-
Notifications
You must be signed in to change notification settings - Fork 244
Expand file tree
/
Copy pathQE-Text-cleanupStructuredEncryptionData.yml
More file actions
128 lines (128 loc) · 4.38 KB
/
QE-Text-cleanupStructuredEncryptionData.yml
File metadata and controls
128 lines (128 loc) · 4.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
description: QE-Text-cleanupStructuredEncryptionData
schemaVersion: "1.25"
runOnRequirements:
- minServerVersion: "8.2.0" # Server 8.2.0 adds preview support for QE text queries.
topologies: ["replicaset", "sharded", "load-balanced"] # QE does not support standalone.
csfle:
minLibmongocryptVersion: 1.15.0 # For SPM-4158.
createEntities:
- client:
id: &client "client"
autoEncryptOpts:
keyVaultNamespace: keyvault.datakeys
kmsProviders:
local:
key: Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk
observeEvents:
- commandStartedEvent
- database:
id: &db "db"
client: *client
databaseName: *db
- collection:
id: &coll "coll"
database: *db
collectionName: *coll
initialData:
# Insert data encryption key:
- databaseName: keyvault
collectionName: datakeys
documents:
[
{
"_id": &keyid { "$binary": { "base64": "q83vqxI0mHYSNBI0VniQEg==", "subType": "04" } },
"keyMaterial":
{
"$binary":
{
"base64": "HBk9BWihXExNDvTp1lUxOuxuZK2Pe2ZdVdlsxPEBkiO1bS4mG5NNDsQ7zVxJAH8BtdOYp72Ku4Y3nwc0BUpIKsvAKX4eYXtlhv5zUQxWdeNFhg9qK7qb8nqhnnLeT0f25jFSqzWJoT379hfwDeu0bebJHr35QrJ8myZdPMTEDYF08QYQ48ShRBli0S+QzBHHAQiM2iJNr4svg2WR8JSeWQ==",
"subType": "00",
},
},
"creationDate": { "$date": { "$numberLong": "1648914851981" } },
"updateDate": { "$date": { "$numberLong": "1648914851981" } },
"status": { "$numberInt": "0" },
"masterKey": { "provider": "local" },
},
]
# Create encrypted collection:
- databaseName: *db
collectionName: *coll
documents: []
createOptions:
encryptedFields:
{
"fields":
[
{
"keyId": *keyid,
"path": "encryptedText",
"bsonType": "string",
"queries": [
{
"queryType": "suffix",
"contention": { "$numberLong": "0" },
"strMinQueryLength": { "$numberLong": "3" },
"strMaxQueryLength": { "$numberLong": "30" },
"caseSensitive": true,
"diacriticSensitive": true,
},
],
},
],
}
tests:
- description: "QE Text cleanupStructuredEncryptionData works"
operations:
- name: runCommand
object: *db
arguments:
command:
cleanupStructuredEncryptionData: *coll
commandName: cleanupStructuredEncryptionData
expectResult: { ok: 1 }
expectEvents:
- client: *client
events:
- commandStartedEvent:
command:
listCollections: 1
filter:
name: *coll
commandName: listCollections
- commandStartedEvent:
command:
find: datakeys
filter:
{
"$or":
[
"_id": { "$in": [ *keyid ] },
"keyAltNames": { "$in": [] },
],
}
$db: keyvault
readConcern: { level: "majority" }
commandName: find
- commandStartedEvent:
command:
{
"cleanupStructuredEncryptionData": *coll,
"cleanupTokens": {
"encryptedText": {
"ecoc": {
"$binary": {
"base64": "SWO8WEoZ2r2Kx/muQKb7+COizy85nIIUFiHh4K9kcvA=",
"subType": "00"
}
},
"anchorPaddingToken": {
"$binary": {
"base64": "YAiF7Iwhqq1UyfxPvm70xfQJtrIRPrjfD2yRLG1+saQ=",
"subType": "00"
}
}
}
}
}
commandName: cleanupStructuredEncryptionData