diff options
| author | Mark Benvenuto <mark.benvenuto@mongodb.com> | 2022-07-11 13:51:44 -0400 |
|---|---|---|
| committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2022-07-15 19:08:21 +0000 |
| commit | 49802bc44a41271ae1dac871b28bdf1146f77ece (patch) | |
| tree | 9f2d3a91a5d3aac7f8a8dd2ab754bac072f03d4a /src | |
| parent | 6f06862f5d76a46f3570ff3a6ed2d616991d8e5a (diff) | |
| download | mongo-49802bc44a41271ae1dac871b28bdf1146f77ece.tar.gz | |
SERVER-65077 Remove FCV gating logic for FLE 2 after branching 6.0
Diffstat (limited to 'src')
| -rw-r--r-- | src/mongo/crypto/encryption_fields.idl | 6 | ||||
| -rw-r--r-- | src/mongo/db/catalog/collection_options_test.cpp | 15 | ||||
| -rw-r--r-- | src/mongo/db/commands/create_indexes.cpp | 6 | ||||
| -rw-r--r-- | src/mongo/db/commands/fle2_compact_cmd.cpp | 5 | ||||
| -rw-r--r-- | src/mongo/db/commands/set_feature_compatibility_version_command.cpp | 26 | ||||
| -rw-r--r-- | src/mongo/db/fle_crud.cpp | 10 | ||||
| -rw-r--r-- | src/mongo/db/fle_crud.h | 10 | ||||
| -rw-r--r-- | src/mongo/db/fle_crud_mongod.cpp | 16 | ||||
| -rw-r--r-- | src/mongo/db/s/shard_key_util.cpp | 5 | ||||
| -rw-r--r-- | src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp | 4 | ||||
| -rw-r--r-- | src/mongo/shell/shell_options.cpp | 1 |
11 files changed, 2 insertions, 102 deletions
diff --git a/src/mongo/crypto/encryption_fields.idl b/src/mongo/crypto/encryption_fields.idl index 9b0b877e9a1..3f573d68f9f 100644 --- a/src/mongo/crypto/encryption_fields.idl +++ b/src/mongo/crypto/encryption_fields.idl @@ -41,12 +41,6 @@ enums: Range: "range" feature_flags: - featureFlagFLE2: - description: "Enable Queryable Encryption support" - cpp_varname: gFeatureFlagFLE2 - default: true - version: 6.0 - featureFlagFLE2Range: description: "Enable support for range indexes in Queryable Encryption" cpp_varname: gFeatureFlagFLE2Range diff --git a/src/mongo/db/catalog/collection_options_test.cpp b/src/mongo/db/catalog/collection_options_test.cpp index 33e3082e6ab..6312989cb09 100644 --- a/src/mongo/db/catalog/collection_options_test.cpp +++ b/src/mongo/db/catalog/collection_options_test.cpp @@ -359,8 +359,6 @@ TEST(CollectionOptions, NExtentsNoError) { // Duplicate fields is not allowed TEST(FLECollectionOptions, MultipleFields) { - RAIIServerParameterControllerForTest featureFlagController("featureFlagFLE2", true); - ASSERT_STATUS_CODE(6338402, CollectionOptions::parse(fromjson(R"({ encryptedFields: { "fields": [ @@ -382,8 +380,6 @@ TEST(FLECollectionOptions, MultipleFields) { // Duplicate key ids are bad, it breaks the design TEST(FLECollectionOptions, DuplicateKeyIds) { - RAIIServerParameterControllerForTest featureFlagController("featureFlagFLE2", true); - ASSERT_STATUS_CODE(6338401, CollectionOptions::parse(fromjson(R"({ encryptedFields: { "fields": [ @@ -404,7 +400,6 @@ TEST(FLECollectionOptions, DuplicateKeyIds) { } TEST(FLECollectionOptions, NonConflictingPrefixes) { - RAIIServerParameterControllerForTest featureFlagController("featureFlagFLE2", true); ASSERT_OK(CollectionOptions::parse(fromjson(R"({ encryptedFields: { "fields": [ @@ -445,8 +440,6 @@ TEST(FLECollectionOptions, NonConflictingPrefixes) { } TEST(FLECollectionOptions, ConflictingPrefixes) { - RAIIServerParameterControllerForTest featureFlagController("featureFlagFLE2", true); - ASSERT_STATUS_CODE(6338403, CollectionOptions::parse(fromjson(R"({ encryptedFields: { "fields": [ @@ -503,10 +496,6 @@ TEST(FLECollectionOptions, ConflictingPrefixes) { } TEST(FLECollectionOptions, DuplicateQueryTypes) { - - - RAIIServerParameterControllerForTest featureFlagController("featureFlagFLE2", true); - ASSERT_STATUS_CODE(6338404, CollectionOptions::parse(fromjson(R"({ encryptedFields: { "fields": [ @@ -521,8 +510,6 @@ TEST(FLECollectionOptions, DuplicateQueryTypes) { } TEST(FLECollectionOptions, AllowedTypes) { - RAIIServerParameterControllerForTest featureFlagController("featureFlagFLE2", true); - std::vector<std::string> typesAllowedIndexed({ "string", "binData", @@ -591,8 +578,6 @@ TEST(FLECollectionOptions, AllowedTypes) { TEST(FLECollectionOptions, DisAllowedTypes) { - RAIIServerParameterControllerForTest featureFlagController("featureFlagFLE2", true); - std::vector<std::string> typesDisallowedIndexed({ "minKey", "missing", diff --git a/src/mongo/db/commands/create_indexes.cpp b/src/mongo/db/commands/create_indexes.cpp index ef79e828556..dfb1c8f0db6 100644 --- a/src/mongo/db/commands/create_indexes.cpp +++ b/src/mongo/db/commands/create_indexes.cpp @@ -203,12 +203,6 @@ void validateTTLOptions(OperationContext* opCtx, void checkEncryptedFieldIndexRestrictions(OperationContext* opCtx, const NamespaceString& ns, const CreateIndexesCommand& cmd) { - // TODO (SERVER-65077): Remove FCV check once 6.0 is released - if (serverGlobalParams.featureCompatibility.isVersionInitialized() && - !gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)) { - return; - } - AutoGetCollection collection(opCtx, ns, MODE_IS); if (!collection) { return; diff --git a/src/mongo/db/commands/fle2_compact_cmd.cpp b/src/mongo/db/commands/fle2_compact_cmd.cpp index 1867f50ad78..bd3df18eb8d 100644 --- a/src/mongo/db/commands/fle2_compact_cmd.cpp +++ b/src/mongo/db/commands/fle2_compact_cmd.cpp @@ -89,11 +89,6 @@ CompactStats compactEncryptedCompactionCollection(OperationContext* opCtx, str::stream() << "Collection '" << edcNss << "' does not exist"); } - // TODO (SERVER-65077): Remove FCV check once 6.0 is released - uassert(6319903, - "Queryable Encryption is only supported when FCV supports 6.0", - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)); - validateCompactRequest(request, *edc.get()); auto namespaces = diff --git a/src/mongo/db/commands/set_feature_compatibility_version_command.cpp b/src/mongo/db/commands/set_feature_compatibility_version_command.cpp index fcbe33dc343..3bdd4f03141 100644 --- a/src/mongo/db/commands/set_feature_compatibility_version_command.cpp +++ b/src/mongo/db/commands/set_feature_compatibility_version_command.cpp @@ -351,17 +351,6 @@ public: if (request.getPhase() == SetFCVPhaseEnum::kStart) { invariant(serverGlobalParams.clusterRole == ClusterRole::ShardServer); - // TODO SERVER-65077: Remove FCV check once 6.0 is released - if (actualVersion > requestedVersion && - !gFeatureFlagFLE2.isEnabledOnVersion(requestedVersion)) { - // No more (recoverable) CompactStructuredEncryptionDataCoordinator will start - // because we have already switched the FCV value to kDowngrading. Wait for the - // ongoing CompactStructuredEncryptionDataCoordinator to finish. - ShardingDDLCoordinatorService::getService(opCtx) - ->waitForCoordinatorsOfGivenTypeToComplete( - opCtx, DDLCoordinatorTypeEnum::kCompactStructuredEncryptionData); - } - // If we are only running phase-1, then we are done return true; } @@ -536,21 +525,6 @@ private: return