Skip to content

Commit

Permalink
RavenDB-23231 - apply fixes for sharding
Browse files Browse the repository at this point in the history
  • Loading branch information
@grisha-kotler
grisha-kotler committed Dec 17, 2024
1 parent b56c32d commit f957224
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 44 deletions.
12 changes: 7 additions & 5 deletions test/SlowTests/Issues/RavenDB-20979.cs
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
using System;
using System.Linq;
using System.Threading.Tasks;
using FastTests;
using FastTests.Client;
using Raven.Client.Documents.Operations.Indexes;
Expand All @@ -18,15 +19,16 @@ public RavenDB_20979(ITestOutputHelper output) : base(output)

[RavenTheory(RavenTestCategory.Indexes)]
[RavenData(SearchEngineMode = RavenSearchEngineMode.Corax)]
public void CanUsePulsedEnumeratorInDictionaryTrainingPhase(Options parameters)
public async Task CanUsePulsedEnumeratorInDictionaryTrainingPhase(Options parameters)
{
Encryption.EncryptedServer(out var certificates, out string dbName);
var result = await Encryption.EncryptedServerAsync();

using var store = GetDocumentStore(new Options
{
Encrypted = true,
AdminCertificate = certificates.ServerCertificate.Value,
ClientCertificate = certificates.ServerCertificate.Value,
ModifyDatabaseName = s => dbName,
AdminCertificate = result.Certificates.ServerCertificate.Value,
ClientCertificate = result.Certificates.ServerCertificate.Value,
ModifyDatabaseName = s => result.DatabaseName,
ModifyDatabaseRecord = record =>
{
parameters.ModifyDatabaseRecord(record);
Expand Down
10 changes: 5 additions & 5 deletions test/SlowTests/Issues/RavenDB_20237.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,20 +18,20 @@ public RavenDB_20237(ITestOutputHelper output) : base(output)
[RavenFact(RavenTestCategory.Encryption)]
public async Task MustProvideEncryptionKeyToAllDbStorages()
{
Encryption.EncryptedServer(out var certificates, out var databaseName);
var result = await Encryption.EncryptedServerAsync();

using (var store = GetDocumentStore(new Options
{
ModifyDatabaseName = _ => databaseName,
ClientCertificate = certificates.ServerCertificate.Value,
AdminCertificate = certificates.ServerCertificate.Value,
ModifyDatabaseName = _ => result.DatabaseName,
ClientCertificate = result.Certificates.ServerCertificate.Value,
AdminCertificate = result.Certificates.ServerCertificate.Value,
Encrypted = true
}))
{
Index index = new Index();
await index.ExecuteAsync(store);

var database = await GetDatabase(databaseName);
var database = await GetDatabase(result.DatabaseName);

Assert.NotNull(database.MasterKey);

Expand Down
16 changes: 8 additions & 8 deletions test/SlowTests/Sharding/Backup/ShardedRestoreBackupTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -564,13 +564,13 @@ public async Task EncryptedBackupAndRestoreShardedDatabase_UsingDatabaseKey()

try
{
var key = Encryption.EncryptedServer(out var certificates, out var dbName);
var result = await Encryption.EncryptedServerAsync();

using (var store = Sharding.GetDocumentStore(new Options
{
AdminCertificate = certificates.ServerCertificate.Value,
ClientCertificate = certificates.ServerCertificate.Value,
ModifyDatabaseName = s => dbName,
AdminCertificate = result.Certificates.ServerCertificate.Value,
ClientCertificate = result.Certificates.ServerCertificate.Value,
ModifyDatabaseName = s => result.DatabaseName,
ModifyDatabaseRecord = record => record.Encrypted = true
}))
{
Expand Down Expand Up @@ -638,7 +638,7 @@ public async Task EncryptedBackupAndRestoreShardedDatabase_UsingDatabaseKey()
Settings = s3Settings,
ShardRestoreSettings = shardedRestoreSettings,
DatabaseName = databaseName,
EncryptionKey = key,
EncryptionKey = result.Key,
BackupEncryptionSettings = new BackupEncryptionSettings
{
EncryptionMode = EncryptionMode.UseDatabaseKey
Expand Down Expand Up @@ -686,12 +686,12 @@ public async Task EncryptedBackupAndRestoreShardedDatabaseInCluster_UsingDatabas
try
{
var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true);
var key = Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName);
var result = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates);

var options = Sharding.GetOptionsForCluster(leader, shards: 3, shardReplicationFactor: 1, orchestratorReplicationFactor: 3);
options.ClientCertificate = certificates.ClientCertificate1.Value;
options.AdminCertificate = certificates.ServerCertificate.Value;
options.ModifyDatabaseName = _ => databaseName;
options.ModifyDatabaseName = _ => result.DatabaseName;
options.ModifyDatabaseRecord += record => record.Encrypted = true;
options.RunInMemory = false;

