From 3fbc5f3a683d8eb251692785cf229ee3c21dbb55 Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Sat, 21 Jun 2025 08:06:24 -0400
Subject: [PATCH 1/4] ignore client cert created for test

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index a88a7556e2..74ed0bbb70 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,6 +30,7 @@ expansion.yml
 .evergreen/scripts/test-env.sh
 specifications/
 results.json
+.evergreen/atlas_x509_dev_client_certificate.pem
 
 # Lambda temp files
 test/lambda/.aws-sam

From 6ae57a4b0a4177ab156da9ea9a85c8373897f5e7 Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Sat, 21 Jun 2025 08:07:23 -0400
Subject: [PATCH 2/4] PYTHON-5373 test client auth on cloud-dev

---
 .evergreen/scripts/setup_tests.py | 10 +++++++++-
 test/atlas/test_connection.py     |  4 ++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py
index a4ff77ab71..63665dd200 100644
--- a/.evergreen/scripts/setup_tests.py
+++ b/.evergreen/scripts/setup_tests.py
@@ -417,7 +417,15 @@ def handle_test_env() -> None:
             run_command(f"bash {auth_aws_dir}/setup-secrets.sh")
 
     if test_name == "atlas_connect":
-        get_secrets("drivers/atlas_connect")
+        secrets = get_secrets("drivers/atlas_connect")
+
+        # Write file with Atlas X509 client certificate:
+        decoded = base64.b64decode(secrets["ATLAS_X509_DEV_CERT_BASE64"]).decode("utf8")
+        cert_file = ROOT / ".evergreen/atlas_x509_dev_client_certificate.pem"
+        with cert_file.open("w") as file:
+            file.write(decoded)
+        write_env("ATLAS_X509_DEV_WITH_CERT", secrets["ATLAS_X509_DEV"] + "&tlsCertificateKeyFile=" + str(cert_file))
+
         # We do not want the default client_context to be initialized.
         write_env("DISABLE_CONTEXT")
 
diff --git a/test/atlas/test_connection.py b/test/atlas/test_connection.py
index 0961f1084f..ac217ab40d 100644
--- a/test/atlas/test_connection.py
+++ b/test/atlas/test_connection.py
@@ -42,6 +42,7 @@
     "ATLAS_SRV_FREE": os.environ.get("ATLAS_SRV_FREE"),
     "ATLAS_SRV_TLS11": os.environ.get("ATLAS_SRV_TLS11"),
     "ATLAS_SRV_TLS12": os.environ.get("ATLAS_SRV_TLS12"),
+    "ATLAS_X509_DEV_WITH_CERT": os.environ.get("ATLAS_X509_DEV_WITH_CERT"),
 }
 
 
@@ -91,6 +92,9 @@ def test_srv_tls_11(self):
     def test_srv_tls_12(self):
         self.connect_srv(URIS["ATLAS_SRV_TLS12"])
 
+    def test_x509_with_cert(self):
+        self.connect(URIS["ATLAS_X509_DEV_WITH_CERT"])
+
     def test_uniqueness(self):
         """Ensure that we don't accidentally duplicate the test URIs."""
         uri_to_names = defaultdict(list)

From 39a32d1d271e15932bd5db1f5385997badf41892 Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Mon, 7 Jul 2025 16:31:10 -0400
Subject: [PATCH 3/4] add missing expansion

---
 .evergreen/generated_configs/variants.yml | 2 ++
 .evergreen/scripts/generate_config.py     | 1 +
 2 files changed, 3 insertions(+)

diff --git a/.evergreen/generated_configs/variants.yml b/.evergreen/generated_configs/variants.yml
index 939d7bbdef..e98b0d342c 100644
--- a/.evergreen/generated_configs/variants.yml
+++ b/.evergreen/generated_configs/variants.yml
@@ -75,6 +75,8 @@ buildvariants:
     display_name: Atlas connect RHEL8
     run_on:
       - rhel87-small
+    expansions:
+      TEST_NAME: atlas_connect
     tags: [pr]
 
   # Atlas data lake tests
diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py
index 1bd54b80ae..060409f85b 100644
--- a/.evergreen/scripts/generate_config.py
+++ b/.evergreen/scripts/generate_config.py
@@ -425,6 +425,7 @@ def create_atlas_connect_variants():
             get_variant_name("Atlas connect", host),
             tags=["pr"],
             host=DEFAULT_HOST,
+            expansions = dict(TEST_NAME="atlas_connect")
         )
     ]
 

From 3ab22b40a99c1d28b46cf096648d4681d9bf18d3 Mon Sep 17 00:00:00 2001
From: Kevin Albertson <kevin.albertson@mongodb.com>
Date: Mon, 7 Jul 2025 21:35:38 -0400
Subject: [PATCH 4/4] format

---
 .evergreen/scripts/generate_config.py | 2 +-
 .evergreen/scripts/setup_tests.py     | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py
index 060409f85b..a30beb1d39 100644
--- a/.evergreen/scripts/generate_config.py
+++ b/.evergreen/scripts/generate_config.py
@@ -425,7 +425,7 @@ def create_atlas_connect_variants():
             get_variant_name("Atlas connect", host),
             tags=["pr"],
             host=DEFAULT_HOST,
-            expansions = dict(TEST_NAME="atlas_connect")
+            expansions=dict(TEST_NAME="atlas_connect"),
         )
     ]
 
diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py
index 63665dd200..9f383d9425 100644
--- a/.evergreen/scripts/setup_tests.py
+++ b/.evergreen/scripts/setup_tests.py
@@ -424,7 +424,10 @@ def handle_test_env() -> None:
         cert_file = ROOT / ".evergreen/atlas_x509_dev_client_certificate.pem"
         with cert_file.open("w") as file:
             file.write(decoded)
-        write_env("ATLAS_X509_DEV_WITH_CERT", secrets["ATLAS_X509_DEV"] + "&tlsCertificateKeyFile=" + str(cert_file))
+        write_env(
+            "ATLAS_X509_DEV_WITH_CERT",
+            secrets["ATLAS_X509_DEV"] + "&tlsCertificateKeyFile=" + str(cert_file),
+        )
 
         # We do not want the default client_context to be initialized.
         write_env("DISABLE_CONTEXT")