Skip to content

HADOOP-17912. ABFS: Support for Encryption Context #3440

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
sumangala-patki wants to merge 86 commits into from
Closed

HADOOP-17912. ABFS: Support for Encryption Context #3440

Show file tree
Hide file tree
Changes from 19 commits
Commits
Show all changes
86 commits
Select commit Hold shift + click to select a range
9dc24eb
config to req headers
sumangala17 Sep 15, 2021
bd579f2
cache keys, refactor client encr into 1 fn, outstream
sumangala17 Sep 16, 2021
59d171f
use existing getpathstatus, cache at stream open
sumangala17 Sep 16, 2021
538820e
main code change
sumangala17 Sep 20, 2021
09c0fbb
other tests syntax fix
sumangala17 Sep 20, 2021
10adf42
encryption test
sumangala17 Sep 20, 2021
84df4a2
encryption adapter
sumangala17 Sep 21, 2021
7365d82
move key fetch/compute to client
sumangala17 Sep 21, 2021
ffb4764
enc-cxt - SecretKey, fetch key object from provider
sumangala17 Sep 22, 2021
31f4c0f
refactor, move cpk to adapter, abfsKey cxt
sumangala17 Oct 1, 2021
af6cd1d
partial bug fix
sumangala17 Oct 4, 2021
2ad36d3
fix mockProv map, clean up
sumangala17 Oct 5, 2021
0e19fd4
tests, formatting, fix cpk test path
sumangala17 Oct 11, 2021
4dc1601
cpk test minor change
sumangala17 Oct 11, 2021
8998bc0
fix merge conflicts
sumangala17 Oct 11, 2021
8357830
checkstyle
sumangala17 Oct 11, 2021
8035ed7
javadoc
sumangala17 Oct 11, 2021
3bf75c3
add parameterized test
sumangala17 Oct 14, 2021
fdc3149
complete tests
sumangala17 Oct 14, 2021
a3559a3
address review comments
sumangala17 Nov 10, 2021
99cf2bd
test to use random context and key strings
sumangala17 Nov 19, 2021
f6bb16f
fix merge conflicts, correct import
sumangala17 Nov 19, 2021
ae6fce6
Merge branch 'trunk' into HADOOP-17912
sumangala17 Nov 22, 2021
04a73e0
grp createpath args, pre-computed key configs, x-ms-version
sumangala17 Nov 22, 2021
d96e08d
allow account specific ECP only
sumangala17 Nov 23, 2021
fb75454
encryption context encoding + checkstyle
sumangala17 Nov 30, 2021
ac6ff51
merge conflict
sumangala17 Nov 30, 2021
3caeb7b
generalize key -> String to byte array, add doc for cpk options
sumangala17 Dec 2, 2021
a2fc26e
Merge branch 'trunk' into HADOOP-17912
sumangala17 Dec 31, 2021
b840da3
yetus fix
sumangala17 Jan 2, 2022
72b5f2f
yetus blanks
sumangala17 Jan 3, 2022
66eb217
sync with trunk
sumangala17 May 11, 2022
1721d43
merge
sumangala17 May 11, 2022
15a0ce8
skip for nonHNS account
sumangala17 May 13, 2022
2f2947c
override final variable xMsVersion in mock to fix NPE
sumangala17 May 13, 2022
16973d4
merged pranavsaxena-microsoft:HADOOP-17912-backemerge
saxenapranav Jul 8, 2022
c27c28d
backmerged pranavsaxena:trunk
saxenapranav Jul 8, 2022
0e700ca
backmerged apache/hadoop:trunk
saxenapranav Jul 8, 2022
4164ee2
remove additional space
saxenapranav Jul 8, 2022
6c05dac
Findbug resolution
saxenapranav Jul 8, 2022
cd7d055
take out ABFSKey class out; Ensure that ABFSKey is used by the Encryp…
saxenapranav Jul 12, 2022
926e7d9
refactor
saxenapranav Jul 12, 2022
af5e90b
Added Apache license
saxenapranav Jul 19, 2022
9505ed9
initial commit
mariosmeim-db Sep 1, 2022
f3abbb9
