From ea9c3d706b1978ddf2b586ba701d45cdf3faec75 Mon Sep 17 00:00:00 2001 From: Haotian Zhang <928016560@qq.com> Date: Mon, 16 Oct 2023 19:10:47 +0800 Subject: [PATCH 1/2] feat:support configuration encryption. --- CHANGELOG.md | 1 + .../polaris/config/ConfigurationModifier.java | 14 +++++++ ...larisConfigBootstrapAutoConfiguration.java | 10 ++++- .../config/PolarisCryptoConfigProperties.java | 41 +++++++++++++++++++ ...itional-spring-configuration-metadata.json | 7 ++++ 5 files changed, 72 insertions(+), 1 deletion(-) create mode 100644 spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/config/PolarisCryptoConfigProperties.java diff --git a/CHANGELOG.md b/CHANGELOG.md index 38723b9f3..9bc7ebab7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,3 +15,4 @@ - [feat: add circuit breaker actuator.](https://github.com/Tencent/spring-cloud-tencent/pull/1171) - [feat: add metadata transfer for http header via spring.cloud.tencent.metadata.headers.](https://github.com/Tencent/spring-cloud-tencent/pull/1175) - [fix:remove bcprov-jdk15on dependency.](https://github.com/Tencent/spring-cloud-tencent/pull/1179) +- [feat:support configuration encryption.](https://github.com/Tencent/spring-cloud-tencent/pull/1182) diff --git a/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/ConfigurationModifier.java b/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/ConfigurationModifier.java index 8513ecf7f..4b53d8305 100644 --- a/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/ConfigurationModifier.java +++ b/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/ConfigurationModifier.java @@ -19,14 +19,17 @@ package com.tencent.cloud.polaris.config; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import com.tencent.cloud.common.constant.OrderConstant; import com.tencent.cloud.common.util.AddressUtils; import com.tencent.cloud.polaris.config.config.PolarisConfigProperties; +import com.tencent.cloud.polaris.config.config.PolarisCryptoConfigProperties; import com.tencent.cloud.polaris.context.PolarisConfigModifier; import com.tencent.cloud.polaris.context.config.PolarisContextProperties; import com.tencent.polaris.factory.config.ConfigurationImpl; +import com.tencent.polaris.factory.config.configuration.ConfigFilterConfigImpl; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -47,11 +50,15 @@ public class ConfigurationModifier implements PolarisConfigModifier { private final PolarisConfigProperties polarisConfigProperties; + private final PolarisCryptoConfigProperties polarisCryptoConfigProperties; + private final PolarisContextProperties polarisContextProperties; public ConfigurationModifier(PolarisConfigProperties polarisConfigProperties, + PolarisCryptoConfigProperties polarisCryptoConfigProperties, PolarisContextProperties polarisContextProperties) { this.polarisConfigProperties = polarisConfigProperties; + this.polarisCryptoConfigProperties = polarisCryptoConfigProperties; this.polarisContextProperties = polarisContextProperties; } @@ -66,6 +73,13 @@ else if (StringUtils.equalsIgnoreCase(polarisConfigProperties.getDataSource(), D else { throw new RuntimeException("Unsupported config data source"); } + + ConfigFilterConfigImpl configFilterConfig = configuration.getConfigFile().getConfigFilterConfig(); + configFilterConfig.setEnable(polarisCryptoConfigProperties.isEnabled()); + if (polarisCryptoConfigProperties.isEnabled()) { + configFilterConfig.getChain().add("crypto"); + configFilterConfig.getPlugin().put("crypto", Collections.singletonMap("type", "AES")); + } } private void initByLocalDataSource(ConfigurationImpl configuration) { diff --git a/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/PolarisConfigBootstrapAutoConfiguration.java b/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/PolarisConfigBootstrapAutoConfiguration.java index 925342f9c..2383cbf6b 100644 --- a/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/PolarisConfigBootstrapAutoConfiguration.java +++ b/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/PolarisConfigBootstrapAutoConfiguration.java @@ -23,6 +23,7 @@ import com.tencent.cloud.polaris.config.adapter.PolarisPropertySourceManager; import com.tencent.cloud.polaris.config.condition.ConditionalOnReflectRefreshType; import com.tencent.cloud.polaris.config.config.PolarisConfigProperties; +import com.tencent.cloud.polaris.config.config.PolarisCryptoConfigProperties; import com.tencent.cloud.polaris.context.PolarisSDKContextManager; import