From a1b612bec241f686b920a22627fd29f8fa9848ce Mon Sep 17 00:00:00 2001 From: Sandeep Kumawat <2025sandeepkumawat@gmail.com> Date: Thu, 6 Jun 2024 13:34:16 +0530 Subject: [PATCH 1/2] Implement missing methods for EncryptedBlobStore and EncryptedBlobContainer Signed-off-by: Sandeep Kumawat <2025sandeepkumawat@gmail.com> --- .../common/blobstore/EncryptedBlobContainer.java | 9 +++++++++ .../opensearch/common/blobstore/EncryptedBlobStore.java | 5 +++++ .../remote/RemoteStoreCustomMetadataResolverTests.java | 4 ++-- .../opensearch/index/remote/RemoteStoreUtilsTests.java | 2 +- 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/server/src/main/java/org/opensearch/common/blobstore/EncryptedBlobContainer.java b/server/src/main/java/org/opensearch/common/blobstore/EncryptedBlobContainer.java index d0933741339d9..f58b99daec3c5 100644 --- a/server/src/main/java/org/opensearch/common/blobstore/EncryptedBlobContainer.java +++ b/server/src/main/java/org/opensearch/common/blobstore/EncryptedBlobContainer.java @@ -9,6 +9,7 @@ package org.opensearch.common.blobstore; import org.opensearch.common.CheckedBiConsumer; +import org.opensearch.common.annotation.ExperimentalApi; import org.opensearch.common.crypto.CryptoHandler; import org.opensearch.common.crypto.DecryptedRangedStreamProvider; import org.opensearch.common.crypto.EncryptedHeaderContentSupplier; @@ -50,6 +51,14 @@ public InputStream readBlob(String blobName) throws IOException { return cryptoHandler.createDecryptingStream(inputStream); } + @ExperimentalApi + @Override + public InputStreamWithMetadata readBlobWithMetadata(String blobName) throws IOException { + InputStreamWithMetadata inputStreamWithMetadata = blobContainer.readBlobWithMetadata(blobName); + InputStream decryptInputStream = cryptoHandler.createDecryptingStream(inputStreamWithMetadata.getInputStream()); + return new InputStreamWithMetadata(decryptInputStream, inputStreamWithMetadata.getMetadata()); + } + EncryptedHeaderContentSupplier getEncryptedHeaderContentSupplier(String blobName) { return (start, end) -> { byte[] buffer; diff --git a/server/src/main/java/org/opensearch/common/blobstore/EncryptedBlobStore.java b/server/src/main/java/org/opensearch/common/blobstore/EncryptedBlobStore.java index c41641921c822..1214c6cdc7373 100644 --- a/server/src/main/java/org/opensearch/common/blobstore/EncryptedBlobStore.java +++ b/server/src/main/java/org/opensearch/common/blobstore/EncryptedBlobStore.java @@ -95,6 +95,11 @@ public Map> extendedStats() { return blobStore.extendedStats(); } + @Override + public boolean isBlobMetadataEnabled() { + return blobStore.isBlobMetadataEnabled(); + } + /** * Closes the EncryptedBlobStore by decrementing the reference count of the CryptoManager and closing the * underlying BlobStore. This ensures proper cleanup of resources. diff --git a/server/src/test/java/org/opensearch/index/remote/RemoteStoreCustomMetadataResolverTests.java b/server/src/test/java/org/opensearch/index/remote/RemoteStoreCustomMetadataResolverTests.java index 7e702ad3773e8..abd115732c4db 100644 --- a/server/src/test/java/org/opensearch/index/remote/RemoteStoreCustomMetadataResolverTests.java +++ b/server/src/test/java/org/opensearch/index/remote/RemoteStoreCustomMetadataResolverTests.java @@ -187,7 +187,7 @@ public void testTranslogMetadataAllowedTrueWithMinVersionNewer() { when(blobStoreMock.isBlobMetadataEnabled()).thenReturn(true); RemoteStoreCustomMetadataResolver resolver = new RemoteStoreCustomMetadataResolver( remoteStoreSettings, - () -> Version.CURRENT, + () -> Version.V_2_15_0, () -> repositoriesService, settings ); @@ -200,7 +200,7 @@ public void testTranslogMetadataAllowedFalseWithMinVersionNewer() { RemoteStoreSettings remoteStoreSettings = new RemoteStoreSettings(settings, clusterSettings); RemoteStoreCustomMetadataResolver resolver = new RemoteStoreCustomMetadataResolver( remoteStoreSettings, - () -> Version.CURRENT, + () -> Version.V_2_15_0, () -> repositoriesService, settings ); diff --git a/server/src/test/java/org/opensearch/index/remote/RemoteStoreUtilsTests.java b/server/src/test/java/org/opensearch/index/remote/RemoteStoreUtilsTests.java index 59c3d3dccdd0f..15915ee431972 100644 --- a/server/src/test/java/org/opensearch/index/remote/RemoteStoreUtilsTests.java +++ b/server/src/test/java/org/opensearch/index/remote/RemoteStoreUtilsTests.java @@ -373,7 +373,7 @@ private static Metadata createIndexMetadataWithRemoteStoreSettings(String indexN Settings.builder() .put(IndexMetadata.SETTING_NUMBER_OF_SHARDS, 1) .put(IndexMetadata.SETTING_NUMBER_OF_REPLICAS, 1) - .put(IndexMetadata.SETTING_VERSION_CREATED, Version.CURRENT) + .put(IndexMetadata.SETTING_VERSION_CREATED, Version.V_2_15_0) .put(IndexMetadata.INDEX_REMOTE_STORE_ENABLED_SETTING.getKey(), true) .put(IndexMetadata.INDEX_REMOTE_TRANSLOG_REPOSITORY_SETTING.getKey(), "dummy-tlog-repo") .put(IndexMetadata.INDEX_REMOTE_SEGMENT_STORE_REPOSITORY_SETTING.getKey(), "dummy-segment-repo") From 60f45947ceb502240035bfa46e55778c6ca70afc Mon Sep 17 00:00:00 2001 From: Sandeep Kumawat <2025sandeepkumawat@gmail.com> Date: Mon, 10 Jun 2024 06:47:49 +0530 Subject: [PATCH 2/2] add unit tests Signed-off-by: Sandeep Kumawat <2025sandeepkumawat@gmail.com> --- .../EncryptedBlobContainerTests.java | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 server/src/test/java/org/opensearch/common/blobstore/EncryptedBlobContainerTests.java diff --git a/server/src/test/java/org/opensearch/common/blobstore/EncryptedBlobContainerTests.java b/server/src/test/java/org/opensearch/common/blobstore/EncryptedBlobContainerTests.java new file mode 100644 index 0000000000000..28772eaf79ee7 --- /dev/null +++ b/server/src/test/java/org/opensearch/common/blobstore/EncryptedBlobContainerTests.java @@ -0,0 +1,41 @@ + +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + */ + +package org.opensearch.common.blobstore; + +import org.opensearch.common.crypto.CryptoHandler; +import org.opensearch.test.OpenSearchTestCase; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.HashMap; + +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +public class EncryptedBlobContainerTests extends OpenSearchTestCase { + + public void testBlobContainerReadBlobWithMetadata() throws IOException { + BlobContainer blobContainer = mock(BlobContainer.class); + CryptoHandler cryptoHandler = mock(CryptoHandler.class); + EncryptedBlobContainer encryptedBlobContainer = new EncryptedBlobContainer(blobContainer, cryptoHandler); + InputStreamWithMetadata inputStreamWithMetadata = new InputStreamWithMetadata( + new ByteArrayInputStream(new byte[0]), + new HashMap<>() + ); + when(blobContainer.readBlobWithMetadata("test")).thenReturn(inputStreamWithMetadata); + InputStream decrypt = new ByteArrayInputStream(new byte[2]); + when(cryptoHandler.createDecryptingStream(inputStreamWithMetadata.getInputStream())).thenReturn(decrypt); + InputStreamWithMetadata result = encryptedBlobContainer.readBlobWithMetadata("test"); + assertEquals(result.getInputStream(), decrypt); + assertEquals(result.getMetadata(), inputStreamWithMetadata.getMetadata()); + } + +}