PR feedback

Author: rjernst

plugins/repository-s3/src/main/java/org/elasticsearch/cloud/aws/AwsS3Service.java

@@ -40,134 +40,135 @@ public interface AwsS3Service extends LifecycleComponent {
     /**
      * cloud.aws.access_key: AWS Access key. Shared with discovery-ec2 plugin
      */
-    Setting<SecureString> LEGACY_KEY_SETTING = new Setting<>("cloud.aws.access_key", "", SecureString::new,
+    Setting<SecureString> KEY_SETTING = new Setting<>("cloud.aws.access_key", "", SecureString::new,
         Property.NodeScope, Property.Filtered, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.secret_key: AWS Secret key. Shared with discovery-ec2 plugin
      */
-    Setting<SecureString> LEGACY_SECRET_SETTING = new Setting<>("cloud.aws.secret_key", "", SecureString::new,
+    Setting<SecureString> SECRET_SETTING = new Setting<>("cloud.aws.secret_key", "", SecureString::new,
         Property.NodeScope, Property.Filtered, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.protocol: Protocol for AWS API: http or https. Defaults to https. Shared with discovery-ec2 plugin
      */
-    Setting<Protocol> LEGACY_PROTOCOL_SETTING = new Setting<>("cloud.aws.protocol", "https",
+    Setting<Protocol> PROTOCOL_SETTING = new Setting<>("cloud.aws.protocol", "https",
         s -> Protocol.valueOf(s.toUpperCase(Locale.ROOT)), Property.NodeScope, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.proxy.host: In case of proxy, define its hostname/IP. Shared with discovery-ec2 plugin
      */
-    Setting<String> LEGACY_PROXY_HOST_SETTING = Setting.simpleString("cloud.aws.proxy.host",
+    Setting<String> PROXY_HOST_SETTING = Setting.simpleString("cloud.aws.proxy.host",
         Property.NodeScope, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.proxy.port: In case of proxy, define its port. Defaults to 80. Shared with discovery-ec2 plugin
      */
-    Setting<Integer> LEGACY_PROXY_PORT_SETTING = Setting.intSetting("cloud.aws.proxy.port", 80, 0, 1<<16,
+    Setting<Integer> PROXY_PORT_SETTING = Setting.intSetting("cloud.aws.proxy.port", 80, 0, 1<<16,
         Property.NodeScope, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.proxy.username: In case of proxy with auth, define the username. Shared with discovery-ec2 plugin
      */
-    Setting<SecureString> LEGACY_PROXY_USERNAME_SETTING = new Setting<>("cloud.aws.proxy.username", "", SecureString::new,
+    Setting<SecureString> PROXY_USERNAME_SETTING = new Setting<>("cloud.aws.proxy.username", "", SecureString::new,
         Property.NodeScope, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.proxy.password: In case of proxy with auth, define the password. Shared with discovery-ec2 plugin
      */
-    Setting<SecureString> LEGACY_PROXY_PASSWORD_SETTING = new Setting<>("cloud.aws.proxy.password", "", SecureString::new,
+    Setting<SecureString> PROXY_PASSWORD_SETTING = new Setting<>("cloud.aws.proxy.password", "", SecureString::new,
         Property.NodeScope, Property.Filtered, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.signer: If you are using an old AWS API version, you can define a Signer. Shared with discovery-ec2 plugin
      */
-    Setting<String> LEGACY_SIGNER_SETTING = Setting.simpleString("cloud.aws.signer",
+    Setting<String> SIGNER_SETTING = Setting.simpleString("cloud.aws.signer",
         Property.NodeScope, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.region: Region. Shared with discovery-ec2 plugin
      */
-    Setting<String> LEGACY_REGION_SETTING = new Setting<>("cloud.aws.region", "", s -> s.toLowerCase(Locale.ROOT),
+    Setting<String> REGION_SETTING = new Setting<>("cloud.aws.region", "", s -> s.toLowerCase(Locale.ROOT),
         Property.NodeScope, Property.Deprecated, Property.Shared);
     /**
      * cloud.aws.read_timeout: Socket read timeout. Shared with discovery-ec2 plugin
      */
-    Setting<TimeValue> LEGACY_READ_TIMEOUT = Setting.timeSetting("cloud.aws.read_timeout",
+    Setting<TimeValue> READ_TIMEOUT = Setting.timeSetting("cloud.aws.read_timeout",
         TimeValue.timeValueMillis(ClientConfiguration.DEFAULT_SOCKET_TIMEOUT), Property.NodeScope, Property.Deprecated, Property.Shared);
 
