diff --git a/source/unified-test-format/schema-1.8.json b/source/unified-test-format/schema-1.8.json new file mode 100644 index 0000000000..c3affc512c --- /dev/null +++ b/source/unified-test-format/schema-1.8.json @@ -0,0 +1,554 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + + "title": "Unified Test Format", + "type": "object", + "additionalProperties": false, + "required": ["description", "schemaVersion", "tests"], + "properties": { + "description": { "type": "string" }, + "schemaVersion": { "$ref": "#/definitions/version" }, + "runOnRequirements": { + "type": "array", + "minItems": 1, + "items": { "$ref": "#/definitions/runOnRequirement" } + }, + "createEntities": { + "type": "array", + "minItems": 1, + "items": { "$ref": "#/definitions/entity" } + }, + "initialData": { + "type": "array", + "minItems": 1, + "items": { "$ref": "#/definitions/collectionData" } + }, + "tests": { + "type": "array", + "minItems": 1, + "items": { "$ref": "#/definitions/test" } + }, + "_yamlAnchors": { + "type": "object", + "additionalProperties": true + } + }, + + "definitions": { + "version": { + "type": "string", + "pattern": "^[0-9]+(\\.[0-9]+){1,2}$" + }, + + "runOnRequirement": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "maxServerVersion": { "$ref": "#/definitions/version" }, + "minServerVersion": { "$ref": "#/definitions/version" }, + "topologies": { + "type": "array", + "minItems": 1, + "items": { + "type": "string", + "enum": ["single", "replicaset", "sharded", "sharded-replicaset", "load-balanced"] + } + }, + "serverless": { + "type": "string", + "enum": ["require", "forbid", "allow"] + }, + "serverParameters": { + "type": "object", + "minProperties": 1 + }, + "auth": { "type": "boolean" } + } + }, + + "entity": { + "type": "object", + "additionalProperties": false, + "maxProperties": 1, + "minProperties": 1, + "properties": { + "client": { + "type": "object", + "additionalProperties": false, + "required": ["id"], + "properties": { + "id": { "type": "string" }, + "uriOptions": { "type": "object" }, + "useMultipleMongoses": { "type": "boolean" }, + "observeEvents": { + "type": "array", + "minItems": 1, + "items": { + "type": "string", + "enum": [ + "commandStartedEvent", + "commandSucceededEvent", + "commandFailedEvent", + "poolCreatedEvent", + "poolReadyEvent", + "poolClearedEvent", + "poolClosedEvent", + "connectionCreatedEvent", + "connectionReadyEvent", + "connectionClosedEvent", + "connectionCheckOutStartedEvent", + "connectionCheckOutFailedEvent", + "connectionCheckedOutEvent", + "connectionCheckedInEvent" + ] + } + }, + "ignoreCommandMonitoringEvents": { + "type": "array", + "minItems": 1, + "items": { "type": "string" } + }, + "storeEventsAsEntities": { + "type": "array", + "minItems": 1, + "items": { "$ref": "#/definitions/storeEventsAsEntity" } + }, + "serverApi": { "$ref": "#/definitions/serverApi" }, + "observeSensitiveCommands": { "type": "boolean" } + } + }, + "clientEncryption": { + "type": "object", + "additionalProperties": false, + "required": ["id", "clientEncryptionOpts"], + "properties": { + "id": { "type": "string" }, + "clientEncryptionOpts": { "$ref": "#/definitions/clientEncryptionOpts" } + } + }, + "database": { + "type": "object", + "additionalProperties": false, + "required": ["id", "client", "databaseName"], + "properties": { + "id": { "type": "string" }, + "client": { "type": "string" }, + "databaseName": { "type": "string" }, + "databaseOptions": { "$ref": "#/definitions/collectionOrDatabaseOptions" } + } + }, + "collection": { + "type": "object", + "additionalProperties": false, + "required": ["id", "database", "collectionName"], + "properties": { + "id": { "type": "string" }, + "database": { "type": "string" }, + "collectionName": { "type": "string" }, + "collectionOptions": { "$ref": "#/definitions/collectionOrDatabaseOptions" } + } + }, + "session": { + "type": "object", + "additionalProperties": false, + "required": ["id", "client"], + "properties": { + "id": { "type": "string" }, + "client": { "type": "string" }, + "sessionOptions": { "type": "object" } + } + }, + "bucket": { + "type": "object", + "additionalProperties": false, + "required": ["id", "database"], + "properties": { + "id": { "type": "string" }, + "database": { "type": "string" }, + "bucketOptions": { "type": "object" } + } + } + } + }, + + "clientEncryptionOpts": { + "type": "object", + "additionalProperties": false, + "required": ["keyVaultClient", "keyVaultNamespace", "kmsProviders"], + "properties": { + "keyVaultClient": { "type": "string" }, + "keyVaultNamespace": { "type": "string" }, + "kmsProviders": { "$ref": "#/definitions/kmsProviders" } + } + }, + + "kmsProviders": { + "$defs": { + "stringOrPlaceholder": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "object", + "additionalProperties": false, + "required": ["$$placeholder"], + "properties": { + "$$placeholder": {} + } + } + ] + } + }, + "type": "object", + "additionalProperties": false, + "properties": { + "aws": { + "type": "object", + "additionalProperties": false, + "properties": { + "accessKeyId": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" }, + "secretAccessKey": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" }, + "sessionToken": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" } + } + }, + "azure": { + "type": "object", + "additionalProperties": false, + "properties": { + "tenantId": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" }, + "clientId": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" }, + "clientSecret": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" }, + "identityPlatformEndpoint": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" } + } + }, + "gcp": { + "type": "object", + "additionalProperties": false, + "properties": { + "email": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" }, + "privateKey": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" }, + "endpoint": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" } + } + }, + "kmip": { + "type": "object", + "additionalProperties": false, + "properties": { + "endpoint": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" } + } + }, + "local": { + "type": "object", + "additionalProperties": false, + "properties": { + "key": { "$ref": "#/definitions/kmsProviders/$defs/stringOrPlaceholder" } + } + } + } + }, + + "storeEventsAsEntity": { + "type": "object", + "additionalProperties": false, + "required": ["id", "events"], + "properties": { + "id": { "type": "string" }, + "events": { + "type": "array", + "minItems": 