Expand Down Expand Up @@ -731,7 +731,7 @@ public async Task EncryptedBackupAndRestoreShardedDatabaseInCluster_UsingDatabas
Settings = s3Settings,
ShardRestoreSettings = shardedRestoreSettings,
DatabaseName = newDbName,
EncryptionKey = key,
EncryptionKey = result.Key,
BackupEncryptionSettings = new BackupEncryptionSettings
{
EncryptionMode = EncryptionMode.UseDatabaseKey
Expand Down
40 changes: 20 additions & 20 deletions test/SlowTests/Sharding/Encryption/ShardedEncryption.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,19 +28,19 @@ public ShardedEncryption(ITestOutputHelper output) : base(output)
}

[RavenFact(RavenTestCategory.Encryption | RavenTestCategory.Sharding, LicenseRequired = true)]
public void Can_Setup_Sharded_Encrypted_Database()
public async Task Can_Setup_Sharded_Encrypted_Database()
{
Encryption.EncryptedServer(out var certificates, out var dbName);
var result = await Encryption.EncryptedServerAsync();

var options = new Options
{
AdminCertificate = certificates.ServerCertificate.Value,
ClientCertificate = certificates.ServerCertificate.Value,
AdminCertificate = result.Certificates.ServerCertificate.Value,
ClientCertificate = result.Certificates.ServerCertificate.Value,
ModifyDatabaseRecord = record =>
{
record.Encrypted = true;
},
ModifyDatabaseName = s => dbName
ModifyDatabaseName = s => result.DatabaseName
};

using (var store = Sharding.GetDocumentStore(options))
Expand All @@ -66,17 +66,17 @@ public void Can_Setup_Sharded_Encrypted_Database()
[RavenFact(RavenTestCategory.Encryption | RavenTestCategory.Sharding, LicenseRequired = true)]
public async Task CRUD_Operations_Encrypted()
{
Encryption.EncryptedServer(out var certificates, out var dbName);
var result = await Encryption.EncryptedServerAsync();

var options = new Options
{
AdminCertificate = certificates.ServerCertificate.Value,
ClientCertificate = certificates.ServerCertificate.Value,
AdminCertificate = result.Certificates.ServerCertificate.Value,
ClientCertificate = result.Certificates.ServerCertificate.Value,
ModifyDatabaseRecord = record =>
{
record.Encrypted = true;
},
ModifyDatabaseName = s => dbName
ModifyDatabaseName = s => result.DatabaseName
};

using (var store = Sharding.GetDocumentStore(options))
Expand Down Expand Up @@ -140,7 +140,7 @@ public async Task CRUD_Operations_Encrypted()
public async Task Can_Add_Shard_To_Encrypted_Database()
{
var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true);
Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName);
(_, string databaseName) = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates);

var options = Sharding.GetOptionsForCluster(leader, shards: 2, shardReplicationFactor: 1, orchestratorReplicationFactor: 1);
options.ClientCertificate = certificates.ClientCertificate1.Value;
Expand Down Expand Up @@ -216,17 +216,17 @@ await session.StoreAsync(new User
[RavenFact(RavenTestCategory.Encryption | RavenTestCategory.Sharding, LicenseRequired = true)]
public async Task ClientCertificateForShardedDatabaseShouldPermitAccessToIndividualShards()
{
Encryption.EncryptedServer(out var certificates, out var dbName);
var result = await Encryption.EncryptedServerAsync();

var options = new Options
{
AdminCertificate = certificates.ServerCertificate.Value,
ClientCertificate = certificates.ClientCertificate1.Value,
AdminCertificate = result.Certificates.ServerCertificate.Value,
ClientCertificate = result.Certificates.ClientCertificate1.Value,
ModifyDatabaseRecord = record =>
{
record.Encrypted = true;
},
ModifyDatabaseName = s => dbName,
ModifyDatabaseName = s => result.DatabaseName,
DeleteDatabaseOnDispose = false
};
var dic = new Dictionary<int, List<string>>();
Expand Down Expand Up @@ -260,13 +260,13 @@ public async Task ClientCertificateForShardedDatabaseShouldPermitAccessToIndivid
}
}

var userCert = certificates.ClientCertificate2.Value;
var userCert = result.Certificates.ClientCertificate2.Value;

