(DOCSP-22761) CSFLE Go Review (#1175)

* Go feedback (#75)

* ka - prose suggestions

* remove unused godotenv

* ka - variable casing

Co-authored-by: Kevin Albertson <[email protected]>

Author: biniona-mongodb

source/core/csfle/fundamentals/manual-encryption.txt

@@ -105,9 +105,11 @@ Automatic Decryption
 To decrypt your fields automatically, you must configure your
 ``MongoClient`` instance as follows:
 
-- Set the ``bypass_auto_encryption`` option to ``True``
 - Specify your {+key-vault-long+}
 - Specify a ``kmsProviders`` object
+- If you use MongoDB Community Server, set the ``bypassAutoEncryption``
+  option to ``True``
+
 
 .. note:: Automatic Decryption is Available in MongoDB Community Server
 
@@ -177,10 +179,6 @@ your MongoDB instance:
 .. literalinclude:: /includes/fundamentals/manual-encryption/sample.json
    :language: json
 
-You use the ``encryption.___keyVault`` collection as your
-{+key-vault-long+}, and you read and write data to the
-``employees.food`` collection.
-
 .. procedure::
    :style: normal
 

source/includes/automatic-enc-options/code-snippets/opts.go

@@ -1,7 +1,7 @@
 autoEncryptionOpts := options.AutoEncryption().
-    SetKmsProviders(provider.Credentials()).
-    SetKeyVaultNamespace(keyVaultNamespace).
-    SetSchemaMap(schemaMap).
-    SetExtraOptions(extraOptions)
+	SetKmsProviders(provider.Credentials()).
+	SetKeyVaultNamespace(keyVaultNamespace).
+	SetSchemaMap(schemaMap).
+	SetExtraOptions(extraOptions)
 client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri).SetAutoEncryptionOptions(autoEncryptionOpts))
 

source/includes/fundamentals/manage-keys/key-alt-names.go

@@ -1,7 +1,7 @@
 clientEncryptionOpts := options.ClientEncryption().SetKeyVaultNamespace(KeyVaultNamespace).SetKmsProviders(kmsProviders)
 keyVaultClient, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(URI))
 if err != nil {
-	return fmt.Errorf("Client encryption connect error %v", err)
+	return fmt.Errorf("Client connect error %v", err)
 }
 clientEnc, err := mongo.NewClientEncryption(keyVaultClient, clientEncryptionOpts)
 if err != nil {
@@ -10,12 +10,12 @@ if err != nil {
 defer func() {
 	_ = clientEnc.Close(context.TODO())
 }()
-masterKey := map[string]interface{} {
+masterKey := map[string]interface{}{
 	"<Your dataKeyOpts Key>": "<Your dataKeyOpts Value>",
 }
 dataKeyOpts := options.DataKey().
-SetMasterKey(masterKey).
-SetKeyAltNames([]string{"<Your Key Alt Name>"})
+	SetMasterKey(masterKey).
+	SetKeyAltNames([]string{"<Your Key Alt Name>"})
 dataKeyID, err := clientEnc.CreateDataKey(context.TODO(), provider, dataKeyOpts)
 if err != nil {
 	return fmt.Errorf("create data key error %v", err)

source/includes/fundamentals/manual-encryption/bypass-auto/bypass-auto.go

@@ -1,7 +1,7 @@
 autoEncryptionOpts := options.AutoEncryption().
-SetKmsProviders(kmsProviders).
-SetKeyVaultNamespace(KeyVaultNamespace).
-SetBypassAutoEncryption(true)
+	SetKmsProviders(kmsProviders).
+	SetKeyVaultNamespace(KeyVaultNamespace).
+	SetBypassAutoEncryption(true)
 client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(URI).SetAutoEncryptionOptions(autoEncryptionOpts))
 if err != nil {
 	return fmt.Errorf("Connect error for encrypted client: %v", err)

source/includes/fundamentals/manual-encryption/manual-enc.go

@@ -12,7 +12,6 @@ import (
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
-
 const (
 	KeyVaultNamespace = "encryption.__keyVault"
 	DbName            = "medicalRecords"
@@ -22,25 +21,24 @@ const (
 
 var URI string = os.Getenv("MONGODB_URI")
 