1, + "items": { + "type": "string", + "enum": [ + "PoolCreatedEvent", + "PoolReadyEvent", + "PoolClearedEvent", + "PoolClosedEvent", + "ConnectionCreatedEvent", + "ConnectionReadyEvent", + "ConnectionClosedEvent", + "ConnectionCheckOutStartedEvent", + "ConnectionCheckOutFailedEvent", + "ConnectionCheckedOutEvent", + "ConnectionCheckedInEvent", + "CommandStartedEvent", + "CommandSucceededEvent", + "CommandFailedEvent" + ] + } + } + } + }, + + "collectionData": { + "type": "object", + "additionalProperties": false, + "required": ["collectionName", "databaseName", "documents"], + "properties": { + "collectionName": { "type": "string" }, + "databaseName": { "type": "string" }, + "documents": { + "type": "array", + "items": { "type": "object" } + } + } + }, + + "expectedEventsForClient": { + "type": "object", + "additionalProperties": false, + "required": ["client", "events"], + "properties": { + "client": { "type": "string" }, + "eventType": { + "type": "string", + "enum": ["command", "cmap"] + }, + "events": { "type": "array" }, + "ignoreExtraEvents": { "type": "boolean" } + }, + "oneOf": [ + { + "required": ["eventType"], + "properties": { + "eventType": { "const": "command" }, + "events": { + "type": "array", + "items": { "$ref": "#/definitions/expectedCommandEvent" } + } + } + }, + { + "required": ["eventType"], + "properties": { + "eventType": { "const": "cmap" }, + "events": { + "type": "array", + "items": { "$ref": "#/definitions/expectedCmapEvent" } + } + } + }, + { + "additionalProperties": false, + "properties": { + "client": { "type": "string" }, + "events": { + "type": "array", + "items": { "$ref": "#/definitions/expectedCommandEvent" } + }, + "ignoreExtraEvents": { "type": "boolean" } + } + } + ] + }, + + "expectedCommandEvent": { + "type": "object", + "additionalProperties": false, + "maxProperties": 1, + "minProperties": 1, + "properties": { + "commandStartedEvent": { + "type": "object", + "additionalProperties": false, + "properties": { + "command": { "type": "object" }, + "commandName": { "type": "string" }, + "databaseName": { "type": "string" }, + "hasServiceId": { "type": "boolean" }, + "hasServerConnectionId": { "type": "boolean" } + } + }, + "commandSucceededEvent": { + "type": "object", + "additionalProperties": false, + "properties": { + "reply": { "type": "object" }, + "commandName": { "type": "string" }, + "hasServiceId": { "type": "boolean" }, + "hasServerConnectionId": { "type": "boolean" } + } + }, + "commandFailedEvent": { + "type": "object", + "additionalProperties": false, + "properties": { + "commandName": { "type": "string" }, + "hasServiceId": { "type": "boolean" }, + "hasServerConnectionId": { "type": "boolean" } + } + } + } + }, + + "expectedCmapEvent": { + "type": "object", + "additionalProperties": false, + "maxProperties": 1, + "minProperties": 1, + "properties": { + "poolCreatedEvent": { + "type": "object", + "additionalProperties": false, + "properties": {} + }, + "poolReadyEvent": { + "type": "object", + "additionalProperties": false, + "properties": {} + }, + "poolClearedEvent": { + "type": "object", + "additionalProperties": false, + "properties": { + "hasServiceId": { "type": "boolean" } + } + }, + "poolClosedEvent": { + "type": "object", + "additionalProperties": false, + "properties": {} + }, + "connectionCreatedEvent": { + "type": "object", + "additionalProperties": false, + "properties": {} + }, + "connectionReadyEvent": { + "type": "object", + "additionalProperties": false, + "properties": {} + }, + "connectionClosedEvent": { + "type": "object", + "additionalProperties": false, + "properties": { + "reason": { "type": "string" } + } + }, + "connectionCheckOutStartedEvent": { + "type": "object", + "additionalProperties": false, + "properties": {} + }, + "connectionCheckOutFailedEvent": { + "type": "object", + "additionalProperties": false, + "properties": { + "reason": { "type": "string" } + } + }, + "connectionCheckedOutEvent": { + "type": "object", + "additionalProperties": false, + "properties": {} + }, + "connectionCheckedInEvent": { + "type": "object", + "additionalProperties": false, + "properties": {} + } + } + }, + + "collectionOrDatabaseOptions": { + "type": "object", + "additionalProperties": false, + "properties": { + "readConcern": { "type": "object" }, + "readPreference": { "type": "object" }, + "writeConcern": { "type": "object" } + } + }, + + "serverApi": { + "type": "object", + "additionalProperties": false, + "required": ["version"], + "properties": { + "version": { "type": "string" }, + "strict": { "type": "boolean" }, + "deprecationErrors": { "type": "boolean" } + } + }, + + "operation": { + "type": "object", + "additionalProperties": false, + "required": ["name", "object"], + "properties": { + "name": { "type": "string" }, + "object": { "type": "string" }, + "arguments": { "type": "object" }, + "ignoreResultAndError": { "type": "boolean" }, + "expectError": { "$ref": "#/definitions/expectedError" }, + "expectResult": {}, + "saveResultAsEntity": { "type": "string" } + }, + "allOf": [ + { "not": { "required": ["expectError", "expectResult"] } }, + { "not": { "required": ["expectError", "saveResultAsEntity"] } }, + { "not": { "required": ["ignoreResultAndError", "expectResult"] } }, + { "not": { "required": ["ignoreResultAndError", "expectError"] } }, + { "not": { "required": ["ignoreResultAndError", "saveResultAsEntity"] } } + ] + }, + + "expectedError": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "isError": { + "type": "boolean", + "const": true + }, + "isClientError": { "type": "boolean" }, + "errorContains": { "type": "string" }, + "errorCode": { "type": "integer" }, + "errorCodeName": { "type": "string" }, + "errorLabelsContain": { + "type": "array", + "minItems": 1, + "items": { "type": "string" } + }, + "errorLabelsOmit": { + "type": "array", + "minItems": 