1+ runOn:
2+ - minServerVersion: "4.1.10"
3+ database_name: &database_name "default"
4+ collection_name: &collection_name "default"
5+
6+ data: []
7+ json_schema: {{schema()}}
8+ key_vault_data: [{{key()}}]
9+
10+ tests:
11+ - description: "Insert with deterministic encryption, then find it"
12+ clientOptions:
13+ autoEncryptOpts:
14+ kmsProviders:
15+ aws: {} # Credentials filled in from environment.
16+ keyExpirationMS: 1
17+ operations:
18+ - name: insertOne
19+ arguments:
20+ document: &doc0 { _id: 1, encrypted_string: "string0" }
21+ - name: wait
22+ object: testRunner
23+ arguments:
24+ ms: 2
25+ - name: find
26+ arguments:
27+ filter: { _id: 1 }
28+ result: [*doc0]
29+ expectations:
30+ # Auto encryption will request the collection info.
31+ - command_started_event:
32+ command:
33+ listCollections: 1
34+ filter:
35+ name: *collection_name
36+ command_name: listCollections
37+ # Then key is fetched from the key vault.
38+ - command_started_event:
39+ command:
40+ find: datakeys
41+ filter: {"$or": [{"_id": {"$in": [ {{key()["_id"]}} ] }}, {"keyAltNames": {"$in": []}}]}
42+ $db: keyvault
43+ readConcern: { level: "majority" }
44+ command_name: find
45+ - command_started_event:
46+ command:
47+ insert: *collection_name
48+ documents:
49+ - &doc0_encrypted { _id: 1, encrypted_string: {{ciphertext("string0", field="encrypted_string")}} }
50+ ordered: true
51+ command_name: insert
52+ - command_started_event:
53+ command:
54+ find: *collection_name
55+ filter: { _id: 1 }
56+ command_name: find
57+ - command_started_event:
58+ command:
59+ find: datakeys
60+ filter: {"$or": [{"_id": {"$in": [ {{key()["_id"]}} ] }}, {"keyAltNames": {"$in": []}}]}
61+ $db: keyvault
62+ readConcern: { level: "majority" }
63+ command_name: find
64+ outcome:
65+ collection:
66+ # Outcome is checked using a separate MongoClient without auto encryption.
67+ data:
68+ - *doc0_encrypted
0 commit comments