aws · lucasmcdonald3 · Sep 29, 2025 · Sep 26, 2025 · Sep 26, 2025 · Sep 26, 2025
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -104,3 +104,10 @@ jobs:
           TEST_SERVER_S3_BUCKET: ${{ vars.TEST_SERVER_S3_BUCKET }}
           TEST_SERVER_KMS_KEY_ARN: ${{ vars.TEST_SERVER_KMS_KEY_ARN }}
           GRADLE_OPTS: "-Dorg.gradle.daemon=true -Dorg.gradle.parallel=true -Dorg.gradle.caching=true"
+
+      - name: Upload results
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: results
+          path: test-server/java-tests/build/reports/tests/integ
diff --git a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/RoundTripTests.java b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/RoundTripTests.java
@@ -178,7 +178,7 @@ public void crossLanguageTestKmsWithSubsetEncCtxFails(LanguageServerTarget encLa
                     .build());
             fail("Expected exception!");
         } catch (S3EncryptionClientError e) {
-            if (decLang.getLanguageName().equals(RUBY_V3) || decLang.getLanguageName().equals(RUBY_V2)) {
+            if (decLang.getLanguageName().equals(RUBY_V3) || decLang.getLanguageName().equals(RUBY_V2_CURRENT)) {
                 assertTrue(e.getMessage().contains("Value of encryption context from envelope does not match the provided encryption context"));
             } else {
                 assertTrue(e.getMessage().contains("Provided encryption context does not match information retrieved from S3"));
@@ -234,7 +234,7 @@ public void crossLanguageTestKmsWithIncorrectEncCtxFails(LanguageServerTarget en
               .build());
             fail("Expected exception!");
         } catch (S3EncryptionClientError e) {
-            if (decLang.getLanguageName().equals(RUBY_V3) || decLang.getLanguageName().equals(RUBY_V2)) {
+            if (decLang.getLanguageName().equals(RUBY_V3) || decLang.getLanguageName().equals(RUBY_V2_CURRENT)) {
               assertTrue(e.getMessage().contains("Value of encryption context from envelope does not match the provided encryption context"));
             } else {
               assertTrue(e.getMessage().contains("Provided encryption context does not match information retrieved from S3"));
@@ -374,11 +374,11 @@ public void kmsV1LegacyFailsWhenLegacyDisabled(String language) {
               .build());
             fail("Expected Exception");
         } catch (S3EncryptionClientError e) {
-            if (language.equals(NET_V3) || language.equals(NET_V2) || language.equals(CPP_V2)) {
+            if (language.equals(NET_V3) || language.equals(NET_V2_CURRENT) || language.equals(CPP_V2_CURRENT)) {
               assertTrue(e.getMessage().contains(
                 "The requested object is encrypted with V1 encryption schemas that have been disabled by client configuration"
               ));
-            } else if (language.equals(RUBY_V3) || language.equals(RUBY_V2)) {
+            } else if (language.equals(RUBY_V3) || language.equals(RUBY_V2_CURRENT)) {
               assertTrue(e.getMessage().contains("The requested object is encrypted with V1 encryption schemas that have been disabled by client configuration security_profile = :v2. Retry with :v2_and_legacy or re-encrypt the object."));
             } else {
               assertTrue(e.getMessage().contains("Enable legacy wrapping algorithms to use legacy key wrapping algorithm: kms"));

diff --git a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java
@@ -30,18 +30,40 @@
 import software.amazon.smithy.java.http.api.HttpResponse;
 
