SERVER-53403 Define IDL type for docs in admin.system.external_validation_keys

author: Cheahuychou Mao <mao.cheahuychou@gmail.com> 2021-01-06 21:32:34 +0000
committer: Evergreen Agent <no-reply@evergreen.mongodb.com> 2021-01-15 22:47:49 +0000
commit: f99876a23cd41e89331a2fb2a3c3d799e2b514a7 (patch)
tree: 69051ae9998b9b0b98844b72c4d1440fe7cd969c /src
parent: 14ad73ec6ab5eb8026b0577e22ba357e1b7b3bf8 (diff)
download: mongo-f99876a23cd41e89331a2fb2a3c3d799e2b514a7.tar.gz
10 files changed, 139 insertions, 66 deletions
diff --git a/src/mongo/db/key_generator.cpp b/src/mongo/db/key_generator.cpp
index eac600c5fd1..a108d1cd4a9 100644
--- a/src/mongo/db/key_generator.cpp
+++ b/src/mongo/db/key_generator.cpp
@@ -57,7 +57,9 @@ Status insertNewKey(OperationContext* opCtx,
                     long long keyId,
                     const std::string& purpose,
                     const LogicalTime& expiresAt) {
-    KeysCollectionDocument newKey(keyId, purpose, TimeProofService::generateRandomKey(), expiresAt);
+    KeysCollectionDocument newKey(keyId);
+    newKey.setKeysCollectionDocumentBase(
+        {purpose, TimeProofService::generateRandomKey(), expiresAt});
     return client->insertNewKey(opCtx, newKey.toBSON());
 }
 
diff --git a/src/mongo/db/key_generator_update_test.cpp b/src/mongo/db/key_generator_update_test.cpp
index d794e0caab6..cb1191e5621 100644
--- a/src/mongo/db/key_generator_update_test.cpp
+++ b/src/mongo/db/key_generator_update_test.cpp
@@ -109,8 +109,9 @@ TEST_F(KeyGeneratorUpdateTest, ShouldCreateAnotherKeyIfOnlyOneKeyExists) {
 
     VectorClockMutable::get(operationContext())->tickClusterTimeTo(LogicalTime(Timestamp(100, 2)));
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
@@ -156,13 +157,15 @@ TEST_F(KeyGeneratorUpdateTest, ShouldCreateAnotherKeyIfNoValidKeyAfterCurrent) {
 
     VectorClockMutable::get(operationContext())->tickClusterTimeTo(LogicalTime(Timestamp(108, 2)));
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
-    KeysCollectionDocument origKey2(
-        2, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0)));
+    KeysCollectionDocument origKey2(2);
+    origKey2.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey2.toBSON()));
 
@@ -239,13 +242,15 @@ TEST_F(KeyGeneratorUpdateTest, ShouldCreate2KeysIfAllKeysAreExpired) {
 
     VectorClockMutable::get(operationContext())->tickClusterTimeTo(LogicalTime(Timestamp(120, 2)));
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
-    KeysCollectionDocument origKey2(
-        2, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0)));
+    KeysCollectionDocument origKey2(2);
+    origKey2.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey2.toBSON()));
 
@@ -337,13 +342,15 @@ TEST_F(KeyGeneratorUpdateTest, ShouldNotCreateNewKeyIfThereAre2UnexpiredKeys) {
     const LogicalTime currentTime(LogicalTime(Timestamp(100, 2)));
     VectorClockMutable::get(operationContext())->tickClusterTimeTo(currentTime);
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
-    KeysCollectionDocument origKey2(
-        2, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0)));
+    KeysCollectionDocument origKey2(2);
+    origKey2.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey2.toBSON()));
 
diff --git a/src/mongo/db/keys_collection_cache_test.cpp b/src/mongo/db/keys_collection_cache_test.cpp
index da649b06c70..a1d0732ae9f 100644
--- a/src/mongo/db/keys_collection_cache_test.cpp
+++ b/src/mongo/db/keys_collection_cache_test.cpp
@@ -77,8 +77,9 @@ TEST_F(CacheTest, RefreshErrorsIfCacheIsEmpty) {
 TEST_F(CacheTest, GetKeyShouldReturnCorrectKeyAfterRefresh) {
     KeysCollectionCache cache("test", catalogClient());
 
-    KeysCollectionDocument origKey1(
-        1, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
@@ -108,8 +109,9 @@ TEST_F(CacheTest, GetKeyShouldReturnCorrectKeyAfterRefresh) {
 TEST_F(CacheTest, GetKeyShouldReturnErrorIfNoKeyIsValidForGivenTime) {
     KeysCollectionCache cache("test", catalogClient());
 
