Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature][python-client]support python end to end encryption #9588

Merged
merged 6 commits into from Feb 18, 2021
Merged

[feature][python-client]support python end to end encryption #9588

merged 6 commits into from Feb 18, 2021

Conversation

tuteng
Copy link
Member

@tuteng tuteng commented Feb 15, 2021

Motivation

After supporting end-to-end encryption for nodejs, consider supporting end-to-end encryption for python clients.

Modifications

  • Add static method create for DefaultCryptoKeyReader
  • Add ConsumerConfiguration_setCryptoKeyReader and ProducerConfiguration_setCryptoKeyReader
  • Add class CryptoKeyReader
  • Add python integration test

Verifying this change

  • Add test

(Please pick either of the following options)

This change is a trivial rework / code cleanup without any test coverage.

(or)

This change is already covered by existing tests, such as (please describe tests).

(or)

This change added tests and can be verified as follows:

(example:)

  • Added integration tests for end-to-end deployment with large payloads (10MB)
  • Extended integration test for recovery after broker failure

Does this pull request potentially affect one of the following parts:

If yes was chosen, please highlight the changes

  • Dependencies (does it add or upgrade a dependency): (yes / no)
  • The public API: (yes / no)
  • The schema: (yes / no / don't know)
  • The default values of configurations: (yes / no)
  • The wire protocol: (yes / no)
  • The rest endpoints: (yes / no)
  • The admin cli options: (yes / no)
  • Anything that affects deployment: (yes / no / don't know)

Documentation

  • Does this pull request introduce a new feature? (yes / no)
  • If yes, how is the feature documented? (not applicable / docs / JavaDocs / not documented)
  • If a feature is not applicable for documentation, explain why?
  • If a feature is not documented yet in this PR, please create a followup issue for adding the documentation

@tuteng tuteng self-assigned this Feb 15, 2021
@tuteng tuteng added component/c++ area/security doc-required Your PR changes impact docs and you will update later. labels Feb 15, 2021
@tuteng tuteng added this to the 2.8.0 milestone Feb 15, 2021
@tuteng tuteng changed the title [feature][python]support python end to end encryption [feature][python-client]support python end to end encryption Feb 15, 2021
@sijie
Copy link
Member

sijie commented Feb 16, 2021

@BewareMyPower Can you also review this?

@tuteng
Copy link
Member Author

tuteng commented Feb 16, 2021

cpp tls test failed

Handshake failed: certificate verify failed
Which is: Ok
[  FAILED  ] AuthPluginTest.testTls (111 ms)
[----------] 1 test from AuthPluginTest (111 ms total)

[----------] Global test environment tear-down
[==========] 1 test from 1 test case ran. (111 ms total)
[  PASSED  ] 0 tests.
[  FAILED  ] 1 test, listed below:
[  FAILED  ] AuthPluginTest.testTls

[  FAILED  ] AuthPluginTest.testTlsDetectPulsarSsl (128 ms)
[----------] 1 test from AuthPluginTest (128 ms total)

[----------] Global test environment tear-down
[==========] 1 test from 1 test case ran. (128 ms total)
[  PASSED  ] 0 tests.
[  FAILED  ] 1 test, listed below:
[  FAILED  ] AuthPluginTest.testTlsDetectPulsarSsl

@tuteng
Copy link
Member Author

tuteng commented Feb 16, 2021

/pulsarbot run-failure-checks

@tuteng
Copy link
Member Author

tuteng commented Feb 18, 2021

@merlimat PTAL

@tuteng
Copy link
Member Author

tuteng commented Feb 18, 2021

/pulsarbot run-failure-checks

1 similar comment
@tuteng
Copy link
Member Author

tuteng commented Feb 18, 2021

/pulsarbot run-failure-checks

@tuteng
Copy link
Member Author

tuteng commented Feb 18, 2021

ping @merlimat PTAL

@merlimat merlimat merged commit cf63ae8 into apache:master Feb 18, 2021
@codelipenghui codelipenghui added the cherry-picked/branch-2.7 Archived: 2.7 is end of life label Feb 19, 2021
codelipenghui pushed a commit that referenced this pull request Feb 19, 2021
@tuteng @codelipenghui
[feature][python-client]support python end to end encryption (#9588)
8cbd222 
* Support python end to end encryption

* Add test

* Add document for new args

* Fixed test by use absolute path

(cherry picked from commit cf63ae8)
@Anonymitaet Anonymitaet mentioned this pull request Feb 25, 2021
Merged
@Anonymitaet Anonymitaet removed the doc-required Your PR changes impact docs and you will update later. label Mar 3, 2021
@nlu90 nlu90 mentioned this pull request Mar 18, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@merlimat merlimat merlimat approved these changes

@sijie sijie sijie approved these changes

@BewareMyPower BewareMyPower BewareMyPower approved these changes

@jiazhai jiazhai Awaiting requested review from jiazhai

@hangc0276 hangc0276 Awaiting requested review from hangc0276

@codelipenghui codelipenghui Awaiting requested review from codelipenghui

Assignees

@tuteng tuteng

Labels
area/security cherry-picked/branch-2.7 Archived: 2.7 is end of life release/2.7.1
Projects
None yet
Milestone
2.8.0
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@tuteng @sijie @merlimat @BewareMyPower @codelipenghui @zymap @Anonymitaet