RUBY-3149 Test on AWS Lambda

.evergreen/atlas

@@ -0,0 +1 @@
+../.mod/drivers-evergreen-tools/.evergreen/atlas

.evergreen/config.yml

@@ -482,6 +482,8 @@ task_groups:
           script: |
             ${PREPARE_SHELL}
 
+            echo "Setting up Atlas cluster"
+
             DRIVERS_ATLAS_PUBLIC_API_KEY="${DRIVERS_ATLAS_PUBLIC_API_KEY}" \
               DRIVERS_ATLAS_PRIVATE_API_KEY="${DRIVERS_ATLAS_PRIVATE_API_KEY}" \
               DRIVERS_ATLAS_GROUP_ID="${DRIVERS_ATLAS_GROUP_ID}" \
@@ -492,6 +494,8 @@ task_groups:
               task_id="${task_id}" \
               execution="${execution}" \
               $DRIVERS_TOOLS/.evergreen/atlas/setup-atlas-cluster.sh
+
+              echo "MONGODB_URI=${MONGODB_URI}"
       - command: expansions.update
         params:
           file: src/atlas-expansion.yml
@@ -512,6 +516,7 @@ task_groups:
               $DRIVERS_TOOLS/.evergreen/atlas/teardown-atlas-cluster.sh
     tasks:
       - test-full-atlas-task
+      - test-aws-lambda-deployed
 
   - name: testgcpkms_task_group
     setup_group_can_fail_task: true
@@ -702,6 +707,35 @@ tasks:
             export AZUREKMS_VMNAME=${AZUREKMS_VMNAME}
             export AZUREKMS_PRIVATEKEYPATH="/tmp/testazurekms_private_key_file"
             AZUREKMS_CMD="TEST_FLE_AZURE_AUTO=1 RVM_RUBY=ruby-3.1 FLE=helper TOPOLOGY=standalone MONGODB_VERSION=6.0  MONGO_RUBY_DRIVER_AZURE_TENANT_ID="${MONGO_RUBY_DRIVER_AZURE_TENANT_ID}" MONGO_RUBY_DRIVER_AZURE_CLIENT_ID="${MONGO_RUBY_DRIVER_AZURE_CLIENT_ID}" MONGO_RUBY_DRIVER_AZURE_CLIENT_SECRET="${MONGO_RUBY_DRIVER_AZURE_CLIENT_SECRET}" MONGO_RUBY_DRIVER_AZURE_IDENTITY_PLATFORM_ENDPOINT="${MONGO_RUBY_DRIVER_AZURE_IDENTITY_PLATFORM_ENDPOINT}" MONGO_RUBY_DRIVER_AZURE_KEY_VAULT_ENDPOINT="${testazurekms_keyvaultendpoint}" MONGO_RUBY_DRIVER_AZURE_KEY_NAME="${testazurekms_keyname}"  ./.evergreen/run-tests-azure.sh" .evergreen/csfle/azurekms/run-command.sh
+
+  - name: "test-aws-lambda-deployed"
+    commands:
+      - command: ec2.assume_role
+        params:
+          role_arn: ${LAMBDA_AWS_ROLE_ARN}
+          duration_seconds: 3600
+      - command: shell.exec
+        type: test
+        params:
+          working_dir: "src"
+          shell: "bash"
+          add_expansions_to_env: true
+          script: |
+            ${PREPARE_SHELL}
+            MONGODB_URI="${MONGODB_URI}" .evergreen/run-tests-deployed-lambda.sh
+          env:
+            AWS_REGION: us-east-1
+            DRIVERS_TOOLS: ${DRIVERS_TOOLS}
+            DRIVERS_ATLAS_PUBLIC_API_KEY: ${DRIVERS_ATLAS_PUBLIC_API_KEY}
+            DRIVERS_ATLAS_PRIVATE_API_KEY: ${DRIVERS_ATLAS_PRIVATE_API_KEY}
+            DRIVERS_ATLAS_LAMBDA_USER: ${DRIVERS_ATLAS_LAMBDA_USER}
+            DRIVERS_ATLAS_LAMBDA_PASSWORD: ${DRIVERS_ATLAS_LAMBDA_PASSWORD}
+            DRIVERS_ATLAS_GROUP_ID: ${DRIVERS_ATLAS_GROUP_ID}
+            AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
+            AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
+            AWS_SESSION_TOKEN: ${AWS_SESSION_TOKEN}
+            LAMBDA_STACK_NAME: "dbx-ruby-lambda"
+            RVM_RUBY: ruby-3.2
 axes:
 