-    KeysCollectionDocument origKey1(
-        1, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
@@ -131,18 +133,21 @@ TEST_F(CacheTest, GetKeyShouldReturnErrorIfNoKeyIsValidForGivenTime) {
 TEST_F(CacheTest, GetKeyShouldReturnOldestKeyPossible) {
     KeysCollectionCache cache("test", catalogClient());
 
-    KeysCollectionDocument origKey0(
-        0, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(100, 0)));
+    KeysCollectionDocument origKey0(0);
+    origKey0.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(100, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey0.toBSON()));
 
-    KeysCollectionDocument origKey1(
-        1, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
-    KeysCollectionDocument origKey2(
-        2, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0)));
+    KeysCollectionDocument origKey2(2);
+    origKey2.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey2.toBSON()));
 
@@ -172,8 +177,9 @@ TEST_F(CacheTest, GetKeyShouldReturnOldestKeyPossible) {
 TEST_F(CacheTest, RefreshShouldNotGetKeysForOtherPurpose) {
     KeysCollectionCache cache("test", catalogClient());
 
-    KeysCollectionDocument origKey0(
-        0, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(100, 0)));
+    KeysCollectionDocument origKey0(0);
+    origKey0.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(100, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey0.toBSON()));
 
@@ -185,8 +191,9 @@ TEST_F(CacheTest, RefreshShouldNotGetKeysForOtherPurpose) {
         ASSERT_EQ(ErrorCodes::KeyNotFound, emptyKeyStatus.getStatus());
     }
 
-    KeysCollectionDocument origKey1(
-        1, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
@@ -216,8 +223,9 @@ TEST_F(CacheTest, RefreshShouldNotGetKeysForOtherPurpose) {
 TEST_F(CacheTest, RefreshCanIncrementallyGetNewKeys) {
     KeysCollectionCache cache("test", catalogClient());
 
-    KeysCollectionDocument origKey0(
-        0, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(100, 0)));
+    KeysCollectionDocument origKey0(0);
+    origKey0.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(100, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey0.toBSON()));
 
@@ -236,13 +244,15 @@ TEST_F(CacheTest, RefreshCanIncrementallyGetNewKeys) {
         ASSERT_EQ(ErrorCodes::KeyNotFound, keyStatus.getStatus());
     }
 
-    KeysCollectionDocument origKey1(
-        1, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
-    KeysCollectionDocument origKey2(
-        2, "test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0)));
+    KeysCollectionDocument origKey2(2);
+    origKey2.setKeysCollectionDocumentBase(
+        {"test", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey2.toBSON()));
 
diff --git a/src/mongo/db/keys_collection_document.idl b/src/mongo/db/keys_collection_document.idl
index dbffd8168a7..f1d49509207 100644
--- a/src/mongo/db/keys_collection_document.idl
+++ b/src/mongo/db/keys_collection_document.idl
@@ -43,16 +43,12 @@ types:
     deserializer: LogicalTime::parseFromBSON
 
 structs:
-    keysCollectionDocument:
+    keysCollectionDocumentBase:
         description: >-
-            Represents a key document stored in admin.system.keys.
+            Contains the fields shared by key documents stored in admin.system.keys and
+            admin.system.external_validation_keys.
         strict: true
         fields:
-            _id:
-                type: safeInt64
-                description: >-
-                    NumberLong representation of the cluster time at which the key was created.
-                cpp_name: keyId
             purpose:
                 type: string
                 description: "The purpose of the key."
@@ -62,3 +58,40 @@ structs:
             expiresAt:
                 type: logicalTime
                 description: "The logical time at which the key will expire."
+
+    keysCollectionDocument:
+        description: >-
+            Represents a key document stored in admin.system.keys.
+        strict: true
+        inline_chained_structs: true
+        chained_structs:
+            keysCollectionDocumentBase: keysCollectionDocumentBase
+        fields:
+            _id:
+                type: safeInt64
+                description: >-
+                    NumberLong representation of the cluster time at which the key was created.
+                cpp_name: keyId
+
+    externalKeysCollectionDocument:
+        description: >-
+            Represents a key document stored in admin.system.external_validation_keys.
+        strict: true
+        inline_chained_structs: true
+        chained_structs:
+            keysCollectionDocumentBase: keysCollectionDocumentBase
+        fields:
+            # TODO (SERVER-53406): Add ttlExpiresAt field.
+            _id:
+                type: objectid
+                description: "Unique identifier for this key document."
+                cpp_name: id
+            keyId:
+                type: safeInt64
+                description: >-
+                    NumberLong representation of the cluster time at which the key was created.
+                    Corresponds to the _id of the admin.system.keys document for this key.
+                cpp_name: keyId
+            replicaSetName:
+                type: string
+                description: "The name of the replica set that created this key."
diff --git a/src/mongo/db/keys_collection_document_test.cpp b/src/mongo/db/keys_collection_document_test.cpp
index 6be5e268507..ff8a2fd57b7 100644
--- a/src/mongo/db/keys_collection_document_test.cpp
+++ b/src/mongo/db/keys_collection_document_test.cpp
@@ -50,7 +50,8 @@ TEST(KeysCollectionDocument, Roundtrip) {
 
