GODRIVER-3548 Test MONGODB-X509 on cloud-dev

[prestonvasquez]

GODRIVER-3548

Summary

Test MONGODB-X509 auth on cloud-dev to ensure auth will succeed using OpenSSL 3.

Background & Motivation

NA

[mongodb-drivers-pr-bot]

API Change Report

No changes found!

[mongodb-drivers-pr-bot]

🧪 Performance Results

Commit SHA: 9967f6e

The following benchmark tests for version 689cf1590e814800078fb03d had statistically significant changes (i.e., |z-score| > 1.96):

Benchmark	Measurement	% Change	Patch Value	Stable Region	H-Score	Z-Score
BenchmarkBSONFlatDocumentDecoding	ops_per_second_min	-49.3163	978.0563	Avg: 1929.7268 Med: 2024.1031 Stdev: 360.1878	0.8518	-2.6422
BenchmarkMultiFindMany	total_mem_allocs	35.3469	496365.0000	Avg: 366735.4000 Med: 372118.0000 Stdev: 11340.3733	0.9574	11.4308
BenchmarkMultiFindMany	total_bytes_allocated	35.0783	805374464.0000	Avg: 596227812.8000 Med: 604732048.0000 Stdev: 17933008.4008	0.9582	11.6627
BenchmarkMultiFindMany	total_time_seconds	26.1614	1.3147	Avg: 1.0420 Med: 1.0246 Stdev: 0.0749	0.8946	3.6385
BenchmarkMultiInsertSmallDocument	total_mem_allocs	16.0909	2632048.0000	Avg: 2267229.7796 Med: 2237973.5000 Stdev: 113704.7470	0.8457	3.2085
BenchmarkMultiInsertSmallDocument	total_bytes_allocated	11.6871	498232240.0000	Avg: 446096408.7429 Med: 445451280.0000 Stdev: 13719101.2810	0.8629	3.8002
BenchmarkMultiInsertSmallDocument	total_time_seconds	9.6910	1.1627	Avg: 1.0600 Med: 1.0475 Stdev: 0.0430	0.7965	2.3885
BenchmarkMultiInsertSmallDocument	ns_per_op	-6.1261	6185.0000	Avg: 6588.6276 Med: 6581.0000 Stdev: 151.2299	0.7953	-2.6690
BenchmarkBSONFlatDocumentDecoding	total_bytes_allocated	5.8166	392705376.0000	Avg: 371118817.1429 Med: 372196992.0000 Stdev: 6556811.1085	0.8352	3.2922
BenchmarkBSONFlatDocumentDecoding	total_mem_allocs	5.7672	9984416.0000	Avg: 9439991.7619 Med: 9467488.0000 Stdev: 167074.9518	0.8335	3.2586
BenchmarkLargeDocInsertOne	total_bytes_allocated	5.7292	38243728.0000	Avg: 36171384.2151 Med: 36254304.0000 Stdev: 984739.5138	0.7454	2.1045
BenchmarkBSONDeepDocumentEncoding	ops_per_second_max	5.7275	71911.4051	Avg: 68015.7928 Med: 68031.8389 Stdev: 1753.7781	0.7534	2.2213
BenchmarkBSONDeepDocumentEncoding	ns_per_op	-5.6117	15512.0000	Avg: 16434.2444 Med: 16376.0000 Stdev: 430.4807	0.7520	-2.1424
BenchmarkBSONDeepDocumentEncoding	ops_per_second_med	5.5450	68756.8757	Avg: 65144.6075 Med: 65261.3718 Stdev: 1721.4620	0.7430	2.0984
BenchmarkBSONFullDocumentDecoding	total_mem_allocs	4.3654	9132864.0000	Avg: 8750850.5714 Med: 8825043.0000 Stdev: 183366.1369	0.7495	2.0833
BenchmarkBSONFlatDocumentDecoding	ns_per_op	-4.3442	55686.0000	Avg: 58215.0000 Med: 57944.0000 Stdev: 993.4793	0.7911	-2.5456
BenchmarkBSONFullDocumentEncoding	total_mem_allocs	4.2152	1459274.0000	Avg: 1400251.0465 Med: 1401957.0000 Stdev: 21869.9732	0.7913	2.6988
BenchmarkBSONFlatDocumentDecoding	ops_per_second_med	4.1521	19185.7565	Avg: 18420.9061 Med: 18425.1983 Stdev: 232.9434	0.8314	3.2834
BenchmarkBSONFullDocumentEncoding	total_bytes_allocated	4.1463	252505168.0000	Avg: 242452306.6047 Med: 242695476.0000 Stdev: 3755522.1118	0.7895	2.6768
BenchmarkBSONFlatDocumentDecoding	ops_per_second_max	3.8014	19918.3348	Avg: 19188.8888 Med: 19202.3350 Stdev: 207.8170	0.8465	3.5100
BenchmarkBSONDeepDocumentDecoding	ns_per_op	-3.4270	69423.0000	Avg: 71886.5714 Med: 71794.0000 Stdev: 889.7551	0.7977	-2.7688
BenchmarkBSONFullDocumentDecoding	ops_per_second_med	3.4182	13256.0945	Avg: 12817.9510 Med: 12866.0388 Stdev: 200.9136	0.7600	2.1808
BenchmarkBSONFullDocumentEncoding	ns_per_op	-3.4024	24761.0000	Avg: 25633.1395 Med: 25543.5000 Stdev: 383.5272	0.7573	-2.2740
BenchmarkBSONDeepDocumentDecoding	total_mem_allocs	3.3272	11969739.0000	Avg: 11584300.9048 Med: 11589576.0000 Stdev: 152411.8017	0.7796	2.5289
BenchmarkBSONDeepDocumentDecoding	total_bytes_allocated	3.3255	260106856.0000	Avg: 251735293.3333 Med: 251870176.0000 Stdev: 3331935.6996	0.7784	2.5125
BenchmarkBSONFullDocumentDecoding	ops_per_second_max	3.2438	13804.9090	Avg: 13371.1813 Med: 13377.3895 Stdev: 130.1025	0.8461	3.3337
BenchmarkBSONFullDocumentEncoding	ops_per_second_med	3.1553	43055.1968	Avg: 41738.2334 Med: 41743.2250 Stdev: 580.1145	0.7577	2.2702
BenchmarkMultiFindMany	ops_per_second_max	3.1461	3703703.7037	Avg: 3590736.2100 Med: 3584229.3907 Stdev: 45708.1199	0.7947	2.4715
BenchmarkBSONDeepDocumentDecoding	ops_per_second_med	2.9437	15161.8528	Avg: 14728.2905 Med: 14704.5849 Stdev: 158.1229	0.7960	2.7419
BenchmarkMultiFindMany	ops_per_second_med	2.8815	3278688.5246	Avg: 3186860.4225 Med: 3184713.3758 Stdev: 33664.2640	0.8024	2.7278
BenchmarkBSONFullDocumentEncoding	ops_per_second_max	2.6958	44312.4917	Avg: 43149.2858 Med: 43119.2521 Stdev: 531.4999	0.7502	2.1885
BenchmarkBSONDeepDocumentDecoding	ops_per_second_max	2.4067	15567.5945	Avg: 15201.7326 Med: 15264.1460 Stdev: 166.4056	0.7510	2.1986
BenchmarkBSONFlatDocumentDecoding	total_time_seconds	1.2301	1.2112	Avg: 1.1965 Med: 1.1965 Stdev: 0.0046	0.8233	3.1663
BenchmarkSingleFindOneByID	allocs_per_op	0.3717	360.0000	Avg: 358.6667 Med: 359.0000 Stdev: 0.6583	0.7517	2.0255
BenchmarkSingleRunCommand	allocated_bytes_per_op	-0.0781	12187.0000	Avg: 12196.5238 Med: 12196.0000 Stdev: 4.6111	0.7481	-2.0654
BenchmarkBSONFlatDocumentDecoding	allocated_bytes_per_op	0.0462	18054.0000	Avg: 18045.6667 Med: 18046.0000 Stdev: 0.6583	0.9603	12.6592
BenchmarkBSONFullDocumentDecoding	allocated_bytes_per_op	-0.0070	25322.0000	Avg: 25323.7619 Med: 25324.0000 Stdev: 0.8891	0.7452	-1.9817