collection->getTimeseriesOptions() != boost::none; }); } - - // Block downgrade for collections with encrypted fields - // TODO SERVER-65077: Remove once FCV 6.0 becomes last-lts. - for (const auto& dbName : DatabaseHolder::get(opCtx)->getNames()) { - Lock::DBLock dbLock(opCtx, dbName, MODE_IX); - catalog::forEachCollectionFromDb( - opCtx, dbName, MODE_X, [&](const CollectionPtr& collection) { - uassert( - ErrorCodes::CannotDowngrade, - str::stream() << "Cannot downgrade the cluster as collection " - << collection->ns() << " has 'encryptedFields'", - !collection->getCollectionOptions().encryptedFieldConfig.has_value()); - return true; - }); - } } { diff --git a/src/mongo/db/fle_crud.cpp b/src/mongo/db/fle_crud.cpp index 18eeeeb8e7c..38cc9cd5510 100644 --- a/src/mongo/db/fle_crud.cpp +++ b/src/mongo/db/fle_crud.cpp @@ -931,11 +931,6 @@ FLEBatchResult processFLEBatch(OperationContext* opCtx, return FLEBatchResult::kNotProcessed; } - // TODO (SERVER-65077): Remove FCV check once 6.0 is released - uassert(6371209, - "Queryable Encryption is only supported when FCV supports 6.0", - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)); - if (request.getBatchType() == BatchedCommandRequest::BatchType_Insert) { auto insertRequest = request.getInsertRequest(); @@ -1220,11 +1215,6 @@ FLEBatchResult processFLEFindAndModify(OperationContext* opCtx, return FLEBatchResult::kNotProcessed; } - // TODO (SERVER-65077): Remove FCV check once 6.0 is released - if (!gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)) { - uasserted(6371405, "Queryable Encryption is only supported when FCV supports 6.0"); - } - // FLE2 Mongos CRUD operations loopback through MongoS with EncryptionInformation as // findAndModify so query can do any necessary transformations. But on the nested call, CRUD // does not need to do any more work. diff --git a/src/mongo/db/fle_crud.h b/src/mongo/db/fle_crud.h index 7c8d93ae1f9..c91f7c1eee4 100644 --- a/src/mongo/db/fle_crud.h +++ b/src/mongo/db/fle_crud.h @@ -218,18 +218,12 @@ std::unique_ptr<Pipeline, PipelineDeleter> processFLEPipelineD( */ template <typename T> bool shouldDoFLERewrite(const std::unique_ptr<T>& cmd) { - // TODO (SERVER-65077): Remove FCV check once 6.0 is released - return (!serverGlobalParams.featureCompatibility.isVersionInitialized() || - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)) && - cmd->getEncryptionInformation(); + return cmd->getEncryptionInformation().has_value(); } template <typename T> bool shouldDoFLERewrite(const T& cmd) { - // TODO (SERVER-65077): Remove FCV check once 6.0 is released - return (!serverGlobalParams.featureCompatibility.isVersionInitialized() || - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)) && - cmd.getEncryptionInformation(); + return cmd.getEncryptionInformation().has_value(); } /** diff --git a/src/mongo/db/fle_crud_mongod.cpp b/src/mongo/db/fle_crud_mongod.cpp index 1e488f1f65a..46098aa20f7 100644 --- a/src/mongo/db/fle_crud_mongod.cpp +++ b/src/mongo/db/fle_crud_mongod.cpp @@ -180,10 +180,6 @@ FLEBatchResult processFLEInsert(OperationContext* opCtx, repl::ReplicationCoordinator::get(opCtx->getServiceContext())->getReplicationMode() == repl::ReplicationCoordinator::modeReplSet); - uassert(5926101, - "Queryable Encryption is only supported when FCV supports 6.0", - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)); - auto [batchResult, insertReplyReturn] = processInsert(opCtx, insertRequest, &getTransactionWithRetriesForMongoD); @@ -206,10 +202,6 @@ write_ops::DeleteCommandReply processFLEDelete( repl::ReplicationCoordinator::get(opCtx->getServiceContext())->getReplicationMode() == repl::ReplicationCoordinator::modeReplSet); - uassert(5926102, - "Queryable Encryption is only supported when FCV supports 6.0", - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)); - auto deleteReply = processDelete(opCtx, deleteRequest, &getTransactionWithRetriesForMongoD); setMongosFieldsInReply(opCtx, &deleteReply.getWriteCommandReplyBase()); @@ -225,10 +217,6 @@ write_ops::FindAndModifyCommandReply processFLEFindAndModify( repl::ReplicationCoordinator::get(opCtx->getServiceContext())->getReplicationMode() == repl::ReplicationCoordinator::modeReplSet); - uassert(5926103, - "Queryable Encryption is only supported when FCV supports 6.0", - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)); - auto reply = processFindAndModifyRequest<write_ops::FindAndModifyCommandReply>( opCtx, findAndModifyRequest, &getTransactionWithRetriesForMongoD); @@ -243,10 +231,6 @@ write_ops::UpdateCommandReply processFLEUpdate( repl::ReplicationCoordinator::get(opCtx->getServiceContext())->getReplicationMode() == repl::ReplicationCoordinator::modeReplSet); - uassert(5926104, - "Queryable Encryption is only supported when FCV supports 6.0", - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)); - auto updateReply = processUpdate(opCtx, updateRequest, &getTransactionWithRetriesForMongoD); setMongosFieldsInReply(opCtx, &updateReply.getWriteCommandReplyBase()); diff --git a/src/mongo/db/s/shard_key_util.cpp b/src/mongo/db/s/shard_key_util.cpp index a0363a907d4..2bacf4b94c5 100644 --- a/src/mongo/db/s/shard_key_util.cpp +++ b/src/mongo/db/s/shard_key_util.cpp @@ -235,11 +235,6 @@ bool validateShardKeyIndexExistsOrCreateIfPossible(OperationContext* opCtx, void validateShardKeyIsNotEncrypted(OperationContext* opCtx, const NamespaceString& nss, const ShardKeyPattern& shardKeyPattern) { - // TODO (SERVER-65077): Remove FCV check once 6.0 is released - if (!gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)) { - return; - } - AutoGetCollection collection(opCtx, nss, MODE_IS, AutoGetCollectionViewMode::kViewsPermitted); if (!collection || collection.getView()) { return; diff --git a/src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp b/src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp index 18eb42ef46f..1bbb55c6da3 100644 --- a/src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp +++ b/src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp @@ -77,10 +77,6 @@ public: using InvocationBase::InvocationBase; Reply typedRun(OperationContext* opCtx) { - // TODO (SERVER-65077): Remove FCV check once 6.0 is released - uassert(6350499, - "Queryable Encryption is only supported when FCV supports 6.0", - gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)); FixedFCVRegion fixedFcvRegion(opCtx); auto compact = makeRequest(opCtx); diff --git a/src/mongo/shell/shell_options.cpp b/src/mongo/shell/shell_options.cpp index 2c8fd8e2326..48b1d9fdf71 100644 --- a/src/mongo/shell/shell_options.cpp +++ b/src/mongo/shell/shell_options.cpp @@ -67,7 +67,6 @@ const std::set<std::string> kSetShellParameterAllowlist = { "awsEC2InstanceMetadataUrl", "awsECSInstanceMetadataUrl", "disabledSecureAllocatorDomains", - "featureFlagFLE2", "newLineAfterPasswordPromptForTest", "ocspClientHttpTimeoutSecs", "ocspEnabled", |