Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove algorithm string from encryptionKeyWrapMetadata and converting MicrosoftDataEncryptionException to CosmosException #20845

Merged
merged 10 commits into from
Apr 23, 2021
Merged

Remove algorithm string from encryptionKeyWrapMetadata and converting MicrosoftDataEncryptionException to CosmosException #20845

merged 10 commits into from
Apr 23, 2021

Conversation

simplynaveen20
Copy link
Member

@simplynaveen20 simplynaveen20 commented Apr 20, 2021
edited
Loading

Remove algorithm string from EncryptionKeyWrapMetadata and converting MicrosoftDataEncryptionException to CosmosException.
Also fixing bug around encryption create item throw error for nested object array field encryption.
This will also increase the encryption length from 1024 to max 8000 which AAP java support at this time.

closes #20374
closes ##20899
closed #20875
Note: Need to a add test around Plaintext, once I verify this from .NET crew

@ghost ghost added the Cosmos label Apr 20, 2021
@simplynaveen20 simplynaveen20 added the azure-cosmos-encryption Issues related to azure cosmos encryption project label Apr 20, 2021
kushagraThapar
kushagraThapar reviewed Apr 21, 2021
View reviewed changes
Copy link
Member

@kushagraThapar kushagraThapar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would like to see no usage of BridgeInternal in Encryption project, can we achieve that ?

@simplynaveen20 simplynaveen20 changed the title Adding type on encryptionMetadata and converting MicrosoftDataEncryptionException to CosmosException Remove algorithm string from encryptionKeyWrapMetadata and converting MicrosoftDataEncryptionException to CosmosException Apr 22, 2021
@simplynaveen20
Copy link
Member Author

I would like to see no usage of BridgeInternal in Encryption project, can we achieve that ?

Removing BridgeInternal need CosmosBuilderAccessor for all the bridge internal usages, or redesigning Cosmos project itself , and it is not in scope of this PR. We need to brainstorm separately

kushagraThapar
kushagraThapar approved these changes Apr 22, 2021
View reviewed changes
Copy link
Member

@kushagraThapar kushagraThapar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good to me.

@check-enforcer
Copy link

This pull request is protected by Check Enforcer.

What is Check Enforcer?

Check Enforcer helps ensure all pull requests are covered by at least one check-run (typically an Azure Pipeline). When all check-runs associated with this pull request pass then Check Enforcer itself will pass.

Why am I getting this message?

You are getting this message because Check Enforcer did not detect any check-runs being associated with this pull request within five minutes. This may indicate that your pull request is not covered by any pipelines and so Check Enforcer is correctly blocking the pull request being merged.

What should I do now?

If the check-enforcer check-run is not passing and all other check-runs associated with this PR are passing (excluding license-cla) then you could try telling Check Enforcer to evaluate your pull request again. You can do this by adding a comment to this pull request as follows:
/check-enforcer evaluate
Typically evaulation only takes a few seconds. If you know that your pull request is not covered by a pipeline and this is expected you can override Check Enforcer using the following command:
/check-enforcer override
Note that using the override command triggers alerts so that follow-up investigations can occur (PRs still need to be approved as normal).

What if I am onboarding a new service?

Often, new services do not have validation pipelines associated with them, in order to bootstrap pipelines for a new service, you can issue the following command as a pull request comment:
/azp run prepare-pipelines
This will run a pipeline that analyzes the source tree and creates the pipelines necessary to build and validate your pull request. Once the pipeline has been created you can trigger the pipeline using the following comment:
/azp run java - [service] - ci

FabianMeiswinkel
FabianMeiswinkel approved these changes Apr 22, 2021
View reviewed changes
Copy link
Member

@FabianMeiswinkel FabianMeiswinkel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@simplynaveen20 simplynaveen20 merged commit 7cbd34f into Azure:master Apr 23, 2021
@simplynaveen20 simplynaveen20 mentioned this pull request Apr 26, 2021
Closed
@simplynaveen20 simplynaveen20 deleted the users/nakumars/encryptionMiscellaneous branch April 26, 2021 23:13
benbp pushed a commit that referenced this pull request Apr 28, 2021
@simplynaveen20 @benbp
Remove algorithm string from encryptionKeyWrapMetadata and converting…
cb45f21 
… MicrosoftDataEncryptionException to CosmosException (#20845)

* Adding type on encryptionMetadata and coverting MicrosoftDataEncryptionException to CosmosException

* correction class name of logger

* Increasing the encryption length support to 8000 from 1024

* adding test case and fixing nested pojo array issue

* updating plain text test

* reverting change for encryptionKeyWrapMatadata

* removing pojo to test plain text

* updating test flow for new emulator

* disabling asyncChangeFeed_fromNow_fullFidelity_forFullRange

* fixing test for new emulator
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kushagraThapar kushagraThapar kushagraThapar approved these changes

@FabianMeiswinkel FabianMeiswinkel FabianMeiswinkel approved these changes

@kirankumarkolli kirankumarkolli Awaiting requested review from kirankumarkolli

@mbhaskar mbhaskar Awaiting requested review from mbhaskar

@milismsft milismsft Awaiting requested review from milismsft

@moderakh moderakh Awaiting requested review from moderakh

@xinlian12 xinlian12 Awaiting requested review from xinlian12

Assignees
No one assigned
Labels
azure-cosmos-encryption Issues related to azure cosmos encryption project Cosmos
Projects
None yet
Milestone
No milestone
3 participants
@simplynaveen20 @kushagraThapar @FabianMeiswinkel