DRIVERS-2451 add bypass spawn test with shared lib (#1342)

kevinAlbs · web-flow · commit 33a03f2eae1f · 2022-11-13T10:52:25.000-05:00
diff --git a/source/client-side-encryption/tests/README.rst b/source/client-side-encryption/tests/README.rst
@@ -971,13 +971,52 @@ Test cases
 8. Bypass Spawning mongocryptd
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
+Via loading shared library
+``````````````````````````
+
+The following tests that loading crypt_shared_ bypasses spawning mongocryptd.
+
+.. note::
+
+   IMPORTANT: This test requires the crypt_shared_ library be loaded. If the crypt_shared_ library is
+   not available, skip the test.
+
+#. Create a MongoClient configured with auto encryption (referred to as ``client_encrypted``)
+
+   Configure the required options. Use the ``local`` KMS provider as follows:
+
+   .. code:: javascript
+
+      { "local": { "key": <base64 decoding of LOCAL_MASTERKEY> } }
+
+   Configure with the ``keyVaultNamespace`` set to ``keyvault.datakeys``.
+
+   Configure ``client_encrypted`` to use the schema `external/external-schema.json <../external/external-schema.json>`_  for ``db.coll`` by setting a schema map like: ``{ "db.coll": <contents of external-schema.json>}``
+
+   Configure the following ``extraOptions``:
+
+   .. code:: javascript
+
+      {
+        "mongocryptdURI": "mongodb://localhost:27021/db?serverSelectionTimeoutMS=1000",
+        "mongocryptdSpawnArgs": [ "--pidfilepath=bypass-spawning-mongocryptd.pid", "--port=27021"],
+        "cryptSharedLibPath": "<path to shared library>",
+        "cryptSharedRequired": true
+      }
+
+   Drivers MAY pass a different port if they expect their testing infrastructure to be using port 27021. Pass a port that should be free.
+
+#. Use ``client_encrypted`` to insert the document ``{"unencrypted": "test"}`` into ``db.coll``. Expect this to succeed.
+
+#. Validate that mongocryptd was not spawned. Create a MongoClient to localhost:27021 (or whatever was passed via ``--port``) with serverSelectionTimeoutMS=1000. Run a handshake command and ensure it fails with a server selection timeout.
+
 .. note::
 
    IMPORTANT: If crypt_shared_ is visible to the operating system's library
    search mechanism, the expected server error generated by these
    ``mongocryptdBypassSpawn`` tests will not appear because libmongocrypt will
    load the ``crypt_shared`` library instead of consulting mongocryptd. For
-   these tests, it is required that libmongocrypt *not* load ``crypt_shared``.
+   the following tests, it is required that libmongocrypt *not* load ``crypt_shared``.
    Refer to the client-side-encryption document for more information on
    "disabling" ``crypt_shared``.
 