   - id: preload
@@ -1663,10 +1697,10 @@ buildvariants:
       - name: testazurekms_task_group
         batchtime: 20160 # Use a batchtime of 14 days as suggested by the CSFLE test README
 
-  - matrix_name: atlas-full
+  - matrix_name: atlas-full-and-lambda
     matrix_spec:
       ruby: "ruby-3.2"
-      os: rhel8
+      os: ubuntu2204
     display_name: "Atlas (Full)"
     tasks:
       - name: testatlas_task_group

.evergreen/config/common.yml.erb

@@ -479,6 +479,8 @@ task_groups:
           script: |
             ${PREPARE_SHELL}
 
+            echo "Setting up Atlas cluster"
+
             DRIVERS_ATLAS_PUBLIC_API_KEY="${DRIVERS_ATLAS_PUBLIC_API_KEY}" \
               DRIVERS_ATLAS_PRIVATE_API_KEY="${DRIVERS_ATLAS_PRIVATE_API_KEY}" \
               DRIVERS_ATLAS_GROUP_ID="${DRIVERS_ATLAS_GROUP_ID}" \
@@ -489,6 +491,8 @@ task_groups:
               task_id="${task_id}" \
               execution="${execution}" \
               $DRIVERS_TOOLS/.evergreen/atlas/setup-atlas-cluster.sh
+
+              echo "MONGODB_URI=${MONGODB_URI}"
       - command: expansions.update
         params:
           file: src/atlas-expansion.yml
@@ -509,6 +513,7 @@ task_groups:
               $DRIVERS_TOOLS/.evergreen/atlas/teardown-atlas-cluster.sh
     tasks:
       - test-full-atlas-task
+      - test-aws-lambda-deployed
 
   - name: testgcpkms_task_group
     setup_group_can_fail_task: true
@@ -699,3 +704,32 @@ tasks:
             export AZUREKMS_VMNAME=${AZUREKMS_VMNAME}
             export AZUREKMS_PRIVATEKEYPATH="/tmp/testazurekms_private_key_file"
             AZUREKMS_CMD="TEST_FLE_AZURE_AUTO=1 RVM_RUBY=ruby-3.1 FLE=helper TOPOLOGY=standalone MONGODB_VERSION=6.0  MONGO_RUBY_DRIVER_AZURE_TENANT_ID="${MONGO_RUBY_DRIVER_AZURE_TENANT_ID}" MONGO_RUBY_DRIVER_AZURE_CLIENT_ID="${MONGO_RUBY_DRIVER_AZURE_CLIENT_ID}" MONGO_RUBY_DRIVER_AZURE_CLIENT_SECRET="${MONGO_RUBY_DRIVER_AZURE_CLIENT_SECRET}" MONGO_RUBY_DRIVER_AZURE_IDENTITY_PLATFORM_ENDPOINT="${MONGO_RUBY_DRIVER_AZURE_IDENTITY_PLATFORM_ENDPOINT}" MONGO_RUBY_DRIVER_AZURE_KEY_VAULT_ENDPOINT="${testazurekms_keyvaultendpoint}" MONGO_RUBY_DRIVER_AZURE_KEY_NAME="${testazurekms_keyname}"  ./.evergreen/run-tests-azure.sh" .evergreen/csfle/azurekms/run-command.sh
+
+  - name: "test-aws-lambda-deployed"
+    commands:
+      - command: ec2.assume_role
+        params:
+          role_arn: ${LAMBDA_AWS_ROLE_ARN}
+          duration_seconds: 3600
+      - command: shell.exec
+        type: test
+        params:
+          working_dir: "src"
+          shell: "bash"
+          add_expansions_to_env: true
+          script: |
+            ${PREPARE_SHELL}
+            MONGODB_URI="${MONGODB_URI}" .evergreen/run-tests-deployed-lambda.sh
+          env:
+            AWS_REGION: us-east-1
+            DRIVERS_TOOLS: ${DRIVERS_TOOLS}
+            DRIVERS_ATLAS_PUBLIC_API_KEY: ${DRIVERS_ATLAS_PUBLIC_API_KEY}
+            DRIVERS_ATLAS_PRIVATE_API_KEY: ${DRIVERS_ATLAS_PRIVATE_API_KEY}
+            DRIVERS_ATLAS_LAMBDA_USER: ${DRIVERS_ATLAS_LAMBDA_USER}
+            DRIVERS_ATLAS_LAMBDA_PASSWORD: ${DRIVERS_ATLAS_LAMBDA_PASSWORD}
+            DRIVERS_ATLAS_GROUP_ID: ${DRIVERS_ATLAS_GROUP_ID}
+            AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
+            AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
+            AWS_SESSION_TOKEN: ${AWS_SESSION_TOKEN}
+            LAMBDA_STACK_NAME: "dbx-ruby-lambda"
+            RVM_RUBY: ruby-3.2

