pass catalog sensitive info when create fluss catalog #1937
Conversation
luoyuxia
left a comment
luoyuxia
left a comment
There was a problem hiding this comment.
@xx789633 Thanks for the pr. But it should allow pass all options instead of sensitive table options only. I image some thing like:
create catalog t1 with (
'paimon.k1' = 'v1',
'paimon.k2 = 'v2'
)
to enable pass 'k1' = 'v1' as well as 'k2 = 'v2
|
You are correct @luoyuxia . Let me rename it. |
| helper.validateExcept( | ||
| Stream.concat( | ||
| Stream.of(CLIENT_SECURITY_PREFIX), | ||
| Arrays.stream(DataLakeFormat.values()) | ||
| .map(DataLakeFormat::toString)) | ||
| .toArray(String[]::new)); |
There was a problem hiding this comment.
I suggest to make it extensiable. Thus if the subclass want to support new configs, they don't need to overwrite createCatalog.
protected static final List<String> ALLOW_CATALOG_CONFIG_PREFIX = new ArrayList<>();
static {
ALLOW_CATALOG_CONFIG_PREFIX.add(CLIENT_SECURITY_PREFIX);
// support lake catalog options
for (DataLakeFormat value : DataLakeFormat.values()) {
ALLOW_CATALOG_CONFIG_PREFIX.add(value.toString());
}
}There was a problem hiding this comment.
Good suggestion. Done.
| Collections.singletonList(ConfigOptions.TABLE_DATALAKE_ENABLED.key()); | ||
| } | ||
|
|
||
| public static final Set<String> SENSITIVE_TABLE_OPTIONS = new HashSet<>(); |
There was a problem hiding this comment.
it seems similar configs like ALTERABLE_TABLE_OPTIONS are all in this file.
There was a problem hiding this comment.
But currently, I don't want to expose them in FlussConfigUtils...
| .collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue)); | ||
| } | ||
|
|
||
| public static <V> Map<String, V> extractPrefix( |
There was a problem hiding this comment.
why introducr a new method? Can't we reuse extractPrefix(Map<String, V> originalMap, String prefix)?
There was a problem hiding this comment.
I suggest to handle in FlinkCatalogFactory. The method is hard to reuse...
There was a problem hiding this comment.
done. just reuse extractPrefix(Map<String, V> originalMap, String prefix).
| + "' is set."); | ||
| } | ||
| String dataLakePrefix = lakeFormat.toString() + "."; | ||
| Map<String, String> catalogProperties = |
There was a problem hiding this comment.
Can be
Map<String, String> catalogProperties =
PropertiesUtils.extractAndRemovePrefix(
lakeCatalogProperties, lakeFormat + ".");
?
| securityMap.put("client.security.sasl.username", "root"); | ||
| securityMap.put("client.security.sasl.password", "password"); | ||
|
|
||
| Map<String, String> lakeCatalogMap = new HashMap<>(); |
There was a problem hiding this comment.
add test in FlinkCatalogITCase to verify SQL can pass the properties.
There was a problem hiding this comment.
a new test testCreateCatalogWithLakeProperties is added.
| protected final String bootstrapServers; | ||
| protected final Map<String, String> securityConfigs; | ||
| protected final LakeFlinkCatalog lakeFlinkCatalog; | ||
| protected final Map<String, String> lakeCatalogProperties; |
There was a problem hiding this comment.
Could you please make lakeCatalogProperties to be Supplier<Map<String, String>> lakeCatalogPropertiesProvider. The reason it that it make it more plugable. In our inner use, we will retrieve the lake catalog related from flink conf, but we only want to do the retrieve if it's required.
|
doc is updated. please take a look @luoyuxia |
| Map<String, String> securityConfigs) { | ||
| super(name, defaultDatabase, bootstrapServers, classLoader, securityConfigs); | ||
| Map<String, String> securityConfigs, | ||
| Supplier<Map<String, String>> lakeCatalogProperties) { |
There was a problem hiding this comment.
| Supplier<Map<String, String>> lakeCatalogProperties) { | |
| Supplier<Map<String, String>> lakeCatalogPropertiesSupplier) { |
| String bootstrapServers, | ||
| ClassLoader classLoader, | ||
| Map<String, String> securityConfigs, | ||
| Supplier<Map<String, String>> lakeCatalogProperties, |
| protected final String bootstrapServers; | ||
| protected final Map<String, String> securityConfigs; | ||
| protected final LakeFlinkCatalog lakeFlinkCatalog; | ||
| protected final Supplier<Map<String, String>> lakeCatalogProperties; |
| objectPath.getDatabaseName(), | ||
| tableName, | ||
| tableInfo.getProperties(), | ||
| lakeCatalogProperties); |
There was a problem hiding this comment.
nit: we can get in here directly
lakeCatalogProperties.get()
There was a problem hiding this comment.
Acquiring the properties here will frequently invoke the supplier function and bring some overhead. Actually, the properties are only needed when creating the lake catalog.
| } | ||
|
|
||
| @VisibleForTesting | ||
| public Supplier<Map<String, String>> getLakeCatalogProperties() { |
There was a problem hiding this comment.
| public Supplier<Map<String, String>> getLakeCatalogProperties() { | |
| public Map<String, String> getLakeCatalogProperties() { |
…nk catalog (apache#1937)" This reverts commit 35d92c5.
…nk catalog (apache#1937)" This reverts commit 35d92c5.
3 participants
Purpose
Linked issue: close #1903
Brief change log
Tests
API and Format
Documentation