From bdc99db6603721906cc27ee2b6a1265a0cf18bb5 Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Tue, 29 Aug 2023 16:20:27 -0400
Subject: [PATCH 1/6] use environment variables for key_name and
 key_vault_endpoint

This may prevent future code changes if Azure test data changes.
---
 cmd/testkms/main.go | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/cmd/testkms/main.go b/cmd/testkms/main.go
index 5d7532c4b2..abac9d8100 100644
--- a/cmd/testkms/main.go
+++ b/cmd/testkms/main.go
@@ -24,8 +24,8 @@ var datakeyopts = map[string]primitive.M{
 		"key":    "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
 	},
 	"azure": bson.M{
-		"keyVaultEndpoint": "https://keyvault-drivers-2411.vault.azure.net/keys/",
-		"keyName":          "KEY-NAME",
+		"keyVaultEndpoint": "",
+		"keyName":          "",
 	},
 	"gcp": bson.M{
 		"projectId": "devprod-drivers",
@@ -53,6 +53,18 @@ func main() {
 	default:
 		ok = true
 	}
+	azurekms_key_name := os.Getenv("AZUREKMS_KEY_NAME")
+	azurekms_key_vault_endpoint := os.Getenv("AZUREKMS_KEY_VAULT_ENDPOINT")
+	if provider == "azure" {
+		if azurekms_key_name == "" {
+			fmt.Println("ERROR: Please set required AZUREKMS_KEY_NAME environment variable.")
+			ok = false
+		}
+		if azurekms_key_vault_endpoint == "" {
+			fmt.Println("ERROR: Please set required AZUREKMS_KEY_VAULT_ENDPOINT environment variable.")
+			ok = false
+		}
+	}
 	if !ok {
 		providers := make([]string, 0, len(datakeyopts))
 		for p := range datakeyopts {
@@ -63,6 +75,8 @@ func main() {
 		fmt.Println("- MONGODB_URI as a MongoDB URI. Example: 'mongodb://localhost:27017'")
 		fmt.Println("- EXPECT_ERROR as an optional expected error substring.")
 		fmt.Println("- PROVIDER as a KMS provider, which supports:", strings.Join(providers, ", "))
+		fmt.Println("- AZUREKMS_KEY_NAME as the Azure key name. Required if PROVIDER=azure.")
+		fmt.Println("- AZUREKMS_KEY_VAULT_ENDPOINT as the Azure key name. Required if PROVIDER=azure.")
 		os.Exit(1)
 	}
 

From 89a07626f2f66f33db69a9bca94faf906a7903d3 Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Tue, 29 Aug 2023 16:21:38 -0400
Subject: [PATCH 2/6] pass expansions as environment variables

---
 .evergreen/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.evergreen/config.yml b/.evergreen/config.yml
index db6b51f680..9a208aadc6 100644
--- a/.evergreen/config.yml
+++ b/.evergreen/config.yml
@@ -2228,7 +2228,7 @@ tasks:
           export AZUREKMS_VMNAME=${AZUREKMS_VMNAME}
           echo '${testazurekms_privatekey}' > /tmp/testazurekms.prikey
           export AZUREKMS_PRIVATEKEYPATH=/tmp/testazurekms.prikey
-          AZUREKMS_CMD="LD_LIBRARY_PATH=./install/libmongocrypt/lib MONGODB_URI='mongodb://localhost:27017' PROVIDER='azure' ./testkms" $DRIVERS_TOOLS/.evergreen/csfle/azurekms/run-command.sh
+          AZUREKMS_CMD="LD_LIBRARY_PATH=./install/libmongocrypt/lib MONGODB_URI='mongodb://localhost:27017' PROVIDER='azure' AZUREKMS_KEY_NAME='${AZUREKMS_KEY_NAME}' AZUREKMS_KEY_VAULT_ENDPOINT='${AZUREKMS_KEY_VAULT_ENDPOINT}' ./testkms" $DRIVERS_TOOLS/.evergreen/csfle/azurekms/run-command.sh
 
   - name: "testazurekms-fail-task"
     # testazurekms-fail-task runs without environment variables.