     const auto expiresAt = LogicalTime(Timestamp(100, 200));
 
-    KeysCollectionDocument keysCollectionDoc(keyId, purpose, key, expiresAt);
+    KeysCollectionDocument keysCollectionDoc(keyId);
+    keysCollectionDoc.setKeysCollectionDocumentBase({purpose, key, expiresAt});
 
     auto serializedObj = keysCollectionDoc.toBSON();
     auto parsedKey = KeysCollectionDocument::parse(IDLParserErrorContext("keyDoc"), serializedObj);
diff --git a/src/mongo/db/keys_collection_manager_sharding_test.cpp b/src/mongo/db/keys_collection_manager_sharding_test.cpp
index a1c829b263b..290934396d4 100644
--- a/src/mongo/db/keys_collection_manager_sharding_test.cpp
+++ b/src/mongo/db/keys_collection_manager_sharding_test.cpp
@@ -95,8 +95,9 @@ TEST_F(KeysManagerShardedTest, GetKeyForValidationErrorsIfKeyDoesntExist) {
 TEST_F(KeysManagerShardedTest, GetKeyWithSingleKey) {
     keyManager()->startMonitoring(getServiceContext());
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
@@ -113,13 +114,15 @@ TEST_F(KeysManagerShardedTest, GetKeyWithSingleKey) {
 TEST_F(KeysManagerShardedTest, GetKeyWithMultipleKeys) {
     keyManager()->startMonitoring(getServiceContext());
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
-    KeysCollectionDocument origKey2(
-        2, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(205, 0)));
+    KeysCollectionDocument origKey2(2);
+    origKey2.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(205, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey2.toBSON()));
 
@@ -145,8 +148,9 @@ TEST_F(KeysManagerShardedTest, GetKeyWithMultipleKeys) {
 TEST_F(KeysManagerShardedTest, GetKeyShouldErrorIfKeyIdMismatchKey) {
     keyManager()->startMonitoring(getServiceContext());
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
@@ -158,12 +162,14 @@ TEST_F(KeysManagerShardedTest, GetKeyShouldErrorIfKeyIdMismatchKey) {
 TEST_F(KeysManagerShardedTest, GetKeyWithoutRefreshShouldReturnRightKey) {
     keyManager()->startMonitoring(getServiceContext());
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
-    KeysCollectionDocument origKey2(
-        2, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0)));
+    KeysCollectionDocument origKey2(2);
+    origKey2.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey2.toBSON()));
 
@@ -193,8 +199,9 @@ TEST_F(KeysManagerShardedTest, GetKeyWithoutRefreshShouldReturnRightKey) {
 TEST_F(KeysManagerShardedTest, GetKeyForSigningShouldReturnRightKey) {
     keyManager()->startMonitoring(getServiceContext());
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
@@ -212,12 +219,14 @@ TEST_F(KeysManagerShardedTest, GetKeyForSigningShouldReturnRightKey) {
 TEST_F(KeysManagerShardedTest, GetKeyForSigningShouldReturnRightOldKey) {
     keyManager()->startMonitoring(getServiceContext());
 
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
-    KeysCollectionDocument origKey2(
-        2, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0)));
+    KeysCollectionDocument origKey2(2);
+    origKey2.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(110, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey2.toBSON()));
 
@@ -283,8 +292,9 @@ TEST_F(KeysManagerShardedTest, EnableModeFlipFlopStressTest) {
 }
 
 TEST_F(KeysManagerShardedTest, ShouldStillBeAbleToUpdateCacheEvenIfItCantCreateKeys) {
-    KeysCollectionDocument origKey1(
-        1, "dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0)));
+    KeysCollectionDocument origKey1(1);
+    origKey1.setKeysCollectionDocumentBase(
+        {"dummy", TimeProofService::generateRandomKey(), LogicalTime(Timestamp(105, 0))});
     ASSERT_OK(insertToConfigCollection(
         operationContext(), NamespaceString::kKeysCollectionNamespace, origKey1.toBSON()));
 
diff --git a/src/mongo/db/namespace_string.cpp b/src/mongo/db/namespace_string.cpp
index a215115417d..d25886e4904 100644
--- a/src/mongo/db/namespace_string.cpp
+++ b/src/mongo/db/namespace_string.cpp
@@ -111,6 +111,9 @@ const NamespaceString NamespaceString::kReshardingTxnClonerProgressNamespace(
 const NamespaceString NamespaceString::kKeysCollectionNamespace(NamespaceString::kAdminDb,
                                                                 "system.keys");
 
+const NamespaceString NamespaceString::kExternalKeysCollectionNamespace(
+    NamespaceString::kAdminDb, "system.external_validation_keys");
+
 bool NamespaceString::isListCollectionsCursorNS() const {
     return coll() == listCollectionsCursorCol;
 }
diff --git a/src/mongo/db/namespace_string.h b/src/mongo/db/namespace_string.h
index f702eaa2044..03accfec6f7 100644
--- a/src/mongo/db/namespace_string.h
+++ b/src/mongo/db/namespace_string.h
@@ -148,9 +148,13 @@ public:
     // Namespace for storing config.transactions cloner progress for resharding.
     static const NamespaceString kReshardingTxnClonerProgressNamespace;
 
-    // Namespace for storing keys for signing and validating cluster times.
+    // Namespace for storing keys for signing and validating cluster times created by the cluster
+    // that this node is in.
     static const NamespaceString kKeysCollectionNamespace;
 
+    // Namespace for storing keys for validating cluster times created by other clusters.
+    static const NamespaceString kExternalKeysCollectionNamespace;
+
     /**
      * Constructs an empty NamespaceString.
      */
diff --git a/src/mongo/s/catalog/sharding_catalog_client_test.cpp b/src/mongo/s/catalog/sharding_catalog_client_test.cpp
index 6166fb43926..35fcbeb8757 100644
--- a/src/mongo/s/catalog/sharding_catalog_client_test.cpp
+++ b/src/mongo/s/catalog/sharding_catalog_client_test.cpp
@@ -1288,11 +1288,13 @@ TEST_F(ShardingCatalogClientTest, GetNewKeys) {
 
     LogicalTime dummyTime(Timestamp(9876, 5432));
     auto randomKey1 = TimeProofService::generateRandomKey();
-    KeysCollectionDocument key1(1, "none", randomKey1, dummyTime);
+    KeysCollectionDocument key1(1);
+    key1.setKeysCollectionDocumentBase({"none", randomKey1, dummyTime});
 
     LogicalTime dummyTime2(Timestamp(123456, 789));
     auto randomKey2 = TimeProofService::generateRandomKey();
-    KeysCollectionDocument key2(2, "none", randomKey2, dummyTime2);
+    KeysCollectionDocument key2(2);
+    key2.setKeysCollectionDocumentBase({"none", randomKey2, dummyTime2});
 
     onFindCommand([this, key1, key2](const RemoteCommandRequest& request) {
         ASSERT_EQ("config:123", request.target.toString());
diff --git a/src/mongo/util/uuid.h b/src/mongo/util/uuid.h
index de3e4930a5d..53f641e6590 100644
--- a/src/mongo/util/uuid.h
+++ b/src/mongo/util/uuid.h
@@ -73,6 +73,7 @@ class UUID {
     friend class DatabaseVersion;
     friend class DbCheckOplogCollection;
     friend class EncryptionPlaceholder;
+    friend class ExternalKeysCollectionDocument;
     friend class idl::import::One_UUID;
     friend class IndexBuildEntry;
     friend class KeyStoreRecord;
author	Cheahuychou Mao <mao.cheahuychou@gmail.com>	2021-01-06 21:32:34 +0000
committer	Evergreen Agent <no-reply@evergreen.mongodb.com>	2021-01-15 22:47:49 +0000
commit	f99876a23cd41e89331a2fb2a3c3d799e2b514a7 (patch)
tree	69051ae9998b9b0b98844b72c4d1440fe7cd969c /src
parent	14ad73ec6ab5eb8026b0577e22ba357e1b7b3bf8 (diff)
download	mongo-f99876a23cd41e89331a2fb2a3c3d799e2b514a7.tar.gz