ccl: debug encryption-active-key command to show active store key ID. #35234
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Given a data directory, this displays the active store key ID and encryption algorithm in use. Unlike `debug encryption-status`, this command does not open the rocksdb instance and therefore does not require knowing the encryption key. This makes it useful to determine the encryption status with zero knowledge. Sample outputs: ``` $ cockroach debug encryption-active-key foobar Error: data directory foobar does not exist: stat foobar: no such file or directory Failed running "debug encryption-active-key" $ cockroach debug encryption-active-key cockroach-noencryption/ Plaintext: $ cockroach debug encryption-active-key cockroach-plain/ Plaintext: $ cockroach debug encryption-active-key cockroach-data AES128_CTR:be235c29239aa84a48e5e1874d76aebf7fb3c1bdc438cec2eb98de82f06a57a0 ``` Release note (enterprise change): add debug encryption-active-key command
|
This change is |
bdarnell
approved these changes
Feb 27, 2019
There was a problem hiding this comment.
Reviewed 1 of 1 files at r1.
Reviewable status:complete! 0 of 0 LGTMs obtained
|
bors r+ |
craig bot
pushed a commit
that referenced
this pull request
Feb 27, 2019
35126: sql: don't double call ConsumerClosed in wrapped local plans r=jordanlewis a=jordanlewis Previously, if someone double-closed a planNode tree containing a wrapped distsql plan, that might double close a RowChannel, which is illegal. Add a protection against that. Release note: None 35234: ccl: debug encryption-active-key command to show active store key ID. r=mberhault a=mberhault Given a data directory, this displays the active store key ID and encryption algorithm in use. Unlike `debug encryption-status`, this command does not open the rocksdb instance and therefore does not require knowing the encryption key. This makes it useful to determine the encryption status with zero knowledge. Sample outputs: ``` $ cockroach debug encryption-active-key foobar Error: data directory foobar does not exist: stat foobar: no such file or directory Failed running "debug encryption-active-key" $ cockroach debug encryption-active-key cockroach-noencryption/ Plaintext: $ cockroach debug encryption-active-key cockroach-plain/ Plaintext: $ cockroach debug encryption-active-key cockroach-data AES128_CTR:be235c29239aa84a48e5e1874d76aebf7fb3c1bdc438cec2eb98de82f06a57a0 ``` Release note (enterprise change): add debug encryption-active-key command Co-authored-by: Jordan Lewis <jordanthelewis@gmail.com> Co-authored-by: marc <marc@cockroachlabs.com>
Build succeeded |
This was referenced Mar 7, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Given a data directory, this displays the active store key ID and
encryption algorithm in use.
Unlike
debug encryption-status, this command does not open therocksdb instance and therefore does not require knowing the encryption
key. This makes it useful to determine the encryption status with zero
knowledge.
Sample outputs:
Release note (enterprise change): add debug encryption-active-key
command