     /**
      * Defines specific s3 settings starting with cloud.aws.s3.
+     * NOTE: These are legacy settings. Use the named client configs in {@link org.elasticsearch.repositories.s3.S3Repository}.
      */
     interface CLOUD_S3 {
         /**
          * cloud.aws.s3.access_key: AWS Access key specific for S3 API calls. Defaults to cloud.aws.access_key.
-         * @see AwsS3Service#LEGACY_KEY_SETTING
+         * @see AwsS3Service#KEY_SETTING
          */
         Setting<SecureString> KEY_SETTING =
-            new Setting<>("cloud.aws.s3.access_key", AwsS3Service.LEGACY_KEY_SETTING, SecureString::new,
+            new Setting<>("cloud.aws.s3.access_key", AwsS3Service.KEY_SETTING, SecureString::new,
                 Property.NodeScope, Property.Filtered, Property.Deprecated);
         /**
          * cloud.aws.s3.secret_key: AWS Secret key specific for S3 API calls. Defaults to cloud.aws.secret_key.
-         * @see AwsS3Service#LEGACY_SECRET_SETTING
+         * @see AwsS3Service#SECRET_SETTING
          */
         Setting<SecureString> SECRET_SETTING =
-            new Setting<>("cloud.aws.s3.secret_key", AwsS3Service.LEGACY_SECRET_SETTING, SecureString::new,
+            new Setting<>("cloud.aws.s3.secret_key", AwsS3Service.SECRET_SETTING, SecureString::new,
                 Property.NodeScope, Property.Filtered, Property.Deprecated);
         /**
          * cloud.aws.s3.protocol: Protocol for AWS API specific for S3 API calls: http or https. Defaults to cloud.aws.protocol.
-         * @see AwsS3Service#LEGACY_PROTOCOL_SETTING
+         * @see AwsS3Service#PROTOCOL_SETTING
          */
         Setting<Protocol> PROTOCOL_SETTING =
-            new Setting<>("cloud.aws.s3.protocol", AwsS3Service.LEGACY_PROTOCOL_SETTING, s -> Protocol.valueOf(s.toUpperCase(Locale.ROOT)),
+            new Setting<>("cloud.aws.s3.protocol", AwsS3Service.PROTOCOL_SETTING, s -> Protocol.valueOf(s.toUpperCase(Locale.ROOT)),
                 Property.NodeScope, Property.Deprecated);
         /**
          * cloud.aws.s3.proxy.host: In case of proxy, define its hostname/IP specific for S3 API calls. Defaults to cloud.aws.proxy.host.
-         * @see AwsS3Service#LEGACY_PROXY_HOST_SETTING
+         * @see AwsS3Service#PROXY_HOST_SETTING
          */
         Setting<String> PROXY_HOST_SETTING =
-            new Setting<>("cloud.aws.s3.proxy.host", AwsS3Service.LEGACY_PROXY_HOST_SETTING, Function.identity(),
+            new Setting<>("cloud.aws.s3.proxy.host", AwsS3Service.PROXY_HOST_SETTING, Function.identity(),
                 Property.NodeScope, Property.Deprecated);
         /**
          * cloud.aws.s3.proxy.port: In case of proxy, define its port specific for S3 API calls.  Defaults to cloud.aws.proxy.port.
-         * @see AwsS3Service#LEGACY_PROXY_PORT_SETTING
+         * @see AwsS3Service#PROXY_PORT_SETTING
          */
         Setting<Integer> PROXY_PORT_SETTING =
-            new Setting<>("cloud.aws.s3.proxy.port", AwsS3Service.LEGACY_PROXY_PORT_SETTING,
+            new Setting<>("cloud.aws.s3.proxy.port", AwsS3Service.PROXY_PORT_SETTING,
                 s -> Setting.parseInt(s, 0, 1<<16, "cloud.aws.s3.proxy.port"), Property.NodeScope, Property.Deprecated);
         /**
