Add getSecret method to ProjectMetadata #125830
Conversation
elasticsearchmachine
added
Team:Core/Infra
|
Pinging @elastic/es-core-infra (Team:Core/Infra) |
elasticsearchmachine
added
the
serverless-linked
| public Optional<SecureString> getSecret(String key) { | ||
| return Optional.ofNullable(metadata().<ProjectSecrets>custom(ProjectSecrets.TYPE)) | ||
| .map(secrets -> secrets.getSettings().getString(key)); | ||
| } |
There was a problem hiding this comment.
I see https://github.com/elastic/elasticsearch-serverless/pull/3676#discussion_r2018002701 is where this idea originated. Intuitively, since this method is a pure function of ProjectMetadata, I'd be inclined to have this method in ProjectMetadata instead of here. That would change Tim's example snippet to
Optional<SecureString> hash = projectState.metadata().getSecret(
MULTI_PROJECT_PASSWORD_HASH.apply(principal).getConcreteSettingForNamespace(realmRef().getName())
);
return hash.orElse(null);That would make more sense to me. What do you think?
There was a problem hiding this comment.
I'm not sure. The point of adding it is to make it a better interface that's easier for the caller to use, does the caller need to know that project secrets are stored in a custom in metadata or does the state abstraction make sense? I'm leaning towards keeping it, but I'm not 100% sure, I see your point of it being a pure function of ProjectMetadata too.
There was a problem hiding this comment.
I think the main "pain" current callers see is the null-check - not obtaining the ProjectMetadata. We also don't have any precedent for adding utility methods like these on ProjectState. If we add this method here, we could add all sorts of methods like retrieving indices etc. - which I don't think we want to do. I'd also argue that in most places you'll have to get a reference to a ProjectMetadata first, because you'll want to retrieve things from there multiple times.
There was a problem hiding this comment.
Thanks for the additional context.
I think the main "pain" current callers see is the null-check - not obtaining the ProjectMetadata
Yes, I agree, but obtaining ProjectMetadata is also more painful than not doing it.
I'd also argue that in most places you'll have to get a reference to a ProjectMetadata first, because you'll want to retrieve things from there multiple times.
In the new realm, only the state is required and if you have the state, you can also get the ProjectMetadata from there.
we could add all sorts of methods like retrieving indices etc. - which I don't think we want to do.
I agree with this, but there is an ongoing discussion if the secrets and settings should really be part of metadata, since they're not persisted across restarts. If we don't put it in metadata, we have the option to change it later. Maybe that's not a strong enough argument though, we can always move it later anyway but it would be less code to change. I'll move it for now.
Thanks for the discussion!
jfreden
changed the title
This simplifies getting secrets from
ProjectMetadata.