From f9572248495668ace220e9e552c5a1b32a537b9f Mon Sep 17 00:00:00 2001 From: Grisha Kotler Date: Tue, 17 Dec 2024 10:48:11 +0200 Subject: [PATCH] RavenDB-23231 - apply fixes for sharding --- test/SlowTests/Issues/RavenDB-20979.cs | 12 +++--- test/SlowTests/Issues/RavenDB_20237.cs | 10 ++--- .../Backup/ShardedRestoreBackupTests.cs | 16 ++++---- .../Sharding/Encryption/ShardedEncryption.cs | 40 +++++++++---------- .../RavenTestBase.Encryption.cs | 12 +++--- 5 files changed, 46 insertions(+), 44 deletions(-) diff --git a/test/SlowTests/Issues/RavenDB-20979.cs b/test/SlowTests/Issues/RavenDB-20979.cs index c1ffb2f2d0b8..8c4453884901 100644 --- a/test/SlowTests/Issues/RavenDB-20979.cs +++ b/test/SlowTests/Issues/RavenDB-20979.cs @@ -1,5 +1,6 @@ using System; using System.Linq; +using System.Threading.Tasks; using FastTests; using FastTests.Client; using Raven.Client.Documents.Operations.Indexes; @@ -18,15 +19,16 @@ public RavenDB_20979(ITestOutputHelper output) : base(output) [RavenTheory(RavenTestCategory.Indexes)] [RavenData(SearchEngineMode = RavenSearchEngineMode.Corax)] - public void CanUsePulsedEnumeratorInDictionaryTrainingPhase(Options parameters) + public async Task CanUsePulsedEnumeratorInDictionaryTrainingPhase(Options parameters) { - Encryption.EncryptedServer(out var certificates, out string dbName); + var result = await Encryption.EncryptedServerAsync(); + using var store = GetDocumentStore(new Options { Encrypted = true, - AdminCertificate = certificates.ServerCertificate.Value, - ClientCertificate = certificates.ServerCertificate.Value, - ModifyDatabaseName = s => dbName, + AdminCertificate = result.Certificates.ServerCertificate.Value, + ClientCertificate = result.Certificates.ServerCertificate.Value, + ModifyDatabaseName = s => result.DatabaseName, ModifyDatabaseRecord = record => { parameters.ModifyDatabaseRecord(record); diff --git a/test/SlowTests/Issues/RavenDB_20237.cs b/test/SlowTests/Issues/RavenDB_20237.cs index 9713b2cc22a1..dd6e07d60cb0 100644 --- a/test/SlowTests/Issues/RavenDB_20237.cs +++ b/test/SlowTests/Issues/RavenDB_20237.cs @@ -18,20 +18,20 @@ public RavenDB_20237(ITestOutputHelper output) : base(output) [RavenFact(RavenTestCategory.Encryption)] public async Task MustProvideEncryptionKeyToAllDbStorages() { - Encryption.EncryptedServer(out var certificates, out var databaseName); + var result = await Encryption.EncryptedServerAsync(); using (var store = GetDocumentStore(new Options { - ModifyDatabaseName = _ => databaseName, - ClientCertificate = certificates.ServerCertificate.Value, - AdminCertificate = certificates.ServerCertificate.Value, + ModifyDatabaseName = _ => result.DatabaseName, + ClientCertificate = result.Certificates.ServerCertificate.Value, + AdminCertificate = result.Certificates.ServerCertificate.Value, Encrypted = true })) { Index index = new Index(); await index.ExecuteAsync(store); - var database = await GetDatabase(databaseName); + var database = await GetDatabase(result.DatabaseName); Assert.NotNull(database.MasterKey); diff --git a/test/SlowTests/Sharding/Backup/ShardedRestoreBackupTests.cs b/test/SlowTests/Sharding/Backup/ShardedRestoreBackupTests.cs index 15baa70e768a..9ddb362f0bc3 100644 --- a/test/SlowTests/Sharding/Backup/ShardedRestoreBackupTests.cs +++ b/test/SlowTests/Sharding/Backup/ShardedRestoreBackupTests.cs @@ -564,13 +564,13 @@ public async Task EncryptedBackupAndRestoreShardedDatabase_UsingDatabaseKey() try { - var key = Encryption.EncryptedServer(out var certificates, out var dbName); + var result = await Encryption.EncryptedServerAsync(); using (var store = Sharding.GetDocumentStore(new Options { - AdminCertificate = certificates.ServerCertificate.Value, - ClientCertificate = certificates.ServerCertificate.Value, - ModifyDatabaseName = s => dbName, + AdminCertificate = result.Certificates.ServerCertificate.Value, + ClientCertificate = result.Certificates.ServerCertificate.Value, + ModifyDatabaseName = s => result.DatabaseName, ModifyDatabaseRecord = record => record.Encrypted = true })) { @@ -638,7 +638,7 @@ public async Task EncryptedBackupAndRestoreShardedDatabase_UsingDatabaseKey() Settings = s3Settings, ShardRestoreSettings = shardedRestoreSettings, DatabaseName = databaseName, - EncryptionKey = key, + EncryptionKey = result.Key, BackupEncryptionSettings = new BackupEncryptionSettings { EncryptionMode = EncryptionMode.UseDatabaseKey @@ -686,12 +686,12 @@ public async Task EncryptedBackupAndRestoreShardedDatabaseInCluster_UsingDatabas try { var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true); - var key = Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName); + var result = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates); var options = Sharding.GetOptionsForCluster(leader, shards: 3, shardReplicationFactor: 1, orchestratorReplicationFactor: 3); options.ClientCertificate = certificates.ClientCertificate1.Value; options.AdminCertificate = certificates.ServerCertificate.Value; - options.ModifyDatabaseName = _ => databaseName; + options.ModifyDatabaseName = _ => result.DatabaseName; options.ModifyDatabaseRecord += record => record.Encrypted = true; options.RunInMemory = false; @@ -731,7 +731,7 @@ public async Task EncryptedBackupAndRestoreShardedDatabaseInCluster_UsingDatabas Settings = s3Settings, ShardRestoreSettings = shardedRestoreSettings, DatabaseName = newDbName, - EncryptionKey = key, + EncryptionKey = result.Key, BackupEncryptionSettings = new BackupEncryptionSettings { EncryptionMode = EncryptionMode.UseDatabaseKey diff --git a/test/SlowTests/Sharding/Encryption/ShardedEncryption.cs b/test/SlowTests/Sharding/Encryption/ShardedEncryption.cs index 2ed653ceb04d..af09d0a1366c 100644 --- a/test/SlowTests/Sharding/Encryption/ShardedEncryption.cs +++ b/test/SlowTests/Sharding/Encryption/ShardedEncryption.cs @@ -28,19 +28,19 @@ public ShardedEncryption(ITestOutputHelper output) : base(output) } [RavenFact(RavenTestCategory.Encryption | RavenTestCategory.Sharding, LicenseRequired = true)] - public void Can_Setup_Sharded_Encrypted_Database() + public async Task Can_Setup_Sharded_Encrypted_Database() { - Encryption.EncryptedServer(out var certificates, out var dbName); + var result = await Encryption.EncryptedServerAsync(); var options = new Options { - AdminCertificate = certificates.ServerCertificate.Value, - ClientCertificate = certificates.ServerCertificate.Value, + AdminCertificate = result.Certificates.ServerCertificate.Value, + ClientCertificate = result.Certificates.ServerCertificate.Value, ModifyDatabaseRecord = record => { record.Encrypted = true; }, - ModifyDatabaseName = s => dbName + ModifyDatabaseName = s => result.DatabaseName }; using (var store = Sharding.GetDocumentStore(options)) @@ -66,17 +66,17 @@ public void Can_Setup_Sharded_Encrypted_Database() [RavenFact(RavenTestCategory.Encryption | RavenTestCategory.Sharding, LicenseRequired = true)] public async Task CRUD_Operations_Encrypted() { - Encryption.EncryptedServer(out var certificates, out var dbName); + var result = await Encryption.EncryptedServerAsync(); var options = new Options { - AdminCertificate = certificates.ServerCertificate.Value, - ClientCertificate = certificates.ServerCertificate.Value, + AdminCertificate = result.Certificates.ServerCertificate.Value, + ClientCertificate = result.Certificates.ServerCertificate.Value, ModifyDatabaseRecord = record => { record.Encrypted = true; }, - ModifyDatabaseName = s => dbName + ModifyDatabaseName = s => result.DatabaseName }; using (var store = Sharding.GetDocumentStore(options)) @@ -140,7 +140,7 @@ public async Task CRUD_Operations_Encrypted() public async Task Can_Add_Shard_To_Encrypted_Database() { var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true); - Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName); + (_, string databaseName) = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates); var options = Sharding.GetOptionsForCluster(leader, shards: 2, shardReplicationFactor: 1, orchestratorReplicationFactor: 1); options.ClientCertificate = certificates.ClientCertificate1.Value; @@ -216,17 +216,17 @@ await session.StoreAsync(new User [RavenFact(RavenTestCategory.Encryption | RavenTestCategory.Sharding, LicenseRequired = true)] public async Task ClientCertificateForShardedDatabaseShouldPermitAccessToIndividualShards() { - Encryption.EncryptedServer(out var certificates, out var dbName); + var result = await Encryption.EncryptedServerAsync(); var options = new Options { - AdminCertificate = certificates.ServerCertificate.Value, - ClientCertificate = certificates.ClientCertificate1.Value, + AdminCertificate = result.Certificates.ServerCertificate.Value, + ClientCertificate = result.Certificates.ClientCertificate1.Value, ModifyDatabaseRecord = record => { record.Encrypted = true; }, - ModifyDatabaseName = s => dbName, + ModifyDatabaseName = s => result.DatabaseName, DeleteDatabaseOnDispose = false }; var dic = new Dictionary>(); @@ -260,13 +260,13 @@ public async Task ClientCertificateForShardedDatabaseShouldPermitAccessToIndivid } } - var userCert = certificates.ClientCertificate2.Value; + var userCert = result.Certificates.ClientCertificate2.Value; - Certificates.RegisterClientCertificate(certificates.ServerCertificate.Value, + Certificates.RegisterClientCertificate(result.Certificates.ServerCertificate.Value, clientCertificate: userCert, permissions: new Dictionary { - [dbName] = DatabaseAccess.Admin + [result.DatabaseName] = DatabaseAccess.Admin }, clearance: SecurityClearance.ValidUser); @@ -320,7 +320,7 @@ public async Task ClientCertificateForShardedDatabaseShouldPermitAccessToIndivid public async Task DatabaseSecretKeyShouldBeDeletedAfterShardedDatabaseDeletion() { var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true); - Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName); + (_, string databaseName) = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates); var options = Sharding.GetOptionsForCluster(leader, shards: 3, shardReplicationFactor: 1, orchestratorReplicationFactor: 3); options.ClientCertificate = certificates.ClientCertificate1.Value; @@ -375,7 +375,7 @@ public async Task ShouldNotRemoveSecretKeyFromNodeThatStillHasShards() }; var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true, customSettings: customSettings); - Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName); + (_, string databaseName) = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates); var options = Sharding.GetOptionsForCluster(leader, shards: 3, shardReplicationFactor: 1, orchestratorReplicationFactor: 3); options.ClientCertificate = certificates.ClientCertificate1.Value; @@ -429,7 +429,7 @@ await AssertWaitForValueAsync(async () => public async Task CanAddAndRemoveShardFromEncryptedShardedDb() { var (nodes, leader, certificates) = await CreateRaftClusterWithSsl(3, watcherCluster: true); - Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates, out var databaseName); + (_, string databaseName) = await Encryption.SetupEncryptedDatabaseInCluster(nodes, certificates); var options = Sharding.GetOptionsForCluster(leader, shards: 2, shardReplicationFactor: 1, orchestratorReplicationFactor: 2); options.ClientCertificate = certificates.ClientCertificate1.Value; diff --git a/test/Tests.Infrastructure/RavenTestBase.Encryption.cs b/test/Tests.Infrastructure/RavenTestBase.Encryption.cs index 59fc11b8bc2a..ad3f0f7f1356 100644 --- a/test/Tests.Infrastructure/RavenTestBase.Encryption.cs +++ b/test/Tests.Infrastructure/RavenTestBase.Encryption.cs @@ -133,9 +133,9 @@ public string SetupEncryptedDatabaseOnNonAuthenticatedServer(out byte[] masterKe return dbName; } - public string SetupEncryptedDatabaseInCluster(List nodes, TestCertificatesHolder certificates, out string databaseName) + public async Task<(string Key, string DatabaseName)> SetupEncryptedDatabaseInCluster(List nodes, TestCertificatesHolder certificates) { - databaseName = _parent.GetDatabaseName(); + var databaseName = _parent.GetDatabaseName(); var base64Key = CreateMasterKey(out _); foreach (var node in nodes) @@ -143,15 +143,15 @@ public string SetupEncryptedDatabaseInCluster(List nodes, TestCerti _parent.Certificates.RegisterClientCertificate(certificates, new Dictionary(), SecurityClearance.ClusterAdmin, node); EnsureServerMasterKeyIsSetup(node); - - Assert.True(node.ServerStore.EnsureNotPassiveAsync().Wait(TimeSpan.FromSeconds(30))); // activate license so we can insert the secret key - Assert.True(node.ServerStore.LicenseManager.TryActivateLicenseAsync(_parent.Server.ThrowOnLicenseActivationFailure).Wait(TimeSpan.FromSeconds(30))); // activate license so we can insert the secret key + + await _parent.Server.ServerStore.EnsureNotPassiveAsync().WaitAsync(TimeSpan.FromSeconds(30)); // activate license so we can insert the secret key + await _parent.Server.ServerStore.LicenseManager.TryActivateLicenseAsync(_parent.Server.ThrowOnLicenseActivationFailure).WaitAsync(TimeSpan.FromSeconds(30)); var key = new string(base64Key); node.ServerStore.PutSecretKey(key, databaseName, overwrite: true); } - return base64Key; + return (base64Key, databaseName); } private void EnsureServerMasterKeyIsSetup(RavenServer server)