.evergreen/config/standard.yml.erb

@@ -494,10 +494,10 @@ buildvariants:
       - name: testazurekms_task_group
         batchtime: 20160 # Use a batchtime of 14 days as suggested by the CSFLE test README
 
-  - matrix_name: atlas-full
+  - matrix_name: atlas-full-and-lambda
     matrix_spec:
       ruby: <%= latest_ruby %>
-      os: rhel8
+      os: ubuntu2204
     display_name: "Atlas (Full)"
     tasks:
       - name: testatlas_task_group

.evergreen/run-deployed-lambda-aws-tests.sh

@@ -0,0 +1,117 @@
+#!/bin/bash
+set -o errexit  # Exit the script with error if any of the commands fail
+
+# Explanation of required environment variables:
+#
+# TEST_LAMBDA_DIRECTORY: The root of the project's Lambda sam project.
+# DRIVERS_ATLAS_PUBLIC_API_KEY: The public Atlas key for the drivers org.
+# DRIVERS_ATLAS_PRIVATE_API_KEY: The private Atlas key for the drivers org.
+# DRIVERS_ATLAS_LAMBDA_USER: The user for the lambda cluster.
+# DRIVERS_ATLAS_LAMBDA_PASSWORD: The password for the user.
+# DRIVERS_ATLAS_GROUP_ID: The id of the individual projects under the drivers org, per language.
+# LAMBDA_STACK_NAME: The name of the stack on lambda "dbx-<language>-lambda"
+# AWS_REGION: The region for the function - generally us-east-1
+
+VARLIST=(
+TEST_LAMBDA_DIRECTORY
+DRIVERS_ATLAS_PUBLIC_API_KEY
+DRIVERS_ATLAS_PRIVATE_API_KEY
+DRIVERS_ATLAS_LAMBDA_USER
+DRIVERS_ATLAS_LAMBDA_PASSWORD
+DRIVERS_ATLAS_GROUP_ID
+LAMBDA_STACK_NAME
+AWS_REGION
+)
+
+# Ensure that all variables required to run the test are set, otherwise throw
+# an error.
+for VARNAME in ${VARLIST[*]}; do
+[[ -z "${!VARNAME}" ]] && echo "ERROR: $VARNAME not set" && exit 1;
+done
+
+# Set up the common variables
+. `dirname "$0"`/atlas/setup-variables.sh
+
+# Restarts the cluster's primary node.
+restart_cluster_primary ()
+{
+  echo "Testing Atlas primary restart..."
+  curl \
+    --digest -u ${DRIVERS_ATLAS_PUBLIC_API_KEY}:${DRIVERS_ATLAS_PRIVATE_API_KEY} \
+    -X POST \
+    "${ATLAS_BASE_URL}/groups/${DRIVERS_ATLAS_GROUP_ID}/clusters/${FUNCTION_NAME}/restartPrimaries"
+}
+
+# Deploys a lambda function to the set stack name.
+deploy_lambda_function ()
+{
+  echo "Deploying Lambda function..."
+  sam deploy \
+    --stack-name "${FUNCTION_NAME}" \
+    --capabilities CAPABILITY_IAM \
+    --resolve-s3 \
+    --parameter-overrides "MongoDbUri=${MONGODB_URI}" \
+    --region ${AWS_REGION}
+}
+
+# Get the ARN for the Lambda function we created and export it.
+get_lambda_function_arn ()