revert unrelated change
mariosmeim-db Sep 1, 2022
a3d31f1
remove unused import
mariosmeim-db Sep 2, 2022
5842b28
minor
mariosmeim-db Sep 2, 2022
1f1d9d1
clean up deps
mariosmeim-db Sep 2, 2022
4f86224
fix test
mariosmeim-db Sep 7, 2022
873b3fe
purge buffers before destroying adapter
mariosmeim-db Sep 7, 2022
e8c1fb5
checkstyle
saxenapranav Sep 15, 2022
ae2d065
checkstyle-2
saxenapranav Sep 15, 2022
4f1e33b
read in test should have etag
saxenapranav Sep 16, 2022
8806ceb
general code refactor
saxenapranav Oct 7, 2022
ef092dd
general refactor
saxenapranav Oct 7, 2022
fec93f4
Made ABFSKey final
saxenapranav Oct 7, 2022
c2d35d8
added javadocs
saxenapranav Oct 7, 2022
1e987a5
refactors
saxenapranav Oct 7, 2022
6364cfb
added javadocs.
saxenapranav Oct 10, 2022
a1b1906
small refactors + javadocs
saxenapranav Oct 10, 2022
d35a276
removed null handling of encryptionAdapter in abfsclient.addEncryptio…
saxenapranav Oct 11, 2022
450324a
refactored how encryptionAdapter was created in case of versionFileSt…
saxenapranav Oct 11, 2022
183f1bc
small refactors
saxenapranav Oct 12, 2022
d0a16bd
fixed tests
saxenapranav Oct 12, 2022
a69ee4a
refactored condition in openFileForRead
saxenapranav Oct 17, 2022
061930b
getIsNamespace in abfsclient
saxenapranav Nov 17, 2022
00bd8c3
Added NamespaceUtil
saxenapranav Nov 17, 2022
a642ef3
ListResultEntrySchema to have value for x-ms-encryption-context: http…
saxenapranav Nov 21, 2022
56f3efa
added test for the listPath
saxenapranav Nov 21, 2022
adc82f6
test for: using result of listStatus to open a file in case the file …
saxenapranav Dec 8, 2022
241fb9b
Remove public documentation for Encryption Options.
saxenapranav Dec 12, 2022
9daea68
remove non required import in abfsOutputStream; itestAbfsCustomEncryp…
saxenapranav Dec 12, 2022
2313790
small refactors
saxenapranav Dec 12, 2022
aee1c7b
refactor mock verification so that parameter can be null
saxenapranav Dec 12, 2022
bb45ae9
assertions changed for abfsclient namespaceEnabled check
saxenapranav Dec 13, 2022
3c6eddb
Revert "assertions changed for abfsclient namespaceEnabled check"
saxenapranav Dec 13, 2022
a231592
AbfsClientUtils to set certain fields for test. AbfsClient to have pa…
saxenapranav Dec 13, 2022
6ab375c
added javadocs; indentation; comments on https://github.com/sumangala…
saxenapranav Dec 22, 2022
aaf1582
minor change
saxenapranav Dec 22, 2022
f9658e0
backmerged trunk
saxenapranav Dec 29, 2022
4002da6
minor refactor
saxenapranav Dec 29, 2022
1990a48
testAbfsInputStream method signature change refactor
saxenapranav Dec 29, 2022
a2472d5
spotbugs + javadocs
saxenapranav Dec 29, 2022
95b0f9d
javadocs refactor
saxenapranav Jan 2, 2023
0cd8c8c
checkstyle
saxenapranav Jan 2, 2023
b718b3c
javaodocs; import; unnecessary condition.
saxenapranav Jan 5, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 32 additions & 1 deletion hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/AbfsConfiguration.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import java.io.IOException;
import java.lang.reflect.Field;

import org.apache.hadoop.fs.azurebfs.extensions.EncryptionContextProvider;
Copy link
Contributor

