diff --git a/itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetaStoreMultipleEncryptionZones.java b/itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetaStoreMultipleEncryptionZones.java index e46a52045b..73b49edaaa 100644 --- a/itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetaStoreMultipleEncryptionZones.java +++ b/itests/hive-unit/src/test/java/org/apache/hadoop/hive/metastore/TestMetaStoreMultipleEncryptionZones.java @@ -32,10 +32,9 @@ import org.apache.hadoop.hive.metastore.api.FieldSchema; import org.apache.hadoop.hive.metastore.api.Table; +import org.apache.hadoop.hive.metastore.utils.EncryptionFileUtils; import org.apache.hadoop.util.StringUtils; -import org.apache.hadoop.hive.shims.HadoopShims; import org.apache.hadoop.hdfs.DFSTestUtil; -import org.apache.hadoop.hive.shims.ShimLoader; import org.apache.hadoop.ipc.RemoteException; import org.apache.hadoop.hive.metastore.client.builder.DatabaseBuilder; import org.apache.hadoop.hive.metastore.client.builder.TableBuilder; @@ -65,7 +64,6 @@ private static MiniDFSCluster miniDFSCluster; private static String cmroot; private static FileSystem fs; - private static HadoopShims.HdfsEncryptionShim shimCm; private static String cmrootEncrypted; private static String jksFile = System.getProperty("java.io.tmpdir") + "/test.jks"; private static String cmrootFallBack; @@ -92,8 +90,6 @@ public static void setUp() throws Exception { hiveConf.set(HiveConf.ConfVars.REPLCMENCRYPTEDDIR.varname, cmrootEncrypted); hiveConf.set(HiveConf.ConfVars.REPLCMFALLBACKNONENCRYPTEDDIR.varname, cmrootFallBack); initReplChangeManager(); - //Create cm in encrypted zone - shimCm = ShimLoader.getHadoopShims().createHdfsEncryptionShim(fs, conf); try { client = new HiveMetaStoreClient(hiveConf); @@ -156,7 +152,7 @@ public void dropTableWithDifferentEncryptionZonesDifferentKey() throws Throwable Path dirDb1 = new Path(warehouse.getWhRoot(), dbName1 +".db"); warehouseFs.delete(dirDb1, true); warehouseFs.mkdirs(dirDb1); - shimCm.createEncryptionZone(dirDb1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb1, "test_key_db", conf); Path dirTbl1 = new Path(dirDb1, tblName1); warehouseFs.mkdirs(dirTbl1); Path part11 = new Path(dirTbl1, "part1"); @@ -165,7 +161,7 @@ public void dropTableWithDifferentEncryptionZonesDifferentKey() throws Throwable Path dirDb2 = new Path(warehouse.getWhRoot(), dbName2 +".db"); warehouseFs.delete(dirDb2, true); warehouseFs.mkdirs(dirDb2); - shimCm.createEncryptionZone(dirDb2, "test_key_cm"); + EncryptionFileUtils.createEncryptionZone(dirDb2, "test_key_cm", conf); Path dirTbl2 = new Path(dirDb2, tblName2); warehouseFs.mkdirs(dirTbl2); Path part12 = new Path(dirTbl2, "part1"); @@ -274,13 +270,13 @@ public void dropTableWithTableAtEncryptionZoneRoot() throws Throwable { warehouseFs.mkdirs(dirDb); Path dirTbl1 = new Path(dirDb, tblName1); warehouseFs.mkdirs(dirTbl1); - shimCm.createEncryptionZone(dirTbl1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirTbl1, "test_key_db", conf); Path part11 = new Path(dirTbl1, "part1"); createFile(part11, "testClearer11"); Path dirTbl2 = new Path(dirDb, tblName2); warehouseFs.mkdirs(dirTbl2); - shimCm.createEncryptionZone(dirTbl2, "test_key_cm"); + EncryptionFileUtils.createEncryptionZone(dirTbl2, "test_key_cm", conf); Path part12 = new Path(dirTbl2, "part1"); createFile(part12, "testClearer12"); @@ -350,7 +346,7 @@ public