requested changes

.eslintrc.js

@@ -14,7 +14,8 @@ module.exports = {
     '**/docs/js/native.js',
     '!.*',
     'node_modules',
-    '.git'
+    '.git',
+    'encrypted-cluster'
   ],
   overrides: [
     {

package.json

@@ -105,7 +105,7 @@
     "test-rs": "START_REPLICA_SET=1 mocha --timeout 30000 --exit ./test/*.test.js",
     "test-tsd": "node ./test/types/check-types-filename && tsd",
     "test-encryption": "mocha --exit ./test/encryption/*.test.js",
-    "test-encryption-local": "chmod +x scripts/run-encryption-tests-local.sh && scripts/run-encryption-tests-local.sh",
+    "test-encryption-local": "bash scripts/run-encryption-tests-local.sh",
     "tdd": "mocha ./test/*.test.js --inspect --watch --recursive --watch-files ./**/*.{js,ts}",
     "test-coverage": "nyc --reporter=html --reporter=text npm test",
     "ts-benchmark": "cd ./benchmarks/typescript/simple && npm install && npm run benchmark | node ../../../scripts/tsc-diagnostics-check"

scripts/run-encryption-tests-local.sh

@@ -1,17 +1,18 @@
 #!/usr/bin/env bash
 
-# sets up an encrypted mongodb cluster
+# sets up an encrypted mongodb cluster, adds relevant variables to the environment, and runs encryption tests
 
 export CWD=$(pwd);
 
+# set up encrypted mongodb cluster if the encrypted-cluster folder does not exist
+# note: for tooling, cluster set-up and configuration look into the 'scripts/start-encrypted-cluster.sh' script
 if [ -d "encrypted-cluster" ]; then
   cd encrypted-cluster
 else
   source $CWD/scripts/start-encrypted-cluster.sh
 fi
 
-# IMPORTANT: extracts mongodb-uri, and starts the cluster of servers, store the uri for GitHub output
-
+# extracts MONGOOSE_TEST_URI and CRYPT_SHARED_LIB_PATH from .yml file into environment variables for this test run
 read -r -d '' SOURCE_SCRIPT << EOM
 const fs = require('fs');
 const file = fs.readFileSync('mo-expansion.yml', { encoding: 'utf-8' })
@@ -32,4 +33,5 @@ source expansions.sh
 
 export MONGOOSE_TEST_URI=$MONGODB_URI
 
+# run encryption tests
 npm run test-encryption

scripts/start-encrypted-cluster.sh

@@ -1,17 +1,25 @@
+# creates a encrypted cluster (sharded on 8.0 server)
 
 export CWD=$(pwd);
 mkdir encrypted-cluster
 cd encrypted-cluster
 
+# note: 
+  # we're using drivers-evergreen-tools which is a repo that handles cluster set-up for us. 
+  # if you'd like to make changes to the cluster settings, edit the exported variables below.
+  # for configuration options for the exported variables, see here: https://github.com/mongodb-labs/drivers-evergreen-tools/blob/master/.evergreen/run-orchestration.sh
+  # after this script is run, the encrypted-cluster/ folder will notably contain the following:
+    # 'mo-expansion.yml' file which contains for your cluster URI and crypt shared library path
+    # 'drivers-evergreen-tools/mongodb/bin' which contain executables for other mongodb libraries such as mongocryptd, mongosh, and mongod
 if [ ! -d "drivers-evergreen-tools/" ]; then
  git clone --depth=1 "https://github.com/mongodb-labs/drivers-evergreen-tools.git"
 fi
 
+# configure cluster settings
 export DRIVERS_TOOLS=$CWD/encrypted-cluster/drivers-evergreen-tools
 export MONGODB_VERSION=8.0
 export AUTH=true
 export MONGODB_BINARIES=$DRIVERS_TOOLS/mongodb/bin
-export NODE_DRIVER=~/dev/node-mongodb-native
 export MONGO_ORCHESTRATION_HOME=$DRIVERS_TOOLS/mo
 export PROJECT_ORCHESTRATION_HOME=$DRIVERS_TOOLS/.evergreen/orchestration
 export TOPOLOGY=sharded_cluster
@@ -24,4 +32,5 @@ cd -
 
 rm expansions.sh 2> /dev/null
 
-bash $DRIVERS_TOOLS/.evergreen/run-orchestration.sh
+# start cluster
+bash $DRIVERS_TOOLS/.evergreen/run-orchestration.sh

test/encryption/encryption.test.js

@@ -6,92 +6,91 @@ const isBsonType = require('../../lib/helpers/isBsonType');
 
 const LOCAL_KEY = Buffer.from('Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk', 'base64');
 
-describe('environmental variables', () => {
-  it('MONGOOSE_TEST_URI is set', async function() {
-    const uri = process.env.MONGOOSE_TEST_URI;
-    assert.ok(uri);
-  });
+describe('ci', () => {
+  describe('environmental variables', () => {
+    it('MONGOOSE_TEST_URI is set', async function() {
+      const uri = process.env.MONGOOSE_TEST_URI;
+      assert.ok(uri);
+    });
 
-  it('CRYPT_SHARED_LIB_PATH is set', async function() {
-    const shared_library_path = process.env.CRYPT_SHARED_LIB_PATH;
-    assert.ok(shared_library_path);
+    it('CRYPT_SHARED_LIB_PATH is set', async function() {
+      const shared_library_path = process.env.CRYPT_SHARED_LIB_PATH;
+      assert.ok(shared_library_path);
+    });
   });
-});
 
