Re: [PR] [feature](Cloud) Add S3 storage vault implementation [doris]

Wed, 10 Apr 2024 23:29:23 -0700 


platoneko commented on code in PR #33377:
URL: https://github.com/apache/doris/pull/33377#discussion_r1560380387


##########
cloud/src/meta-service/meta_service_resource.cpp:
##########
@@ -404,6 +404,82 @@ static int add_hdfs_storage_vault(InstanceInfoPB& 
instance, Transaction* txn,
     return 0;
 }
 
+static std::optional<ObjectStoreInfoPB> create_object_info_with_encrypt(
+        InstanceInfoPB& instance, const ObjectStoreInfoPB& obj, bool 
sse_enabled,
+        MetaServiceCode& code, std::string& msg) {
+    std::string plain_ak = obj.has_ak() ? obj.ak() : "";
+    std::string plain_sk = obj.has_sk() ? obj.sk() : "";
+    std::string bucket = obj.has_bucket() ? obj.bucket() : "";
+    std::string prefix = obj.has_prefix() ? obj.prefix() : "";
+    // format prefix, such as `/aa/bb/`, `aa/bb//`, `//aa/bb`, `  /aa/bb` -> 
`aa/bb`
+    prefix = trim(prefix);
+    std::string endpoint = obj.has_endpoint() ? obj.endpoint() : "";
+    std::string external_endpoint = obj.has_external_endpoint() ? 
obj.external_endpoint() : "";
+    std::string region = obj.has_region() ? obj.region() : "";
+
+    // ATTN: prefix may be empty
+    if (plain_ak.empty() || plain_sk.empty() || bucket.empty() || 
endpoint.empty() ||
+        region.empty() || !obj.has_provider() || external_endpoint.empty()) {
+        code = MetaServiceCode::INVALID_ARGUMENT;
+        msg = "s3 conf info err, please check it";
+        return std::nullopt;
+    }
+    EncryptionInfoPB encryption_info;
+    AkSkPair cipher_ak_sk_pair;
+    auto ret = encrypt_ak_sk_helper(plain_ak, plain_sk, &encryption_info, 
&cipher_ak_sk_pair, code,
+                                    msg);
+    {
+        [[maybe_unused]] std::tuple ak_sk_ret {&ret, &code, &msg};
+        TEST_SYNC_POINT_CALLBACK("create_object_info_with_encrypt", 
&ak_sk_ret);
+    }
+    if (ret != 0) {
+        return std::nullopt;
+    }
+
+    ObjectStoreInfoPB obj_info;
+    if (obj.has_user_id()) {
+        obj_info.set_user_id(obj.user_id());
+    }
+    obj_info.set_ak(std::move(cipher_ak_sk_pair.first));
+    obj_info.set_sk(std::move(cipher_ak_sk_pair.second));
+    obj_info.mutable_encryption_info()->CopyFrom(encryption_info);
+    obj_info.set_bucket(bucket);
+    obj_info.set_prefix(prefix);
+    obj_info.set_endpoint(endpoint);
+    obj_info.set_external_endpoint(external_endpoint);
+    obj_info.set_region(region);
+    obj_info.set_provider(obj.provider());
+    std::ostringstream oss;

Review Comment:
   Unused variable



##########
cloud/src/meta-service/meta_service_resource.cpp:
##########
@@ -404,6 +404,82 @@ static int add_hdfs_storage_vault(InstanceInfoPB& 
instance, Transaction* txn,
     return 0;
 }
 
+static std::optional<ObjectStoreInfoPB> create_object_info_with_encrypt(
+        InstanceInfoPB& instance, const ObjectStoreInfoPB& obj, bool 
sse_enabled,
+        MetaServiceCode& code, std::string& msg) {

Review Comment:
   
   ```suggestion
   static void create_object_info_with_encrypt(
           const InstanceInfoPB& instance, const ObjectStoreInfoPB& obj, bool 
sse_enabled,
           ObjectStoreInfoPB& out, MetaServiceCode& code, std::string& msg) {
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org

Reply via email to