1, + "items": { "type": "string" } + }, + "expectResult": {} + } + }, + + "test": { + "type": "object", + "additionalProperties": false, + "required": ["description", "operations"], + "properties": { + "description": { "type": "string" }, + "runOnRequirements": { + "type": "array", + "minItems": 1, + "items": { "$ref": "#/definitions/runOnRequirement" } + }, + "skipReason": { "type": "string" }, + "operations": { + "type": "array", + "items": { "$ref": "#/definitions/operation" } + }, + "expectEvents": { + "type": "array", + "minItems": 1, + "items": { "$ref": "#/definitions/expectedEventsForClient" } + }, + "outcome": { + "type": "array", + "minItems": 1, + "items": { "$ref": "#/definitions/collectionData" } + } + } + } + } +} diff --git a/source/unified-test-format/tests/Makefile b/source/unified-test-format/tests/Makefile index 9e8100402c..f183a50d69 100644 --- a/source/unified-test-format/tests/Makefile +++ b/source/unified-test-format/tests/Makefile @@ -1,4 +1,4 @@ -SCHEMA=../schema-1.7.json +SCHEMA=../schema-1.8.json .PHONY: all invalid valid-fail valid-pass versioned-api load-balancers gridfs transactions crud collection-management sessions command-monitoring HAS_AJV diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-additionalProperties.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-additionalProperties.json new file mode 100644 index 0000000000..26d14051a7 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-additionalProperties.json @@ -0,0 +1,30 @@ +{ + "description": "clientEncryptionOpts-additionalProperties", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": {} + }, + "invalid": {} + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-additionalProperties.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-additionalProperties.yml new file mode 100644 index 0000000000..e4a06698eb --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-additionalProperties.yml @@ -0,0 +1,19 @@ +description: clientEncryptionOpts-additionalProperties + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: {} + invalid: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-required.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-required.json new file mode 100644 index 0000000000..c43a2a9125 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-required.json @@ -0,0 +1,23 @@ +{ + "description": "clientEncryptionOpts-keyVaultClient-required", + "schemaVersion": "1.8", + "createEntities": [ + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": {} + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-required.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-required.yml new file mode 100644 index 0000000000..38b8b0b739 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-required.yml @@ -0,0 +1,15 @@ +description: clientEncryptionOpts-keyVaultClient-required + +schemaVersion: "1.8" + +createEntities: + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-type.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-type.json new file mode 100644 index 0000000000..1be9167a40 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-type.json @@ -0,0 +1,29 @@ +{ + "description": "clientEncryptionOpts-keyVaultClient-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": 0, + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": {} + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-type.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-type.yml new file mode 100644 index 0000000000..244fef6a95 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultClient-type.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-keyVaultClient-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: 0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-required.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-required.json new file mode 100644 index 0000000000..3f54d89aa7 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-required.json @@ -0,0 +1,28 @@ +{ + "description": "clientEncryptionOpts-keyVaultNamespace-required", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "kmsProviders": { + "aws": {} + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-required.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-required.yml new file mode 100644 index 0000000000..9fc217a800 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-required.yml @@ -0,0 +1,17 @@ +description: clientEncryptionOpts-keyVaultNamespace-required + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + kmsProviders: + aws: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-type.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-type.json new file mode 100644 index 0000000000..53f2f5f086 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-type.json @@ -0,0 +1,29 @@ +{ + "description": "clientEncryptionOpts-keyVaultNamespace-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": 0, + "kmsProviders": { + "aws": {} + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-type.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-type.yml new file mode 100644 index 0000000000..a8575840d0 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-keyVaultNamespace-type.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-keyVaultNamespace-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: 0 + kmsProviders: + aws: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-additionalProperties.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-additionalProperties.json new file mode 100644 index 0000000000..cfd979e2b2 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-additionalProperties.json @@ -0,0 +1,29 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-additionalProperties", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "invalid": {} + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-additionalProperties.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-additionalProperties.yml new file mode 100644 index 0000000000..619a7e1ddf --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-additionalProperties.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-additionalProperties + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + invalid: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-additionalProperties.