void dropTableWithDifferentEncryptionZonesSameKey() throws Throwable { Path dirDb1 = new Path(warehouse.getWhRoot(), dbName1 +".db"); warehouseFs.mkdirs(dirDb1); - shimCm.createEncryptionZone(dirDb1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb1, "test_key_db", conf); Path dirTbl1 = new Path(dirDb1, tblName1); warehouseFs.mkdirs(dirTbl1); Path part11 = new Path(dirTbl1, "part1"); @@ -358,7 +354,7 @@ public void dropTableWithDifferentEncryptionZonesSameKey() throws Throwable { Path dirDb2 = new Path(warehouse.getWhRoot(), dbName2 +".db"); warehouseFs.mkdirs(dirDb2); - shimCm.createEncryptionZone(dirDb2, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb2, "test_key_db", conf); Path dirTbl2 = new Path(dirDb2, tblName2); warehouseFs.mkdirs(dirTbl2); Path part12 = new Path(dirTbl2, "part1"); @@ -465,7 +461,7 @@ public void dropTableWithSameEncryptionZones() throws Throwable { Path dirDb = new Path(warehouse.getWhRoot(), dbName +".db"); warehouseFs.delete(dirDb, true); warehouseFs.mkdirs(dirDb); - shimCm.createEncryptionZone(dirDb, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb, "test_key_db", conf); Path dirTbl1 = new Path(dirDb, tblName1); warehouseFs.mkdirs(dirTbl1); Path part11 = new Path(dirTbl1, "part1"); @@ -614,7 +610,7 @@ public void dropExternalTableWithSameEncryptionZonesForCm() throws Throwable { Path dirDb = new Path(warehouse.getWhRoot(), dbName +".db"); warehouseFs.delete(dirDb, true); warehouseFs.mkdirs(dirDb); - shimCm.createEncryptionZone(dirDb, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb, "test_key_db", conf); Path dirTbl1 = new Path(dirDb, tblName1); warehouseFs.mkdirs(dirTbl1); Path part11 = new Path(dirTbl1, "part1"); @@ -707,13 +703,13 @@ public void dropExternalTableWithDifferentEncryptionZones() throws Throwable { warehouseFs.mkdirs(dirDb); Path dirTbl1 = new Path(dirDb, tblName1); warehouseFs.mkdirs(dirTbl1); - shimCm.createEncryptionZone(dirTbl1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirTbl1, "test_key_db", conf); Path part11 = new Path(dirTbl1, "part1"); createFile(part11, "testClearer11"); Path dirTbl2 = new Path(dirDb, tblName2); warehouseFs.mkdirs(dirTbl2); - shimCm.createEncryptionZone(dirTbl2, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirTbl2, "test_key_db", conf); Path part12 = new Path(dirTbl2, "part1"); createFile(part12, "testClearer12"); @@ -799,13 +795,13 @@ public void dropExternalTableWithDifferentEncryptionZonesDifferentKey() throws T warehouseFs.mkdirs(dirDb); Path dirTbl1 = new Path(dirDb, tblName1); warehouseFs.mkdirs(dirTbl1); - shimCm.createEncryptionZone(dirTbl1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirTbl1, "test_key_db", conf); Path part11 = new Path(dirTbl1, "part1"); createFile(part11, "testClearer11"); Path dirTbl2 = new Path(dirDb, tblName2); warehouseFs.mkdirs(dirTbl2); - shimCm.createEncryptionZone(dirTbl2, "test_key_cm"); + EncryptionFileUtils.createEncryptionZone(dirTbl2, "test_key_cm", conf); Path part12 = new Path(dirTbl2, "part1"); createFile(part12, "testClearer12"); @@ -930,7 +926,7 @@ public void truncateTableWithDifferentEncryptionZones() throws Throwable { Path dirDb1 = new Path(warehouse.getWhRoot(), dbName1 +".db"); warehouseFs.delete(dirDb1, true); warehouseFs.mkdirs(dirDb1); - shimCm.createEncryptionZone(dirDb1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb1, "test_key_db", conf); Path