Skip to content

[Feature][Config] Support custom config keys for encrypt/decrypt #8739

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Hisoka-X merged 1 commit into from
Feb 20, 2025
Merged

[Feature][Config] Support custom config keys for encrypt/decrypt #8739

Hisoka-X merged 1 commit into from
Feb 20, 2025

Conversation

@remones
Copy link
Contributor

@remones remones commented Feb 16, 2025

Purpose of this pull request

support custom config keys for encrypt/decrypt
related issue: #8511

Does this PR introduce any user-facing change?

Yes. config encryption/decryption now supports shade.options, allowing users to add custom parameters that intend to be encrypted/decrypted.

How was this patch tested?

Exist tests

Check list

@github-actions github-actions bot added document core SeaTunnel core module api labels Feb 16, 2025
@remones remones mentioned this pull request Feb 16, 2025
Closed
3 tasks
@Hisoka-X Hisoka-X added the First-time contributor First-time contributor label Feb 17, 2025
@Hisoka-X
Copy link
Member

Hisoka-X commented Feb 17, 2025

Please follow the guide to open github action on your fork repository. https://github.com/apache/seatunnel/pull/8739/checks?check_run_id=37293359572

@remones remones force-pushed the feature/custom-encrypt-options branch 5 times, most recently from 94129d4 to 48f123d Compare February 17, 2025 09:59
Hisoka-X
Hisoka-X reviewed Feb 18, 2025
View reviewed changes
...nel-core-starter/src/main/java/org/apache/seatunnel/core/starter/utils/ConfigShadeUtils.java Outdated
return ConfigFactory.parseMap(configMap);
}

public static List<String> getSensitiveOptions(Config config) {
Copy link
Member

@Hisoka-X Hisoka-X Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use set as return type?

Copy link
Contributor Author

@remones remones Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, I'll revise it, and do you have any other suggestions or comments?

Copy link
Member

@Hisoka-X Hisoka-X Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

overall LGTM.

@remones remones force-pushed the feature/custom-encrypt-options branch from 48f123d to f352f20 Compare February 18, 2025 07:48
litiliu
litiliu reviewed Feb 18, 2025
View reviewed changes
docs/en/connector-v2/Config-Encryption-Decryption.md
env {
parallelism = 1
shade.identifier = "base64"
shade.options = ["username", "password", "f1", "config1.f1", "config2.list"]
Copy link
Contributor

@litiliu litiliu Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it better to rename to shade.keys?

Copy link
Contributor Author

@remones remones Feb 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@litiliu I don't think so, shade.options may be clearer in config context, especially with default values.

litiliu
litiliu reviewed Feb 18, 2025
View reviewed changes
...nel-core-starter/src/main/java/org/apache/seatunnel/core/starter/utils/ConfigShadeUtils.java Outdated
: ConfigFactory.empty(),
SHADE_OPTIONS_OPTION,
new ArrayList<>()));
sensitiveOptions.addAll(new ArrayList<>(Arrays.asList(DEFAULT_SENSITIVE_KEYWORDS)));
Copy link
Contributor

@litiliu litiliu Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can directly use sensitiveOptions.addAll(Arrays.asList(DEFAULT_SENSITIVE_KEYWORDS));

litiliu
litiliu reviewed Feb 18, 2025
View reviewed changes
...tunnel-core-starter/src/main/java/org/apache/seatunnel/core/starter/utils/ConfigBuilder.java
if (Arrays.asList(DEFAULT_SENSITIVE_KEYWORDS)
.contains(key.toLowerCase())) {
m.put(key, "******");
if (sensitiveKeywords.contains(key.toLowerCase())) {
Copy link
Contributor

@litiliu litiliu Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is the toLowerCase needed here? As in the doc, we didn't specify whether we can match with the ignore case.

Copy link
Member

@Hisoka-X Hisoka-X Feb 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't care keywords case. The old behavior already convert to lowercase https://github.com/apache/seatunnel/pull/8739/files#diff-f4fa1a9b065718cc135d232712063b7b3a9135933396dd2674253da754d95c86L131. So I think we should keep it. cc @remones

@remones remones force-pushed the feature/custom-encrypt-options branch from f352f20 to fe8d1e3 Compare February 19, 2025 02:19
@Hisoka-X Hisoka-X linked an issue Feb 19, 2025 that may be closed by this pull request
[Feature][Config] Support custom config keys for encrypt/decrypt #8511
Closed
3 tasks
@remones remones force-pushed the feature/custom-encrypt-options branch from fe8d1e3 to a30c818 Compare February 19, 2025 03:14
Hisoka-X
Hisoka-X previously approved these changes Feb 19, 2025
View reviewed changes
Copy link
Member

@Hisoka-X Hisoka-X left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. cc @hailin0

hailin0
hailin0 reviewed Feb 19, 2025
View reviewed changes
@remones remones force-pushed the feature/custom-encrypt-options branch from a30c818 to ef251fb Compare February 19, 2025 07:53
@remones
Copy link
Contributor Author

remones commented Feb 19, 2025

I noticed that every time I push a new commit, the GitHub Actions test workflow runs for over an hour, and some e2e test cases are not stable so it may fail sometimes. do you have any suggestions for this? cc @Hisoka-X @hailin0

@hailin0
Copy link
Member

hailin0 commented Feb 19, 2025

I noticed that every time I push a new commit, the GitHub Actions test workflow runs for over an hour, and some e2e test cases are not stable so it may fail sometimes. do you have any suggestions for this? cc @Hisoka-X @hailin0

If you are interested, you can fix the unstable test case

@Hisoka-X Hisoka-X merged commit b16aac2 into apache:dev Feb 20, 2025
7 checks passed
@remones remones deleted the feature/custom-encrypt-options branch February 20, 2025 02:05
zax1314157 pushed a commit to zax1314157/seatunnel that referenced this pull request Feb 24, 2025
@remones
[Feature][Config] Support custom config keys for encrypt/decrypt (apa…
6c85da0 
…che#8739)

Co-authored-by: wanqifei <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hailin0 hailin0 hailin0 approved these changes

@Hisoka-X Hisoka-X Hisoka-X approved these changes

+1 more reviewer

@litiliu litiliu litiliu left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

api approved core SeaTunnel core module document First-time contributor First-time contributor reviewed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature][Config] Support custom config keys for encrypt/decrypt

4 participants

@remones @Hisoka-X @hailin0 @litiliu