You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@hudi.apache.org by "nsivabalan (via GitHub)" <gi...@apache.org> on 2023/01/24 23:12:02 UTC

[GitHub] [hudi] nsivabalan commented on a diff in pull request #7576: [HUDI-4991] Allow kafka-like configs to set truststore and keystore for the SchemaProvider

nsivabalan commented on code in PR #7576:
URL: https://github.com/apache/hudi/pull/7576#discussion_r1086036213


##########
hudi-utilities/src/main/java/org/apache/hudi/utilities/schema/SchemaRegistryProvider.java:
##########
@@ -94,6 +121,33 @@ protected InputStream getStream(HttpURLConnection connection) throws IOException
   public SchemaRegistryProvider(TypedProperties props, JavaSparkContext jssc) {
     super(props, jssc);
     DataSourceUtils.checkRequiredProperties(props, Collections.singletonList(Config.SRC_SCHEMA_REGISTRY_URL_PROP));
+    if (config.containsKey(Config.SSL_KEYSTORE_LOCATION_PROP)
+        || config.containsKey(Config.SSL_TRUSTSTORE_LOCATION_PROP)) {
+      setUpSSLStores();
+    }
+  }
+
+  private void setUpSSLStores() {
+    SSLContextBuilder sslContextBuilder = SSLContexts.custom();
+    try {
+      if (config.containsKey(Config.SSL_TRUSTSTORE_LOCATION_PROP)) {
+        sslContextBuilder.loadTrustMaterial(
+            new File(config.getString(Config.SSL_TRUSTSTORE_LOCATION_PROP)),
+            config.getString(Config.SSL_TRUSTSTORE_PASSWORD_PROP).toCharArray(),
+            new TrustSelfSignedStrategy());
+      }
+      if (config.containsKey(Config.SSL_KEYSTORE_LOCATION_PROP)) {
+        sslContextBuilder.loadKeyMaterial(
+            new File(config.getString(Config.SSL_KEYSTORE_LOCATION_PROP)),
+            config.getString(Config.SSL_KEYSTORE_PASSWORD_PROP).toCharArray(),
+            config.getString(Config.SSL_KEY_PASSWORD_PROP).toCharArray()
+        );
+      }
+      sslSocketFactory = sslContextBuilder.build().getSocketFactory();
+    } catch (UnrecoverableKeyException | IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | KeyManagementException e) {
+      throw new RuntimeException(e);

Review Comment:
   +1



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@hudi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org