-
 func main() {
 	err := godotenv.Load()
 	provider := "aws"
-	kmsProviders := map[string]map[string]interface{} {
-		provider:{
-		  "accessKeyId": os.Getenv("AWS_ACCESS_KEY_ID"),
-		  "secretAccessKey" : os.Getenv("AWS_SECRET_ACCESS_KEY"),
+	kmsProviders := map[string]map[string]interface{}{
+		provider: {
+			"accessKeyId":     os.Getenv("AWS_ACCESS_KEY_ID"),
+			"secretAccessKey": os.Getenv("AWS_SECRET_ACCESS_KEY"),
 		},
 	}
-	masterKey := map[string]interface{} {
-		"key": os.Getenv("AWS_KEY_ARN"),
+	masterKey := map[string]interface{}{
+		"key":    os.Getenv("AWS_KEY_ARN"),
 		"region": os.Getenv("AWS_KEY_REGION"),
 	}
 
 	// start_mongoclient
 	client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(URI))
 	if err != nil {
-		panic(fmt.Errorf("Client encryption connect error %v", err))
+		panic(fmt.Errorf("Client connect error %v", err))
 	}
 	// end_mongoclient
 
@@ -57,8 +55,8 @@ func main() {
 	// end_client_enc
 
 	dataKeyOpts := options.DataKey().
-	SetMasterKey(masterKey).
-	SetKeyAltNames([]string{KeyAltName})
+		SetMasterKey(masterKey).
+		SetKeyAltNames([]string{KeyAltName})
 	dataKeyID, err := clientEnc.CreateDataKey(context.TODO(), provider, dataKeyOpts)
 	if err != nil {
 		panic(fmt.Errorf("create data key error %v", err))
@@ -69,7 +67,7 @@ func main() {
 	if err != nil {
 		panic(err)
 	}
-		nameRawValue := bson.RawValue{Type: nameRawValueType, Value: nameRawValueData}
+	nameRawValue := bson.RawValue{Type: nameRawValueType, Value: nameRawValueData}
 	nameEncryptionOpts := options.Encrypt().
 		SetAlgorithm("AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic").
 		SetKeyID(dataKeyID)
@@ -80,7 +78,7 @@ func main() {
 	if err != nil {
 		panic(err)
 	}
-	foodsRawValueType, foodsRawValueData, err := bson.MarshalValue(bson.A{"Grapes","Cheese"})
+	foodsRawValueType, foodsRawValueData, err := bson.MarshalValue(bson.A{"Grapes", "Cheese"})
 	if err != nil {
 		panic(err)
 	}
@@ -137,10 +135,9 @@ func main() {
 	foodsDecrypted, err := clientEnc.Decrypt(
 		context.TODO(),
 		result["foods"].(primitive.Binary))
-	result["foods"] = foodsDecrypted;
+	result["foods"] = foodsDecrypted
 	result["name"] = nameDecrypted
 	fmt.Printf("Decrypted Document: %s\n", result)
 	// end_find_decrypt
 	return
 }
-

source/includes/sample_apps/csfle/build/go/aws/reader/go.mod

@@ -5,7 +5,6 @@ go 1.15
 require (
 	github.com/aws/aws-sdk-go v1.34.28 // indirect
 	github.com/fatih/structs v1.1.0
-	github.com/joho/godotenv v1.3.0
 	github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c // indirect
 	github.com/xdg/stringprep v0.0.0-20180714160509-73f8eece6fdc // indirect
 	go.mongodb.org/mongo-driver v1.7.2

source/includes/sample_apps/csfle/build/go/aws/reader/insert-encrypted-document.go

@@ -4,17 +4,15 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/joho/godotenv"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 func Insert() error {
-	err := godotenv.Load()
 
 	// start-key-vault
-	KeyVaultNamespace := "encryption.__keyVault"
+	keyVaultNamespace := "encryption.__keyVault"
 	// end-key-vault
 	dbName := "medicalRecords"
 	collName := "patients"
@@ -95,7 +93,7 @@ func Insert() error {
 	// start-client
 	autoEncryptionOpts := options.AutoEncryption().
 		SetKmsProviders(kmsProviders).
-		SetKeyVaultNamespace(KeyVaultNamespace).
+		SetKeyVaultNamespace(keyVaultNamespace).
 		SetSchemaMap(schemaMap).
 		SetExtraOptions(extraOptions)
 	client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri).SetAutoEncryptionOptions(autoEncryptionOpts))

source/includes/sample_apps/csfle/build/go/aws/reader/make-data-key.go

@@ -5,13 +5,11 @@ import (
 	"encoding/base64"
 	"fmt"
 
-	"github.com/joho/godotenv"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 func MakeKey() error {
-	err := godotenv.Load()
 
 	// start-kmsproviders
 	provider := "aws"
@@ -36,7 +34,7 @@ func MakeKey() error {
 	clientEncryptionOpts := options.ClientEncryption().SetKeyVaultNamespace(keyVaultNamespace).SetKmsProviders(kmsProviders)
 	keyVaultClient, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri))
 	if err != nil {
-		return fmt.Errorf("Client encryption connect error %v", err)
+		return fmt.Errorf("Client connect error %v", err)
 	}
 	clientEnc, err := mongo.NewClientEncryption(keyVaultClient, clientEncryptionOpts)
 	if err != nil {

source/includes/sample_apps/csfle/build/go/azure/reader/go.mod

@@ -5,7 +5,6 @@ go 1.15
 require (
 	github.com/aws/aws-sdk-go v1.34.28 // indirect
 	github.com/fatih/structs v1.1.0
-	github.com/joho/godotenv v1.3.0
 	github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c // indirect
 	github.com/xdg/stringprep v0.0.0-20180714160509-73f8eece6fdc // indirect
 	go.mongodb.org/mongo-driver v1.7.2

source/includes/sample_apps/csfle/build/go/azure/reader/insert-encrypted-document.go

@@ -4,17 +4,15 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/joho/godotenv"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 func Insert() error {
-	err := godotenv.Load()
 
 	// start-key-vault
-	KeyVaultNamespace := "encryption.__keyVault"
+	keyVaultNamespace := "encryption.__keyVault"
 	// end-key-vault
 	dbName := "medicalRecords"
 	collName := "patients"
@@ -96,7 +94,7 @@ func Insert() error {
 	// start-client
 	autoEncryptionOpts := options.AutoEncryption().
 		SetKmsProviders(kmsProviders).
-		SetKeyVaultNamespace(KeyVaultNamespace).
+		SetKeyVaultNamespace(keyVaultNamespace).
 		SetSchemaMap(schemaMap).
 		SetExtraOptions(extraOptions)
 	client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri).SetAutoEncryptionOptions(autoEncryptionOpts))

source/includes/sample_apps/csfle/build/go/azure/reader/make-data-key.go

@@ -5,13 +5,11 @@ import (
 	"encoding/base64"
 	"fmt"
 
-	"github.com/joho/godotenv"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 func MakeKey() error {
-	err := godotenv.Load()
 
 	// start-kmsproviders
 	provider := "azure"
@@ -37,7 +35,7 @@ func MakeKey() error {
 	clientEncryptionOpts := options.ClientEncryption().SetKeyVaultNamespace(keyVaultNamespace).SetKmsProviders(kmsProviders)
 	keyVaultClient, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri))
 	if err != nil {
-		return fmt.Errorf("Client encryption connect error %v", err)
+		return fmt.Errorf("Client connect error %v", err)
 	}
 	clientEnc, err := mongo.NewClientEncryption(keyVaultClient, clientEncryptionOpts)
 	if err != nil {

source/includes/sample_apps/csfle/build/go/gcp/reader/go.mod

@@ -5,7 +5,6 @@ go 1.15
 require (
 	github.com/aws/aws-sdk-go v1.34.28 // indirect
 	github.com/fatih/structs v1.1.0
-	github.com/joho/godotenv v1.3.0
 	github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c // indirect
 	github.com/xdg/stringprep v0.0.0-20180714160509-73f8eece6fdc // indirect
 	go.mongodb.org/mongo-driver v1.7.2

source/includes/sample_apps/csfle/build/go/gcp/reader/insert-encrypted-document.go

@@ -4,17 +4,15 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/joho/godotenv"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 func Insert() error {
-	err := godotenv.Load()
 