 public class TestUtils {
-    // Language constants
-    public static final String JAVA_V3 = "Java-V3";
+
+    // Version name constants
+    // Each language can have up to 3 versions:
+    // vN-Current: Currently released version. Does not support setting commitment policy.
+    // vN-Transition: Proposed feature release version. Supports reading messages encrypted with key commitment.
+    // vN+1: Proposed breaking release version. Supports reading/writing messages encrypted with key commitment.
+
+    public static final String JAVA_V3_CURRENT = "Java-V3-Current";
+    public static final String JAVA_V3_TRANSITION = "Java-V3-Transition";
+    public static final String JAVA_V4 = "Java-V4";
+
+    // No Python S3EC versions are released. Only test V3 as the "vN+1" version.
     public static final String PYTHON_V3 = "Python-V3";
-    public static final String GO_V3 = "Go-V3";
-    public static final String CPP_V2 = "CPP-V2";
-    public static final String NET_V2 = "NET-V2";
+
+    public static final String GO_V3_CURRENT = "Go-V3-Current";
+    public static final String GO_V3_TRANSITION = "Go-V3-Transition";
+    public static final String GO_V4 = "Go-V4";
+
+    public static final String NET_V2_CURRENT = "NET-V2-Current";
+    public static final String NET_V2_TRANSITION = "NET-V2-Transition";
     public static final String NET_V3 = "NET-V3";
-    public static final String PHP_V2 = "PHP-V2";
-    public static final String PHP_V3 = "PHP-V3";
-    public static final String RUBY_V2 = "Ruby-V2";
+
+    public static final String CPP_V2_CURRENT = "CPP-V2-Current";
+    public static final String CPP_V2_TRANSITION = "CPP-V2-Transition";
+    public static final String CPP_V3 = "CPP-V3";
+
+    public static final String RUBY_V2_CURRENT = "Ruby-V2-Current";
+    public static final String RUBY_V2_TRANSITION = "Ruby-V2-Transition";
     public static final String RUBY_V3 = "Ruby-V3";
-
+
+    public static final String PHP_V2_CURRENT = "PHP-V2-Current";
+    public static final String PHP_V2_TRANSITION = "PHP-V2-Transition";
+    public static final String PHP_V3 = "PHP-V3";
+
     // Test configuration constants
     public static final String KMS_KEY_ARN = System.getenv("TEST_SERVER_KMS_KEY_ARN") != null ?
         System.getenv("TEST_SERVER_KMS_KEY_ARN") : "arn:aws:kms:us-west-2:370957321024:alias/S3EC-Test-Server-Github-KMS-Key";
@@ -51,25 +73,63 @@ public class TestUtils {
 
     // Sets of unsupported features by language
     public static final Set<String> ENCRYPTION_CONTEXT_ON_DECRYPT_UNSUPPORTED =
-        Set.of(GO_V3, PHP_V2, PHP_V3, NET_V2, NET_V3);
+        Set.of(GO_V3_CURRENT, PHP_V2_CURRENT, PHP_V3, NET_V2_CURRENT, NET_V3);
 
     public static final Set<String> ENCRYPTION_CONTEXT_ON_ENCRYPT_UNSUPPORTED =
-        Set.of(NET_V2, NET_V3);
+        Set.of(NET_V2_CURRENT, NET_V3);
+
+    public static final Set<String> CURRENT_VERSIONS =
+        Set.of(
+            JAVA_V3_CURRENT,
+            GO_V3_CURRENT,
+            NET_V2_CURRENT,
+            CPP_V2_CURRENT,
+            RUBY_V2_CURRENT,
+            PHP_V2_CURRENT
+        );
+
+    public static final Set<String> TRANSITION_VERSIONS =
+        Set.of(
+            JAVA_V3_TRANSITION,
+            GO_V3_TRANSITION,
+            NET_V2_TRANSITION,
+            CPP_V2_TRANSITION,
+            RUBY_V2_TRANSITION,
+            PHP_V2_TRANSITION
+        );
+
+    public static final Set<String> IMPROVED_VERSIONS =
+        Set.of(
+            JAVA_V4,
+            PYTHON_V3,
+            GO_V4,
+            NET_V3,
+            CPP_V3,
+            RUBY_V3,
+            PHP_V3
+        );
 
     private static final Map<String, LanguageServerTarget> serverMap;
 
