PYTHON-3367 Add support for GCP attached service accounts when using GCP KMS #1064
Conversation
test/test_on_demand_csfle.py
Outdated
|
|
||
| @unittest.skipIf(not os.getenv("TEST_FLE_GCP_AUTO"), "Not testing FLE GCP auto") | ||
| def test_01_failure(self): | ||
| if os.getenv("SUCCESS"): |
There was a problem hiding this comment.
os.getenv("SUCCESS"): is always True so we'll always skip this test.
There was a problem hiding this comment.
SUCCESS=false in the testgcpkms-fail-task
There was a problem hiding this comment.
Yes but the string "false" is still truthy.
| export GCPKMS_PROJECT=${GCPKMS_PROJECT} | ||
| export GCPKMS_ZONE=${GCPKMS_ZONE} | ||
| export GCPKMS_INSTANCENAME=${GCPKMS_INSTANCENAME} | ||
| tar czf /tmp/mongo-python-driver.tgz . |
There was a problem hiding this comment.
Are any of these variables sensitive info?
There was a problem hiding this comment.
Confirmed not to be sensitive
.evergreen/run-tests.sh
Outdated
| git clone https://github.com/blink1073/libmongocrypt.git libmongocrypt_git | ||
| pushd libmongocrypt_git | ||
| git checkout PYTHON-3367 | ||
| popd |
There was a problem hiding this comment.
It is still needed until we make a new release of pymongocrypt.
| TEST_FLE_GCP_AUTO=1 $PYTHON test/test_on_demand_csfle.py | ||
| } | ||
|
|
||
| PYTHON="python3" authtest |
There was a problem hiding this comment.
What's the plan for testing other python versions?
There was a problem hiding this comment.
We don't test multiple versions on ECS
There was a problem hiding this comment.
Oh right I forgot this was running on a remote host.
test/test_on_demand_csfle.py
Outdated
|
|
||
| @unittest.skipIf(not os.getenv("TEST_FLE_GCP_AUTO"), "Not testing FLE GCP auto") | ||
| def test_01_failure(self): | ||
| if os.getenv("SUCCESS", "").lower() == "true": |
There was a problem hiding this comment.
Let's make SUCCESS required to be present in the env to avoid unintentionally always skipping both these tests.
| $PYTHON -m pip install --upgrade wheel setuptools pip | ||
| $PYTHON -m pip install '.[encryption]' | ||
| $PYTHON -m pip install https://github.com/mongodb/libmongocrypt#subdirectory=bindings/python | ||
| TEST_FLE_GCP_AUTO=1 $PYTHON test/test_on_demand_csfle.py |
There was a problem hiding this comment.
Does this need SUCCESS=true?
There was a problem hiding this comment.
It is passed in from the evergreen config.
ShaneHarvey
left a comment
ShaneHarvey
left a comment
There was a problem hiding this comment.
LGTM after the Copyright year fix
test/test_on_demand_csfle.py
Outdated
| @@ -0,0 +1,67 @@ | |||
| # Copyright 2019-2022 MongoDB, Inc. | |||
There was a problem hiding this comment.
2019-2022 -> "2022-present"
2 participants
Requires mongodb/libmongocrypt#467