You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by GitBox <gi...@apache.org> on 2022/06/15 18:51:27 UTC
[GitHub] [flink] syhily opened a new pull request, #19973: [FLINK-28082][Connector/Pulsar] Add end-to-end encryption support for Pulsar connector.
syhily opened a new pull request, #19973:
URL: https://github.com/apache/flink/pull/19973
## What is the purpose of the change
Add the end-to-end encryption support for Pulsar.
## Brief change log
Add the CryptoKeyReader for both Pulsar source and sink. Add encryption config options to Pulsar sink.
## Verifying this change
This change added tests and can be verified as follows:
- TODO
## Does this pull request potentially affect one of the following parts:
- Dependencies (does it add or upgrade a dependency): (no)
- The public API, i.e., is any changed class annotated with `@Public(Evolving)`: (no)
- The serializers: (no)
- The runtime per-record code paths (performance sensitive): (no)
- Anything that affects deployment or recovery: JobManager (and its components), Checkpointing, Kubernetes/Yarn, ZooKeeper: (no)
- The S3 file system connector: (no)
## Documentation
- Does this pull request introduces a new feature? (yes)
- If yes, how is the feature documented? (JavaDocs)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@flink.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [flink] syhily commented on a diff in pull request #19973: [FLINK-28082][Connector/Pulsar] Add end-to-end encryption support for Pulsar connector.
Posted by GitBox <gi...@apache.org>.
syhily commented on code in PR #19973:
URL: https://github.com/apache/flink/pull/19973#discussion_r901426545
##########
flink-connectors/flink-connector-pulsar/src/main/java/org/apache/flink/connector/pulsar/source/PulsarSourceBuilder.java:
##########
@@ -369,6 +373,18 @@ public <T extends OUT> PulsarSourceBuilder<T> setDeserializationSchema(
return self;
}
+ /**
+ * Sets a {@link CryptoKeyReader}. Configure the key reader to be used to decrypt the message
+ * payloads.
+ *
+ * @param cryptoKeyReader CryptoKeyReader object
+ * @return this PulsarSourceBuilder.
+ */
+ public PulsarSourceBuilder<OUT> setCryptoKeyReader(CryptoKeyReader cryptoKeyReader) {
+ this.cryptoKeyReader = checkNotNull(cryptoKeyReader);
Review Comment:
Documentation should be added. You are right.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@flink.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [flink] flinkbot commented on pull request #19973: [FLINK-28082][Connector/Pulsar] Add end-to-end encryption support for Pulsar connector.
Posted by GitBox <gi...@apache.org>.
flinkbot commented on PR #19973:
URL: https://github.com/apache/flink/pull/19973#issuecomment-1156816241
<!--
Meta data
{
"version" : 1,
"metaDataEntries" : [ {
"hash" : "f2c2ed2a6537a36091a3c0da129537a523b08d16",
"status" : "UNKNOWN",
"url" : "TBD",
"triggerID" : "f2c2ed2a6537a36091a3c0da129537a523b08d16",
"triggerType" : "PUSH"
} ]
}-->
## CI report:
* f2c2ed2a6537a36091a3c0da129537a523b08d16 UNKNOWN
<details>
<summary>Bot commands</summary>
The @flinkbot bot supports the following commands:
- `@flinkbot run azure` re-run the last Azure build
</details>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@flink.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [flink] imaffe commented on a diff in pull request #19973: [FLINK-28082][Connector/Pulsar] Add end-to-end encryption support for Pulsar connector.
Posted by GitBox <gi...@apache.org>.
imaffe commented on code in PR #19973:
URL: https://github.com/apache/flink/pull/19973#discussion_r898643192
##########
flink-connectors/flink-connector-pulsar/src/main/java/org/apache/flink/connector/pulsar/source/PulsarSourceBuilder.java:
##########
@@ -369,6 +373,18 @@ public <T extends OUT> PulsarSourceBuilder<T> setDeserializationSchema(
return self;
}
+ /**
+ * Sets a {@link CryptoKeyReader}. Configure the key reader to be used to decrypt the message
+ * payloads.
+ *
+ * @param cryptoKeyReader CryptoKeyReader object
+ * @return this PulsarSourceBuilder.
+ */
+ public PulsarSourceBuilder<OUT> setCryptoKeyReader(CryptoKeyReader cryptoKeyReader) {
+ this.cryptoKeyReader = checkNotNull(cryptoKeyReader);
Review Comment:
Do we need to add e2e encryption in the documentation as well ? The cryptoKeyReader contains private key, I think we need to let users know what is the recommended/safe way to create a cryptoKeyReader~
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@flink.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [flink] syhily closed pull request #19973: [FLINK-28082][Connector/Pulsar] Add end-to-end encryption support for Pulsar connector.
Posted by GitBox <gi...@apache.org>.
syhily closed pull request #19973: [FLINK-28082][Connector/Pulsar] Add end-to-end encryption support for Pulsar connector.
URL: https://github.com/apache/flink/pull/19973
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@flink.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org