From dadba61ed492314ee5767f2f49fe0c1d9f3de911 Mon Sep 17 00:00:00 2001
From: Olav Loite <koloite@gmail.com>
Date: Tue, 23 Jun 2020 09:11:01 +0200
Subject: [PATCH] tests: add additional tests for keys

---
 .../cloud/spanner/it/ITDatabaseAdminTest.java | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/google-cloud-spanner/src/test/java/com/google/cloud/spanner/it/ITDatabaseAdminTest.java b/google-cloud-spanner/src/test/java/com/google/cloud/spanner/it/ITDatabaseAdminTest.java
index 9e84112d6b..14206350e2 100644
--- a/google-cloud-spanner/src/test/java/com/google/cloud/spanner/it/ITDatabaseAdminTest.java
+++ b/google-cloud-spanner/src/test/java/com/google/cloud/spanner/it/ITDatabaseAdminTest.java
@@ -21,13 +21,16 @@
 import static org.junit.Assert.fail;
 import static org.junit.Assume.assumeFalse;
 
+import com.google.api.gax.core.FixedCredentialsProvider;
 import com.google.api.gax.grpc.GrpcInterceptorProvider;
 import com.google.api.gax.longrunning.OperationFuture;
 import com.google.api.gax.paging.Page;
+import com.google.auth.oauth2.GoogleCredentials;
 import com.google.cloud.Timestamp;
 import com.google.cloud.kms.v1.CryptoKey;
 import com.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose;
 import com.google.cloud.kms.v1.KeyManagementServiceClient;
+import com.google.cloud.kms.v1.KeyManagementServiceSettings;
 import com.google.cloud.kms.v1.KeyRing;
 import com.google.cloud.kms.v1.KeyRingName;
 import com.google.cloud.kms.v1.LocationName;
@@ -60,6 +63,7 @@
 import io.grpc.Metadata;
 import io.grpc.MethodDescriptor;
 import io.grpc.Status;
+import java.io.FileInputStream;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
@@ -212,6 +216,26 @@ public void listPagination() throws Exception {
     assertThat(dbIdsGot).containsAtLeastElementsIn(dbIds);
   }
 
+  @Test
+  public void testCreateEncryptedDatabaseWithExistingKey() throws Exception {
+    Database db =
+        dbAdminClient
+            .newDatabaseBuilder(
+                DatabaseId.of(testHelper.getInstanceId(), testHelper.getUniqueDatabaseId()))
+            .setEncryptionConfigInfo(EncryptionConfigInfo.ofKey("projects/appdev-soda-spanner-staging/locations/us-central1/keyRings/cmek_demo/cryptoKeys/client-libs-staging-cmek-key"))
+            .build();
+    db = dbAdminClient.createDatabase(db, ImmutableList.<String>of()).get();
+    assertThat(db).isNotNull();
+
+    // Get the database again from the backend and verify that it is encrypted.
+    Database database =
+        dbAdminClient.getDatabase(
+            testHelper.getInstanceId().getInstance(), db.getId().getDatabase());
+    assertThat(database.getEncryptionConfigInfo()).isNotNull();
+    assertThat(database.getEncryptionConfigInfo().getKmsKeyName())
+        .isEqualTo("projects/appdev-soda-spanner-staging/locations/us-central1/keyRings/cmek_demo/cryptoKeys/client-libs-staging-cmek-key");
+  }
+
   @Test
   public void testCreateEncryptedDatabase() throws Exception {
     Random rnd = new Random();