Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add additional S3 FileIO Attributes #505

Merged
merged 2 commits into from
Jul 30, 2024
Merged

Add additional S3 FileIO Attributes #505

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f687062
Add additional S3 FileIO Attributes
c-thiel Jul 30, 2024
47a3542
Remove custom S3SSEType
c-thiel Jul 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion crates/iceberg/src/io/storage.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ impl Storage {
#[cfg(feature = "storage-s3")]
Scheme::S3 => Ok(Self::S3 {
scheme_str,
config: super::s3_config_parse(props).into(),
config: super::s3_config_parse(props)?.into(),
}),
_ => Err(Error::new(
ErrorKind::FeatureUnsupported,
Expand Down
73 changes: 71 additions & 2 deletions crates/iceberg/src/io/storage_s3.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
// under the License.

use std::collections::HashMap;
use std::str::FromStr;

use opendal::services::S3Config;
use opendal::Operator;
Expand All @@ -32,9 +33,53 @@ pub const S3_ACCESS_KEY_ID: &str = "s3.access-key-id";
pub const S3_SECRET_ACCESS_KEY: &str = "s3.secret-access-key";
/// S3 region.
pub const S3_REGION: &str = "s3.region";
/// S3 Path Style Access.
pub const S3_PATH_STYLE_ACCESS: &str = "s3.path-style-access";
/// S3 Server Side Encryption Type.
pub const S3_SSE_TYPE: &str = "s3.sse.type";
/// S3 Server Side Encryption Key.
/// If S3 encryption type is kms, input is a KMS Key ID.
/// In case this property is not set, default key "aws/s3" is used.
/// If encryption type is custom, input is a custom base-64 AES256 symmetric key.
pub const S3_SSE_KEY: &str = "s3.sse.key";
/// S3 Server Side Encryption MD5.
pub const S3_SSE_MD5: &str = "s3.sse.md5";

/// S3 Server Side Encryption types
#[derive(Debug, Clone, PartialEq, Hash)]
pub enum S3SSEType {
/// S3 SSE-C, using customer managed keys. https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
Custom,
/// S3 SSE KMS, either using default or custom KMS key. https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html
KMS,
/// S3 SSE-S3 encryption (S3 managed keys). https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
S3,
/// No Server Side Encryption
None,
}

impl FromStr for S3SSEType {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This logic will never be used outsides. How about using plain string like the following instead? In this way, we can aovid duplicated logic about match.

if let Some(sse_type) = m.remove(S3_SSE_TYPE) {
        match &sse_type.to_lower() {
            "none" => {}
            "s3" => {
                cfg.server_side_encryption = Some("AES256".to_string());
            }
            "kms" => {
                cfg.server_side_encryption = Some("aws:kms".to_string());
                cfg.server_side_encryption_aws_kms_key_id = s3_sse_key;
            }
            "custom" => {
                cfg.server_side_encryption_customer_algorithm = Some("AES256".to_string());
                cfg.server_side_encryption_customer_key = s3_sse_key;
                cfg.server_side_encryption_customer_key_md5 = m.remove(S3_SSE_MD5);
            }
        }
    };

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Addressed in latest commit

type Err = Error;

fn from_str(s: &str) -> Result<Self> {
match s {
"custom" => Ok(Self::Custom),
"kms" => Ok(Self::KMS),
"s3" => Ok(Self::S3),
"none" => Ok(Self::None),
_ => Err(Error::new(
ErrorKind::DataInvalid,
format!(
"Invalid {}: {}. Expected one of (custom, kms, s3, none)",
S3_SSE_TYPE, s
),
)),
}
}
}

/// Parse iceberg props to s3 config.
pub(crate) fn s3_config_parse(mut m: HashMap<String, String>) -> S3Config {
pub(crate) fn s3_config_parse(mut m: HashMap<String, String>) -> Result<S3Config> {
let mut cfg = S3Config::default();
if let Some(endpoint) = m.remove(S3_ENDPOINT) {
cfg.endpoint = Some(endpoint);
Expand All @@ -48,8 +93,32 @@ pub(crate) fn s3_config_parse(mut m: HashMap<String, String>) -> S3Config {
if let Some(region) = m.remove(S3_REGION) {
cfg.region = Some(region);
};
if let Some(path_style_access) = m.remove(S3_PATH_STYLE_ACCESS) {
if ["true", "True", "1"].contains(&path_style_access.as_str()) {
cfg.enable_virtual_host_style = true;
}
};
let s3_sse_key = m.remove(S3_SSE_KEY);
if let Some(sse_type) = m.remove(S3_SSE_TYPE) {
let sse_type = sse_type.parse()?;
match sse_type {
S3SSEType::None => {}
S3SSEType::S3 => {
cfg.server_side_encryption = Some("AES256".to_string());
}
S3SSEType::KMS => {
cfg.server_side_encryption = Some("aws:kms".to_string());
cfg.server_side_encryption_aws_kms_key_id = s3_sse_key;
}
S3SSEType::Custom => {
cfg.server_side_encryption_customer_algorithm = Some("AES256".to_string());
cfg.server_side_encryption_customer_key = s3_sse_key;
cfg.server_side_encryption_customer_key_md5 = m.remove(S3_SSE_MD5);
}
}
};

cfg
Ok(cfg)
}

/// Build new opendal operator from give path.
Expand Down
Loading