          * cloud.aws.s3.proxy.username: In case of proxy with auth, define the username specific for S3 API calls.
          * Defaults to cloud.aws.proxy.username.
-         * @see AwsS3Service#LEGACY_PROXY_USERNAME_SETTING
+         * @see AwsS3Service#PROXY_USERNAME_SETTING
          */
         Setting<SecureString> PROXY_USERNAME_SETTING =
-            new Setting<>("cloud.aws.s3.proxy.username", AwsS3Service.LEGACY_PROXY_USERNAME_SETTING, SecureString::new,
+            new Setting<>("cloud.aws.s3.proxy.username", AwsS3Service.PROXY_USERNAME_SETTING, SecureString::new,
                 Property.NodeScope, Property.Deprecated);
         /**
          * cloud.aws.s3.proxy.password: In case of proxy with auth, define the password specific for S3 API calls.
          * Defaults to cloud.aws.proxy.password.
-         * @see AwsS3Service#LEGACY_PROXY_PASSWORD_SETTING
+         * @see AwsS3Service#PROXY_PASSWORD_SETTING
          */
         Setting<SecureString> PROXY_PASSWORD_SETTING =
-            new Setting<>("cloud.aws.s3.proxy.password", AwsS3Service.LEGACY_PROXY_PASSWORD_SETTING, SecureString::new,
+            new Setting<>("cloud.aws.s3.proxy.password", AwsS3Service.PROXY_PASSWORD_SETTING, SecureString::new,
                 Property.NodeScope, Property.Filtered, Property.Deprecated);
         /**
          * cloud.aws.s3.signer: If you are using an old AWS API version, you can define a Signer. Specific for S3 API calls.
          * Defaults to cloud.aws.signer.
-         * @see AwsS3Service#LEGACY_SIGNER_SETTING
+         * @see AwsS3Service#SIGNER_SETTING
          */
         Setting<String> SIGNER_SETTING =
-            new Setting<>("cloud.aws.s3.signer", AwsS3Service.LEGACY_SIGNER_SETTING, Function.identity(),
+            new Setting<>("cloud.aws.s3.signer", AwsS3Service.SIGNER_SETTING, Function.identity(),
                 Property.NodeScope, Property.Deprecated);
         /**
          * cloud.aws.s3.region: Region specific for S3 API calls. Defaults to cloud.aws.region.
-         * @see AwsS3Service#LEGACY_REGION_SETTING
+         * @see AwsS3Service#REGION_SETTING
          */
         Setting<String> REGION_SETTING =
-            new Setting<>("cloud.aws.s3.region", AwsS3Service.LEGACY_REGION_SETTING, s -> s.toLowerCase(Locale.ROOT),
+            new Setting<>("cloud.aws.s3.region", AwsS3Service.REGION_SETTING, s -> s.toLowerCase(Locale.ROOT),
                 Property.NodeScope, Property.Deprecated);
         /**
          * cloud.aws.s3.endpoint: Endpoint. If not set, endpoint will be guessed based on region setting.
          */
         Setting<String> ENDPOINT_SETTING = Setting.simpleString("cloud.aws.s3.endpoint", Property.NodeScope);
         /**
          * cloud.aws.s3.read_timeout: Socket read timeout. Defaults to cloud.aws.read_timeout
-         * @see AwsS3Service#LEGACY_READ_TIMEOUT
+         * @see AwsS3Service#READ_TIMEOUT
          */
         Setting<TimeValue> READ_TIMEOUT =
-            Setting.timeSetting("cloud.aws.s3.read_timeout", AwsS3Service.LEGACY_READ_TIMEOUT, Property.NodeScope, Property.Deprecated);
+            Setting.timeSetting("cloud.aws.s3.read_timeout", AwsS3Service.READ_TIMEOUT, Property.NodeScope, Property.Deprecated);
     }
 