Certificates.RegisterClientCertificate(certificates.ServerCertificate.Value,
Certificates.RegisterClientCertificate(result.Certificates.ServerCertificate.Value,
clientCertificate: userCert,
permissions: new Dictionary<string, DatabaseAccess>
{
[dbName] = DatabaseAccess.Admin
[result.DatabaseName] = DatabaseAccess.Admin
},
clearance: SecurityClearance.ValidUser);

Expand Down Expand Up @@ -320,7 +320,7 @@ public async Task ClientCertificateForShardedDatabaseShouldPermitAccessToIndivid
public async Task DatabaseSecretKeyShouldBeDeletedAfterShardedDatabaseDeletion()
{
var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true);
Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName);
(_, string databaseName) = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates);

var options = Sharding.GetOptionsForCluster(leader, shards: 3, shardReplicationFactor: 1, orchestratorReplicationFactor: 3);
options.ClientCertificate = certificates.ClientCertificate1.Value;
Expand Down Expand Up @@ -375,7 +375,7 @@ public async Task ShouldNotRemoveSecretKeyFromNodeThatStillHasShards()
};

var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true, customSettings: customSettings);
Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName);
(_, string databaseName) = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates);

var options = Sharding.GetOptionsForCluster(leader, shards: 3, shardReplicationFactor: 1, orchestratorReplicationFactor: 3);
options.ClientCertificate = certificates.ClientCertificate1.Value;
Expand Down Expand Up @@ -429,7 +429,7 @@ await AssertWaitForValueAsync(async () =>
public async Task CanAddAndRemoveShardFromEncryptedShardedDb()
{
var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true);
Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName);
(_, string databaseName) = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates);

var options = Sharding.GetOptionsForCluster(leader, shards: 2, shardReplicationFactor: 1, orchestratorReplicationFactor: 2);
options.ClientCertificate = certificates.ClientCertificate1.Value;
Expand Down
12 changes: 6 additions & 6 deletions test/Tests.Infrastructure/RavenTestBase.Encryption.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,25 +133,25 @@ public string SetupEncryptedDatabaseOnNonAuthenticatedServer(out byte[] masterKe
return dbName;
}

public string SetupEncryptedDatabaseInCluster(List<RavenServer> nodes, TestCertificatesHolder certificates, out string databaseName)
public async Task<(string Key, string DatabaseName)> SetupEncryptedDatabaseInCluster(List<RavenServer> nodes, TestCertificatesHolder certificates)
{
databaseName = _parent.GetDatabaseName();
var databaseName = _parent.GetDatabaseName();
var base64Key = CreateMasterKey(out _);

foreach (var node in nodes)
{
_parent.Certificates.RegisterClientCertificate(certificates, new Dictionary<string, DatabaseAccess>(), SecurityClearance.ClusterAdmin, node);

EnsureServerMasterKeyIsSetup(node);

Assert.True(node.ServerStore.EnsureNotPassiveAsync().Wait(TimeSpan.FromSeconds(30))); // activate license so we can insert the secret key
Assert.True(node.ServerStore.LicenseManager.TryActivateLicenseAsync(_parent.Server.ThrowOnLicenseActivationFailure).Wait(TimeSpan.FromSeconds(30))); // activate license so we can insert the secret key
await _parent.Server.ServerStore.EnsureNotPassiveAsync().WaitAsync(TimeSpan.FromSeconds(30)); // activate license so we can insert the secret key
await _parent.Server.ServerStore.LicenseManager.TryActivateLicenseAsync(_parent.Server.ThrowOnLicenseActivationFailure).WaitAsync(TimeSpan.FromSeconds(30));

var key = new string(base64Key);
node.ServerStore.PutSecretKey(key, databaseName, overwrite: true);
}

return base64Key;
return (base64Key, databaseName);
}

private void EnsureServerMasterKeyIsSetup(RavenServer server)
Expand Down

0 comments on commit f957224

Please sign in to comment.