sajjad-moradi opened a new pull request #5617: URL: https://github.com/apache/incubator-pinot/pull/5617
## Description Currently if one wants to have their segments encrypted on Pinot cluster, they need to encrypt the segments before upload and then on the upload http request, `CRYPTER` header with crypter class name as the value needs to be set. In this PR, encryption is added on Controller side by introducing an optional config `crypterClassName` int table config. In UploadSegment path of Controller's REST API, this config is retrieved and if its value is not null, it triggers segment encryption using the specified crypter. Note that to have less pressure on ZK for retrieving table config on each segment upload, an existing cache for table configs, `TableCache` in `HelixResourceManager` is being used. ## Testing Done Ran Controller, Server, and Broker locally with the new changes and verified the desired behavior in different scenarios for uploading segments: 1. `CRYPTER` flag set to `NoOpPinotCrypter` 2. `crypterClassName` config set to `NoOpPinotCrypter` 3. Both 1 and 2 4. Neither Also in each scenario, checked the value of crypter property of the uploaded segment ZK metadata. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org
