chore(ci): enable tls testing on windows (#2722)

NODE-2977
mongodb · Nov 9, 2021 · d727ced · d727ced
1 parent 06abe94
commit d727ced
Show file tree

Hide file tree

Showing 4 changed files with 148 additions and 47 deletions.
diff --git a/.evergreen/config.yml b/.evergreen/config.yml
@@ -802,17 +802,6 @@ tasks:
     commands:
       - func: install dependencies
       - func: run ldap tests
-  - name: test-tls-support
-    tags:
-      - tls-support
-    commands:
-      - func: install dependencies
-      - func: bootstrap mongo-orchestration
-        vars:
-          SSL: ssl
-          VERSION: latest
-          TOPOLOGY: server
-      - func: run tls tests
   - name: test-ocsp-valid-cert-server-staples
     tags:
       - ocsp
@@ -909,6 +898,28 @@ tasks:
       - func: run-ocsp-test
         vars:
           OCSP_TLS_SHOULD_SUCCEED: 0
+  - name: test-tls-support-latest
+    tags:
+      - tls-support
+    commands:
+      - func: install dependencies
+      - func: bootstrap mongo-orchestration
+        vars:
+          VERSION: latest
+          SSL: ssl
+          TOPOLOGY: server
+      - func: run tls tests
+  - name: test-tls-support-4.2
+    tags:
+      - tls-support
+    commands:
+      - func: install dependencies
+      - func: bootstrap mongo-orchestration
+        vars:
+          VERSION: '4.2'
+          SSL: ssl
+          TOPOLOGY: server
+      - func: run tls tests
   - name: test-latest-ocsp-valid-cert-server-staples
     tags:
       - ocsp
@@ -1188,14 +1199,15 @@ buildvariants:
       - test-atlas-data-lake
       - test-auth-kerberos
       - test-auth-ldap
-      - test-tls-support
       - test-ocsp-valid-cert-server-staples
       - test-ocsp-invalid-cert-server-staples
       - test-ocsp-valid-cert-server-does-not-staple
       - test-ocsp-invalid-cert-server-does-not-staple
       - test-ocsp-soft-fail
       - test-ocsp-malicious-invalid-cert-mustStaple-server-does-not-staple
       - test-ocsp-malicious-no-responder-mustStaple-server-does-not-staple
+      - test-tls-support-latest
+      - test-tls-support-4.2
       - test-latest-ocsp-valid-cert-server-staples
       - test-latest-ocsp-invalid-cert-server-staples
       - test-latest-ocsp-valid-cert-server-does-not-staple
@@ -1221,19 +1233,73 @@ buildvariants:
     run_on: rhel70-small
     expansions:
       NODE_LTS_NAME: dubnium
-    tasks: *ref_0
+    tasks: &ref_1
+      - test-latest-server
+      - test-latest-replica_set
+      - test-latest-sharded_cluster
+      - test-4.4-server
+      - test-4.4-replica_set
+      - test-4.4-sharded_cluster
+      - test-4.2-server
+      - test-4.2-replica_set
+      - test-4.2-sharded_cluster
+      - test-4.0-server
+      - test-4.0-replica_set
+      - test-4.0-sharded_cluster
+      - test-3.6-server
+      - test-3.6-replica_set
+      - test-3.6-sharded_cluster
+      - test-3.4-server
+      - test-3.4-replica_set
+      - test-3.4-sharded_cluster
+      - test-3.2-server
+      - test-3.2-replica_set
+      - test-3.2-sharded_cluster
+      - test-3.0-server
+      - test-3.0-replica_set
+      - test-3.0-sharded_cluster
+      - test-2.6-server
+      - test-2.6-replica_set
+      - test-2.6-sharded_cluster
+      - test-atlas-connectivity
+      - test-atlas-data-lake
+      - test-auth-kerberos
+      - test-auth-ldap
+      - test-ocsp-valid-cert-server-staples
+      - test-ocsp-invalid-cert-server-staples
+      - test-ocsp-valid-cert-server-does-not-staple
+      - test-ocsp-invalid-cert-server-does-not-staple
+      - test-ocsp-soft-fail
+      - test-ocsp-malicious-invalid-cert-mustStaple-server-does-not-staple
+      - test-ocsp-malicious-no-responder-mustStaple-server-does-not-staple
+      - test-tls-support-latest
+      - test-tls-support-4.2
+      - test-latest-ocsp-valid-cert-server-staples
+      - test-latest-ocsp-invalid-cert-server-staples