 	// start-key-vault
-	KeyVaultNamespace := "encryption.__keyVault"
+	keyVaultNamespace := "encryption.__keyVault"
 	// end-key-vault
 	dbName := "medicalRecords"
 	collName := "patients"
@@ -95,7 +93,7 @@ func Insert() error {
 	// start-client
 	autoEncryptionOpts := options.AutoEncryption().
 		SetKmsProviders(kmsProviders).
-		SetKeyVaultNamespace(KeyVaultNamespace).
+		SetKeyVaultNamespace(keyVaultNamespace).
 		SetSchemaMap(schemaMap).
 		SetExtraOptions(extraOptions)
 	client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri).SetAutoEncryptionOptions(autoEncryptionOpts))

source/includes/sample_apps/csfle/build/go/gcp/reader/make-data-key.go

@@ -5,13 +5,11 @@ import (
 	"encoding/base64"
 	"fmt"
 
-	"github.com/joho/godotenv"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 func MakeKey() error {
-	err := godotenv.Load()
 
 	// start-kmsproviders
 	provider := "gcp"
@@ -38,7 +36,7 @@ func MakeKey() error {
 	clientEncryptionOpts := options.ClientEncryption().SetKeyVaultNamespace(keyVaultNamespace).SetKmsProviders(kmsProviders)
 	keyVaultClient, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri))
 	if err != nil {
-		return fmt.Errorf("Client encryption connect error %v", err)
+		return fmt.Errorf("Client connect error %v", err)
 	}
 	clientEnc, err := mongo.NewClientEncryption(keyVaultClient, clientEncryptionOpts)
 	if err != nil {

source/includes/sample_apps/csfle/build/go/local/reader/go.mod

@@ -5,7 +5,6 @@ go 1.15
 require (
 	github.com/aws/aws-sdk-go v1.34.28 // indirect
 	github.com/fatih/structs v1.1.0
-	github.com/joho/godotenv v1.3.0
 	github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c // indirect
 	github.com/xdg/stringprep v0.0.0-20180714160509-73f8eece6fdc // indirect
 	go.mongodb.org/mongo-driver v1.7.2

source/includes/sample_apps/csfle/build/go/local/reader/insert-encrypted-document.go

@@ -7,17 +7,15 @@ import (
 	"io/ioutil"
 	"log"
 
-	"github.com/joho/godotenv"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
 
 func Insert() error {
-	err := godotenv.Load()
 
 	// start-key-vault
-	KeyVaultNamespace := "encryption.__keyVault"
+	keyVaultNamespace := "encryption.__keyVault"
 	// end-key-vault
 	dbName := "medicalRecords"
 	collName := "patients"
@@ -97,7 +95,7 @@ func Insert() error {
 	// start-client
 	autoEncryptionOpts := options.AutoEncryption().
 		SetKmsProviders(kmsProviders).
-		SetKeyVaultNamespace(KeyVaultNamespace).
+		SetKeyVaultNamespace(keyVaultNamespace).
 		SetSchemaMap(schemaMap).
 		SetExtraOptions(extraOptions)
 	client, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri).SetAutoEncryptionOptions(autoEncryptionOpts))

source/includes/sample_apps/csfle/build/go/local/reader/make-data-key.go

@@ -9,7 +9,6 @@ import (
 	"io/ioutil"
 	"log"
 
-	"github.com/joho/godotenv"
 	"go.mongodb.org/mongo-driver/mongo"
 	"go.mongodb.org/mongo-driver/mongo/options"
 )
@@ -26,7 +25,6 @@ func localMasterKey() []byte {
 }
 
 func MakeKey() error {
-	err := godotenv.Load()
 
 	localMasterKey()
 
@@ -48,7 +46,7 @@ func MakeKey() error {
 	clientEncryptionOpts := options.ClientEncryption().SetKeyVaultNamespace(keyVaultNamespace).SetKmsProviders(kmsProviders)
 	keyVaultClient, err := mongo.Connect(context.TODO(), options.Client().ApplyURI(uri))
 	if err != nil {
-		return fmt.Errorf("Client encryption connect error %v", err)
+		return fmt.Errorf("Client connect error %v", err)
 	}
 	clientEnc, err := mongo.NewClientEncryption(keyVaultClient, clientEncryptionOpts)
 	if err != nil {