feat: add generate encrypt key at test framework.

[xiao-77]

Description

Issue(s)

• Close/close/Fix/fix/Resolve/resolve: Issue Link

Checklist

Please check the items in the checklist if applicable.

• Is the user manual updated?
• Are the test cases passed and automated?
• Is there no significant decrease in test coverage?

[gemini-code-assist]

Summary of Changes

Hello @xiao-77, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the test framework by automating the generation of encryption keys for database tests. It centralizes the configuration of encryption settings within test classes and leverages the taosk utility to provision these keys on remote servers before the database service starts. This change streamlines the writing and maintenance of encryption-related tests, ensuring a more robust and consistent testing environment.

Highlights

• Automated Encryption Key Generation: The test framework now automatically generates encryption keys using the taosk utility on remote servers during test setup, eliminating the need for manual CREATE ENCRYPT_KEY SQL commands within individual tests.
• Centralized Encryption Configuration: Test classes can now define encryption parameters (e.g., "svrKey", "dbKey", "dataKey", "generateConfig", "generateMeta", "generateData") via an encryptConfig dictionary, which the framework uses to configure the taosk command.
• Test Case Refactoring: Existing test cases (test_db_create_encrypt.py, test_com_taosd_audit.py) have been updated to remove explicit CREATE ENCRYPT_KEY statements and a redundant recreate_dndoe_encrypt_key method, relying instead on the new framework mechanism.
• CI Integration: Previously commented-out encryption-related test cases in cases.task have been re-enabled, indicating that the new framework supports their execution in the Continuous Integration pipeline.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a feature to generate encryption keys within the test framework. However, it also introduces a critical command injection vulnerability and a high-severity issue with hardcoded cryptographic keys in test files. There are also several medium-severity issues related to code maintainability, portability, and an accidentally committed log file. I recommend addressing the security vulnerabilities before merging.

[Copilot]

Pull request overview

This pull request introduces automated encryption key generation in the test framework, replacing manual encryption key creation in test cases. The changes streamline encryption testing by generating keys automatically before taosd starts, eliminating the need for explicit create encrypt_key SQL statements in individual tests.

Key changes:

• Added framework support for encryption configuration via encryptConfig class attribute in test classes
• Implemented _generate_encrypt_keys_on_remote method to execute taosk command on remote servers during test setup
• Removed manual encryption key creation from test cases and enabled previously disabled encryption tests

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
test/taoskLog.0	Log file that should not be committed to version control
test/new_test_framework/utils/before_test.py	Added update_encrypt_config method to update YAML configuration with encryption settings
test/new_test_framework/taostest/components/taosd.py	Implemented automatic encryption key generation using taosk before starting taosd
test/conftest.py	Added hook to call update_encrypt_config when test class has encryptConfig attribute
test/ci/cases.task	Enabled two previously commented-out encryption-related test cases
test/cases/80-Components/01-Taosd/test_com_taosd_audit.py	Replaced manual key creation with framework-based encryption config
test/cases/02-Databases/01-Create/test_db_create_encrypt.py	Removed manual key creation and deleted obsolete test method for recreating dnode keys

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[tomchon]

LGTM