@steveloughran steveloughran Oct 6, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

move down to line 46

Copy link
Contributor

@saxenapranav saxenapranav Jan 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have fixed it.

import org.apache.hadoop.thirdparty.com.google.common.annotations.VisibleForTesting;
import org.apache.hadoop.thirdparty.com.google.common.base.Preconditions;

Expand Down Expand Up @@ -906,6 +907,36 @@ public SASTokenProvider getSASTokenProvider() throws AzureBlobFileSystemExceptio
}
}

public EncryptionContextProvider initializeEncryptionContextProvider() {
Copy link

@mariosmeim-db mariosmeim-db Nov 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the actual call to initialize() takes place in https://github.com/apache/hadoop/pull/3440/files#diff-94925ffd3b21968d7e6b476f7e85f68f5ea326f186262017fad61a5a6a3815cbR1630, maybe this should be renamed to createEncryptionContextProvider.

Copy link
Contributor Author

@sumangala-patki sumangala-patki Nov 10, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

renamed


try {
String configKey = FS_AZURE_ENCRYPTION_CONTEXT_PROVIDER_TYPE;
if (get(configKey) == null) {
Copy link

@mariosmeim-db mariosmeim-db Nov 16, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this config be strictly per account? Else it might cause problems with instantiating a file system with no intend to use encryption. It will try to create a provider for it anyway. Or am I missing something?

Copy link
Contributor Author

@sumangala-patki sumangala-patki Nov 23, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, keeping it account-agnostic would cause other accounts to instantiate EncryptionContextProvider (ECP) as well. Have made the provider config account-specific. However, each account that uses ECP will need to have its own account-specific entry in the config file

return null;
}
Class<? extends EncryptionContextProvider> encryptionContextClass =
getAccountSpecificClass(configKey, null, EncryptionContextProvider.class);
if (encryptionContextClass == null) {
encryptionContextClass = getAccountAgnosticClass(configKey, null,
EncryptionContextProvider.class);
}
Preconditions.checkArgument(encryptionContextClass != null,
String.format("The configuration value for %s is invalid.", configKey));

EncryptionContextProvider encryptionContextProvider =
ReflectionUtils.newInstance(encryptionContextClass, rawConfig);
Preconditions.checkArgument(encryptionContextProvider != null,
String.format("Failed to initialize %s", encryptionContextClass));

LOG.trace("Initializing {}", encryptionContextClass.getName());
LOG.trace("{} init complete", encryptionContextClass.getName());
return encryptionContextProvider;
} catch (Exception e) {
throw new IllegalArgumentException("Unable to load encryption context provider class: ", e);
}

}

public int getReadAheadRange() {
return this.readAheadRange;
}
Expand Down Expand Up @@ -1009,7 +1040,7 @@ public boolean enableAbfsListIterator() {
}

public String getClientProvidedEncryptionKey() {
String accSpecEncKey = accountConf(FS_AZURE_CLIENT_PROVIDED_ENCRYPTION_KEY);
String accSpecEncKey = accountConf(FS_AZURE_ENCRYPTION_CLIENT_PROVIDED_KEY);
return rawConfig.get(accSpecEncKey, null);
}