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-additionalProperties.json new file mode 100644 index 0000000000..59b273487d --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-additionalProperties.json @@ -0,0 +1,31 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-aws-additionalProperties", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": { + "invalid": {} + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-additionalProperties.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-additionalProperties.yml new file mode 100644 index 0000000000..e2e0b45604 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-additionalProperties.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-aws-additionalProperties + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: { invalid: {} } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-type.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-type.json new file mode 100644 index 0000000000..ffcc85bfcf --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-type.json @@ -0,0 +1,29 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-aws-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": 0 + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-type.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-type.yml new file mode 100644 index 0000000000..93992b8647 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-aws-type.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-aws-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: 0 + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-additionalProperties.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-additionalProperties.json new file mode 100644 index 0000000000..1664b79097 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-additionalProperties.json @@ -0,0 +1,31 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-azure-additionalProperties", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "azure": { + "invalid": {} + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-additionalProperties.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-additionalProperties.yml new file mode 100644 index 0000000000..b29d032969 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-additionalProperties.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-azure-additionalProperties + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + azure: { invalid: {} } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-type.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-type.json new file mode 100644 index 0000000000..5bd50c8078 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-type.json @@ -0,0 +1,29 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-azure-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "azure": 0 + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-type.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-type.yml new file mode 100644 index 0000000000..cab0661eb9 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-azure-type.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-azure-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + azure: 0 + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-additionalProperties.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-additionalProperties.json new file mode 100644 index 0000000000..120c088b00 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-additionalProperties.json @@ -0,0 +1,31 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-gcp-additionalProperties", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "gcp": { + "invalid": {} + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-additionalProperties.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-additionalProperties.yml new file mode 100644 index 0000000000..f95db9fef7 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-additionalProperties.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-gcp-additionalProperties + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + gcp: { invalid: {} } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-type.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-type.json new file mode 100644 index 0000000000..1dd1c8a2a3 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-type.json @@ -0,0 +1,29 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-gcp-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "gcp": 0 + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-type.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-type.yml new file mode 100644 index 0000000000..ef707d4df2 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-gcp-type.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-gcp-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + gcp: 0 + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-additionalProperties.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-additionalProperties.json new file mode 100644 index 0000000000..22ded20440 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-additionalProperties.json @@ -0,0 +1,31 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-kmip-additionalProperties", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "kmip": { + "invalid": {} + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-additionalProperties.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-additionalProperties.yml new file mode 100644 index 0000000000..fb4a79aba8 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-additionalProperties.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-kmip-additionalProperties + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + kmip: { invalid: {} } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-type.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-type.json new file mode 100644 index 0000000000..9b9e74be37 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-type.json @@ -0,0 +1,29 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-kmip-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "kmip": 0 + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-type.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-type.yml new file mode 100644 index 0000000000..f89e08ce9b --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-kmip-type.