+      - test-latest-ocsp-valid-cert-server-does-not-staple
+      - test-latest-ocsp-invalid-cert-server-does-not-staple
+      - test-latest-ocsp-soft-fail
+      - test-latest-ocsp-malicious-invalid-cert-mustStaple-server-does-not-staple
+      - test-latest-ocsp-malicious-no-responder-mustStaple-server-does-not-staple
+      - test-4.4-ocsp-valid-cert-server-staples
+      - test-4.4-ocsp-invalid-cert-server-staples
+      - test-4.4-ocsp-valid-cert-server-does-not-staple
+      - test-4.4-ocsp-invalid-cert-server-does-not-staple
+      - test-4.4-ocsp-soft-fail
+      - test-4.4-ocsp-malicious-invalid-cert-mustStaple-server-does-not-staple
+      - test-4.4-ocsp-malicious-no-responder-mustStaple-server-does-not-staple
   - name: rhel70-erbium
     display_name: RHEL 7.0 Node Erbium
     run_on: rhel70-small
     expansions:
       NODE_LTS_NAME: erbium
-    tasks: *ref_0
+    tasks: *ref_1
   - name: ubuntu-14.04-dubnium
     display_name: Ubuntu 14.04 Node Dubnium
     run_on: ubuntu1404-large
     expansions:
       NODE_LTS_NAME: dubnium
-    tasks: &ref_1
+    tasks: &ref_2
       - test-4.0-server
       - test-4.0-replica_set
       - test-4.0-sharded_cluster
@@ -1261,14 +1327,14 @@ buildvariants:
     run_on: ubuntu1404-large
     expansions:
       NODE_LTS_NAME: erbium
-    tasks: *ref_1
+    tasks: *ref_2
   - name: ubuntu-18.04-dubnium
     display_name: Ubuntu 18.04 Node Dubnium
     run_on: ubuntu1804-large
     expansions:
       NODE_LTS_NAME: dubnium
       CLIENT_ENCRYPTION: true
-    tasks: &ref_2
+    tasks: &ref_3
       - test-latest-server
       - test-latest-replica_set
       - test-latest-sharded_cluster
@@ -1294,14 +1360,15 @@ buildvariants:
       - test-atlas-data-lake
       - test-auth-kerberos
       - test-auth-ldap
-      - test-tls-support
       - test-ocsp-valid-cert-server-staples
       - test-ocsp-invalid-cert-server-staples
       - test-ocsp-valid-cert-server-does-not-staple
       - test-ocsp-invalid-cert-server-does-not-staple
       - test-ocsp-soft-fail
       - test-ocsp-malicious-invalid-cert-mustStaple-server-does-not-staple
       - test-ocsp-malicious-no-responder-mustStaple-server-does-not-staple
+      - test-tls-support-latest
+      - test-tls-support-4.2
       - test-latest-ocsp-valid-cert-server-staples
       - test-latest-ocsp-invalid-cert-server-staples
       - test-latest-ocsp-valid-cert-server-does-not-staple
@@ -1322,14 +1389,14 @@ buildvariants:
     expansions:
       NODE_LTS_NAME: erbium
       CLIENT_ENCRYPTION: true
-    tasks: *ref_2
+    tasks: *ref_3
   - name: windows-64-vs2015-dubnium
     display_name: Windows (VS2015) Node Dubnium
     run_on: windows-64-vs2015-large
     expansions:
       NODE_LTS_NAME: dubnium
       MSVS_VERSION: 2015
-    tasks: &ref_3
+    tasks: &ref_4
       - test-4.2-server
       - test-4.2-replica_set
       - test-4.2-sharded_cluster
@@ -1351,27 +1418,29 @@ buildvariants:
       - test-2.6-server
       - test-2.6-replica_set
       - test-2.6-sharded_cluster
+      - test-atlas-data-lake
+      - test-tls-support-4.2
   - name: windows-64-vs2015-erbium
     display_name: Windows (VS2015) Node Erbium
     run_on: windows-64-vs2015-large
     expansions:
       NODE_LTS_NAME: erbium
       MSVS_VERSION: 2015
-    tasks: *ref_3
+    tasks: *ref_4
   - name: windows-64-vs2017-dubnium
     display_name: Windows (VS2017) Node Dubnium
     run_on: windows-64-vs2017-large
     expansions:
       NODE_LTS_NAME: dubnium
       MSVS_VERSION: 2017
-    tasks: *ref_3
+    tasks: *ref_4
   - name: windows-64-vs2017-erbium
     display_name: Windows (VS2017) Node Erbium
     run_on: windows-64-vs2017-large
     expansions:
       NODE_LTS_NAME: erbium
       MSVS_VERSION: 2017
-    tasks: *ref_3
+    tasks: *ref_4
   - name: lint
     display_name: lint
     run_on: rhel70

