encryption: encrypt data written to disk by Distsql's temp engine.

Now whenever distsql's temp engine writes to disk, the data written will be
encrypted. This commit is part of the `use encryption for all local disk usage
(non-logs)`.

Issue: #19783.
Release note: None

Author: windchan7

pkg/base/config.go

@@ -438,6 +438,16 @@ type TempStorageConfig struct {
 	// use. If InMemory is set, than this has to be a memory monitor; otherwise it
 	// has to be a disk monitor.
 	Mon *mon.BytesMonitor
+	// Store contains the parameters that temp storage will use.
+	Store StoreSpec
+}
+
+// IsEmpty returns if TempStorageConfig is empty.
+func (cfg TempStorageConfig) IsEmpty() bool {
+	return !cfg.InMemory &&
+		cfg.Path == "" &&
+		cfg.Mon == nil &&
+		cfg.Store.IsEmpty()
 }
 
 // TempStorageConfigFromEnv creates a TempStorageConfig.
@@ -479,6 +489,7 @@ func TempStorageConfigFromEnv(
 	return TempStorageConfig{
 		InMemory: inMem,
 		Mon:      &monitor,
+		Store:    firstStore,
 	}
 }
 

pkg/base/store_spec.go

@@ -78,6 +78,14 @@ type StoreSpec struct {
 	ExtraOptions []byte
 }
 
+// IsEmpty returns if StoreSpec is empty.
+func (ss StoreSpec) IsEmpty() bool {
+	return ss.String() == "" &&
+		ss.RocksDBOptions == "" &&
+		!ss.UseFileRegistry &&
+		ss.ExtraOptions == nil
+}
+
 // String returns a fully parsable version of the store spec.
 func (ss StoreSpec) String() string {
 	var buffer bytes.Buffer

pkg/cli/start.go

@@ -436,7 +436,16 @@ func runStart(cmd *cobra.Command, args []string) error {
 	if serverCfg.Settings.ExternalIODir, err = initExternalIODir(ctx, serverCfg.Stores.Specs[0]); err != nil {
 		return err
 	}
-	if serverCfg.TempStorageConfig, err = initTempStorageConfig(ctx, serverCfg.Settings, stopper, serverCfg.Stores.Specs[0]); err != nil {
+	var useStore base.StoreSpec
+	for i := range serverCfg.Stores.Specs {
+		if serverCfg.Stores.Specs[i].ExtraOptions != nil {
+			useStore = serverCfg.Stores.Specs[i]
+		}
+	}
+	if useStore.IsEmpty() {
+		useStore = serverCfg.Stores.Specs[0]
+	}
+	if serverCfg.TempStorageConfig, err = initTempStorageConfig(ctx, serverCfg.Settings, stopper, useStore); err != nil {
 		return err
 	}
 

pkg/server/server.go

@@ -349,7 +349,7 @@ func NewServer(cfg Config, stopper *stop.Stopper) (*Server, error) {
 	// Remove temporary directory linked to tempEngine after closing
 	// tempEngine.
 	s.stopper.AddCloser(stop.CloserFn(func() {
-		firstStore := cfg.Stores.Specs[0]
+		firstStore := s.cfg.TempStorageConfig.Store
 		var err error
 		if firstStore.InMemory {
 			// First store is in-memory so we remove the temp

pkg/server/testserver.go

@@ -193,7 +193,7 @@ func makeTestConfigFromParams(params base.TestServerArgs) Config {
 		// TestServer).
 	}
 	cfg.Stores = base.StoreSpecList{Specs: params.StoreSpecs}
-	if params.TempStorageConfig != (base.TempStorageConfig{}) {
+	if !params.TempStorageConfig.IsEmpty() {
 		cfg.TempStorageConfig = params.TempStorageConfig
 	}
 

pkg/storage/engine/temp_engine.go

@@ -33,8 +33,10 @@ func NewTempEngine(tempStorage base.TempStorageConfig) (Engine, error) {
 		Dir:   tempStorage.Path,
 		// MaxSizeBytes doesn't matter for temp storage - it's not
 		// enforced in any way.
-		MaxSizeBytes: 0,
-		MaxOpenFiles: 128, // TODO(arjun): Revisit this.
+		MaxSizeBytes:    0,
+		MaxOpenFiles:    128, // TODO(arjun): Revisit this.
+		UseFileRegistry: tempStorage.Store.UseFileRegistry,
+		ExtraOptions:    tempStorage.Store.ExtraOptions,
 	}
 	rocksDBCache := NewRocksDBCache(0)
 	rocksdb, err := NewRocksDB(rocksDBCfg, rocksDBCache)