, + { + Key: "regex", + Value: primitive.Regex{Pattern: "ab\\\\\\\"ab", Options: "\""}, + }, + } b, err := MarshalExtJSON(&doc, false, false) noerr(t, err) - want := "{\"\\\\usb#\":1}" + want := `{"\\usb#":1,"regex":{"$regularExpression":{"pattern":"ab\\\\\\\"ab","options":"\""}}}` if diff := cmp.Diff(want, string(b)); diff != "" { t.Errorf("Marshaled documents do not match. got %v, want %v", string(b), want) } diff --git a/bson/bsonrw/extjson_writer.go b/bson/bsonrw/extjson_writer.go index 57781ff9f3..86a293570f 100644 --- a/bson/bsonrw/extjson_writer.go +++ b/bson/bsonrw/extjson_writer.go @@ -468,12 +468,13 @@ func (ejvw *extJSONValueWriter) WriteRegex(pattern string, options string) error return err } + options = sortStringAlphebeticAscending(options) var buf bytes.Buffer buf.WriteString(`{"$regularExpression":{"pattern":`) writeStringWithEscapes(pattern, &buf, ejvw.escapeHTML) - buf.WriteString(`,"options":"`) - buf.WriteString(sortStringAlphebeticAscending(options)) - buf.WriteString(`"}},`) + buf.WriteString(`,"options":`) + writeStringWithEscapes(options, &buf, ejvw.escapeHTML) + buf.WriteString(`}},`) ejvw.buf = append(ejvw.buf, buf.Bytes()...) From 49f0c81097496707455ab684989c9a1bbd7dfbde Mon Sep 17 00:00:00 2001 From: Andreas Braun Date: Wed, 28 May 2025 17:23:14 +0200 Subject: [PATCH 4/9] Ignore unmaintained branches when merging up (#2062) --- .github/workflows/merge-up.yml | 3 ++- .github/workflows/release.yml | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/merge-up.yml b/.github/workflows/merge-up.yml index 1ba5980ade..30726ae2f2 100644 --- a/.github/workflows/merge-up.yml +++ b/.github/workflows/merge-up.yml @@ -27,10 +27,11 @@ jobs: - name: Create pull request id: create-pull-request - uses: alcaeus/automatic-merge-up-action@main + uses: alcaeus/automatic-merge-up-action@1.0.0 with: ref: ${{ github.ref_name }} branchNamePattern: 'release/.' devBranchNamePattern: 'v' fallbackBranch: 'master' + ignoredBranches: ${{ vars.IGNORED_MERGE_UP_BRANCHES }} enableAutoMerge: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ec586ceca2..dcd0acdde7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -49,6 +49,7 @@ jobs: with: version: ${{ inputs.version }} push_changes: ${{ inputs.push_changes }} + ignored_branches: ${{ vars.IGNORED_MERGE_UP_BRANCHES }} static-scan: needs: [pre-publish] From 029da417907833509cb87d75491601c390587cb0 Mon Sep 17 00:00:00 2001 From: Preston Vasquez Date: Wed, 28 May 2025 10:55:33 -0600 Subject: [PATCH 5/9] GODRIVER-3549 Fix timeouts in CSE custom endpoint test (#2028) (#2031) (#2061) --- .../client_side_encryption_prose_test.go | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/mongo/integration/client_side_encryption_prose_test.go b/mongo/integration/client_side_encryption_prose_test.go index 3d2b2304a2..f1f7811ba3 100644 --- a/mongo/integration/client_side_encryption_prose_test.go +++ b/mongo/integration/client_side_encryption_prose_test.go @@ -806,7 +806,7 @@ func TestClientSideEncryptionProse(t *testing.T) { "endpoint": "doesnotexist.invalid:443", }, "kmip": { - "endpoint": "doesnotexist.local:5698", + "endpoint": "doesnotexist.invalid:5698", }, } @@ -830,9 +830,8 @@ func TestClientSideEncryptionProse(t *testing.T) { "endpoint": "kms.us-east-1.amazonaws.com:443", } awsFailureConnectionError := map[string]interface{}{ - "region": "us-east-1", - "key": "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0", - "endpoint": "kms.us-east-1.amazonaws.com:12345", + "keyId": "1", + "endpoint": "localhost:12345", } awsFailureInvalidEndpoint := map[string]interface{}{ "region": "us-east-1", @@ -871,7 +870,7 @@ func TestClientSideEncryptionProse(t *testing.T) { } kmipFailureInvalidEndpoint := map[string]interface{}{ "keyId": "1", - "endpoint": "doesnotexist.local:5698", + "endpoint": "doesnotexist.invalid:5698", } const ( @@ -917,7 +916,7 @@ func TestClientSideEncryptionProse(t *testing.T) { }, { name: "Case 4: aws failure with connection error", - provider: "aws", + provider: "kmip", masterKey: awsFailureConnectionError, errorSubstring: []string{errConnectionRefused, errWindowsTLSConnectionRefused}, testInvalidClientEncryption: false, @@ -1588,7 +1587,7 @@ func TestClientSideEncryptionProse(t *testing.T) { "endpoint": "127.0.0.1:9001", } azureMasterKey := map[string]interface{}{ - "keyVaultEndpoint": "doesnotexist.local", + "keyVaultEndpoint": "doesnotexist.invalid", "keyName": "foo", } gcpMasterKey := map[string]interface{}{ From 6966434bed9aad426f808ffd8c44f0c8b3c57b23 Mon Sep 17 00:00:00 2001 From: linfp <673730411@qq.com> Date: Thu, 29 May 2025 02:10:20 +0800 Subject: [PATCH 6/9] GODRIVER-3516 Remove isAlive (#2060) Co-authored-by: andyl Co-authored-by: Preston Vasquez --- x/mongo/driver/topology/connection.go | 43 ------------ x/mongo/driver/topology/connection_test.go | 82 ---------------------- x/mongo/driver/topology/pool.go | 6 +- x/mongo/driver/topology/pool_test.go | 73 ------------------- 4 files changed, 2 insertions(+), 202 deletions(-) diff --git a/x/mongo/driver/topology/connection.go b/x/mongo/driver/topology/connection.go index e00363a548..bad00e7450 100644 --- a/x/mongo/driver/topology/connection.go +++ b/x/mongo/driver/topology/connection.go @@ -14,7 +14,6 @@ import ( "fmt" "io" "net" - "os" "strings" "sync" "sync/atomic" @@ -567,48 +566,6 @@ func (c *connection) closed() bool { return atomic.LoadInt64(&c.state) == connDisconnected } -// isAlive returns true if the connection is alive and ready to be used for an -// operation. -// -// Note that the liveness check can be slow (at least 1ms), so isAlive only -// checks the liveness of the connection if it's been idle for at least 10 -// seconds. For frequently in-use connections, a network error during an -// operation will be the first indication of a dead connection. -func (c *connection) isAlive() bool { - if c.nc == nil { - return false - } - - // If the connection has been idle for less than 10 seconds, skip the - // liveness check. - // - // The 10-seconds idle bypass is based on the liveness check implementation - // in the Python Driver. That implementation uses 1 second as the idle - // threshold, but we chose to be more conservative in the Go Driver because - // this is new behavior with unknown side-effects. See - // https://github.com/mongodb/mongo-python-driver/blob/e6b95f65953e01e435004af069a6976473eaf841/pymongo/synchronous/pool.py#L983-L985 - idleStart, ok := c.idleStart.Load().(time.Time) - if !ok || idleStart.Add(10*time.Second).After(time.Now()) { - return true - } - - // Set a 1ms read deadline and attempt to read 1 byte from the connection. - // Expect it to block for 1ms then return a deadline exceeded error. If it - // returns any other error, the connection is not usable, so return false. - // If it doesn't return an error and actually reads data, the connection is - // also not usable, so return false. - // - // Note that we don't need to un-set the read deadline because the "read" - // and "write" methods always reset the deadlines. - err := c.nc.SetReadDeadline(time.Now().Add(1 * time.Millisecond)) - if err != nil { - return false - } - var b [1]byte - _, err = c.nc.Read(b[:]) - return errors.Is(err, os.ErrDeadlineExceeded) -} - func (c *connection) idleTimeoutExpired() bool { if c.idleTimeout == 0 { return false diff --git a/x/mongo/driver/topology/connection_test.go b/x/mongo/driver/topology/connection_test.go index 07dd9ff0ec..4a30dc6fa4 100644 --- a/x/mongo/driver/topology/connection_test.go +++ b/x/mongo/driver/topology/connection_test.go @@ -1252,85 +1252,3 @@ func (tcl *testCancellationListener) assertCalledOnce(t *testing.T) { assert.Equal(t, 1, tcl.numListen, "expected Listen to be called once, got %d", tcl.numListen) assert.Equal(t, 1, tcl.numStopListening, "expected StopListening to be called once, got %d", tcl.numListen) } - -func TestConnection_IsAlive(t *testing.T) { - t.Parallel() - - t.Run("uninitialized", func(t *testing.T) { - t.Parallel() - - conn := newConnection("") - assert.False(t, - conn.isAlive(), - "expected isAlive for an uninitialized connection to always return false") - }) - - t.Run("connection open", func(t *testing.T) { - t.Parallel() - - cleanup := make(chan struct{}) - defer close(cleanup) - addr := bootstrapConnections(t, 1, func(nc net.Conn) { - // Keep the connection open until the end of the test. - <-cleanup - _ = nc.Close() - }) - - conn := newConnection(address.Address(addr.String())) - err := conn.connect(context.Background()) - require.NoError(t, err) - - conn.idleStart.Store(time.Now().Add(-11 * time.Second)) - assert.True(t, - conn.isAlive(), - "expected isAlive for an open connection to return true") - }) - - t.Run("connection closed", func(t *testing.T) { - t.Parallel() - - conns := make(chan net.Conn) - addr := bootstrapConnections(t, 1, func(nc net.Conn) { - conns <- nc - }) - - conn := newConnection(address.Address(addr.String())) - err := conn.connect(context.Background()) - require.NoError(t, err) - - // Close the connection before calling isAlive. - nc := <-conns - err = nc.Close() - require.NoError(t, err) - - conn.idleStart.Store(time.Now().Add(-11 * time.Second)) - assert.False(t, - conn.isAlive(), - "expected isAlive for a closed connection to return false") - }) - - t.Run("connection reads data", func(t *testing.T) { - t.Parallel() - - cleanup := make(chan struct{}) - defer close(cleanup) - addr := bootstrapConnections(t, 1, func(nc net.Conn) { - // Write some data to the connection before calling isAlive. - _, err := nc.Write([]byte{5, 0, 0, 0, 0}) - require.NoError(t, err) - - // Keep the connection open until the end of the test. - <-cleanup - _ = nc.Close() - }) - - conn := newConnection(address.Address(addr.String())) - err := conn.connect(context.Background()) - require.NoError(t, err) - - conn.idleStart.Store(time.Now().Add(-11 * time.Second)) - assert.False(t, - conn.isAlive(), - "expected isAlive for an open connection that reads data to return false") - }) -} diff --git a/x/mongo/driver/topology/pool.go b/x/mongo/driver/topology/pool.go index e9565425d9..45b0b7d9b5 100644 --- a/x/mongo/driver/topology/pool.go +++ b/x/mongo/driver/topology/pool.go @@ -167,11 +167,9 @@ type reason struct { // connectionPerished checks if a given connection is perished and should be removed from the pool. func connectionPerished(conn *connection) (reason, bool) { switch { - case conn.closed() || !conn.isAlive(): + case conn.closed(): // A connection would only be closed if it encountered a network error - // during an operation and closed itself. If a connection is not alive - // (e.g. the connection was closed by the server-side), it's also - // considered a network error. + // during an operation and closed itself. return reason{ loggerConn: logger.ReasonConnClosedError, event: event.ReasonError, diff --git a/x/mongo/driver/topology/pool_test.go b/x/mongo/driver/topology/pool_test.go index 4de2efecef..5a610c25c6 100644 --- a/x/mongo/driver/topology/pool_test.go +++ b/x/mongo/driver/topology/pool_test.go @@ -817,79 +817,6 @@ func TestPool(t *testing.T) { assert.Containsf(t, err.Error(), "canceled", `expected error message to contain "canceled"`) } - p.close(context.Background()) - }) - t.Run("discards connections closed by the server side", func(t *testing.T) { - t.Parallel() - - cleanup := make(chan struct{}) - defer