diff --git a/.evergreen/generate_evergreen_tasks.js b/.evergreen/generate_evergreen_tasks.js
@@ -8,6 +8,7 @@ const NODE_VERSIONS = ['dubnium', 'erbium'];
 const TOPOLOGIES = ['server', 'replica_set', 'sharded_cluster'];
 const AWS_AUTH_VERSIONS = ['latest', '4.4'];
 const OCSP_VERSIONS = ['latest', '4.4'];
+const TLS_VERSIONS = ['latest', '4.2']; // also test on 4.2 because 4.4+ currently skipped on windows
 
 const OPERATING_SYSTEMS = [
   {
@@ -59,6 +60,8 @@ const OPERATING_SYSTEMS = [
   )
 );
 
+const WINDOWS_SKIP_TAGS = new Set(['atlas-connect', 'auth']);
+
 const TASKS = [];
 const SINGLETON_TASKS = [];
 
@@ -110,22 +113,6 @@ Array.prototype.push.apply(TASKS, [
     tags: ['auth', 'ldap'],
     commands: [{ func: 'install dependencies' }, { func: 'run ldap tests' }]
   },
-  {
-    name: 'test-tls-support',
-    tags: ['tls-support'],
-    commands: [
-      { func: 'install dependencies' },
-      {
-        func: 'bootstrap mongo-orchestration',
-        vars: {
-          SSL: 'ssl',
-          VERSION: 'latest',
-          TOPOLOGY: 'server'
-        }
-      },
-      { func: 'run tls tests' }
-    ]
-  },
   {
     name: 'test-ocsp-valid-cert-server-staples',
     tags: ['ocsp'],
@@ -245,6 +232,25 @@ Array.prototype.push.apply(TASKS, [
   }
 ]);
 
+TLS_VERSIONS.forEach(VERSION => {
+  TASKS.push({
+    name: `test-tls-support-${VERSION}`,
+    tags: ['tls-support'],
+    commands: [
+      { func: 'install dependencies' },
+      {
+        func: 'bootstrap mongo-orchestration',
+        vars: {
+          VERSION,
+          SSL: 'ssl',
+          TOPOLOGY: 'server'
+        }
+      },
+      { func: 'run tls tests' }
+    ]
+  });
+});
+
 OCSP_VERSIONS.forEach(VERSION => {
   // manually added tasks
   Array.prototype.push.apply(TASKS, [
@@ -401,18 +407,27 @@ const BUILD_VARIANTS = [];
 