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-kmip-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + kmip: 0 + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-additionalProperties.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-additionalProperties.json new file mode 100644 index 0000000000..b93cfe00d1 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-additionalProperties.json @@ -0,0 +1,31 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-local-additionalProperties", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "local": { + "invalid": {} + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-additionalProperties.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-additionalProperties.yml new file mode 100644 index 0000000000..9ee3a0eb02 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-additionalProperties.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-local-additionalProperties + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + local: { invalid: {} } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-type.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-type.json new file mode 100644 index 0000000000..526ea24831 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-type.json @@ -0,0 +1,29 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-local-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "local": 0 + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-type.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-type.yml new file mode 100644 index 0000000000..a1b51dd632 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-local-type.yml @@ -0,0 +1,18 @@ +description: clientEncryptionOpts-kmsProviders-local-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + local: 0 + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-required.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-required.json new file mode 100644 index 0000000000..b823a67baf --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-required.json @@ -0,0 +1,26 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-required", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys" + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-required.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-required.yml new file mode 100644 index 0000000000..4575483a50 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-required.yml @@ -0,0 +1,16 @@ +description: clientEncryptionOpts-kmsProviders-required + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-type.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-type.json new file mode 100644 index 0000000000..e7a6190b68 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-type.json @@ -0,0 +1,27 @@ +{ + "description": "clientEncryptionOpts-kmsProviders-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": 0 + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-type.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-type.yml new file mode 100644 index 0000000000..17a51d88c1 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-kmsProviders-type.yml @@ -0,0 +1,17 @@ +description: clientEncryptionOpts-kmsProviders-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: 0 + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-tlsOptions_not_supported.json b/source/unified-test-format/tests/invalid/clientEncryptionOpts-tlsOptions_not_supported.json new file mode 100644 index 0000000000..3b4972f23d --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-tlsOptions_not_supported.json @@ -0,0 +1,30 @@ +{ + "description": "clientEncryptionOpts-tlsOptions_not_supported", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": {} + }, + "tlsOptions": {} + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/clientEncryptionOpts-tlsOptions_not_supported.yml b/source/unified-test-format/tests/invalid/clientEncryptionOpts-tlsOptions_not_supported.yml new file mode 100644 index 0000000000..cd04141f24 --- /dev/null +++ b/source/unified-test-format/tests/invalid/clientEncryptionOpts-tlsOptions_not_supported.yml @@ -0,0 +1,21 @@ +# Note: tests the same rule as clientEncryptionOpts-additionalProperties, but +# exists as an independent test because tlsOptions is defined in the CSLE spec. +description: clientEncryptionOpts-tlsOptions_not_supported + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: {} + tlsOptions: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-additionalProperties.json b/source/unified-test-format/tests/invalid/entity-clientEncryption-additionalProperties.json new file mode 100644 index 0000000000..77c0a91434 --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-additionalProperties.json @@ -0,0 +1,30 @@ +{ + "description": "entity-clientEncryption-additionalProperties", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": {} + } + }, + "invalid": {} + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-additionalProperties.yml b/source/unified-test-format/tests/invalid/entity-clientEncryption-additionalProperties.yml new file mode 100644 index 0000000000..636896e39e --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-additionalProperties.yml @@ -0,0 +1,19 @@ +description: entity-clientEncryption-additionalProperties + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: {} + invalid: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-required.json b/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-required.json new file mode 100644 index 0000000000..88e852342a --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-required.json @@ -0,0 +1,17 @@ +{ + "description": "entity-clientEncryption-clientEncryptionOpts-required", + "schemaVersion": "1.8", + "createEntities": [ + { + "clientEncryption": { + "id": "clientEncryption0" + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-required.yml b/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-required.yml new file mode 100644 index 0000000000..b2af763f0a --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-required.yml @@ -0,0 +1,11 @@ +description: entity-clientEncryption-clientEncryptionOpts-required + +schemaVersion: "1.8" + +createEntities: + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-type.json