dirTbl1 = new Path(dirDb1, tblName1); warehouseFs.mkdirs(dirTbl1); Path part11 = new Path(dirTbl1, "part1"); @@ -939,7 +935,7 @@ public void truncateTableWithDifferentEncryptionZones() throws Throwable { Path dirDb2 = new Path(warehouse.getWhRoot(), dbName2 +".db"); warehouseFs.delete(dirDb2, true); warehouseFs.mkdirs(dirDb2); - shimCm.createEncryptionZone(dirDb2, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb2, "test_key_db", conf); Path dirTbl2 = new Path(dirDb2, tblName2); warehouseFs.mkdirs(dirTbl2); Path part12 = new Path(dirTbl2, "part1"); @@ -1020,7 +1016,7 @@ public void truncateTableWithDifferentEncryptionZonesDifferentKey() throws Throw Path dirDb1 = new Path(warehouse.getWhRoot(), dbName1 +".db"); warehouseFs.mkdirs(dirDb1); - shimCm.createEncryptionZone(dirDb1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb1, "test_key_db", conf); Path dirTbl1 = new Path(dirDb1, tblName1); warehouseFs.mkdirs(dirTbl1); Path part11 = new Path(dirTbl1, "part1"); @@ -1028,7 +1024,7 @@ public void truncateTableWithDifferentEncryptionZonesDifferentKey() throws Throw Path dirDb2 = new Path(warehouse.getWhRoot(), dbName2 +".db"); warehouseFs.mkdirs(dirDb2); - shimCm.createEncryptionZone(dirDb2, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb2, "test_key_db", conf); Path dirTbl2 = new Path(dirDb2, tblName2); warehouseFs.mkdirs(dirTbl2); Path part12 = new Path(dirTbl2, "part1"); @@ -1125,7 +1121,7 @@ public void truncateTableWithSameEncryptionZones() throws Throwable { Path dirDb = new Path(warehouse.getWhRoot(), dbName +".db"); warehouseFs.delete(dirDb, true); warehouseFs.mkdirs(dirDb); - shimCm.createEncryptionZone(dirDb, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirDb, "test_key_db", conf); Path dirTbl1 = new Path(dirDb, tblName1); warehouseFs.mkdirs(dirTbl1); Path part11 = new Path(dirTbl1, "part1"); @@ -1233,7 +1229,7 @@ public void recycleFailureWithDifferentEncryptionZonesForCm() throws Throwable { warehouseFs.mkdirs(dirDb); Path dirTbl1 = new Path(dirDb, "tbl1"); warehouseFs.mkdirs(dirTbl1); - shimCm.createEncryptionZone(dirTbl1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirTbl1, "test_key_db", conf); Path part11 = new Path(dirTbl1, "part1"); createFile(part11, "testClearer11"); @@ -1262,8 +1258,6 @@ public void testClearerEncrypted() throws Exception { FileSystem cmfs = new Path(cmrootCmClearer).getFileSystem(hiveConfCmClearer); cmfs.mkdirs(warehouseCmClearer.getWhRoot()); - HadoopShims.HdfsEncryptionShim shimCmEncrypted = ShimLoader.getHadoopShims().createHdfsEncryptionShim(cmfs, conf); - FileSystem fsWarehouse = warehouseCmClearer.getWhRoot().getFileSystem(hiveConfCmClearer); long now = System.currentTimeMillis(); Path dirDb = new Path(warehouseCmClearer.getWhRoot(), "db1"); @@ -1271,7 +1265,7 @@ public void testClearerEncrypted() throws Exception { fsWarehouse.mkdirs(dirDb); Path dirTbl1 = new Path(dirDb, "tbl1"); fsWarehouse.mkdirs(dirTbl1); - shimCmEncrypted.createEncryptionZone(dirTbl1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirTbl1, "test_key_db", conf); Path part11 = new Path(dirTbl1, "part1"); createFile(part11, "testClearer11"); String fileChksum11 = ReplChangeManager.checksumFor(part11, fsWarehouse); @@ -1280,7 +1274,7 @@ public void testClearerEncrypted() throws Exception { String fileChksum12 = ReplChangeManager.checksumFor(part12, fsWarehouse); Path dirTbl2 = new