Expand Down
89 changes: 69 additions & 20 deletions ...ls/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/AzureBlobFileSystemStore.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,9 @@
import java.util.concurrent.ExecutorService;
import java.util.concurrent.TimeUnit;

import org.apache.hadoop.fs.azurebfs.extensions.EncryptionContextProvider;
import org.apache.hadoop.fs.azurebfs.security.EncryptionAdapter;
import org.apache.hadoop.fs.azurebfs.utils.EncryptionType;
import org.apache.hadoop.thirdparty.com.google.common.annotations.VisibleForTesting;
import org.apache.hadoop.thirdparty.com.google.common.base.Preconditions;
import org.apache.hadoop.thirdparty.com.google.common.base.Strings;
Expand Down Expand Up @@ -460,7 +463,7 @@ public void setFilesystemProperties(
}

public Hashtable<String, String> getPathStatus(final Path path,
TracingContext tracingContext) throws AzureBlobFileSystemException {
TracingContext tracingContext) throws IOException {
try (AbfsPerfInfo perfInfo = startTracking("getPathStatus", "getPathStatus")){
LOG.debug("getPathStatus for filesystem: {} path: {}",
client.getFileSystem(),
Expand All @@ -483,7 +486,7 @@ public Hashtable<String, String> getPathStatus(final Path path,

public void setPathProperties(final Path path,
final Hashtable<String, String> properties, TracingContext tracingContext)
throws AzureBlobFileSystemException {
throws IOException {
try (AbfsPerfInfo perfInfo = startTracking("setPathProperties", "setPathProperties")){
LOG.debug("setFilesystemProperties for filesystem: {} path: {} with properties: {}",
client.getFileSystem(),
Expand Down Expand Up @@ -554,13 +557,16 @@ public OutputStream createFile(final Path path,
triggerConditionalCreateOverwrite = true;
}

EncryptionAdapter encryptionAdapter = new EncryptionAdapter(
client.getEncryptionContextProvider(), getRelativePath(path));
AbfsRestOperation op;
if (triggerConditionalCreateOverwrite) {
op = conditionalCreateOverwriteFile(relativePath,
statistics,
isNamespaceEnabled ? getOctalNotation(permission) : null,
isNamespaceEnabled ? getOctalNotation(umask) : null,
isAppendBlob,
encryptionAdapter,
tracingContext
);

Expand All @@ -571,6 +577,7 @@ public OutputStream createFile(final Path path,
isNamespaceEnabled ? getOctalNotation(umask) : null,
isAppendBlob,
null,
encryptionAdapter,
tracingContext);

}
Expand All @@ -586,6 +593,7 @@ public OutputStream createFile(final Path path,
statistics,
relativePath,
0,
encryptionAdapter,
tracingContext));
}
}
Expand All @@ -606,15 +614,16 @@ private AbfsRestOperation conditionalCreateOverwriteFile(final String relativePa
final String permission,
final String umask,
final boolean isAppendBlob,
TracingContext tracingContext) throws AzureBlobFileSystemException {
EncryptionAdapter encryptionAdapter,
TracingContext tracingContext) throws IOException {
AbfsRestOperation op;

try {
// Trigger a create with overwrite=false first so that eTag fetch can be
// avoided for cases when no pre-existing file is present (major portion
// of create file traffic falls into the case of no pre-existing file).
op = client.createPath(relativePath, true, false, permission, umask,
isAppendBlob, null, tracingContext);
isAppendBlob, null, encryptionAdapter, tracingContext);

