HADOOP-18965. ITestS3AHugeFilesEncryption failure (#6261)

Followup to: HADOOP-18850 Enable dual-layer server-side encryption with AWS KMS keys (DSSE-KMS) Contributed by Steve Loughran
apache · Nov 24, 2023 · 476b90f · 476b90f
1 parent 88e760b
commit 476b90f
Showing 1 changed file with 19 additions and 7 deletions.
diff --git a/.../hadoop-aws/src/test/java/org/apache/hadoop/fs/s3a/scale/ITestS3AHugeFilesEncryption.java b/.../hadoop-aws/src/test/java/org/apache/hadoop/fs/s3a/scale/ITestS3AHugeFilesEncryption.java
@@ -25,13 +25,15 @@
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.fs.s3a.Constants;
 import org.apache.hadoop.fs.s3a.EncryptionTestUtils;
+import org.apache.hadoop.fs.s3a.S3AEncryptionMethods;
 import org.apache.hadoop.fs.s3a.S3AFileSystem;
 
 import static org.apache.hadoop.fs.s3a.Constants.S3_ENCRYPTION_ALGORITHM;
 import static org.apache.hadoop.fs.s3a.S3AEncryptionMethods.DSSE_KMS;
 import static org.apache.hadoop.fs.s3a.S3AEncryptionMethods.SSE_KMS;
 import static org.apache.hadoop.fs.s3a.S3ATestUtils.getTestBucketName;
 import static org.apache.hadoop.fs.s3a.S3ATestUtils.skipIfEncryptionNotSet;
+import static org.apache.hadoop.fs.s3a.S3AUtils.getEncryptionAlgorithm;
 import static org.apache.hadoop.fs.s3a.S3AUtils.getS3EncryptionKey;
 
 /**
@@ -61,20 +63,30 @@ protected String getBlockOutputBufferName() {
    */
   @Override
   protected boolean isEncrypted(S3AFileSystem fileSystem) {
-    Configuration c = new Configuration();
-    return StringUtils.isNotBlank(getS3EncryptionKey(getTestBucketName(c), c));
+    Configuration conf = new Configuration();
+    return StringUtils.isNotBlank(getS3EncryptionKey(getTestBucketName(conf), conf));
   }
 
+  /**
+   * This test suite will run if the algorithm is set to SSE_KMS or DSSE_KMS;
+   * the assertions validate this.
+   * @param hugeFile file to validate.
+   * @throws IOException problems with encryption lookup.
+   * @throws AssertionError if the encryption is not as expected.
+   */
   @Override
   protected void assertEncrypted(Path hugeFile) throws IOException {
-    Configuration c = new Configuration();
-    String kmsKey = getS3EncryptionKey(getTestBucketName(c), c);
-    if (SSE_KMS.getMethod().equals(c.get(S3_ENCRYPTION_ALGORITHM))) {
+    Configuration conf = new Configuration();
+
+    final String bucket = getTestBucketName(conf);
+    String kmsKey = getS3EncryptionKey(bucket, conf);
+    final S3AEncryptionMethods algorithm = getEncryptionAlgorithm(bucket, conf);
+    if (SSE_KMS.equals(algorithm)) {
       EncryptionTestUtils.assertEncrypted(getFileSystem(), hugeFile, SSE_KMS, kmsKey);
-    } else if (DSSE_KMS.getMethod().equals(c.get(S3_ENCRYPTION_ALGORITHM))) {
+    } else if (DSSE_KMS.equals(algorithm)) {
       EncryptionTestUtils.assertEncrypted(getFileSystem(), hugeFile, DSSE_KMS, kmsKey);
     } else {
-      throw new AssertionError("Invalid encryption configured");
+      throw new AssertionError("Invalid encryption configured: " + algorithm);
     }
   }
 }