     AmazonS3 client(Settings repositorySettings, Integer maxRetries, boolean useThrottleRetries, Boolean pathStyleAccess);

plugins/repository-s3/src/main/java/org/elasticsearch/cloud/aws/InternalAwsS3Service.java

@@ -19,16 +19,18 @@
 
 package org.elasticsearch.cloud.aws;
 
+import java.util.HashMap;
+import java.util.Map;
+import java.util.function.Function;
+
 import com.amazonaws.ClientConfiguration;
 import com.amazonaws.Protocol;
 import com.amazonaws.auth.AWSCredentials;
 import com.amazonaws.auth.AWSCredentialsProvider;
 import com.amazonaws.auth.BasicAWSCredentials;
-import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
 import com.amazonaws.auth.EnvironmentVariableCredentialsProvider;
 import com.amazonaws.auth.InstanceProfileCredentialsProvider;
 import com.amazonaws.auth.SystemPropertiesCredentialsProvider;
-import com.amazonaws.auth.profile.ProfileCredentialsProvider;
 import com.amazonaws.http.IdleConnectionReaper;
 import com.amazonaws.internal.StaticCredentialsProvider;
 import com.amazonaws.services.s3.AmazonS3;
@@ -46,17 +48,10 @@
 import org.elasticsearch.common.unit.TimeValue;
 import org.elasticsearch.repositories.s3.S3Repository;
 
-import java.util.HashMap;
-import java.util.Map;
-import java.util.function.Function;
-import java.util.function.Supplier;
-
-import static org.elasticsearch.repositories.s3.S3Repository.getValue;
-
 public class InternalAwsS3Service extends AbstractLifecycleComponent implements AwsS3Service {
 
     // pkg private for tests
-    static final Setting<String> CONFIG_NAME = new Setting<>("config", "default", Function.identity());
+    static final Setting<String> CLIENT_NAME = new Setting<>("client", "default", Function.identity());
 
     /**
      * (acceskey, endpoint) -&gt; client
@@ -70,7 +65,7 @@ public InternalAwsS3Service(Settings settings) {
     @Override
     public synchronized AmazonS3 client(Settings repositorySettings, Integer maxRetries,
                                               boolean useThrottleRetries, Boolean pathStyleAccess) {
-        String configName = CONFIG_NAME.get(repositorySettings);
+        String configName = CLIENT_NAME.get(repositorySettings);
         String foundEndpoint = findEndpoint(logger, repositorySettings, settings, configName);
 
         AWSCredentialsProvider credentials = buildCredentials(logger, deprecationLogger, settings, repositorySettings, configName);
@@ -213,7 +208,7 @@ static String findEndpoint(Logger logger, Settings repositorySettings, Settings
                 if (CLOUD_S3.ENDPOINT_SETTING.exists(settings)) {
                     endpoint = CLOUD_S3.ENDPOINT_SETTING.get(settings);
                     logger.debug("using explicit s3 endpoint [{}]", endpoint);
-                } else if (LEGACY_REGION_SETTING.exists(settings) || CLOUD_S3.REGION_SETTING.exists(settings)) {
+                } else if (REGION_SETTING.exists(settings) || CLOUD_S3.REGION_SETTING.exists(settings)) {
                     region = CLOUD_S3.REGION_SETTING.get(settings);
                     endpoint = getEndpoint(region);
                     logger.debug("using s3 region [{}], with endpoint [{}]", region, endpoint);
@@ -230,7 +225,7 @@ static String findEndpoint(Logger logger, Settings repositorySettings, Settings
      * Return the region configured, or empty string.
      * TODO: remove after https://github.com/elastic/elasticsearch/issues/22761 */
     public static String getRegion(Settings repositorySettings, Settings settings) {
-        return getConfigValue(repositorySettings, settings, CONFIG_NAME.get(repositorySettings), S3Repository.REGION_SETTING,
+        return getConfigValue(repositorySettings, settings, CLIENT_NAME.get(repositorySettings), S3Repository.REGION_SETTING,
                               S3Repository.Repository.REGION_SETTING, S3Repository.Repositories.REGION_SETTING);
     }
 

plugins/repository-s3/src/main/java/org/elasticsearch/plugin/repository/s3/S3RepositoryPlugin.java