b/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-type.json new file mode 100644 index 0000000000..77fb6a362a --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-type.json @@ -0,0 +1,18 @@ +{ + "description": "entity-clientEncryption-clientEncryptionOpts-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": 0 + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-type.yml b/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-type.yml new file mode 100644 index 0000000000..354a14afdb --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-clientEncryptionOpts-type.yml @@ -0,0 +1,12 @@ +description: entity-clientEncryption-clientEncryptionOpts-type + +schemaVersion: "1.8" + +createEntities: + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: 0 + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-id-required.json b/source/unified-test-format/tests/invalid/entity-clientEncryption-id-required.json new file mode 100644 index 0000000000..464ba7159a --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-id-required.json @@ -0,0 +1,28 @@ +{ + "description": "entity-clientEncryption-id-required", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": {} + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-id-required.yml b/source/unified-test-format/tests/invalid/entity-clientEncryption-id-required.yml new file mode 100644 index 0000000000..1cda4eff50 --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-id-required.yml @@ -0,0 +1,17 @@ +description: entity-clientEncryption-id-required + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-id-type.json b/source/unified-test-format/tests/invalid/entity-clientEncryption-id-type.json new file mode 100644 index 0000000000..a7746657fc --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-id-type.json @@ -0,0 +1,29 @@ +{ + "description": "entity-clientEncryption-id-type", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": 0, + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": {} + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/invalid/entity-clientEncryption-id-type.yml b/source/unified-test-format/tests/invalid/entity-clientEncryption-id-type.yml new file mode 100644 index 0000000000..df3095fd1d --- /dev/null +++ b/source/unified-test-format/tests/invalid/entity-clientEncryption-id-type.yml @@ -0,0 +1,18 @@ +description: entity-clientEncryption-id-type + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: 0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/valid-fail/kmsProviders-missing_aws_kms_credentials.json b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_aws_kms_credentials.json new file mode 100644 index 0000000000..ded9d79800 --- /dev/null +++ b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_aws_kms_credentials.json @@ -0,0 +1,31 @@ +{ + "description": "kmsProviders-missing_aws_kms_credentials", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": { + "accessKeyId": "accessKeyId" + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/valid-fail/kmsProviders-missing_aws_kms_credentials.yml b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_aws_kms_credentials.yml new file mode 100644 index 0000000000..42cdf0f306 --- /dev/null +++ b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_aws_kms_credentials.yml @@ -0,0 +1,19 @@ +# Missing required KMS credentials should lead to clientEncryption initialization failure. +description: kmsProviders-missing_aws_kms_credentials + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: { accessKeyId: "accessKeyId" } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/valid-fail/kmsProviders-missing_azure_kms_credentials.json b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_azure_kms_credentials.json new file mode 100644 index 0000000000..85eef71dee --- /dev/null +++ b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_azure_kms_credentials.json @@ -0,0 +1,31 @@ +{ + "description": "kmsProviders-missing_azure_kms_credentials", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "azure": { + "tenantId": "tenantId" + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/valid-fail/kmsProviders-missing_azure_kms_credentials.yml b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_azure_kms_credentials.yml new file mode 100644 index 0000000000..f3af8a9d57 --- /dev/null +++ b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_azure_kms_credentials.yml @@ -0,0 +1,19 @@ +# Missing required KMS credentials should lead to clientEncryption initialization failure. +description: kmsProviders-missing_azure_kms_credentials + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + azure: { tenantId: "tenantId" } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/valid-fail/kmsProviders-missing_gcp_kms_credentials.json b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_gcp_kms_credentials.json new file mode 100644 index 0000000000..83e29905d2 --- /dev/null +++ b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_gcp_kms_credentials.json @@ -0,0 +1,31 @@ +{ + "description": "kmsProviders-missing_gcp_kms_credentials", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "gcp": { + "email": "email" + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/valid-fail/kmsProviders-missing_gcp_kms_credentials.yml b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_gcp_kms_credentials.yml new file mode 100644 index 0000000000..f6fb986d10 --- /dev/null +++ b/source/unified-test-format/tests/valid-fail/kmsProviders-missing_gcp_kms_credentials.yml @@ -0,0 +1,19 @@ +# Missing required KMS credentials should lead to clientEncryption initialization failure. +description: kmsProviders-missing_gcp_kms_credentials + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + gcp: { email: "email" } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/valid-fail/kmsProviders-no_kms.json b/source/unified-test-format/tests/valid-fail/kmsProviders-no_kms.json new file mode 100644 index 0000000000..1a8a395ae2 --- /dev/null +++ b/source/unified-test-format/tests/valid-fail/kmsProviders-no_kms.json @@ -0,0 +1,27 @@ +{ + "description": "clientEncryptionOpts-no_kms", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": {} + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/valid-fail/kmsProviders-no_kms.yml