For a comprehensive view of all microbenchmark results for this PR's commit, please check out the Evergreen perf task for this patch.

[matthewdale]

The tests currently fail with

Environment variable ATLAS_X509_DEV_CERT_BASE64 is not set

and

Environment variable ATLAS_X509_DEV_CERT_NOUSER_BASE64 is not set

The rest of the tests are skipped because the env vars are not set. It's not clear where the env vars are expected to be set.

[matthewdale]

It seems none of the URI env vars were previously populated, effectively making this test a no-op. It's unclear when that change happened because the test passes silently.

[prestonvasquez]

These tests do pass and are not skipped on the correct task: https://parsley.mongodb.com/test/mongo_go_driver_atlas_test_atlas_test_patch_5b79d946e0414b30e7a4ce53beedd43abef23eb2_689a9b41febc2d0007ffba2d_25_08_12_01_39_16/0/f9ccdfa9f8beaef7f7d584890b0b7de3?bookmarks=0,31&shareLine=1

[matthewdale]

Ah, I see that now, thanks for the clarification!

[matthewdale]

Skipping if the env vars aren't set will cause the tests to silently pass if the env vars somehow get unset, even if there is a bug. Is there a way to not skip in this case?

[prestonvasquez]

We can add a build tag and remove the skip option.

[matthewdale]

Sounds like a great solution!

[alcaeus]

It's not clear where the env vars are expected to be set

The variables can be set using the secrets manager, here's how we do this for PHPC: https://github.com/mongodb/mongo-php-driver/blob/b6ed52c2b83be428d8eb093f402c49ccf96c57cf/.evergreen/config/test-tasks.yml#L5..L16

We then include the secrets-export.sh file before running tests: https://github.com/mongodb/mongo-php-driver/blob/b6ed52c2b83be428d8eb093f402c49ccf96c57cf/.evergreen/run-tests.sh#L42-L45

[matthewdale]

Looks good! 👍

[Copilot]

Pull Request Overview

This PR adds test support for MONGODB-X509 authentication on cloud-dev environments to ensure OpenSSL 3 compatibility. The changes restructure the Atlas test suite to use table-driven tests and adds specific X509 authentication test cases.

• Refactors the Atlas test suite from command-line argument based testing to table-driven tests
• Adds new test cases for X509 authentication including positive and negative scenarios
• Implements helper functions for creating temporary certificate files from base64-encoded environment variables

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File	Description
internal/require/require.go	Adds NotEmpty assertion function for test requirements
internal/assert/assertions.go	Adds NotEmpty assertion function for test assertions
internal/cmd/testatlas/atlas_test.go	Restructures Atlas tests to table-driven format and adds X509 test cases
Taskfile.yml	Updates test command to use build tags instead of command-line arguments

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}