@@ -82,16 +82,16 @@ public List<String> getSettingsFilter() {
     public List<Setting<?>> getSettings() {
         return Arrays.asList(
         // Register global cloud aws settings: cloud.aws (might have been registered in ec2 plugin)
-        AwsS3Service.LEGACY_KEY_SETTING,
-        AwsS3Service.LEGACY_SECRET_SETTING,
-        AwsS3Service.LEGACY_PROTOCOL_SETTING,
-        AwsS3Service.LEGACY_PROXY_HOST_SETTING,
-        AwsS3Service.LEGACY_PROXY_PORT_SETTING,
-        AwsS3Service.LEGACY_PROXY_USERNAME_SETTING,
-        AwsS3Service.LEGACY_PROXY_PASSWORD_SETTING,
-        AwsS3Service.LEGACY_SIGNER_SETTING,
-        AwsS3Service.LEGACY_REGION_SETTING,
-        AwsS3Service.LEGACY_READ_TIMEOUT,
+        AwsS3Service.KEY_SETTING,
+        AwsS3Service.SECRET_SETTING,
+        AwsS3Service.PROTOCOL_SETTING,
+        AwsS3Service.PROXY_HOST_SETTING,
+        AwsS3Service.PROXY_PORT_SETTING,
+        AwsS3Service.PROXY_USERNAME_SETTING,
+        AwsS3Service.PROXY_PASSWORD_SETTING,
+        AwsS3Service.SIGNER_SETTING,
+        AwsS3Service.REGION_SETTING,
+        AwsS3Service.READ_TIMEOUT,
 
         // Register S3 specific settings: cloud.aws.s3
         AwsS3Service.CLOUD_S3.KEY_SETTING,

plugins/repository-s3/src/main/java/org/elasticsearch/repositories/s3/S3Repository.java

@@ -22,7 +22,6 @@
 import com.amazonaws.ClientConfiguration;
 import com.amazonaws.Protocol;
 import com.amazonaws.services.s3.AmazonS3;
-import com.amazonaws.services.s3.AmazonS3Client;
 import org.elasticsearch.cloud.aws.AwsS3Service;
 import org.elasticsearch.cloud.aws.AwsS3Service.CLOUD_S3;
 import org.elasticsearch.cloud.aws.InternalAwsS3Service;
@@ -65,8 +64,8 @@ public class S3Repository extends BlobStoreRepository {
 
     public static final String TYPE = "s3";
 
-    // prefix for aws client settings
-    private static final String PREFIX = "aws.config.";
+    // prefix for s3 client settings
+    private static final String PREFIX = "s3.client.";
 
     /** The access key (ie login id) for connecting to s3. */
     public static final AffixSetting<SecureString> ACCESS_KEY_SETTING = Setting.affixKeySetting(PREFIX, "access_key",
@@ -98,18 +97,19 @@ public class S3Repository extends BlobStoreRepository {
 
     /** The username of a proxy to connect to s3 through. */
     public static final AffixSetting<SecureString> PROXY_USERNAME_SETTING = Setting.affixKeySetting(PREFIX, "proxy.username",
-        key -> SecureSetting.secureString(key, AwsS3Service.LEGACY_PROXY_USERNAME_SETTING, false));
+        key -> SecureSetting.secureString(key, AwsS3Service.PROXY_USERNAME_SETTING, false));
 
     /** The password of a proxy to connect to s3 through. */
     public static final AffixSetting<SecureString> PROXY_PASSWORD_SETTING = Setting.affixKeySetting(PREFIX, "proxy.password",
-        key -> SecureSetting.secureString(key, AwsS3Service.LEGACY_PROXY_PASSWORD_SETTING, false));
+        key -> SecureSetting.secureString(key, AwsS3Service.PROXY_PASSWORD_SETTING, false));
 
     /** The socket timeout for connecting to s3. */
     public static final AffixSetting<TimeValue> READ_TIMEOUT_SETTING = Setting.affixKeySetting(PREFIX, "read_timeout",
         key -> Setting.timeSetting(key, TimeValue.timeValueMillis(ClientConfiguration.DEFAULT_SOCKET_TIMEOUT), Property.NodeScope));
 
     /**
      * Global S3 repositories settings. Starting with: repositories.s3
+     * NOTE: These are legacy settings. Use the named client config settings above.
      */
     public interface Repositories {
         /**