Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[#950] improvment(common): Add a method in ConfigEntry to support configurations with no default value #996

Closed
wants to merge 1 commit into from
Closed

[#950] improvment(common): Add a method in ConfigEntry to support configurations with no default value #996

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions common/src/main/java/com/datastrato/gravitino/config/ConfigEntry.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ public class ConfigEntry<T> {
@Getter private boolean isDeprecated;

private boolean isOptional;
private boolean isNoDefault;

/**
* Creates a new ConfigEntry instance.
Expand Down Expand Up @@ -101,6 +102,11 @@ void setOptional() {
this.isOptional = true;
}

/** Marks this configuration as no default value. */
void setNoDefault() {
this.isNoDefault = true;
}

/**
* Creates a new ConfigEntry instance based on this configuration entry with a default value.
*
Expand Down Expand Up @@ -134,6 +140,20 @@ public ConfigEntry<Optional<T>> createWithOptional() {
return conf;
}

/**
* Creates a new ConfigEntry instance based on this configuration entry with no default value.
*
* @return A new ConfigEntry instance with no default value.
*/
public ConfigEntry<T> createWithNoDefault() {
ConfigEntry<T> conf =
new ConfigEntry<>(key, version, doc, alternatives, isPublic, isDeprecated);
conf.setValueConverter(valueConverter);
conf.setStringConverter(stringConverter);
conf.setNoDefault();
return conf;
}

/**
* Reads the configuration value.
*
Expand All @@ -155,6 +175,8 @@ public T readFrom(Map<String, String> properties) throws NoSuchElementException
if (value == null) {
if (defaultValue != null) {
return defaultValue;
} else if (isNoDefault) {
return null;
} else if (!isOptional) {
throw new NoSuchElementException("No configuration found for key " + key);
}
Expand Down
28 changes: 14 additions & 14 deletions docs/security.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ GravitinoClient client = GravitinoClient.builder(uri)