Path(dirDb, "tbl2"); fsWarehouse.mkdirs(dirTbl2); - shimCmEncrypted.createEncryptionZone(dirTbl2, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirTbl2, "test_key_db", conf); Path part21 = new Path(dirTbl2, "part1"); createFile(part21, "testClearer21"); String fileChksum21 = ReplChangeManager.checksumFor(part21, fsWarehouse); @@ -1289,7 +1283,7 @@ public void testClearerEncrypted() throws Exception { String fileChksum22 = ReplChangeManager.checksumFor(part22, fsWarehouse); Path dirTbl3 = new Path(dirDb, "tbl3"); fsWarehouse.mkdirs(dirTbl3); - shimCmEncrypted.createEncryptionZone(dirTbl3, "test_key_cm"); + EncryptionFileUtils.createEncryptionZone(dirTbl3, "test_key_cm", conf); Path part31 = new Path(dirTbl3, "part1"); createFile(part31, "testClearer31"); String fileChksum31 = ReplChangeManager.checksumFor(part31, fsWarehouse); @@ -1371,8 +1365,7 @@ public void testCmrootEncrypted() throws Exception { encryptedHiveConf.set(HiveConf.ConfVars.REPLCMFALLBACKNONENCRYPTEDDIR.varname, cmrootFallBack); //Create cm in encrypted zone - HadoopShims.HdfsEncryptionShim shimCmEncrypted = ShimLoader.getHadoopShims().createHdfsEncryptionShim(fs, conf); - shimCmEncrypted.createEncryptionZone(new Path(cmrootdirEncrypted), "test_key_db"); + EncryptionFileUtils.createEncryptionZone(new Path(cmrootdirEncrypted), "test_key_db", conf); ReplChangeManager.resetReplChangeManagerInstance(); Warehouse warehouseEncrypted = new Warehouse(encryptedHiveConf); FileSystem warehouseFsEncrypted = warehouseEncrypted.getWhRoot().getFileSystem(encryptedHiveConf); @@ -1384,7 +1377,7 @@ public void testCmrootEncrypted() throws Exception { warehouseFsEncrypted.mkdirs(dirDb); Path dirTbl1 = new Path(dirDb, "tbl1"); warehouseFsEncrypted.mkdirs(dirTbl1); - shimCmEncrypted.createEncryptionZone(dirTbl1, "test_key_db"); + EncryptionFileUtils.createEncryptionZone(dirTbl1, "test_key_db", conf); Path part11 = new Path(dirTbl1, "part1"); createFile(part11, "testClearer11"); @@ -1436,9 +1429,8 @@ public void testCmrootFallbackEncrypted() throws Exception { encryptedHiveConf.set(HiveConf.ConfVars.REPLCMFALLBACKNONENCRYPTEDDIR.varname, cmRootFallbackEncrypted); //Create cm in encrypted zone - HadoopShims.HdfsEncryptionShim shimCmEncrypted = ShimLoader.getHadoopShims().createHdfsEncryptionShim(fs, conf); - shimCmEncrypted.createEncryptionZone(new Path(cmrootdirEncrypted), "test_key_db"); - shimCmEncrypted.createEncryptionZone(new Path(cmRootFallbackEncrypted), "test_key_db"); + EncryptionFileUtils.createEncryptionZone(new Path(cmrootdirEncrypted), "test_key_db", conf); + EncryptionFileUtils.createEncryptionZone(new Path(cmRootFallbackEncrypted), "test_key_db", conf); ReplChangeManager.resetReplChangeManagerInstance(); boolean exceptionThrown = false; try { @@ -1474,8 +1466,7 @@ public void testCmrootFallbackRelative() throws Exception { encryptedHiveConf.set(HiveConf.ConfVars.REPLCMFALLBACKNONENCRYPTEDDIR.varname, cmRootFallbackEncrypted); //Create cm in encrypted zone - HadoopShims.HdfsEncryptionShim shimCmEncrypted = ShimLoader.getHadoopShims().createHdfsEncryptionShim(fs, conf); - shimCmEncrypted.createEncryptionZone(new Path(cmrootdirEncrypted), "test_key_db"); + EncryptionFileUtils.createEncryptionZone(new Path(cmrootdirEncrypted), "test_key_db", conf); ReplChangeManager.resetReplChangeManagerInstance(); boolean exceptionThrown = false; diff --git