-
Notifications
You must be signed in to change notification settings - Fork 450
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tool,vfs: enable encrypted fs support for debug tool #1130
Conversation
This commit introduces a new function type called DirFSRetriever, which returns the filesystem for a directory. The FS option was changed to accept such a function. This is useful for enabling encrypted store support in the debug tool.
f05626f
to
58fba0f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was imagining that the call to pebble/tool.New
in CRDB's cli
package could pass in an FS
option that is configured via command line flags. That is, you'd run something like cockroach debug pebble --encryption=...
. The challenge with this approach is that pebble/tool.New
is called in an init()
function before the command line flags are parsed. What we need is a lazily initialized vfs.FS
. I think that is not as onerous as it sounds:
type swappableFS struct {
vfs.FS
}
You can then pass in FS(&swappableFS{vfs.Default})
. Then you need to hook into cobra's pre-run facility so that if --encryption
was specified you replace swappableFS.FS
with an encrypted FS.
The reason I'm suggesting this approach is that it feels to be more in sync with the existing interfaces. Notice that you haven't changed all of the commands which use T.opts.FS
, only the lsm
command.
Reviewable status: 0 of 4 files reviewed, all discussions resolved (waiting on @jbowens)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Then you need to hook into cobra's pre-run facility so that if --encryption was specified you replace swappableFS.FS with an encrypted FS.
One obstacle @andyyang890 and I discussed is multiple stores. We could just initialize the VFS from the first store in the encryption flags, but we did think it would be nice touch to be able to copy-and-paste the whole encryption flags verbatim and just change your argument to the command.
Reviewable status: 0 of 4 files reviewed, all discussions resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a --store
flag per store, right? I think you could take the --store
flag in question and replace it with --encryption
. Or perhaps we should just support the --store
flag directly on these commands and ask the user (generally us) to remove the non-relevant store flags.
Reviewable status: 0 of 4 files reviewed, all discussions resolved
Closing this based on the discussion, see cockroachdb/cockroach#64908 instead. |
This commit introduces a new function type called DirFSRetriever,
which returns the filesystem for a directory. The FS option was
changed to accept such a function. This is useful for enabling
encrypted store support in the debug tool.