[BEAM-6292] PasswordDecrypter: Delay decryption / Avoid serialization#7339
Closed
mathieublanchard wants to merge 28 commits intoapache:masterfrom
happn-app:beam-6292
Closed
[BEAM-6292] PasswordDecrypter: Delay decryption / Avoid serialization#7339mathieublanchard wants to merge 28 commits intoapache:masterfrom happn-app:beam-6292
mathieublanchard wants to merge 28 commits intoapache:masterfrom
happn-app:beam-6292
Conversation
This allows for: - Copying when storage classes and locations differ. - Copying of larger files (multi-part calls). - Copying to a bucket with a default customer managed encryption key (CMEK). Also adds integration tests for copy and copy_batch.
…est to using PAssert This fixes a race condition in the tests when writing results to a static map.
We link both the registration invite and the #beam channel invite on the contact page. Most people clicked on the "Join" link which sent them to the #general channel after signing up in Slack. They would ask questions there which bothered some of the ~2000 channel ASF members. This makes it more obvious that users won't land in the #beam channel after signing up. It also strategically places the #beam channel link first.
[BEAM-6295] Fix versions in 2.8.0 Java dependencies table
[BEAM-6295] Fix versions in 2.7.0 Java dependencies table
…e class they are modified.
…rameterized tests
…ator classes in the same package as the class they access
…y reasons, Beam schema support must be explicitly enabled in these sources.
… instead of #general
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Currently, the password is decrypted before the serialization of the pipeline and this causes the raw version to be visible to everyone on the staging location.
To avoid this, we delayed the decryption of the password when connecting to the cluster, which ensures that the raw password is never serialized in the pipeline.
n.b. In our case, we use Google KMS to decrypt Cassandra's password
Post-Commit Tests Status (on master branch)