a/standalone-metastore/metastore-common/pom.xml b/standalone-metastore/metastore-common/pom.xml index 827c1e91e5..4922ae9aa9 100644 --- a/standalone-metastore/metastore-common/pom.xml +++ b/standalone-metastore/metastore-common/pom.xml @@ -264,11 +264,6 @@ mockito-core test - - org.apache.hive - hive-shims - ${project.version} - diff --git a/standalone-metastore/metastore-common/src/main/java/org/apache/hadoop/hive/metastore/ReplChangeManager.java b/standalone-metastore/metastore-common/src/main/java/org/apache/hadoop/hive/metastore/ReplChangeManager.java index 3af74ba281..f05db11552 100644 --- a/standalone-metastore/metastore-common/src/main/java/org/apache/hadoop/hive/metastore/ReplChangeManager.java +++ b/standalone-metastore/metastore-common/src/main/java/org/apache/hadoop/hive/metastore/ReplChangeManager.java @@ -40,16 +40,14 @@ import org.apache.hadoop.hive.metastore.api.Database; import org.apache.hadoop.hive.metastore.api.MetaException; import org.apache.hadoop.hive.metastore.api.Table; -import org.apache.hadoop.hive.metastore.conf.MetastoreConf; -import org.apache.hadoop.hive.metastore.conf.MetastoreConf.ConfVars; +import org.apache.hadoop.hive.metastore.utils.EncryptionFileUtils; import org.apache.hadoop.hive.metastore.utils.FileUtils; import org.apache.hadoop.hive.metastore.utils.MetaStoreUtils; import org.apache.hadoop.hive.metastore.utils.Retry; import org.apache.hadoop.hive.metastore.utils.StringUtils; -import org.apache.hadoop.hive.shims.HadoopShims; -import org.apache.hadoop.hive.shims.ShimLoader; +import org.apache.hadoop.hive.metastore.conf.MetastoreConf; +import org.apache.hadoop.hive.metastore.conf.MetastoreConf.ConfVars; import org.apache.hadoop.security.UserGroupInformation; -import org.apache.hadoop.hive.shims.HadoopShims.HdfsEncryptionShim; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -61,7 +59,6 @@ private static boolean inited = false; private static boolean enabled = false; private static Map encryptionZoneToCmrootMapping = new HashMap<>(); - private HadoopShims hadoopShims; private static Configuration conf; private String msUser; private String msGroup; @@ -161,7 +158,6 @@ private ReplChangeManager(Configuration conf) throws MetaException { if (MetastoreConf.getBoolVar(conf, ConfVars.REPLCMENABLED)) { ReplChangeManager.enabled = true; ReplChangeManager.conf = conf; - hadoopShims = ShimLoader.getHadoopShims(); cmRootDir = MetastoreConf.getVar(conf, ConfVars.REPLCMDIR); encryptedCmRootDir = MetastoreConf.getVar(conf, ConfVars.REPLCMENCRYPTEDDIR); fallbackNonEncryptedCmRootDir = MetastoreConf.getVar(conf, ConfVars.REPLCMFALLBACKNONENCRYPTEDDIR); @@ -174,12 +170,10 @@ private ReplChangeManager(Configuration conf) throws MetaException { Path cmroot = new Path(cmRootDir); createCmRoot(cmroot); FileSystem cmRootFs = cmroot.getFileSystem(conf); - HdfsEncryptionShim pathEncryptionShim = hadoopShims - .createHdfsEncryptionShim(cmRootFs, conf); - if (pathEncryptionShim.isPathEncrypted(cmroot)) { + if (EncryptionFileUtils.isPathEncrypted(cmroot, conf)) { //If cm root is encrypted we keep using it for the encryption zone String encryptionZonePath = cmRootFs.getUri() - + pathEncryptionShim.getEncryptionZoneForPath(cmroot).getPath(); + + EncryptionFileUtils.getEncryptionZoneForPath(cmroot, conf).getPath(); encryptionZoneToCmrootMapping.put(encryptionZonePath, cmRootDir); } else { encryptionZoneToCmrootMapping.put(NO_ENCRYPTION, cmRootDir); @@ -190,7 +184,7 @@ private ReplChangeManager(Configuration conf) throws MetaException { throw new MetaException(ConfVars.REPLCMENCRYPTEDDIR.getHiveName() + " should be absolute path"); } createCmRoot(cmRootFallback); - if (pathEncryptionShim.isPathEncrypted(cmRootFallback)) { + if (EncryptionFileUtils.isPathEncrypted(cmRootFallback, conf)) { throw new MetaException(ConfVars.REPLCMFALLBACKNONENCRYPTEDDIR.getHiveName() + " should not be encrypted"); } @@ -566,10 +560,9 @@ Path getCmRoot(Path path) throws IOException { String cmrootDir = fallbackNonEncryptedCmRootDir; String encryptionZonePath = NO_ENCRYPTION; if (enabled) { - HdfsEncryptionShim pathEncryptionShim = hadoopShims.createHdfsEncryptionShim(path.getFileSystem(conf), conf); - if (pathEncryptionShim.isPathEncrypted(path)) { + if (EncryptionFileUtils.isPathEncrypted(path, conf)) { encryptionZonePath = path.getFileSystem(conf).getUri() - + pathEncryptionShim.getEncryptionZoneForPath(path).getPath(); + + EncryptionFileUtils.getEncryptionZoneForPath(path, conf).getPath(); //For encryption zone, create cm at the relative path specified by hive.repl.cm.encryptionzone.rootdir //at the root of the encryption zone cmrootDir = encryptionZonePath + Path.SEPARATOR + encryptedCmRootDir; diff --git a/standalone-metastore/metastore-common/src/main/java/org/apache/hadoop/hive/metastore/utils/EncryptionFileUtils.java b/standalone-metastore/metastore-common/src/main/java/org/apache/hadoop/hive/metastore/utils/EncryptionFileUtils.java new file mode 100644 index 0000000000..f2e4218736 --- /dev/null +++ b/standalone-metastore/metastore-common/src/main/java/org/apache/hadoop/hive/metastore/utils/EncryptionFileUtils.java @@ -0,0 +1,65 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + *

+ * http://www.apache.org/licenses/LICENSE-2.0 + *

+ * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.hive.metastore.utils; + +import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.fs.Path; +import org.apache.hadoop.hdfs.client.HdfsAdmin; +import org.apache.hadoop.hdfs.protocol.EncryptionZone; + +import java.io.IOException; +import java.net.URI; + +public class EncryptionFileUtils { + + public static boolean isPathEncrypted(Path path, Configuration conf) throws IOException { + Path fullPath; + if (path.isAbsolute()) { + fullPath = path; + } else { + fullPath = path.getFileSystem(conf).makeQualified(path); + } + if(!"hdfs".equalsIgnoreCase(path.toUri().getScheme())) { + return false; + } + return (EncryptionFileUtils.getEncryptionZoneForPath(fullPath, conf) != null); + } + + public static EncryptionZone getEncryptionZoneForPath(Path path, Configuration conf) throws IOException { + URI uri = path.getFileSystem(conf).getUri(); + if ("hdfs".equals(uri.getScheme())) { + HdfsAdmin hdfsAdmin = new HdfsAdmin(uri, conf); + if (path.getFileSystem(conf).exists(path)) { + return hdfsAdmin.getEncryptionZoneForPath(path); + } else if (!path.getParent().equals(path)) { + return getEncryptionZoneForPath(path.getParent(), conf); + } else { + return null; + } + } + return null; + } + + public static void createEncryptionZone(Path path, String keyName, Configuration conf) throws IOException { + URI uri = path.getFileSystem(conf).getUri(); + if ("hdfs".equals(uri.getScheme())) { + HdfsAdmin hdfsAdmin = new HdfsAdmin(uri, conf); + hdfsAdmin.createEncryptionZone(path, keyName); + } + } +}