-describe('basic integration', () => {
-  let keyVaultClient;
-  let dataKey;
-  let encryptedClient;
-  let dummyClient;
+  describe('basic integration', () => {
+    let keyVaultClient;
+    let dataKey;
+    let encryptedClient;
+    let unencryptedClient;
 
-  beforeEach(async function() {
-    keyVaultClient = new mdb.MongoClient(process.env.MONGOOSE_TEST_URI);
-    await keyVaultClient.connect();
-    await keyVaultClient.db('keyvault').collection('datakeys');
-    const clientEncryption = new mdb.ClientEncryption(keyVaultClient, {
-      keyVaultNamespace: 'keyvault.datakeys',
-      kmsProviders: { local: { key: LOCAL_KEY } }
-    });
-    dataKey = await clientEncryption.createDataKey('local');
+    beforeEach(async function() {
+      keyVaultClient = new mdb.MongoClient(process.env.MONGOOSE_TEST_URI);
+      await keyVaultClient.connect();
+      await keyVaultClient.db('keyvault').collection('datakeys');
+      const clientEncryption = new mdb.ClientEncryption(keyVaultClient, {
+        keyVaultNamespace: 'keyvault.datakeys',
+        kmsProviders: { local: { key: LOCAL_KEY } }
+      });
+      dataKey = await clientEncryption.createDataKey('local');
 
-    encryptedClient = new mdb.MongoClient(
-      process.env.MONGOOSE_TEST_URI,
-      {
-        autoEncryption: {
-          keyVaultNamespace: 'keyvault.datakeys',
-          kmsProviders: { local: { key: LOCAL_KEY } },
-          schemaMap: {
-            'db.coll': {
-              bsonType: 'object',
-              encryptMetadata: {
-                keyId: [dataKey]
-              },
-              properties: {
-                a: {
-                  encrypt: {
-                    bsonType: 'int',
-                    algorithm: 'AEAD_AES_256_CBC_HMAC_SHA_512-Random',
-                    keyId: [dataKey]
+      encryptedClient = new mdb.MongoClient(
+        process.env.MONGOOSE_TEST_URI,
+        {
+          autoEncryption: {
+            keyVaultNamespace: 'keyvault.datakeys',
+            kmsProviders: { local: { key: LOCAL_KEY } },
+            schemaMap: {
+              'db.coll': {
+                bsonType: 'object',
+                encryptMetadata: {
+                  keyId: [dataKey]
+                },
+                properties: {
+                  a: {
+                    encrypt: {
+                      bsonType: 'int',
+                      algorithm: 'AEAD_AES_256_CBC_HMAC_SHA_512-Random',
+                      keyId: [dataKey]
+                    }
                   }
                 }
               }
+            },
+            extraOptions: {
+              cryptdSharedLibRequired: true,
+              cryptSharedLibPath: process.env.CRYPT_SHARED_LIB_PATH
             }
-          },
-          extraOptions: {
-            cryptdSharedLibRequired: true,
-            cryptSharedLibPath: process.env.CRYPT_SHARED_LIB_PATH
           }
         }
-      }
-    );
+      );
 
-    dummyClient = new mdb.MongoClient(process.env.MONGOOSE_TEST_URI);
-  });
-
-  afterEach(async function() {
-    await keyVaultClient.close();
-    await encryptedClient.close();
-    await dummyClient.close();
-  });
+      unencryptedClient = new mdb.MongoClient(process.env.MONGOOSE_TEST_URI);
+    });
 
-  it('supports mongodb csfle auto-encryption integration', async() => {
-    await encryptedClient.connect();
-    await encryptedClient.db('db').collection('coll').insertOne({ a: 1 });
+    afterEach(async function() {
+      await keyVaultClient.close();
+      await encryptedClient.close();
+      await unencryptedClient.close();
+    });
 
-    const { insertedId } = await encryptedClient.db('db').collection('coll').insertOne({ a: 1 });
+    it('ci set-up should support basic mongodb auto-encryption integration', async() => {
+      await encryptedClient.connect();
+      const { insertedId } = await encryptedClient.db('db').collection('coll').insertOne({ a: 1 });
 
-    // a dummyClient not configured with autoEncryption, returns a encrypted binary type, meaning that encryption succeeded
-    const encryptedResult = await dummyClient.db('db').collection('coll').findOne({ _id: insertedId });
+      // client not configured with autoEncryption, returns a encrypted binary type, meaning that encryption succeeded
+      const encryptedResult = await unencryptedClient.db('db').collection('coll').findOne({ _id: insertedId });
 
-    assert.ok(encryptedResult);
-    assert.ok(encryptedResult.a);
-    assert.ok(isBsonType(encryptedResult.a, 'Binary'));
-    assert.ok(encryptedResult.a.sub_type === 6);
+      assert.ok(encryptedResult);
+      assert.ok(encryptedResult.a);
+      assert.ok(isBsonType(encryptedResult.a, 'Binary'));
+      assert.ok(encryptedResult.a.sub_type === 6);
 
-    // when the encryptedClient runs a find, the original unencrypted value is returned
-    const unencryptedCursor = await encryptedClient.db('db').collection('coll').find();
-    const unencryptedResult = await unencryptedCursor.next();
-    assert.ok(unencryptedResult);
-    assert.ok(unencryptedResult.a === 1);
+      // when the encryptedClient runs a find, the original unencrypted value is returned
+      const unencryptedResult = await encryptedClient.db('db').collection('coll').findOne({ _id: insertedId });
+      assert.ok(unencryptedResult);
+      assert.ok(unencryptedResult.a === 1);
+    });
   });
 });