} catch (AbfsRestOperationException e) {
if (e.getStatusCode() == HttpURLConnection.HTTP_CONFLICT) {
Expand All @@ -639,7 +648,7 @@ private AbfsRestOperation conditionalCreateOverwriteFile(final String relativePa
try {
// overwrite only if eTag matches with the file properties fetched befpre
op = client.createPath(relativePath, true, true, permission, umask,
isAppendBlob, eTag, tracingContext);
isAppendBlob, eTag, encryptionAdapter, tracingContext);
} catch (AbfsRestOperationException ex) {
if (ex.getStatusCode() == HttpURLConnection.HTTP_PRECON_FAILED) {
// Is a parallel access case, as file with eTag was just queried
Expand Down Expand Up @@ -682,6 +691,7 @@ private AbfsOutputStreamContext populateAbfsOutputStreamContext(
FileSystem.Statistics statistics,
String path,
long position,
EncryptionAdapter encryptionAdapter,
TracingContext tracingContext) {
int bufferSize = abfsConfiguration.getWriteBufferSize();
if (isAppendBlob && bufferSize > FileSystemConfigurations.APPENDBLOB_MAX_WRITE_BUFFER_SIZE) {
Expand All @@ -697,6 +707,7 @@ private AbfsOutputStreamContext populateAbfsOutputStreamContext(
.withWriteMaxConcurrentRequestCount(abfsConfiguration.getWriteMaxConcurrentRequestCount())
.withMaxWriteRequestsToQueue(abfsConfiguration.getMaxWriteRequestsToQueue())
.withLease(lease)
.withEncryptionAdapter(encryptionAdapter)
.withBlockFactory(blockFactory)
.withBlockOutputActiveBlocks(blockOutputActiveBlocks)
.withClient(client)
Expand All @@ -711,7 +722,7 @@ private AbfsOutputStreamContext populateAbfsOutputStreamContext(

public void createDirectory(final Path path, final FsPermission permission,
final FsPermission umask, TracingContext tracingContext)
throws AzureBlobFileSystemException {
throws IOException {
try (AbfsPerfInfo perfInfo = startTracking("createDirectory", "createPath")) {
boolean isNamespaceEnabled = getIsNamespaceEnabled(tracingContext);
LOG.debug("createDirectory filesystem: {} path: {} permission: {} umask: {} isNamespaceEnabled: {}",
Expand All @@ -726,8 +737,8 @@ public void createDirectory(final Path path, final FsPermission permission,
final AbfsRestOperation op = client.createPath(getRelativePath(path),
false, overwrite,
isNamespaceEnabled ? getOctalNotation(permission) : null,
isNamespaceEnabled ? getOctalNotation(umask) : null, false, null,
tracingContext);
isNamespaceEnabled ? getOctalNotation(umask) : null, false,
null, null, tracingContext);
perfInfo.registerResult(op.getResult()).registerSuccess(true);
}
}
Expand All @@ -753,7 +764,9 @@ public AbfsInputStream openFileForRead(Path path,
String relativePath = getRelativePath(path);
String resourceType, eTag;
long contentLength;
if (fileStatus instanceof VersionedFileStatus) {
EncryptionAdapter encryptionAdapter = null;
if (fileStatus instanceof VersionedFileStatus
&& client.getEncryptionType() != EncryptionType.ENCRYPTION_CONTEXT) {
path = path.makeQualified(this.uri, path);
Preconditions.checkArgument(fileStatus.getPath().equals(path),
String.format(
Expand All @@ -764,9 +777,8 @@ public AbfsInputStream openFileForRead(Path path,
eTag = ((VersionedFileStatus) fileStatus).getVersion();
} else {
if (fileStatus != null) {
LOG.warn(
"Fallback to getPathStatus REST call as provided filestatus "
+ "is not of type VersionedFileStatus");
LOG.debug("Fallback to getPathStatus REST call as provided fileStatus "
+ "is not of type VersionedFileStatus, or file is encrypted");
}
AbfsHttpOperation op = client.getPathStatus(relativePath, false,
tracingContext).getResult();
Expand All @@ -775,6 +787,12 @@ public AbfsInputStream openFileForRead(Path path,
contentLength = Long.parseLong(
op.getResponseHeader(HttpHeaderConfigurations.CONTENT_LENGTH));
eTag = op.getResponseHeader(HttpHeaderConfigurations.ETAG);
if (client.getEncryptionType() == EncryptionType.ENCRYPTION_CONTEXT) {
encryptionAdapter = new EncryptionAdapter(
client.getEncryptionContextProvider(), getRelativePath(path),
op.getResponseHeader(HttpHeaderConfigurations.X_MS_ENCRYPTION_CONTEXT)
.getBytes(StandardCharsets.UTF_8));
}
}

if (parseIsDirectory(resourceType)) {
Expand All @@ -790,13 +808,13 @@ public AbfsInputStream openFileForRead(Path path,
// Add statistics for InputStream
return new AbfsInputStream(client, statistics, relativePath,
contentLength, populateAbfsInputStreamContext(
parameters.map(OpenFileParameters::getOptions)),
parameters.map(OpenFileParameters::getOptions), encryptionAdapter),
Copy link
Contributor

