ryukobayashi commented on code in PR #6167:
URL: https://github.com/apache/hive/pull/6167#discussion_r2493371459
##########
ql/src/java/org/apache/hadoop/hive/ql/secrets/AWSSecretsManagerSecretSource.java:
##########
@@ -17,27 +17,35 @@
*/
package org.apache.hadoop.hive.ql.secrets;
-import com.amazonaws.secretsmanager.caching.SecretCache;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
+import com.google.common.cache.CacheBuilder;
+import com.google.common.cache.CacheLoader;
+import com.google.common.cache.LoadingCache;
+import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
+import
software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
+import
software.amazon.awssdk.services.secretsmanager.model.GetSecretValueResponse;
import java.io.IOException;
import java.net.URI;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.TimeUnit;
/**
* Implementation of SecretSource which loads secrets from AWS Secrets Manager.
* The format of the uri is "aws-sm:///{key-name-or-arn}"
- * It uses aws secrets cache sdk to fetch and refresh the secret, the
environment must be setup so that the default
+ * It uses AWS SDK v2 with Guava cache to fetch and refresh the secret, the
environment must be setup so that the default
* client can load the secret else it will fail.
* It expects the secret fetched to be a json string with "password" as the
key for password, this is default for
* redshift, rds or external database configs. It does not make use of any
other fields.
*/
public class AWSSecretsManagerSecretSource implements SecretSource {
- // Do not create SecretCache here, it fails to initialize in non-aws aware
environments.
- private volatile SecretCache cache = null;
+ // Do not create cache here, it fails to initialize in non-aws aware
environments.
+ private volatile LoadingCache<String, String> cache = null;
Review Comment:
`aws-secretsmanager-caching-java` does not exist in v2. So we need to
implement our own cache or use the v1 version.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
