mirror of https://github.com/apache/druid.git
Implement EnvironmentVariablePasswordProvider (#3329)
* Implement EnvironmentVariablePasswordProvider * Review Comment : rename passwordKey to passwordVariable * add docs * improve doc layout * review comment: rename property for variable
This commit is contained in:
parent
8899affe48
commit
8035c73409
|
@ -0,0 +1,81 @@
|
|||
/*
|
||||
* Licensed to Metamarkets Group Inc. (Metamarkets) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. Metamarkets licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package io.druid.metadata;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonCreator;
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
import com.google.common.base.Preconditions;
|
||||
|
||||
public class EnvironmentVariablePasswordProvider implements PasswordProvider
|
||||
{
|
||||
private final String variable;
|
||||
|
||||
@JsonCreator
|
||||
public EnvironmentVariablePasswordProvider(
|
||||
@JsonProperty("variable") String variable
|
||||
)
|
||||
{
|
||||
this.variable = Preconditions.checkNotNull(variable);
|
||||
}
|
||||
|
||||
@JsonProperty("variable")
|
||||
public String getVariable()
|
||||
{
|
||||
return variable;
|
||||
}
|
||||
|
||||
@JsonIgnore
|
||||
@Override
|
||||
public String getPassword()
|
||||
{
|
||||
return System.getenv(variable);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString()
|
||||
{
|
||||
return "EnvironmentVariablePasswordProvider{" +
|
||||
"variable='" + variable + '\'' +
|
||||
'}';
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object o)
|
||||
{
|
||||
if (this == o) {
|
||||
return true;
|
||||
}
|
||||
if (o == null || getClass() != o.getClass()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
EnvironmentVariablePasswordProvider that = (EnvironmentVariablePasswordProvider) o;
|
||||
|
||||
return variable != null ? variable.equals(that.variable) : that.variable == null;
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode()
|
||||
{
|
||||
return variable != null ? variable.hashCode() : 0;
|
||||
}
|
||||
}
|
|
@ -26,9 +26,11 @@ import com.fasterxml.jackson.annotation.JsonTypeInfo;
|
|||
/**
|
||||
* Implement this for different ways to (optionally securely) access db passwords.
|
||||
*/
|
||||
@JsonTypeInfo(use= JsonTypeInfo.Id.NAME, property="type", defaultImpl = DefaultPasswordProvider.class)
|
||||
@JsonSubTypes(value={
|
||||
@JsonSubTypes.Type(name="default", value=DefaultPasswordProvider.class),
|
||||
@JsonTypeInfo(use = JsonTypeInfo.Id.NAME, property = "type", defaultImpl = DefaultPasswordProvider.class)
|
||||
@JsonSubTypes(value = {
|
||||
@JsonSubTypes.Type(name = "default", value = DefaultPasswordProvider.class),
|
||||
@JsonSubTypes.Type(name = "environment", value = EnvironmentVariablePasswordProvider.class),
|
||||
|
||||
})
|
||||
public interface PasswordProvider
|
||||
{
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
/*
|
||||
* Licensed to Metamarkets Group Inc. (Metamarkets) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. Metamarkets licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package io.druid.metadata;
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
public class EnvironmentVariablePasswordProviderTest
|
||||
{
|
||||
private static final ObjectMapper jsonMapper = new ObjectMapper();
|
||||
|
||||
@Test
|
||||
public void testSerde() throws IOException
|
||||
{
|
||||
String providerString = "{\"type\": \"environment\", \"variable\" : \"test\"}";
|
||||
PasswordProvider provider = jsonMapper.readValue(providerString, PasswordProvider.class);
|
||||
Assert.assertTrue(provider instanceof EnvironmentVariablePasswordProvider);
|
||||
Assert.assertEquals("test", ((EnvironmentVariablePasswordProvider) provider).getVariable());
|
||||
PasswordProvider serde = jsonMapper.readValue(jsonMapper.writeValueAsString(provider), PasswordProvider.class);
|
||||
Assert.assertEquals(provider, serde);
|
||||
}
|
||||
}
|
|
@ -198,7 +198,7 @@ These properties specify the jdbc connection and other configuration around the
|
|||
|`druid.metadata.storage.type`|The type of metadata storage to use. Choose from "mysql", "postgresql", or "derby".|derby|
|
||||
|`druid.metadata.storage.connector.connectURI`|The jdbc uri for the database to connect to|none|
|
||||
|`druid.metadata.storage.connector.user`|The username to connect with.|none|
|
||||
|`druid.metadata.storage.connector.password`|The password to connect with.|none|
|
||||
|`druid.metadata.storage.connector.password`|The password provider or String password used to connect with.|none|
|
||||
|`druid.metadata.storage.connector.createTables`|If Druid requires a table and it doesn't exist, create it?|true|
|
||||
|`druid.metadata.storage.tables.base`|The base name for tables.|druid|
|
||||
|`druid.metadata.storage.tables.segments`|The table to use to look for segments.|druid_segments|
|
||||
|
@ -210,6 +210,26 @@ These properties specify the jdbc connection and other configuration around the
|
|||
|`druid.metadata.storage.tables.supervisors`|Used by the indexing service to store supervisor configurations.|druid_supervisors|
|
||||
|`druid.metadata.storage.tables.audit`|The table to use for audit history of configuration changes e.g. Coordinator rules.|druid_audit|
|
||||
|
||||
#### Password Provider
|
||||
|
||||
Environment variable password provider provides password by looking at specified environment variable. Use this in order to avoid specifying password in runtime.properties file.
|
||||
e.g
|
||||
|
||||
```json
|
||||
{
|
||||
"type": "environment",
|
||||
"variable": "METADATA_STORAGE_PASSWORD"
|
||||
}
|
||||
```
|
||||
|
||||
The values are described below.
|
||||
|
||||
|Field|Type|Description|Required|
|
||||
|-----|----|-----------|--------|
|
||||
|`type`|String|password provider type|Yes: `environment`|
|
||||
|`variable`|String|environment variable to read password from|Yes|
|
||||
|
||||
|
||||
### Deep Storage
|
||||
|
||||
The configurations concern how to push and pull [Segments](../design/segments.html) from deep storage.
|
||||
|
|
Loading…
Reference in New Issue