close(cleanup) - - ncs := make(chan net.Conn, 2) - addr := bootstrapConnections(t, 2, func(nc net.Conn) { - // Send all "server-side" connections to a channel so we can - // interact with them during the test. - ncs <- nc - - <-cleanup - _ = nc.Close() - }) - - d := newdialer(&net.Dialer{}) - p := newPool(poolConfig{ - Address: address.Address(addr.String()), - }, WithDialer(func(Dialer) Dialer { return d })) - err := p.ready() - require.NoError(t, err) - - // Add 1 idle connection to the pool by checking-out and checking-in - // a connection. - conn, err := p.checkOut(context.Background()) - require.NoError(t, err) - err = p.checkIn(conn) - require.NoError(t, err) - assertConnectionsOpened(t, d, 1) - assert.Equalf(t, 1, p.availableConnectionCount(), "should be 1 idle connections in pool") - assert.Equalf(t, 1, p.totalConnectionCount(), "should be 1 total connection in pool") - - // Make that connection appear as if it's been idle for a minute. - conn.idleStart.Store(time.Now().Add(-1 * time.Minute)) - - // Close the "server-side" of the connection we just created. The idle - // connection in the pool is now unusable because the "server-side" - // closed it. - nc := <-ncs - err = nc.Close() - require.NoError(t, err) - - // In a separate goroutine, write a valid wire message to the 2nd - // connection that's about to be created. Stop waiting for a 2nd - // connection after 100ms to prevent leaking a goroutine. - go func() { - select { - case nc := <-ncs: - _, err := nc.Write([]byte{5, 0, 0, 0, 0}) - require.NoError(t, err, "Write error") - case <-time.After(100 * time.Millisecond): - } - }() - - // Check out a connection and try to read from it. Expect the pool to - // discard the connection that was closed by the "server-side" and - // return a newly created connection instead. - conn, err = p.checkOut(context.Background()) - require.NoError(t, err) - msg, err := conn.readWireMessage(context.Background()) - require.NoError(t, err) - assert.Equal(t, []byte{5, 0, 0, 0, 0}, msg) - - err = p.checkIn(conn) - require.NoError(t, err) - - assertConnectionsOpened(t, d, 2) - assert.Equalf(t, 1, p.availableConnectionCount(), "should be 1 idle connections in pool") - assert.Equalf(t, 1, p.totalConnectionCount(), "should be 1 total connection in pool") - p.close(context.Background()) }) }) From 835c5e1d8a72721ca1528fb15e105ff334a87c1e Mon Sep 17 00:00:00 2001 From: Preston Vasquez Date: Wed, 4 Jun 2025 15:06:42 -0600 Subject: [PATCH 7/9] GODRIVER-3560 Assume ec2 role explicitly in CI (#2080) --- .evergreen/config.yml | 121 +++++++++-------------------------------- Makefile | 24 -------- etc/run-awskms-test.sh | 14 +++-- 3 files changed, 35 insertions(+), 124 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index bdb9ecbcd9..e8ebae8bda 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -26,6 +26,11 @@ timeout: script: | ls -la functions: + assume-test-secrets-ec2-role: + - command: ec2.assume_role + params: + role_arn: ${aws_test_secrets_role} + fetch-source: # Executes clone and applies the submitted patch, if any - command: git.get_project @@ -233,9 +238,13 @@ functions: display_name: "test_suite.tgz" bootstrap-mongohoused: + - command: ec2.assume_role + params: + role_arn: ${aws_test_secrets_role} - command: subprocess.exec params: binary: "bash" + add_expansions_to_env: true args: - ${DRIVERS_TOOLS}/.evergreen/atlas_data_lake/pull-mongohouse-image.sh - command: subprocess.exec @@ -580,16 +589,6 @@ functions: MONGO_GO_DRIVER_COMPRESSOR=${MONGO_GO_DRIVER_COMPRESSOR} \ make evg-test-load-balancers - run-serverless-tests: - - command: shell.exec - type: test - params: - shell: "bash" - working_dir: src/go.mongodb.org/mongo-driver - script: | - ${PREPARE_SHELL} - bash etc/run-serverless-test.sh - run-atlas-data-lake-test: - command: shell.exec type: test @@ -1830,14 +1829,6 @@ tasks: AUTH: "noauth" SSL: "nossl" - - name: "test-serverless" - tags: ["serverless"] - commands: - - func: start-cse-servers - - func: "run-serverless-tests" - vars: - MONGO_GO_DRIVER_COMPRESSOR: "snappy" - - name: "testgcpkms-task" commands: - command: shell.exec @@ -1896,10 +1887,12 @@ tasks: - name: "testawskms-task" commands: + - func: assume-test-secrets-ec2-role - command: shell.exec type: test params: shell: "bash" + add_expansions_to_env: true working_dir: src/go.mongodb.org/mongo-driver script: | ${PREPARE_SHELL} @@ -1909,10 +1902,12 @@ tasks: # testawskms-fail-task runs without environment variables. # It is expected to fail to obtain credentials. commands: + - func: assume-test-secrets-ec2-role - command: shell.exec type: test params: shell: "bash" + add_expansions_to_env: true working_dir: src/go.mongodb.org/mongo-driver script: | ${PREPARE_SHELL} @@ -1925,6 +1920,7 @@ tasks: type: test params: shell: "bash" + add_expansions_to_env: true working_dir: src/go.mongodb.org/mongo-driver script: | ${PREPARE_SHELL} @@ -1957,10 +1953,12 @@ tasks: # testazurekms-fail-task runs without environment variables. # It is expected to fail to obtain credentials. commands: + - func: assume-test-secrets-ec2-role - command: shell.exec type: test params: shell: "bash" + add_expansions_to_env: true working_dir: src/go.mongodb.org/mongo-driver script: | ${PREPARE_SHELL} @@ -1985,10 +1983,6 @@ tasks: - name: "test-aws-lambda-deployed" commands: - - command: ec2.assume_role - params: - role_arn: ${LAMBDA_AWS_ROLE_ARN} - duration_seconds: 3600 - command: shell.exec type: test params: @@ -2219,73 +2213,7 @@ axes: variables: GO_DIST: "/opt/golang/go1.22" - - id: os-serverless - display_name: OS - values: - - id: "rhel87" - display_name: "RHEL 8.7" - run_on: rhel8.7-small - variables: - GO_DIST: "/opt/golang/go1.22" - task_groups: - - name: serverless_task_group - setup_group_can_fail_task: true - setup_group_timeout_secs: 1800 # 30 minutes - setup_group: - - func: fetch-source - - func: prepare-resources - - func: fix-absolute-paths - - func: make-files-executable - - func: start-cse-servers - - command: shell.exec - params: - shell: "bash" - script: | - ${PREPARE_SHELL} - bash ${DRIVERS_TOOLS}/.evergreen/serverless/setup-secrets.sh ${VAULT_NAME} - bash ${DRIVERS_TOOLS}/.evergreen/serverless/create-instance.sh - - command: expansions.update - params: - file: serverless-expansion.yml - - command: shell.exec - params: - shell: "bash" - script: | - ${PREPARE_SHELL} - - # Find the crypt_shared library file in the current directory and set the CRYPT_SHARED_LIB_PATH to - # the path of that file. Only look for .so, .dll, or .dylib files to prevent matching any other - # downloaded files. - CRYPT_SHARED_LIB_PATH="$(find $(pwd) -maxdepth 1 -type f \ - -name 'mongo_crypt_v1.so' -o \ - -name 'mongo_crypt_v1.dll' -o \ - -name 'mongo_crypt_v1.dylib')" - - # If we're on Windows, convert the "cygdrive" path to Windows-style paths. - if [ "Windows_NT" = "$OS" ]; then - CRYPT_SHARED_LIB_PATH=$(cygpath -m $CRYPT_SHARED_LIB_PATH) - fi - - echo "CRYPT_SHARED_LIB_PATH: $CRYPT_SHARED_LIB_PATH" >> crypt-expansion.yml - - # Load the expansion file to make an evergreen variable with the current unique version - - command: expansions.update - params: - file: crypt-expansion.yml - - teardown_group: - - command: shell.exec - params: - shell: "bash" - script: | - ${PREPARE_SHELL} - bash ${DRIVERS_TOOLS}/.evergreen/serverless/delete-instance.sh ${VAULT_NAME} - - func: handle-test-artifacts - - func: cleanup - tasks: - - ".serverless" - - name: testgcpkms_task_group setup_group_can_fail_task: true setup_group_timeout_secs: 1800 # 30 minutes @@ -2294,9 +2222,11 @@ task_groups: - func: prepare-resources - func: fix-absolute-paths - func: make-files-executable + - func: assume-test-secrets-ec2-role - command: shell.exec params: shell: "bash" + add_expansions_to_env: true script: | ${PREPARE_SHELL} $DRIVERS_TOOLS/.evergreen/csfle/gcpkms/setup.sh @@ -2321,9 +2251,11 @@ task_groups: - func: prepare-resources - func: fix-absolute-paths - func: make-files-executable + - func: assume-test-secrets-ec2-role - command: shell.exec params: shell: "bash" + add_expansions_to_env: true script: | ${PREPARE_SHELL} export AZUREKMS_VMNAME_PREFIX="GODRIVER" @@ -2375,9 +2307,11 @@ task_groups: - func: prepare-resources - func: fix-absolute-paths - func: make-files-executable + - func: assume-test-secrets-ec2-role - command: subprocess.exec params: binary: bash + add_expansions_to_env: true env: AZUREOIDC_VMNAME_PREFIX: "GO_DRIVER" args: @@ -2399,9 +2333,11 @@ task_groups: - func: prepare-resources - func: fix-absolute-paths - func: make-files-executable + - func: assume-test-secrets-ec2-role - command: subprocess.exec params: binary: bash + add_expansions_to_env: true env: AZUREOIDC_VMNAME_PREFIX: "GO_DRIVER" args: @@ -2421,10 +2357,12 @@ task_groups: setup_group: - func: fetch-source - func: prepare-resources + - func: assume-test-secrets-ec2-role - command: subprocess.exec params: working_dir: src/go.mongodb.org/mongo-driver binary: bash + add_expansions_to_env: true env: LAMBDA_STACK_NAME: dbx-go-lambda AWS_REGION: us-east-1 @@ -2706,13 +2644,6 @@ buildvariants: tasks: - name: ".load-balancer" - - matrix_name: "serverless" - tags: ["pullrequest"] - matrix_spec: { os-serverless: "*" } - display_name: "Serverless ${os-serverless}" - tasks: - - "serverless_task_group" - - matrix_name: "kms-kmip-test" matrix_spec: { version: ["7.0"], os-ssl-40: ["rhel87-64"] } display_name: "KMS KMIP ${os-ssl-40}" diff --git a/Makefile b/Makefile index 1861030527..a3db27e0d1 100644 --- a/Makefile +++ b/Makefile @@ -170,30 +170,6 @@ evg-test-search-index: evg-test-ocsp: go test -v ./mongo -run TestOCSP $(OCSP_TLS_SHOULD_SUCCEED) >> test.suite -.PHONY: evg-test-serverless -evg-test-serverless: - # Serverless should be tested with all unified tests as well as tests in the following components: CRUD, load balancer, - # retryable reads, retryable writes, sessions, transactions and cursor behavior. - go test $(BUILD_TAGS) ./mongo/integration -run TestCrudSpec -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestWriteErrorsWithLabels -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestWriteErrorsDetails -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestHintErrors -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestWriteConcernError -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestErrorsCodeNamePropagated -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestLoadBalancerSupport -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestUnifiedSpecs/retryable-reads -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestRetryableReadsProse -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestRetryableWritesSpec -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestRetryableWritesProse -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestUnifiedSpecs/sessions -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestSessionsProse -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestUnifiedSpecs/transactions/legacy -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestConvenientTransactions -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration -run TestCursor -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test $(BUILD_TAGS) ./mongo/integration/unified -run TestUnifiedSpec -v -timeout $(TEST_TIMEOUT)s >> test.suite - go test -exec "env