enhance: [cmek]Merge cipher.yml with hook.yml (#44118)

See also: #40321

Signed-off-by: yangxuan <xuan.yang@zilliz.com>

internal/util/hookutil/cipher.go

@@ -309,18 +309,13 @@ func initCipher() error {
 	storeCipher(nil)
 
 	pathGo := paramtable.GetCipherParams().SoPathGo.GetValue()
-	if pathGo == "" {
-		log.Info("empty so path for go plugin, skip to load cipher plugin")
-		return nil
-	}
-
 	pathCpp := paramtable.GetCipherParams().SoPathCpp.GetValue()
-	if pathCpp == "" {
+	if pathGo == "" || pathCpp == "" {
-		log.Info("empty so path for cpp plugin, skip to load cipher plugin")
+		log.Info("empty so path for cipher plugin, skip to load plugin")
 		return nil
 	}
 
-	log.Info("start to load cipher plugin", zap.String("path", pathGo))
+	log.Info("start to load cipher go plugin", zap.String("path", pathGo))
 	p, err := plugin.Open(pathGo)
 	if err != nil {
 		return fmt.Errorf("fail to open the cipher plugin, error: %s", err.Error())
@@ -332,14 +327,12 @@ func initCipher() error {
 		return fmt.Errorf("fail to the 'CipherPlugin' object in the plugin, error: %s", err.Error())
 	}
 
-	var cipherVal hook.Cipher
+	cipherVal, ok := h.(hook.Cipher)
-	var ok bool
-	cipherVal, ok = h.(hook.Cipher)
 	if !ok {
 		return fmt.Errorf("fail to convert the `CipherPlugin` interface")
 	}
 
-	initConfigs := paramtable.Get().EtcdCfg.GetAll()
+	initConfigs := lo.Assign(paramtable.Get().EtcdCfg.GetAll(), paramtable.GetCipherParams().GetAll())
 	initConfigs[CipherConfigMilvusRoleName] = paramtable.GetRole()
 	if err = cipherVal.Init(initConfigs); err != nil {
 		return fmt.Errorf("fail to init configs for the cipher plugin, error: %s", err.Error())

pkg/util/paramtable/cipher_config.go

@@ -4,14 +4,16 @@ import (
 	"github.com/milvus-io/milvus/pkg/v2/log"
 )
 
-const cipherYamlFile = "cipher.yaml"
+const cipherYamlFile = "hook.yaml"
 
 type cipherConfig struct {
 	cipherBase *BaseTable
 
-	SoPathGo       ParamItem `refreshable:"false"`
+	SoPathGo              ParamItem `refreshable:"false"`
-	SoPathCpp      ParamItem `refreshable:"false"`
+	SoPathCpp             ParamItem `refreshable:"false"`
-	DefaultRootKey ParamItem `refreshable:"false"`
+	DefaultRootKey        ParamItem `refreshable:"false"`
+	RotationPeriodInHours ParamItem `refreshable:"false"`
+	KmsProvider           ParamItem `refreshable:"false"`
 }
 
 func (c *cipherConfig) init(base *BaseTable) {
@@ -20,23 +22,40 @@ func (c *cipherConfig) init(base *BaseTable) {
 
 	c.SoPathGo = ParamItem{
 		Key:     "cipherPlugin.soPathGo",
-		Version: "2.6.0",
+		Version: "2.6.1",
 	}
 	c.SoPathGo.Init(base.mgr)
 
 	c.SoPathCpp = ParamItem{
 		Key:     "cipherPlugin.soPathCpp",
-		Version: "2.6.0",
+		Version: "2.6.1",
 	}
 	c.SoPathCpp.Init(base.mgr)
 
 	c.DefaultRootKey = ParamItem{
 		Key:     "cipherPlugin.defaultKmsKeyArn",
-		Version: "2.6.0",
+		Version: "2.6.1",
 	}
 	c.DefaultRootKey.Init(base.mgr)
+
+	c.RotationPeriodInHours = ParamItem{
+		Key:          "cipherPlugin.rotationPeriodInHours",
+		Version:      "2.6.1",
+		DefaultValue: "8764",
+	}
+	c.RotationPeriodInHours.Init(base.mgr)
+
+	c.KmsProvider = ParamItem{
+		Key:     "cipherPlugin.kmsProvider",
+		Version: "2.6.1",
+	}
+	c.KmsProvider.Init(base.mgr)
 }
 
 func (c *cipherConfig) Save(key string, value string) error {
 	return c.cipherBase.Save(key, value)
 }
+
+func (c *cipherConfig) GetAll() map[string]string {
+	return c.cipherBase.mgr.GetConfigs()
+}

pkg/util/paramtable/runtime.go

@@ -55,9 +55,7 @@ func Init() {
 		params.Init(baseTable)
 		hookBaseTable := NewBaseTableFromYamlOnly(hookYamlFile)
 		hookParams.init(hookBaseTable)
-
+		cipherParams.init(hookBaseTable)
-		cipherBaseTable := NewBaseTableFromYamlOnly(cipherYamlFile)
-		cipherParams.init(cipherBaseTable)
 	})
 }
 
@@ -66,8 +64,7 @@ func InitWithBaseTable(baseTable *BaseTable) {
 		params.Init(baseTable)
 		hookBaseTable := NewBaseTableFromYamlOnly(hookYamlFile)
 		hookParams.init(hookBaseTable)
-		cipherBaseTable := NewBaseTableFromYamlOnly(cipherYamlFile)
+		cipherParams.init(hookBaseTable)
-		cipherParams.init(cipherBaseTable)
 	})
 }