@steveloughran steveloughran Oct 6, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit, put on a new line

Copy link
Contributor

@saxenapranav saxenapranav Jan 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

made the change.

eTag, tracingContext);
}
}

private AbfsInputStreamContext populateAbfsInputStreamContext(
Optional<Configuration> options) {
Optional<Configuration> options, EncryptionAdapter encryptionAdapter) {
boolean bufferedPreadDisabled = options
.map(c -> c.getBoolean(FS_AZURE_BUFFERED_PREAD_DISABLE, false))
.orElse(false);
Expand All @@ -812,6 +830,7 @@ private AbfsInputStreamContext populateAbfsInputStreamContext(
abfsConfiguration.shouldReadBufferSizeAlways())
.withReadAheadBlockSize(abfsConfiguration.getReadAheadBlockSize())
.withBufferedPreadDisabled(bufferedPreadDisabled)
.withEncryptionAdapter(encryptionAdapter)
.build();
}

Expand Down Expand Up @@ -851,6 +870,12 @@ public OutputStream openFileForWrite(final Path path,
}

AbfsLease lease = maybeCreateLease(relativePath, tracingContext);
byte[] encryptionContext = op.getResult()
.getResponseHeader(HttpHeaderConfigurations.X_MS_ENCRYPTION_CONTEXT)
.getBytes(StandardCharsets.UTF_8);
EncryptionAdapter encryptionAdapter = new EncryptionAdapter(
client.getEncryptionContextProvider(), getRelativePath(path),
encryptionContext);

return new AbfsOutputStream(
populateAbfsOutputStreamContext(
Expand All @@ -860,6 +885,7 @@ public OutputStream openFileForWrite(final Path path,
statistics,
relativePath,
offset,
encryptionAdapter,
tracingContext));
}
}
Expand All @@ -877,8 +903,8 @@ public void breakLease(final Path path, final TracingContext tracingContext) thr
client.breakLease(getRelativePath(path), tracingContext);
}

public void rename(final Path source, final Path destination, TracingContext tracingContext) throws
AzureBlobFileSystemException {
public void rename(final Path source, final Path destination, TracingContext tracingContext)
throws IOException {
final Instant startAggregate = abfsPerfTracker.getLatencyInstant();
long countAggregate = 0;
boolean shouldContinue;
Expand Down Expand Up @@ -1590,16 +1616,38 @@ private void initializeClient(URI uri, String fileSystemName,
abfsConfiguration.getRawConfiguration());
}

// Encryption setup
EncryptionType encryptionType = EncryptionType.NONE;
EncryptionContextProvider encryptionContextProvider = null;
if (isSecure) {
encryptionContextProvider =
abfsConfiguration.initializeEncryptionContextProvider();
if (encryptionContextProvider != null) {
if (abfsConfiguration.getClientProvidedEncryptionKey() != null) {
throw new IOException(
Copy link
Contributor

@steveloughran steveloughran Oct 6, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

make PathIOException and include uri of the store

Copy link
Contributor

@saxenapranav saxenapranav Jan 5, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

refactored to have PathIOException

"Both global key and encryption context are set, only one allowed");
}
encryptionContextProvider.initialize(
abfsConfiguration.getRawConfiguration(), accountName,
fileSystemName);
encryptionType = EncryptionType.ENCRYPTION_CONTEXT;
} else if (abfsConfiguration.getClientProvidedEncryptionKey() != null) {
encryptionType = EncryptionType.GLOBAL_KEY;
}
}