com.tencent.cloud.polaris.context.config.PolarisContextAutoConfiguration; import com.tencent.cloud.polaris.context.config.PolarisContextProperties; @@ -54,6 +55,12 @@ public PolarisConfigProperties polarisProperties() { } @Bean + public PolarisCryptoConfigProperties polarisCryptoConfigProperties() { + return new PolarisCryptoConfigProperties(); + } + + @Bean + @ConditionalOnMissingBean public PolarisPropertySourceManager polarisPropertySourceManager() { return new PolarisPropertySourceManager(); } @@ -80,8 +87,9 @@ public PolarisConfigFileLocator polarisConfigFileLocator( @Bean @ConditionalOnConnectRemoteServerEnabled public ConfigurationModifier configurationModifier(PolarisConfigProperties polarisConfigProperties, + PolarisCryptoConfigProperties polarisCryptoConfigProperties, PolarisContextProperties polarisContextProperties) { - return new ConfigurationModifier(polarisConfigProperties, polarisContextProperties); + return new ConfigurationModifier(polarisConfigProperties, polarisCryptoConfigProperties, polarisContextProperties); } @Bean diff --git a/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/config/PolarisCryptoConfigProperties.java b/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/config/PolarisCryptoConfigProperties.java new file mode 100644 index 000000000..3d891ee4d --- /dev/null +++ b/spring-cloud-starter-tencent-polaris-config/src/main/java/com/tencent/cloud/polaris/config/config/PolarisCryptoConfigProperties.java @@ -0,0 +1,41 @@ +/* + * Tencent is pleased to support the open source community by making Spring Cloud Tencent available. + * + * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. + * + * Licensed under the BSD 3-Clause License (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://opensource.org/licenses/BSD-3-Clause + * + * Unless required by applicable law or agreed to in writing, software distributed + * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR + * CONDITIONS OF ANY KIND, either express or implied. See the License for the + * specific language governing permissions and limitations under the License. + * + */ +package com.tencent.cloud.polaris.config.config; + +import org.springframework.boot.context.properties.ConfigurationProperties; + +/** + * polaris config module bootstrap configs. + * + * @author lepdou 2022-03-10 + */ +@ConfigurationProperties("spring.cloud.polaris.config.crypto") +public class PolarisCryptoConfigProperties { + /** + * Whether to open the configuration crypto. + */ + private boolean enabled = true; + + public boolean isEnabled() { + return enabled; + } + + public void setEnabled(boolean enabled) { + this.enabled = enabled; + } +} diff --git a/spring-cloud-starter-tencent-polaris-config/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/spring-cloud-starter-tencent-polaris-config/src/main/resources/META-INF/additional-spring-configuration-metadata.json index b70a467c7..f0c000ff2 100644 --- a/spring-cloud-starter-tencent-polaris-config/src/main/resources/META-INF/additional-spring-configuration-metadata.json +++ b/spring-cloud-starter-tencent-polaris-config/src/main/resources/META-INF/additional-spring-configuration-metadata.json @@ -83,6 +83,13 @@ "type": "java.lang.String", "defaultValue": "./polaris/backup/config", "description": "Where to load config file, polaris or local." + }, + { + "name": "spring.cloud.polaris.config.crypto.enabled", + "type": "java.lang.Boolean", + "defaultValue": "true", + "description": "Whether to open the configuration crypto.", + "sourceType": "com.tencent.cloud.polaris.config.config.PolarisCryptoConfigProperties" } ] } From 70cb6c9a7d6613fab54e4a22e93bc219d981d579 Mon Sep 17 00:00:00 2001 From: Haotian Zhang <928016560@qq.com> Date: Mon, 16 Oct 2023 19:27:51 +0800 Subject: [PATCH 2/2] feat:support configuration encryption. --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9bc7ebab7..03e9d4887 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,4 +15,4 @@ - [feat: add circuit breaker actuator.](https://github.com/Tencent/spring-cloud-tencent/pull/1171) - [feat: add metadata transfer for http header via spring.cloud.tencent.metadata.headers.](https://github.com/Tencent/spring-cloud-tencent/pull/1175) - [fix:remove bcprov-jdk15on dependency.](https://github.com/Tencent/spring-cloud-tencent/pull/1179) -- [feat:support configuration encryption.](https://github.com/Tencent/spring-cloud-tencent/pull/1182) +- [feat:support configuration encryption.](https://github.com/Tencent/spring-cloud-tencent/pull/1183)