From 42dbf770b6a58b1c4b18b44796c5fb0657ff9ddb Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Tue, 29 Aug 2023 16:24:03 -0400
Subject: [PATCH 3/6] set datakeyopts

---
 cmd/testkms/main.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cmd/testkms/main.go b/cmd/testkms/main.go
index abac9d8100..61b52b816f 100644
--- a/cmd/testkms/main.go
+++ b/cmd/testkms/main.go
@@ -64,6 +64,8 @@ func main() {
 			fmt.Println("ERROR: Please set required AZUREKMS_KEY_VAULT_ENDPOINT environment variable.")
 			ok = false
 		}
+		datakeyopts["azure"]["keyName"] = azurekms_key_name
+		datakeyopts["azure"]["keyVaultEndpoint"] = azurekms_key_vault_endpoint
 	}
 	if !ok {
 		providers := make([]string, 0, len(datakeyopts))

From 773ae675ee1ec966a7fd174fd49b6c6fea00769a Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Wed, 30 Aug 2023 09:40:40 -0400
Subject: [PATCH 4/6] fix static analysis

---
 cmd/testkms/main.go | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/cmd/testkms/main.go b/cmd/testkms/main.go
index 61b52b816f..57623d45ce 100644
--- a/cmd/testkms/main.go
+++ b/cmd/testkms/main.go
@@ -53,19 +53,19 @@ func main() {
 	default:
 		ok = true
 	}
-	azurekms_key_name := os.Getenv("AZUREKMS_KEY_NAME")
-	azurekms_key_vault_endpoint := os.Getenv("AZUREKMS_KEY_VAULT_ENDPOINT")
+	azureKmsKeyName := os.Getenv("AZUREKMS_KEY_NAME")
+	azureKmsKeyVaultEndpoint := os.Getenv("AZUREKMS_KEY_VAULT_ENDPOINT")
 	if provider == "azure" {
-		if azurekms_key_name == "" {
+		if azureKmsKeyName == "" {
 			fmt.Println("ERROR: Please set required AZUREKMS_KEY_NAME environment variable.")
 			ok = false
 		}
-		if azurekms_key_vault_endpoint == "" {
+		if azureKmsKeyVaultEndpoint == "" {
 			fmt.Println("ERROR: Please set required AZUREKMS_KEY_VAULT_ENDPOINT environment variable.")
 			ok = false
 		}
-		datakeyopts["azure"]["keyName"] = azurekms_key_name
-		datakeyopts["azure"]["keyVaultEndpoint"] = azurekms_key_vault_endpoint
+		datakeyopts["azure"]["keyName"] = azureKmsKeyName
+		datakeyopts["azure"]["keyVaultEndpoint"] = azureKmsKeyVaultEndpoint
 	}
 	if !ok {
 		providers := make([]string, 0, len(datakeyopts))

From 383466c9c3d10dd1da187d40c577b89d76429056 Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Wed, 30 Aug 2023 09:41:26 -0400
Subject: [PATCH 5/6] fix `testazurekms-fail-task`

---
 .evergreen/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.evergreen/config.yml b/.evergreen/config.yml
index 9a208aadc6..81738eb513 100644
--- a/.evergreen/config.yml
+++ b/.evergreen/config.yml
@@ -2250,7 +2250,7 @@ tasks:
           LD_LIBRARY_PATH=./install/libmongocrypt/lib \
           MONGODB_URI='mongodb://localhost:27017' \
           EXPECT_ERROR='unable to retrieve azure credentials' \
-          PROVIDER='azure' \
+          PROVIDER='azure' AZUREKMS_KEY_NAME='${AZUREKMS_KEY_NAME}' AZUREKMS_KEY_VAULT_ENDPOINT='${AZUREKMS_KEY_VAULT_ENDPOINT}' \
             ./testkms
 
   - name: "test-fuzz"

From 82d1ab7e46d8021af471fcd543593046420f884e Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Wed, 30 Aug 2023 09:42:35 -0400
Subject: [PATCH 6/6] relocate vars

---
 cmd/testkms/main.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cmd/testkms/main.go b/cmd/testkms/main.go
index 57623d45ce..af86eca523 100644
--- a/cmd/testkms/main.go
+++ b/cmd/testkms/main.go
@@ -53,9 +53,9 @@ func main() {
 	default:
 		ok = true
 	}
-	azureKmsKeyName := os.Getenv("AZUREKMS_KEY_NAME")
-	azureKmsKeyVaultEndpoint := os.Getenv("AZUREKMS_KEY_VAULT_ENDPOINT")
 	if provider == "azure" {
+		azureKmsKeyName := os.Getenv("AZUREKMS_KEY_NAME")
+		azureKmsKeyVaultEndpoint := os.Getenv("AZUREKMS_KEY_VAULT_ENDPOINT")
 		if azureKmsKeyName == "" {
 			fmt.Println("ERROR: Please set required AZUREKMS_KEY_NAME environment variable.")
 			ok = false