+{
+  echo "Getting Lambda function ARN..."
+  LAMBDA_FUNCTION_ARN=$(sam list stack-outputs \
+    --stack-name ${FUNCTION_NAME} \
+    --region ${AWS_REGION} \
+    --output json | jq '.[] | select(.OutputKey == "MongoDBFunction") | .OutputValue' | tr -d '"'
+  )
+  echo "Lambda function ARN: $LAMBDA_FUNCTION_ARN"
+  export LAMBDA_FUNCTION_ARN=$LAMBDA_FUNCTION_ARN
+}
+
+delete_lambda_function ()
+{
+  echo "Deleting Lambda Function..."
+  sam delete --stack-name ${FUNCTION_NAME} --no-prompts --region us-east-1
+}
+
+cleanup ()
+{
+  delete_lambda_function
+}
+
+trap cleanup EXIT SIGHUP
+
+cd "${TEST_LAMBDA_DIRECTORY}"
+
+sam build --use-container
+
+deploy_lambda_function
+
+get_lambda_function_arn
+
+
+check_lambda_output () {
+  if grep -q FunctionError output.json
+  then
+      echo "Exiting due to FunctionError!"
+      exit 1
+  fi
+  cat output.json | jq -r '.LogResult' | base64 --decode
+}
+
+aws lambda invoke --function-name ${LAMBDA_FUNCTION_ARN} --log-type Tail lambda-invoke-standard.json > output.json
+cat lambda-invoke-standard.json
+check_lambda_output
+
+echo "Sleeping 1 minute to build up some streaming protocol heartbeats..."
+sleep 60
+aws lambda invoke --function-name ${LAMBDA_FUNCTION_ARN} --log-type Tail lambda-invoke-frozen.json > output.json
+cat lambda-invoke-frozen.json
+check_lambda_output
+
+restart_cluster_primary
+
+echo "Sleeping 1 minute to build up some streaming protocol heartbeats..."
+sleep 60
+aws lambda invoke --function-name ${LAMBDA_FUNCTION_ARN} --log-type Tail lambda-invoke-outage.json > output.json
+cat lambda-invoke-outage.json
+check_lambda_output

.evergreen/run-tests-deployed-lambda.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -ex
+
+. `dirname "$0"`/../spec/shared/shlib/distro.sh
+. `dirname "$0"`/../spec/shared/shlib/set_env.sh
+. `dirname "$0"`/functions.sh
+
+set_env_vars
+set_env_python
+set_env_ruby
+
+echo MONGODB_URI: ${MONGODB_URI}
+
+export MONGODB_URI=${MONGODB_URI}
+export TEST_LAMBDA_DIRECTORY=`dirname "$0"`/../spec/faas/ruby-sam-app
+
+. `dirname "$0"`/run-deployed-lambda-aws-tests.sh

.gitignore

@@ -30,3 +30,6 @@ profile/benchmarking/data
 secrets-export.sh
 secrets-expansion.yml
 atlas-expansion.yml
+# AWS SAM-generated files
+spec/faas/ruby-sam-app/.aws-sam
+spec/faas/ruby-sam-app/events/event.json

.rubocop.yml

@@ -8,6 +8,7 @@ AllCops:
   NewCops: enable
   Exclude:
     - 'spec/shared/**/*'
+    - 'spec/faas/**/*'
     - 'vendor/**/*'
 
 Bundler: