Add FLE + QE Sample App Source Files + Build Scripts + Tests (#1254)

* add sample app build scripts

* update source files to match formatted built apps

* remove submodule + small tweaks

* add newline

* tweaks

* java remove target dir

* update readmes

* expand readme

* readme

* numbering

Author: biniona-mongodb

source/includes/sample_apps/csfle/.gitignore

@@ -0,0 +1,3 @@
+build/*/*
+.envrc
+**/master-key.txt

source/includes/sample_apps/csfle/Pipfile

@@ -0,0 +1,13 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+pymongo = "*"
+pymongocrypt = "*"
+
+[dev-packages]
+
+[requires]
+python_version = "3.8"

source/includes/sample_apps/csfle/README.md

@@ -0,0 +1,84 @@
+# Sample CSFLE Applications
+
+1. Run `cp envrc_template .envrc` and then fill out your `.envrc` file. You can fill out the `.envrc` file by using
+   the DBX team's test credentials, or by creating accounts
+   on KMS each KMS provider and filling in the file.
+
+2. Use `direnv` to load the environment variables defined in your `.envrc` file into your environment.
+
+3. Install python packages by running `pip install -r requirements.txt`
+
+> **_NOTE:_** If you must test new QE/FLE fetures in python, run `source python-fle-2 requirements.sh` to build and install `pymongo` and `pymongo-crypt` from source.
+
+4. Install bluehawk by running `npm install -g bluehawk`
+
+5. Run `python build.py` to generate scripts to create a DEK and insert a sample document in all combinations of the following languages and KMS providers:
+
+- Local Key Provider
+- AWS KMS
+- GCP KMS
+- Azure Key Vault
+
+- Dotnet
+- Node
+- Python
+- Java
+- Go
+
+Once you build the files, you should see a `build` directory with the following structure:
+
+```
+build
+├── dotnet
+│   ├── aws
+│   │   ├── reader
+│   │   └── test
+│   ├── azure
+│   │   ├── reader
+│   │   └── test
+│   ├── gcp
+│   │   ├── reader
+│   │   └── test
+│   └── local
+│       ├── reader
+│       └── test
+├── go
+│   ├── aws
+│   │   ├── reader
+│   │   └── test
+│   ├── azure
+│   │   ├── reader
+│   │   └── test
+│   ├── gcp
+│   │   ├── reader
+│   │   └── test
+│   └── local
+│       ├── reader
+│       └── test
+├── java
+│   ├── aws
+│   │   ├── reader
+│   │   └── test
+│   ├── azure
+│   │   ├── reader
+│   │   └── test
+│   ├── gcp
+│   │   ├── reader
+│   │   └── test
+│   └── local
+│       ├── reader
+│       └── test
+...
+```
+
+The `reader` directories contains the code to use in docs code snippets, and the `test` directories contains runnable examples for testing.
+
+6. Install the following languages and tools necessary
+   to run sample applications:
+
+- [JDK](https://dotnet.microsoft.com/en-us/download) and [Maven](https://maven.apache.org/download.cgi)
+- [Dotnet SDK](https://dotnet.microsoft.com/en-us/download)
+- [Node](https://nodejs.org/en/download/)
+- [Go](https://go.dev/dl/)
+
+7. Run `python -m unittest test.py` to test the generated scripts using the KMS credentials in your `.envrc` file.

source/includes/sample_apps/csfle/build.py

@@ -0,0 +1,92 @@
+import os
+import shutil
+import click
+
+from const import *
+
+
+def get_commands(language, get_file_name, state):
+    """Get list of commands to build language/state pair"""
+    file_path = os.path.join(language, get_file_name(language))
+    output_file = os.path.join(
+        BUILD_DIR,
+        language,
+        *state.split(DIR_SEPERATOR),
+        os.path.dirname(get_file_name(language)),
+    )
+    commands = [
+        f"{BLUEHAWK} copy {file_path} --state {state} -o {output_file}"
+    ]
+    if GET_EXTRA_FILES(language):
+        for l in GET_EXTRA_FILES(language):
+            next_file_name = os.path.join(language, l)
+            next_output_file = os.path.join(
+                BUILD_DIR, language, *state.split(DIR_SEPERATOR), os.path.dirname(l)
+            )
+            commands.append(f"{BLUEHAWK} copy {next_file_name} -o {next_output_file}")
+    return commands
+
+
+def build_languages(language, build_states):
+    """Build sample apps for a language"""
+
+    all_commands = []
+
+    for f in BUILD_FILES:
+        for s in build_states:
+            commands = get_commands(language, f, s)
+            for c in commands:
+                all_commands += commands
+    dedup_commands = list(set(all_commands))
+    for c in dedup_commands:
+        os.system(c)
+
+    # run formatter
+    if FILE_MAP[language].get(FORMAT_COMMAND):
+        print(f"\n\n$$$$   Formatting {language}:\n\n")
+        os.system(FILE_MAP[language][FORMAT_COMMAND])
+
+
+def check_bluehawk_installed():
+    """Check that bluehawk is installed"""
+
+    if shutil.which(BLUEHAWK) == None:
+        raise ImportError(BLUEHAWK_HELP)
+
+
+@click.command()
+@click.option("--langs", default=None, help="What apps to build")
+@click.option(
+    "--reader",
+    is_flag=True,
+    default=False,
+    help="Whether or not to only build reader directories",
+)
+def build_apps(langs, reader):
+    """Get commmand line arguments and build sample applications"""
+
+    check_bluehawk_installed()
+
+    if os.path.exists(BUILD_DIR):
+        shutil.rmtree(BUILD_DIR)
+
+    file_map = {}
+    build_states = []
+
+    if not langs:
+        file_map = FILE_MAP
+    else:
+        langs_to_build = [l.strip() for l in langs.split(",")]
+        file_map = {l: FILE_MAP[l] for l in langs_to_build}
+
+    if reader:
+        build_states = [s for s in BUILD_STATES if TEST not in s]
+    else:
+        build_states = BUILD_STATES
+
+    for lang in file_map.keys():
+        build_languages(lang, build_states)
+
+
+if __name__ == "__main__":
+    build_apps()

source/includes/sample_apps/csfle/build/go/local/reader/insert-encrypted-document.go

@@ -5,14 +5,16 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"io/ioutil"
-	"log"
-
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
+import (
+	"io/ioutil"
+	"log"
+)
+
 func Insert() error {
 
 	// start-key-vault

source/includes/sample_apps/csfle/build/go/local/reader/make-data-key.go

@@ -5,12 +5,14 @@ import (
 	"encoding/base64"
 	"fmt"
 
+	"go.mongodb.org/mongo-driver/mongo"
+	"go.mongodb.org/mongo-driver/mongo/options"
+)
+
+import (
 	"crypto/rand"
 	"io/ioutil"
 	"log"
-
-	"go.mongodb.org/mongo-driver/mongo"
-	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 func localMasterKey() []byte {

source/includes/sample_apps/csfle/const.py

@@ -0,0 +1,102 @@
+import os
+
+BUILD_DIR = "build"
+PYTHON = "python"
+PYTHON_FLE_2 = "python-fle-2"
+JAVA = "java"
+CSHARP = "dotnet"
+NODE = "node"
+NODE_FLE_2 = "node-fle-2"
+DEK = "dek"
+GO = "go"
+INSERT = "insert"
+EXTRA_FILES = "extra_files"
+FORMAT_COMMAND = "format"
+FILE_MAP = {
+    PYTHON: {
+        DEK: "make_data_key.py",
+        INSERT: "insert_encrypted_document.py",
+        EXTRA_FILES: ["requirements.txt", ".gitignore"],
+        FORMAT_COMMAND: f"black {os.path.join(BUILD_DIR,'*','*','*','*.py')}",
+    },
+    PYTHON_FLE_2: {
+        DEK: "make_data_key.py",
+        INSERT: "insert_encrypted_document.py",
+        EXTRA_FILES: ["requirements.sh", ".gitignore"],
+        FORMAT_COMMAND: f"black {os.path.join(BUILD_DIR,'*','*','*','*.py')}",
+    },
+    JAVA: {
+        DEK: os.path.join(
+            "src", "main", "java", "com", "mongodb", "csfle", "makeDataKey.java"
+        ),
+        INSERT: os.path.join(
+            "src",
+            "main",
+            "java",
+            "com",
+            "mongodb",
+            "csfle",
+            "insertEncryptedDocument.java",
+        ),
+        EXTRA_FILES: ["pom.xml", ".gitignore"],
+    },
+    CSHARP: {
+        DEK: "CSFLE/MakeDataKey.cs",
+        INSERT: "CSFLE/InsertEncryptedDocument.cs",
+        EXTRA_FILES: ["CSFLE/CSFLE.csproj", "CSFLE/Main.cs", ".gitignore"],
+        FORMAT_COMMAND: f'find ./{BUILD_DIR} -name "*.csproj" | xargs -n1 dotnet format',
+    },
+    NODE: {
+        DEK: "make_data_key.js",
+        INSERT: "insert_encrypted_document.js",
+        EXTRA_FILES: ["package.json", ".gitignore"],
+        FORMAT_COMMAND: f"prettier --write {BUILD_DIR}",
+    },
+    NODE_FLE_2: {
+        DEK: "make_data_key.js",
+        INSERT: "insert_encrypted_document.js",
+        EXTRA_FILES: ["package.json", ".gitignore"],
+        FORMAT_COMMAND: f"prettier --write {BUILD_DIR}",
+    },
+    GO: {
+        DEK: "make-data-key.go",
+        INSERT: "insert-encrypted-document.go",
+        EXTRA_FILES: ["go.mod", "main.go", ".gitignore"],
+        FORMAT_COMMAND: f"gofmt -l -w -s {BUILD_DIR}",
+    },
+}
+
+DIR_SEPERATOR = "-"
+PROD = f"{DIR_SEPERATOR}reader"
+TEST = f"{DIR_SEPERATOR}test"
+AWS_PROD = f"aws{PROD}"
+AWS_TEST = f"aws{TEST}"
+GCP_PROD = f"gcp{PROD}"
+GCP_TEST = f"gcp{TEST}"
+AZURE_PROD = f"azure{PROD}"
+AZURE_TEST = f"azure{TEST}"
+LOCAL_PROD = f"local{PROD}"
+LOCAL_TEST = f"local{TEST}"
+BUILD_STATES = [
+    AWS_PROD,
+    AWS_TEST,
+    AZURE_PROD,
+    AZURE_TEST,
+    GCP_PROD,
+    GCP_TEST,
+    LOCAL_PROD,
+    LOCAL_TEST,
+]
+
+MAKE_KEY = lambda language: FILE_MAP[language][DEK]
+MAKE_INSERT = lambda language: FILE_MAP[language][INSERT]
+GET_EXTRA_FILES = lambda language: FILE_MAP[language].get(EXTRA_FILES)
+BUILD_FILES = (MAKE_KEY, MAKE_INSERT)
+
+BLUEHAWK = "bluehawk"
+BLUEHAWK_HELP = f"""Unable to find {BLUEHAWK}. Run
+the following command to install {BLUEHAWK}:
+
+npm install -g {BLUEHAWK}
+
+"""