summaryrefslogtreecommitdiff
path: root/plugin/hashicorp_key_management/mysql-test/vault/r/hashicorp_key_rotation_age.result
diff options
context:
space:
mode:
Diffstat (limited to 'plugin/hashicorp_key_management/mysql-test/vault/r/hashicorp_key_rotation_age.result')
-rw-r--r--plugin/hashicorp_key_management/mysql-test/vault/r/hashicorp_key_rotation_age.result97
1 files changed, 97 insertions, 0 deletions
diff --git a/plugin/hashicorp_key_management/mysql-test/vault/r/hashicorp_key_rotation_age.result b/plugin/hashicorp_key_management/mysql-test/vault/r/hashicorp_key_rotation_age.result
new file mode 100644
index 00000000000..6e06e0f1d30
--- /dev/null
+++ b/plugin/hashicorp_key_management/mysql-test/vault/r/hashicorp_key_rotation_age.result
@@ -0,0 +1,97 @@
+SHOW GLOBAL variables LIKE "hashicorp%";
+Variable_name Value
+hashicorp_key_management_cache_timeout 60000
+hashicorp_key_management_cache_version_timeout 0
+hashicorp_key_management_caching_enabled ON
+hashicorp_key_management_check_kv_version OFF
+hashicorp_key_management_max_retries 3
+hashicorp_key_management_timeout 60
+hashicorp_key_management_use_cache_on_timeout OFF
+hashicorp_key_management_vault_ca
+hashicorp_key_management_vault_url VAULT_ADDR/v1/mariadbtest/
+# Restart the server with encryption
+# restart: with restart_parameters
+CREATE TABLE t1 (f1 INT, f2 VARCHAR(256))engine=innodb;
+INSERT INTO t1 VALUES(1, 'MariaDB'), (2, 'Robot'), (3, 'Science');
+INSERT INTO t1 SELECT * FROM t1;
+CREATE TABLE t2(f1 INT, f2 VARCHAR(256))engine=innodb;
+INSERT INTO t2 SELECT * FROM t1;
+CREATE TABLE t3(f1 INT, f2 VARCHAR(256))engine=innodb encrypted=yes;
+INSERT INTO t3 SELECT * FROM t1;
+CREATE TABLE t33(f1 INT, f2 VARCHAR(256)) engine=innodb encrypted=yes encryption_key_id=2;
+INSERT INTO t33 VALUES (12345, '1234567890');
+# Restart the server with encryption and rotate key age
+# restart: with restart_parameters
+# Wait until encryption threads have encrypted all tablespaces
+SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND NAME LIKE "test/%";
+NAME
+SELECT NAME, CURRENT_KEY_VERSION FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0 AND NAME LIKE "test/%";
+NAME CURRENT_KEY_VERSION
+test/t1 1
+test/t2 1
+test/t3 1
+test/t33 1
+# Restart the server with innodb_encryption_rotate_key_age= 0
+# restart: with restart_parameters
+create table t4 (f1 int not null)engine=innodb encrypted=NO;
+alter table t33 encryption_key_id=111;
+ERROR HY000: Table storage engine 'InnoDB' does not support the create option 'ENCRYPTION_KEY_ID'
+# Update key value to version 2
+alter table t33 encryption_key_id=222;
+ERROR HY000: Table storage engine 'InnoDB' does not support the create option 'ENCRYPTION_KEY_ID'
+# Wait until encryption threads have encrypted all tablespaces
+SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND NAME LIKE "test/%";
+NAME
+test/t4
+SELECT NAME, CURRENT_KEY_VERSION FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0 AND NAME LIKE "test/%";
+NAME CURRENT_KEY_VERSION
+test/t1 2
+test/t2 2
+test/t3 2
+test/t33 1
+# Disable encryption when innodb_encryption_rotate_key_age is 0
+set global innodb_encrypt_tables = OFF;
+# Wait until encryption threads to decrypt all encrypted tablespaces
+SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND NAME LIKE "test/%";
+NAME
+test/t1
+test/t2
+test/t4
+# Display only encrypted create tables (t3)
+SELECT NAME, CURRENT_KEY_VERSION FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0 AND NAME LIKE "test/%";
+NAME CURRENT_KEY_VERSION
+test/t3 2
+test/t33 1
+alter table t33 encryption_key_id=333;
+ERROR HY000: Table storage engine 'InnoDB' does not support the create option 'ENCRYPTION_KEY_ID'
+# Update key value to version 3
+alter table t33 encryption_key_id=444;
+ERROR HY000: Table storage engine 'InnoDB' does not support the create option 'ENCRYPTION_KEY_ID'
+# Enable encryption when innodb_encryption_rotate_key_age is 0
+set global innodb_encrypt_tables = ON;
+# Wait until encryption threads to encrypt all unencrypted tablespaces
+SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND NAME LIKE "test/%";
+NAME
+test/t4
+# Display only unencrypted create tables (t4)
+SELECT NAME, CURRENT_KEY_VERSION FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0 AND NAME LIKE "test/%";
+NAME CURRENT_KEY_VERSION
+test/t1 3
+test/t2 3
+test/t3 3
+test/t33 1
+# restart: with restart_parameters
+alter table t33 encryption_key_id=555;
+ERROR HY000: Table storage engine 'InnoDB' does not support the create option 'ENCRYPTION_KEY_ID'
+SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND NAME LIKE "test/%";
+NAME
+test/t4
+SELECT NAME, CURRENT_KEY_VERSION FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0 AND NAME LIKE "test/%";
+NAME CURRENT_KEY_VERSION
+test/t1 3
+test/t2 3
+test/t3 3
+test/t33 1
+DROP TABLE t4, t3, t2, t1;
+DROP TABLE t33;
+# restart
View Lorry Controller Status