b/source/unified-test-format/tests/valid-fail/kmsProviders-no_kms.yml new file mode 100644 index 0000000000..204f04343f --- /dev/null +++ b/source/unified-test-format/tests/valid-fail/kmsProviders-no_kms.yml @@ -0,0 +1,18 @@ +# No configured KMS providers should lead to clientEncryption initialization failure. +description: clientEncryptionOpts-no_kms + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/valid-pass/kmsProviders-explicit_kms_credentials.json b/source/unified-test-format/tests/valid-pass/kmsProviders-explicit_kms_credentials.json new file mode 100644 index 0000000000..a0c93001eb --- /dev/null +++ b/source/unified-test-format/tests/valid-pass/kmsProviders-explicit_kms_credentials.json @@ -0,0 +1,47 @@ +{ + "description": "kmsProviders-explicit_kms_credentials", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": { + "accessKeyId": "accessKeyId", + "secretAccessKey": "secretAccessKey" + }, + "azure": { + "tenantId": "tenantId", + "clientId": "clientId", + "clientSecret": "clientSecret" + }, + "gcp": { + "email": "email", + "privateKey": "cHJpdmF0ZUtleQo=" + }, + "kmip": { + "endpoint": "endpoint" + }, + "local": { + "key": "a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5" + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/valid-pass/kmsProviders-explicit_kms_credentials.yml b/source/unified-test-format/tests/valid-pass/kmsProviders-explicit_kms_credentials.yml new file mode 100644 index 0000000000..57ee2cd25b --- /dev/null +++ b/source/unified-test-format/tests/valid-pass/kmsProviders-explicit_kms_credentials.yml @@ -0,0 +1,23 @@ +# kmsProviders should support explicit credentials. +description: kmsProviders-explicit_kms_credentials + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: { accessKeyId: "accessKeyId", secretAccessKey: "secretAccessKey" } + azure: { tenantId: "tenantId", clientId: "clientId", clientSecret: "clientSecret" } + gcp: { email: "email", privateKey: "cHJpdmF0ZUtleQo=" } + kmip: { endpoint: "endpoint" } + local: { key: "a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5a2V5" } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/valid-pass/kmsProviders-mixed_kms_credential_fields.json b/source/unified-test-format/tests/valid-pass/kmsProviders-mixed_kms_credential_fields.json new file mode 100644 index 0000000000..a17c37bd68 --- /dev/null +++ b/source/unified-test-format/tests/valid-pass/kmsProviders-mixed_kms_credential_fields.json @@ -0,0 +1,49 @@ +{ + "description": "kmsProviders-mixed_kms_credential_fields", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": { + "accessKeyId": "accessKeyId", + "secretAccessKey": { + "$$placeholder": 1 + } + }, + "azure": { + "tenantId": "tenantId", + "clientId": { + "$$placeholder": 1 + }, + "clientSecret": { + "$$placeholder": 1 + } + }, + "gcp": { + "email": "email", + "privateKey": { + "$$placeholder": 1 + } + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/valid-pass/kmsProviders-mixed_kms_credential_fields.yml b/source/unified-test-format/tests/valid-pass/kmsProviders-mixed_kms_credential_fields.yml new file mode 100644 index 0000000000..5043ab563e --- /dev/null +++ b/source/unified-test-format/tests/valid-pass/kmsProviders-mixed_kms_credential_fields.yml @@ -0,0 +1,21 @@ +# kmsProviders should support both explicit and placeholder credential fields. +description: kmsProviders-mixed_kms_credential_fields + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: { accessKeyId: "accessKeyId", secretAccessKey: { $$placeholder: 1 } } + azure: { tenantId: "tenantId", clientId: { $$placeholder: 1 }, clientSecret: { $$placeholder: 1 } } + gcp: { email: "email", privateKey: { $$placeholder: 1 } } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/valid-pass/kmsProviders-placeholder_kms_credentials.json b/source/unified-test-format/tests/valid-pass/kmsProviders-placeholder_kms_credentials.json new file mode 100644 index 0000000000..0984001968 --- /dev/null +++ b/source/unified-test-format/tests/valid-pass/kmsProviders-placeholder_kms_credentials.json @@ -0,0 +1,65 @@ +{ + "description": "kmsProviders-placeholder_kms_credentials", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": { + "accessKeyId": { + "$$placeholder": 1 + }, + "secretAccessKey": { + "$$placeholder": 1 + } + }, + "azure": { + "tenantId": { + "$$placeholder": 1 + }, + "clientId": { + "$$placeholder": 1 + }, + "clientSecret": { + "$$placeholder": 1 + } + }, + "gcp": { + "email": { + "$$placeholder": 1 + }, + "privateKey": { + "$$placeholder": 1 + } + }, + "kmip": { + "endpoint": { + "$$placeholder": 1 + } + }, + "local": { + "key": { + "$$placeholder": 1 + } + } + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/valid-pass/kmsProviders-placeholder_kms_credentials.yml b/source/unified-test-format/tests/valid-pass/kmsProviders-placeholder_kms_credentials.yml new file mode 100644 index 0000000000..807cffd18e --- /dev/null +++ b/source/unified-test-format/tests/valid-pass/kmsProviders-placeholder_kms_credentials.yml @@ -0,0 +1,23 @@ +# kmsProviders should support loading credentials at runtime. +description: kmsProviders-placeholder_kms_credentials + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: { accessKeyId: { $$placeholder: 1 }, secretAccessKey: { $$placeholder: 1 } } + azure: { tenantId: { $$placeholder: 1 }, clientId: { $$placeholder: 1 }, clientSecret: { $$placeholder: 1 } } + gcp: { email: { $$placeholder: 1 }, privateKey: { $$placeholder: 1 } } + kmip: { endpoint: { $$placeholder: 1 } } + local: { key: { $$placeholder: 1 } } + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/tests/valid-pass/kmsProviders-unconfigured_kms.json b/source/unified-test-format/tests/valid-pass/kmsProviders-unconfigured_kms.json new file mode 100644 index 0000000000..6d2ee0a38f --- /dev/null +++ b/source/unified-test-format/tests/valid-pass/kmsProviders-unconfigured_kms.json @@ -0,0 +1,33 @@ +{ + "description": "kmsProviders-unconfigured_kms", + "schemaVersion": "1.8", + "createEntities": [ + { + "client": { + "id": "client0" + } + }, + { + "clientEncryption": { + "id": "clientEncryption0", + "clientEncryptionOpts": { + "keyVaultClient": "client0", + "keyVaultNamespace": "keyvault.datakeys", + "kmsProviders": { + "aws": {}, + "azure": {}, + "gcp": {}, + "kmip": {}, + "local": {} + } + } + } + } + ], + "tests": [ + { + "description": "", + "operations": [] + } + ] +} diff --git a/source/unified-test-format/tests/valid-pass/kmsProviders-unconfigured_kms.yml b/source/unified-test-format/tests/valid-pass/kmsProviders-unconfigured_kms.yml new file mode 100644 index 0000000000..c565106ff1 --- /dev/null +++ b/source/unified-test-format/tests/valid-pass/kmsProviders-unconfigured_kms.yml @@ -0,0 +1,23 @@ +# kmsProviders should support request for on-demand KMS credentials. +description: kmsProviders-unconfigured_kms + +schemaVersion: "1.8" + +createEntities: + - client: + id: &client0 client0 + - clientEncryption: + id: &clientEncryption0 clientEncryption0 + clientEncryptionOpts: + keyVaultClient: *client0 + keyVaultNamespace: keyvault.datakeys + kmsProviders: + aws: {} + azure: {} + gcp: {} + kmip: {} + local: {} + +tests: + - description: "" + operations: [] diff --git a/source/unified-test-format/unified-test-format.rst b/source/unified-test-format/unified-test-format.rst index 5947060646..f61ac02cfa 100644 --- a/source/unified-test-format/unified-test-format.rst +++ b/source/unified-test-format/unified-test-format.rst @@ -3,13 +3,13 @@ Unified Test Format =================== :Spec Title: Unified Test Format -:Spec Version: 1.7 +:Spec Version: 1.8 :Author: Jeremy Mikola :Advisors: Prashant Mital, Isabel Atkinson, Thomas Reggi :Status: Accepted :Type: Standards :Minimum Server Version: N/A -:Last Modified: 2022-04-22 +:Last Modified: 2022-04-26 .. contents:: @@ -232,6 +232,7 @@ Supported Entity Types Test runners MUST support the following types of entities: - MongoClient. See `entity_client`_ and `Client Operations`_. +- ClientEncryption. See `entity_clientEncryption`__. - Database. See `entity_database`_ and `Database Operations`_. - Collection. See `entity_collection`_ and `Collection Operations`_ - ClientSession. See `entity_session`_ and `Session Operations`_. @@ -590,6 +591,59 @@ The structure of this object is as follows: - ``serverApi``: Optional `serverApi`_ object. +.. _entity_clientEncryption: + +- ``clientEncryption``: Optional object. Defines a ClientEncryption object. + + The structure of this object is as follows: + + - ``id``: Required string. Unique name for this entity. The YAML file SHOULD + define a `node anchor`_ for this field (e.g. + ``id: &clientEncryption0 clientEncryption0``). + + - ``clientEncryptionOpts``: Required document. A value corresponding to a + `ClientEncryptionOpts + <../client-side-encryption/client-side-encryption.rst#clientencryption>`__. + + Note: the ``tlsOptions`` document is intentionally omitted from the test + format. However, drivers MAY internally configure TLS options as needed to + satisfy the requirements of configured KMS providers. + + The structure of this document is as follows: + + - ``keyVaultClient``: Required string. Client entity from which this + ClientEncryption will be created. The YAML file SHOULD use an + `alias node`_ for a client entity's ``id`` field (e.g. + ``client: *client0``). + + - ``keyVaultNamespace``: Required string. The database and collection to use + as the key vault collection for this clientEncryption. The namespace takes + the form ``database.collection`` (e.g. + ``keyVaultNamespace: keyvault.datakeys``). + + - ``kmsProviders``: Required document. Drivers MUST NOT configure a KMS + provider if it is not given. This is to permit testing conditions where a + required KMS provider is not configured. If a KMS provider is given as an + empty document (e.g. ``kmsProviders: { aws: {} }``), drivers MUST + configure the KMS provider without credentials to permit testing + conditions where KMS credentials are needed. If a KMS credentials field + has a placeholder value (e.g. + ``kmsProviders: { aws: { accessKeyId: { $$placeholder: 1 }, secretAccessKey: { $$placeholder: 1 } } }``), + drivers MUST replace the field with credentials that satisfy the + operations required by the unified test files. Drivers MAY load the + credentials from the environment or a configuration file as needed to + satisfy the requirements of the given KMS provider and tests. If a KMS + credentials field is not given (e.g. the required field + ``secretAccessKey`` is omitted in: + ``kmsProviders: { aws: { accessKeyId: { $$placeholder: 1 } }``), drivers + MUST NOT include the field during KMS configuration. This is to permit + testing conditions where required KMS credentials fields are not provided. + Otherwise, drivers MUST configure the KMS provider with the explicit value + of KMS credentials field given in the test file (e.g. + ``kmsProviders: { aws: { accessKeyId: abc, secretAccessKey: def } }``). + This is to permit testing conditions where invalid KMS credentials are + provided. + .. _entity_database: - ``database``: Optional object. Defines a Database object. @@ -2363,6 +2417,35 @@ An example of this operation follows:: connections: 1 +Special Placeholder Value +------------------------- + +$$placeholder +~~~~~~~~~~~~~ + +Syntax:: + + { field: { $$placeholder: 1 } } + +This special key-value pair can be used anywhere the value for a key might be +specified in an test file. It is intended to act as a placeholder value in +contexts where the test runner cannot provide a definite value or may be +expected to replace the placeholder with a value that cannot be specified by the +test file (e.g. KMS provider credentials). The test runner MUST raise an error +if a placeholder value is used in an unexpected context or a replacement cannot +be made. + +An example of using this placeholder value follows:: + + kmsProviders: + aws: + accessKeyId: { $$placeholder: 1 } + privateAccessKey: { $$placeholder: 1 } + +Note: the test runner is not required to validate the type or value of a +``$$placeholder`` field. + + Evaluating Matches ------------------ @@ -3296,6 +3379,8 @@ spec changes developed in parallel or during the same release cycle. Change Log ========== +:2022-04-26: Add ``clientEncryption`` entity and ``$$placeholder`` syntax. + :2020-04-22: Revise ``useMultipleMongoses`` and "Initializing the Test Runner" for Atlas Serverless URIs using a load balancer fronting a single proxy.