Gravitino only supports external OAuth 2.0 servers.
First, users need to guarantee that the external correctly configured OAuth 2.0 server supports Bearer JWT.
Then, on the server side, users should set `gravitino.authenticator` as `oauth` and give `gravitino.authenticator.oauth.defaultSignKey`, `gravitino.authenticator.oauth.serverURI` and `gravitino.authenticator.oauth.tokenPath` a proper value.
Then, on the server side, users should set `gravitino.authenticator` as `oauth` and give `gravitino.authenticator.oauth.defaultSignKey`, `gravitino.authenticator.oauth.serverUri` and `gravitino.authenticator.oauth.tokenPath` a proper value.
qqqttt123 marked this conversation as resolved.
Show resolved Hide resolved
Next, for the client side, users can enable `OAuth` mode by the following code:

```java
Expand All @@ -49,9 +49,9 @@ GravitinoClient client = GravitinoClient.builder(uri)
| `gravitino.authenticator` | The authenticator which Gravitino uses, setting as `simple` or `oauth` | `simple` | 0.3.0 |
| `gravitino.authenticator.oauth.serviceAudience` | The audience name when Gravitino uses OAuth as the authenticator | `GravitinoServer` | 0.3.0 |
| `gravitino.authenticator.oauth.allowSkewSecs` | The JWT allows skew seconds when Gravitino uses OAuth as the authenticator | `0` | 0.3.0 |
| `gravitino.authenticator.oauth.defaultSignKey` | The signing key of JWT when Gravitino uses OAuth as the authenticator | `` | 0.3.0 |
| `gravitino.authenticator.oauth.serverUri` | The uri of the default OAuth server | `` | 0.3.0 |
| `gravitino.authenticator.oauth.tokenPath` | The path for token of the default OAuth server | `` | 0.3.0 |
| `gravitino.authenticator.oauth.defaultSignKey` | The signing key of JWT when Gravitino uses OAuth as the authenticator | none | 0.3.0 |
| `gravitino.authenticator.oauth.serverUri` | The uri of the default OAuth server | none | 0.3.0 |
| `gravitino.authenticator.oauth.tokenPath` | The path for token of the default OAuth server | none | 0.3.0 |

The signature algorithms that Gravitino supports follows:

Expand Down Expand Up @@ -81,31 +81,31 @@ Both Gravitino server and Iceberg REST service can configure HTTPS.
|-----------------------------------------------------|------------------------------------------------------------|---------------|---------------|
| `gravitino.server.webserver.enableHttps` | Enables https | `false` | 0.3.0 |
| `gravitino.server.webserver.httpsPort` | The https port number of the Jetty web server | `8433` | 0.3.0 |
| `gravitino.server.webserver.keyStorePath` | Path to the key store file | `` | 0.3.0 |
| `gravitino.server.webserver.keyStorePassword` | Password to the key store | `` | 0.3.0 |
| `gravitino.server.webserver.keyStorePath` | Path to the key store file | none | 0.3.0 |
| `gravitino.server.webserver.keyStorePassword` | Password to the key store | none | 0.3.0 |
| `gravitino.server.webserver.keyStoreType` | The type to the key store | `JKS` | 0.3.0 |
| `gravitino.server.webserver.managerPassword` | Manager password to the key store | `` | 0.3.0 |
| `gravitino.server.webserver.managerPassword` | Manager password to the key store | none | 0.3.0 |
| `gravitino.server.webserver.tlsProtocol` | TLS protocol to use. The protocol must be supported by JVM | none | 0.3.0 |
| `gravitino.server.webserver.enableCipherAlgorithms` | The collection of the cipher algorithms which are enabled. | `` | 0.3.0 |
| `gravitino.server.webserver.enableClientAuth` | Enables the authentication of the client | `false` | 0.3.0 |
| `gravitino.server.webserver.trustStorePath` | Path to the trust store file | `` | 0.3.0 |
| `gravitino.server.webserver.trustStorePassword` | Password to the trust store | `` | 0.3.0 |
| `gravitino.server.webserver.trustStorePath` | Path to the trust store file | none | 0.3.0 |
| `gravitino.server.webserver.trustStorePassword` | Password to the trust store | none | 0.3.0 |
| `gravitino.server.webserver.trustStoreType` | The type to the trust store | `JKS` | 0.3.0 |

### Iceberg REST service's configuration
| Configuration item | Description | Default value | Since version |
|------------------------------------------------------------|------------------------------------------------------------|---------------|---------------|
| `gravitino.auxService.iceberg-rest.enableHttps` | Enables https | `false` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.httpsPort` | The https port number of the Jetty web server | `8433` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStorePath` | Path to the key store file | `` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStorePassword` | Password to the key store | `` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStorePath` | Path to the key store file | none | 0.3.0 |
| `gravitino.auxService.iceberg-rest.keyStorePassword` | Password to the key store | none | 0.3.0 |
| `gravitino.uxService.iceberg-rest.keyStoreType` | The type to the key store | `JKS` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.managerPassword` | Manager password to the key store | `` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.managerPassword` | Manager password to the key store | none | 0.3.0 |
| `gravitino.auxService.iceberg-rest.tlsProtocol` | TLS protocol to use. The protocol must be supported by JVM | none | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableCipherAlgorithms` | The collection of the cipher algorithms which are enabled | `` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.enableClientAuth` | Enables the authentication of the client | `false` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStorePath` | Path to the trust store file | `` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStorePassword` | Password to the trust store | `` | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStorePath` | Path to the trust store file | none | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStorePassword` | Password to the trust store | none | 0.3.0 |
| `gravitino.auxService.iceberg-rest.trustStoreType` | The type to the trust store | `JKS` | 0.3.0 |

About `tlsProtocol`, the reference list of protocols can be found in the "Additional JSSE Standard Names" section of the Java security guide. The list for Java 8 can be found at [this](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#jssenames).
Expand Down
6 changes: 3 additions & 3 deletions server-common/src/main/java/com/datastrato/gravitino/server/auth/OAuthConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ public interface OAuthConfig extends Configs {
.doc("The sign key of jwt when Gravitino uses oauth as the authenticator")
.version("0.3.0")
.stringConf()
.createWithDefault("");
.createWithNoDefault();

ConfigEntry<String> SIGNATURE_ALGORITHM_TYPE =
new ConfigBuilder(OAUTH_CONFIG_PREFIX + "signAlgorithmType")
Expand All @@ -47,12 +47,12 @@ public interface OAuthConfig extends Configs {
.doc("The uri of the default OAuth server")
.version("0.3.0")
.stringConf()
.createWithDefault("");
.createWithNoDefault();

ConfigEntry<String> DEFAULT_TOKEN_PATH =
new ConfigBuilder(OAUTH_CONFIG_PREFIX + "tokenPath")
.doc("The path for token of the default OAuth server")
.version("0.3.0")
.stringConf()
.createWithDefault("");
.createWithNoDefault();
}
10 changes: 5 additions & 5 deletions server-common/src/main/java/com/datastrato/gravitino/server/web/JettyServerConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,21 +107,21 @@ public final class JettyServerConfig {
.doc("Path to the key store file")
.version("0.3.0")
.stringConf()
.createWithDefault("");
.createWithNoDefault();

public static final ConfigEntry<String> SSL_KEYSTORE_PASSWORD =
new ConfigBuilder("keyStorePassword")
.doc("Password to the key store")
.version("0.3.0")
.stringConf()
.createWithDefault("");
.createWithNoDefault();

public static final ConfigEntry<String> SSL_MANAGER_PASSWORD =
new ConfigBuilder("managerPassword")
.doc("Manager password to the key store")
.version("0.3.0")
.stringConf()
.createWithDefault("");
.createWithNoDefault();

public static final ConfigEntry<String> SSL_KEYSTORE_TYPE =
new ConfigBuilder("keyStoreType")
Expand Down Expand Up @@ -155,14 +155,14 @@ public final class JettyServerConfig {
.doc("Path to the trust store file")
.version("0.3.0")
.stringConf()
.createWithDefault("");
.createWithNoDefault();

public static final ConfigEntry<String> SSL_TRUST_STORE_PASSWORD =
new ConfigBuilder("trustStorePassword")
.doc("Password to the trust store")
.version("0.3.0")
.stringConf()
.createWithDefault("");
.createWithNoDefault();

public static final ConfigEntry<String> SSL_TRUST_STORE_TYPE =
new ConfigBuilder("trustStoreType")
Expand Down