PKG_CONFIG_PATH=$(PKG_CONFIG_PATH) LD_LIBRARY_PATH=$(LD_LIBRARY_PATH) DYLD_LIBRARY_PATH=$(MACOS_LIBRARY_PATH)" $(BUILD_TAGS) -v -timeout $(TEST_TIMEOUT)s ./mongo/integration -run TestClientSideEncryptionSpec >> test.suite - go test -exec "env PKG_CONFIG_PATH=$(PKG_CONFIG_PATH) LD_LIBRARY_PATH=$(LD_LIBRARY_PATH) DYLD_LIBRARY_PATH=$(MACOS_LIBRARY_PATH)" $(BUILD_TAGS) -v -timeout $(TEST_TIMEOUT)s ./mongo/integration -run TestClientSideEncryptionProse >> test.suite - .PHONY: evg-test-versioned-api evg-test-versioned-api: # Versioned API related tests are in the mongo, integration and unified packages. diff --git a/etc/run-awskms-test.sh b/etc/run-awskms-test.sh index d3caef01c7..f267325e8d 100644 --- a/etc/run-awskms-test.sh +++ b/etc/run-awskms-test.sh @@ -4,17 +4,21 @@ echo "Building build-kms-test ... begin" BUILD_TAGS="-tags=cse" \ - PKG_CONFIG_PATH=$PKG_CONFIG_PATH \ - make build-kms-test + PKG_CONFIG_PATH=$PKG_CONFIG_PATH \ + make build-kms-test echo "Building build-kms-test ... end" . ${DRIVERS_TOOLS}/.evergreen/secrets_handling/setup-secrets.sh drivers/atlas_connect export MONGODB_URI="$ATLAS_FREE" if [ -z "${EXPECT_ERROR:-}" ]; then - . ${DRIVERS_TOOLS}/.evergreen/csfle/setup-secrets.sh - export AWS_SECRET_ACCESS_KEY=$FLE_AWS_SECRET_ACCESS_KEY - export AWS_ACCESS_KEY_ID=$FLE_AWS_ACCESS_KEY_ID + . ${DRIVERS_TOOLS}/.evergreen/csfle/setup-secrets.sh + export AWS_SECRET_ACCESS_KEY=$FLE_AWS_SECRET_ACCESS_KEY + export AWS_ACCESS_KEY_ID=$FLE_AWS_ACCESS_KEY_ID fi +# AWS_SESSION_TOKEN is required to get credentials from the drivers/csfle vault +# but interferes with the testkms binary causing UnrecognizedClientException. +unset AWS_SESSION_TOKEN + LD_LIBRARY_PATH=./install/libmongocrypt/lib64 PROVIDER='aws' ./testkms From 431cf52f9d66337eccf1f4088ef7e896401915b8 Mon Sep 17 00:00:00 2001 From: Preston Vasquez Date: Thu, 5 Jun 2025 12:08:55 -0600 Subject: [PATCH 8/9] GODRIVER-3524 Sync updates to reflect showExpandedEvents omissions (#2084) --- .../change-streams-disambiguatedPaths.json | 66 ------------------- .../change-streams-disambiguatedPaths.yml | 29 +------- testdata/change-streams/change-streams.json | 12 +++- testdata/change-streams/change-streams.yml | 5 +- 4 files changed, 15 insertions(+), 97 deletions(-) diff --git a/testdata/change-streams/change-streams-disambiguatedPaths.json b/testdata/change-streams/change-streams-disambiguatedPaths.json index dba4a4c34a..a8667b5436 100644 --- a/testdata/change-streams/change-streams-disambiguatedPaths.json +++ b/testdata/change-streams/change-streams-disambiguatedPaths.json @@ -28,7 +28,6 @@ "minServerVersion": "6.1.0", "topologies": [ "replicaset", - "sharded-replicaset", "load-balanced", "sharded" ], @@ -43,70 +42,6 @@ } ], "tests": [ - { - "description": "disambiguatedPaths is not present when showExpandedEvents is false/unset", - "operations": [ - { - "name": "insertOne", - "object": "collection0", - "arguments": { - "document": { - "_id": 1, - "a": { - "1": 1 - } - } - } - }, - { - "name": "createChangeStream", - "object": "collection0", - "arguments": { - "pipeline": [] - }, - "saveResultAsEntity": "changeStream0" - }, - { - "name": "updateOne", - "object": "collection0", - "arguments": { - "filter": { - "_id": 1 - }, - "update": { - "$set": { - "a.1": 2 - } - } - } - }, - { - "name": "iterateUntilDocumentOrError", - "object": "changeStream0", - "expectResult": { - "operationType": "update", - "ns": { - "db": "database0", - "coll": "collection0" - }, - "updateDescription": { - "updatedFields": { - "$$exists": true - }, - "removedFields": { - "$$exists": true - }, - "truncatedArrays": { - "$$exists": true - }, - "disambiguatedPaths": { - "$$exists": false - } - } - } - } - ] - }, { "description": "disambiguatedPaths is present on updateDescription when an ambiguous path is present", "operations": [ @@ -250,4 +185,3 @@ } ] } - diff --git a/testdata/change-streams/change-streams-disambiguatedPaths.yml b/testdata/change-streams/change-streams-disambiguatedPaths.yml index 2469988cd6..7996c45f24 100644 --- a/testdata/change-streams/change-streams-disambiguatedPaths.yml +++ b/testdata/change-streams/change-streams-disambiguatedPaths.yml @@ -15,7 +15,7 @@ createEntities: runOnRequirements: - minServerVersion: "6.1.0" - topologies: [ replicaset, sharded-replicaset, load-balanced, sharded ] + topologies: [ replicaset, load-balanced, sharded ] serverless: forbid initialData: @@ -24,32 +24,6 @@ initialData: documents: [] tests: - - description: "disambiguatedPaths is not present when showExpandedEvents is false/unset" - operations: - - name: insertOne - object: *collection0 - arguments: - document: { _id: 1, 'a': { '1': 1 } } - - name: createChangeStream - object: *collection0 - arguments: { pipeline: [] } - saveResultAsEntity: &changeStream0 changeStream0 - - name: updateOne - object: *collection0 - arguments: - filter: { _id: 1 } - update: { $set: { 'a.1': 2 } } - - name: iterateUntilDocumentOrError - object: *changeStream0 - expectResult: - operationType: "update" - ns: { db: *database0, coll: *collection0 } - updateDescription: - updatedFields: { $$exists: true } - removedFields: { $$exists: true } - truncatedArrays: { $$exists: true } - disambiguatedPaths: { $$exists: false } - - description: "disambiguatedPaths is present on updateDescription when an ambiguous path is present" operations: - name: insertOne @@ -101,4 +75,3 @@ tests: removedFields: { $$exists: true } truncatedArrays: { $$exists: true } disambiguatedPaths: { 'a.0.1': ['a', { $$type: 'int' }, '1'] } - diff --git a/testdata/change-streams/change-streams.json b/testdata/change-streams/change-streams.json index d03fde97e5..b20868ee03 100644 --- a/testdata/change-streams/change-streams.json +++ b/testdata/change-streams/change-streams.json @@ -181,7 +181,12 @@ "field": "array", "newSize": 2 } - ] + ], + "disambiguatedPaths": { + "$$unsetOrMatches": { + "$$exists": true + } + } } } } @@ -1409,6 +1414,11 @@ "$$unsetOrMatches": { "$$exists": true } + }, + "disambiguatedPaths": { + "$$unsetOrMatches": { + "$$exists": true + } } } } diff --git a/testdata/change-streams/change-streams.yml b/testdata/change-streams/change-streams.yml index 113c80f50d..7f824623a6 100644 --- a/testdata/change-streams/change-streams.yml +++ b/testdata/change-streams/change-streams.yml @@ -115,7 +115,8 @@ tests: "field": "array", "newSize": 2 } - ] + ], + disambiguatedPaths: { $$unsetOrMatches: { $$exists: true } } } } @@ -140,7 +141,6 @@ tests: comment: *comment0 - description: "Test with document comment - pre 4.4" - skipReason: "TODO(GODRIVER-2386): aggregate only supports string comments" runOnRequirements: - maxServerVersion: "4.2.99" operations: @@ -723,6 +723,7 @@ tests: updatedFields: { x: 2 } removedFields: [] truncatedArrays: { $$unsetOrMatches: { $$exists: true } } + disambiguatedPaths: { $$unsetOrMatches: { $$exists: true } } - name: iterateUntilDocumentOrError object: *changeStream0 expectResult: From 4c4cafc2f35435794f614f78cbe2ea486832ff4b Mon Sep 17 00:00:00 2001 From: "mongodb-dbx-release-bot[bot]" <167856002+mongodb-dbx-release-bot[bot]@users.noreply.github.com> Date: Thu, 5 Jun 2025 19:01:55 +0000 Subject: [PATCH 9/9] BUMP v1.17.4 Signed-off-by: mongodb-dbx-release-bot[bot] <167856002+mongodb-dbx-release-bot[bot]@users.noreply.github.com> --- version/version.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version/version.go b/version/version.go index 8992fada15..cf9127b008 100644 --- a/version/version.go +++ b/version/version.go @@ -11,4 +11,4 @@ package version // Driver is the current version of the driver. -var Driver = "1.17.3" +var Driver = "1.17.4"