 const getTaskList = (() => {
   const memo = {};
-  return function (mongoVersion, onlyBaseTasks = false) {
-    const key = mongoVersion + (onlyBaseTasks ? 'b' : '');
+  return function (mongoVersion, os) {
+    const key = mongoVersion + os;
 
     if (memo[key]) {
       return memo[key];
     }
-    const taskList = onlyBaseTasks ? BASE_TASKS : BASE_TASKS.concat(TASKS);
+    const taskList = BASE_TASKS.concat(TASKS);
     const ret = taskList
       .filter(task => {
-        const tasksWithVars = task.commands.filter(task => !!task.vars);
         if (task.name.match(/^aws/)) return false;
 
+        // skip unsupported tasks on windows
+        if (
+          os.match(/^windows/) &&
+          task.tags &&
+          task.tags.filter(tag => WINDOWS_SKIP_TAGS.has(tag)).length
+        ) {
+          return false;
+        }
+
+        const tasksWithVars = task.commands.filter(task => !!task.vars);
         if (!tasksWithVars.length) {
           return true;
         }
@@ -442,7 +457,7 @@ OPERATING_SYSTEMS.forEach(
     msvsVersion
   }) => {
     const testedNodeVersions = NODE_VERSIONS.filter(version => nodeVersions.includes(version));
-    const tasks = getTaskList(mongoVersion, !!msvsVersion);
+    const tasks = getTaskList(mongoVersion, osName.split('-')[0]);
 
     testedNodeVersions.forEach(NODE_LTS_NAME => {
       const nodeLtsDisplayName = `Node ${NODE_LTS_NAME[0].toUpperCase()}${NODE_LTS_NAME.substr(1)}`;

diff --git a/.evergreen/run-tls-tests.sh b/.evergreen/run-tls-tests.sh
@@ -5,7 +5,14 @@ set -o errexit  # Exit the script with error if any of the commands fail
 export PROJECT_DIRECTORY="$(pwd)"
 NODE_ARTIFACTS_PATH="${PROJECT_DIRECTORY}/node-artifacts"
 export NVM_DIR="${NODE_ARTIFACTS_PATH}/nvm"
-[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+if [[ "$OS" == "Windows_NT" ]]; then
+  export NVM_HOME=`cygpath -m -a "$NVM_DIR"`
+  export NVM_SYMLINK=`cygpath -m -a "$NODE_ARTIFACTS_PATH/bin"`
+  export NVM_ARTIFACTS_PATH=`cygpath -m -a "$NODE_ARTIFACTS_PATH/bin"`
+  export PATH=`cygpath $NVM_SYMLINK`:`cygpath $NVM_HOME`:$PATH
+else
+  [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+fi
 export SSL_KEY_FILE="$DRIVERS_TOOLS/.evergreen/x509gen/client.pem"
 export SSL_CA_FILE="$DRIVERS_TOOLS/.evergreen/x509gen/ca.pem"
 

diff --git a/test/manual/tls_support.test.js b/test/manual/tls_support.test.js
@@ -13,10 +13,20 @@ describe('TLS Support', function () {
   const connectionString = process.env.MONGODB_URI;
   const tlsCertificateKeyFile = process.env.SSL_KEY_FILE;
   const tlsCAFile = process.env.SSL_CA_FILE;
+  const tlsSettings = { tls: true, tlsCertificateKeyFile, tlsCAFile };
 
   it(
-    'should connect with tls',
-    makeConnectionTest(connectionString, { tls: true, tlsCertificateKeyFile, tlsCAFile })
+    'should connect with tls via client options',
+    makeConnectionTest(connectionString, tlsSettings)
+  );
+
+  it(
+    'should connect with tls via url options',
+    makeConnectionTest(
+      `${connectionString}?${Object.keys(tlsSettings)
+        .map(key => `${key}=${tlsSettings[key]}`)
+        .join('&')}`
+    )
   );
 });