HADOOP-17953. S3A: Tests to lookup global or per-bucket configuration for encryption algorithm (#3525)

Followup to S3-CSE work of HADOOP-13887

Contributed by Mehakmeet Singh
This commit is contained in:
Mehakmeet Singh 2021-10-21 16:33:50 +05:30 committed by GitHub
parent 0e79681ccf
commit bd077c3814
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 11 deletions

View File

@ -178,7 +178,8 @@ public abstract class FCStatisticsBaseTest {
*
* @param stats
*/
protected abstract void verifyWrittenBytes(Statistics stats);
protected abstract void verifyWrittenBytes(Statistics stats)
throws IOException;
/**
* Returns the filesystem uri. Should be set

View File

@ -22,6 +22,7 @@ import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.io.UncheckedIOException;
import java.net.URI;
import java.nio.file.AccessDeniedException;
@ -41,7 +42,6 @@ import org.apache.hadoop.fs.s3a.AWSCredentialProviderList;
import org.apache.hadoop.fs.s3a.Constants;
import org.apache.hadoop.fs.s3a.DefaultS3ClientFactory;
import org.apache.hadoop.fs.s3a.Invoker;
import org.apache.hadoop.fs.s3a.S3AEncryptionMethods;
import org.apache.hadoop.fs.s3a.S3AFileSystem;
import org.apache.hadoop.fs.s3a.S3ATestUtils;
import org.apache.hadoop.fs.s3a.S3ClientFactory;
@ -69,6 +69,7 @@ import static org.apache.hadoop.fs.s3a.S3ATestUtils.disableFilesystemCaching;
import static org.apache.hadoop.fs.s3a.S3ATestUtils.getTestBucketName;
import static org.apache.hadoop.fs.s3a.S3ATestUtils.removeBaseAndBucketOverrides;
import static org.apache.hadoop.fs.s3a.S3ATestUtils.unsetHadoopCredentialProviders;
import static org.apache.hadoop.fs.s3a.S3AUtils.getEncryptionAlgorithm;
import static org.apache.hadoop.fs.s3a.S3AUtils.getS3EncryptionKey;
import static org.apache.hadoop.fs.s3a.auth.delegation.DelegationConstants.*;
import static org.apache.hadoop.fs.s3a.auth.delegation.DelegationTokenIOException.TOKEN_MISMATCH;
@ -145,9 +146,14 @@ public class ITestSessionDelegationInFileystem extends AbstractDelegationIT {
// disable if assume role opts are off
assumeSessionTestsEnabled(conf);
disableFilesystemCaching(conf);
String s3EncryptionMethod =
conf.getTrimmed(Constants.S3_ENCRYPTION_ALGORITHM,
S3AEncryptionMethods.SSE_KMS.getMethod());
String s3EncryptionMethod;
try {
s3EncryptionMethod =
getEncryptionAlgorithm(getTestBucketName(conf), conf).getMethod();
} catch (IOException e) {
throw new UncheckedIOException("Failed to lookup encryption algorithm.",
e);
}
String s3EncryptionKey = getS3EncryptionKey(getTestBucketName(conf), conf);
removeBaseAndBucketOverrides(conf,
DELEGATION_TOKEN_BINDING,

View File

@ -13,6 +13,7 @@
*/
package org.apache.hadoop.fs.s3a.fileContext;
import java.io.IOException;
import java.net.URI;
import com.amazonaws.services.s3.model.CryptoStorageMode;
@ -32,9 +33,10 @@ import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import static org.apache.hadoop.fs.s3a.Constants.S3_ENCRYPTION_ALGORITHM;
import static org.apache.hadoop.fs.s3a.Constants.S3_ENCRYPTION_KEY;
import static org.apache.hadoop.fs.s3a.S3ATestConstants.KMS_KEY_GENERATION_REQUEST_PARAMS_BYTES_WRITTEN;
import static org.apache.hadoop.fs.s3a.S3ATestUtils.getTestBucketName;
import static org.apache.hadoop.fs.s3a.S3AUtils.getEncryptionAlgorithm;
import static org.apache.hadoop.fs.s3a.S3AUtils.getS3EncryptionKey;
import static org.apache.hadoop.fs.s3a.impl.InternalConstants.CSE_PADDING_LENGTH;
/**
@ -83,12 +85,14 @@ public class ITestS3AFileContextStatistics extends FCStatisticsBaseTest {
* @param stats Filesystem statistics.
*/
@Override
protected void verifyWrittenBytes(FileSystem.Statistics stats) {
protected void verifyWrittenBytes(FileSystem.Statistics stats)
throws IOException {
//No extra bytes are written
long expectedBlockSize = blockSize;
if (conf.get(S3_ENCRYPTION_ALGORITHM, "")
.equals(S3AEncryptionMethods.CSE_KMS.getMethod())) {
String keyId = conf.get(S3_ENCRYPTION_KEY, "");
if (S3AEncryptionMethods.CSE_KMS.getMethod()
.equals(getEncryptionAlgorithm(getTestBucketName(conf), conf)
.getMethod())) {
String keyId = getS3EncryptionKey(getTestBucketName(conf), conf);
// Adding padding length and KMS key generation bytes written.
expectedBlockSize += CSE_PADDING_LENGTH + keyId.getBytes().length +
KMS_KEY_GENERATION_REQUEST_PARAMS_BYTES_WRITTEN;