     static {
         final Map<String, LanguageServerTarget> servers = new LinkedHashMap<>();
-        servers.put(JAVA_V3, new LanguageServerTarget(JAVA_V3, "8080"));
+        servers.put(JAVA_V3_CURRENT, new LanguageServerTarget(JAVA_V3_CURRENT, "8080"));
         servers.put(PYTHON_V3, new LanguageServerTarget(PYTHON_V3, "8081"));
-        servers.put(GO_V3, new LanguageServerTarget(GO_V3, "8082"));
-        servers.put(NET_V2, new LanguageServerTarget(NET_V2, "8083"));
+        servers.put(GO_V3_CURRENT, new LanguageServerTarget(GO_V3_CURRENT, "8082"));
+        servers.put(NET_V2_CURRENT, new LanguageServerTarget(NET_V2_CURRENT, "8083"));
         servers.put(NET_V3, new LanguageServerTarget(NET_V3, "8084"));
-        servers.put(CPP_V2, new LanguageServerTarget(CPP_V2, "8085"));
-        servers.put(PHP_V2, new LanguageServerTarget(PHP_V2, "8087"));
-        servers.put(PHP_V3, new LanguageServerTarget(PHP_V3, "8093"));
-        servers.put(RUBY_V2, new LanguageServerTarget(RUBY_V2, "8086"));
+        servers.put(CPP_V2_CURRENT, new LanguageServerTarget(CPP_V2_CURRENT, "8085"));
+        servers.put(RUBY_V2_CURRENT, new LanguageServerTarget(RUBY_V2_CURRENT, "8086"));
+        servers.put(PHP_V2_CURRENT, new LanguageServerTarget(PHP_V2_CURRENT, "8087"));
         servers.put(RUBY_V3, new LanguageServerTarget(RUBY_V3, "8092"));
+        servers.put(PHP_V3, new LanguageServerTarget(PHP_V3, "8093"));
+        // TODO: Create and add transition servers
+        // servers.put(JAVA_V3_TRANSITION, new LanguageServerTarget(JAVA_V3_TRANSITION, "8094"));
+        // servers.put(GO_V3_TRANSITION, new LanguageServerTarget(GO_V3_TRANSITION, "8095"));
+        // servers.put(NET_V2_TRANSITION, new LanguageServerTarget(NET_V2_TRANSITION, "8096"));
+        // servers.put(CPP_V2_TRANSITION, new LanguageServerTarget(CPP_V2_TRANSITION, "8097"));
+        // servers.put(RUBY_V2_TRANSITION, new LanguageServerTarget(RUBY_V2_TRANSITION, "8098"));
+        // servers.put(PHP_V2_TRANSITION, new LanguageServerTarget(PHP_V2_TRANSITION, "8099"));
 
         serverMap = filterServers(servers);
     }
@@ -221,6 +281,30 @@ public static Stream<Arguments> clientsForTest() {
             .map(Arguments::of);
     }
 
+    /**
+     * Get stream of arguments for current version clients for testing.
+     */
+    public static Stream<Arguments> currentClientsForTest() {
+        return clientsForTest()
+            .filter(arg -> CURRENT_VERSIONS.contains(arg.get()[0]));
+    }
+
+    /**
+     * Get stream of arguments for transition version clients for testing.
+     */
+    public static Stream<Arguments> transitionClientsForTest() {
+        return clientsForTest()
+            .filter(arg -> TRANSITION_VERSIONS.contains(arg.get()[0]));
+    }
+
+    /**
+     * Get stream of arguments for improved version clients for testing.
+     */
+    public static Stream<Arguments> improvedClientsForTest() {
+        return clientsForTest()
+            .filter(arg -> IMPROVED_VERSIONS.contains(arg.get()[0]));
+    }
+
     /**
      * Provides a stream of arguments for parameterized tests that test cross-language compatibility
      * @return Stream of Arguments containing pairs of LanguageServerTarget for encryption and decryption