LOG.trace("Initializing AbfsClient for {}", baseUrl);
if (tokenProvider != null) {
this.client = new AbfsClient(baseUrl, creds, abfsConfiguration,
tokenProvider,
tokenProvider, encryptionContextProvider,
populateAbfsClientContext());
} else {
this.client = new AbfsClient(baseUrl, creds, abfsConfiguration,
sasTokenProvider,
sasTokenProvider, encryptionContextProvider,
populateAbfsClientContext());
}
client.setEncryptionType(encryptionType);

LOG.trace("AbfsClient init complete");
}

Expand All @@ -1622,7 +1670,7 @@ private String getOctalNotation(FsPermission fsPermission) {
return String.format(AbfsHttpConstants.PERMISSION_FORMAT, fsPermission.toOctal());
}

private String getRelativePath(final Path path) {
public String getRelativePath(final Path path) {
Preconditions.checkNotNull(path, "path");
return path.toUri().getPath();
}
Expand All @@ -1640,7 +1688,8 @@ private boolean parseIsDirectory(final String resourceType) {
&& resourceType.equalsIgnoreCase(AbfsHttpConstants.DIRECTORY);
}

private String convertXmsPropertiesToCommaSeparatedString(final Hashtable<String, String> properties) throws
public String convertXmsPropertiesToCommaSeparatedString(final Hashtable<String,
Copy link
Contributor

@steveloughran steveloughran Oct 6, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are you making public? for testing, or for production. either way,

  1. time for some javadocs
  2. add a @VisibleForTesting if needed
  3. make the parameter a Map rather than Hashtable

Copy link
Contributor

@saxenapranav saxenapranav Jan 5, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Have made it package-protected.
  2. Added javadocs.
  3. added @VisibleForTesting annotation.
  4. Changed to Map rather than HashTable.

String> properties) throws
CharacterCodingException {
StringBuilder commaSeparatedProperties = new StringBuilder();

Expand Down
4 changes: 3 additions & 1 deletion ...hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/constants/ConfigurationKeys.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,7 +189,9 @@ public final class ConfigurationKeys {
/** Setting this true will make the driver use it's own RemoteIterator implementation */
public static final String FS_AZURE_ENABLE_ABFS_LIST_ITERATOR = "fs.azure.enable.abfslistiterator";
/** Server side encryption key */
public static final String FS_AZURE_CLIENT_PROVIDED_ENCRYPTION_KEY = "fs.azure.client-provided-encryption-key";
public static final String FS_AZURE_ENCRYPTION_CLIENT_PROVIDED_KEY = "fs.azure.encryption.client-provided-key";
/** Custom EncryptionContextProvider type */
public static final String FS_AZURE_ENCRYPTION_CONTEXT_PROVIDER_TYPE = "fs.azure.encryption.context.provider.type";

/** End point of ABFS account: {@value}. */
public static final String AZURE_ABFS_ENDPOINT = "fs.azure.abfs.endpoint";
Expand Down
1 change: 1 addition & 0 deletions ...azure/src/main/java/org/apache/hadoop/fs/azurebfs/constants/HttpHeaderConfigurations.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ public final class HttpHeaderConfigurations {
public static final String X_MS_ENCRYPTION_ALGORITHM = "x-ms-encryption-algorithm";
public static final String X_MS_REQUEST_SERVER_ENCRYPTED = "x-ms-request-server-encrypted";
public static final String X_MS_SERVER_ENCRYPTED = "x-ms-server-encrypted";
public static final String X_MS_ENCRYPTION_CONTEXT = "x-ms-encryption-context";
public static final String X_MS_LEASE_ACTION = "x-ms-lease-action";
public static final String X_MS_LEASE_DURATION = "x-ms-lease-duration";
public static final String X_MS_LEASE_ID = "x-ms-lease-id";
Expand Down
Loading