+1 For better responsibility isolation and maintainance, and yaml configuration could focus on goal description.
On 2023/04/28 03:25:39 Zhengqiang Duan wrote: > Hi community, > > Currently, ShardingSphere encrypt rule contains many configuration items, > the complete configuration items are as follows. > > rules: > - !ENCRYPT > tables: > <table_name> (+): # Encrypt table name > columns: > <column_name> (+): # Encrypt logic column name > plainColumn (?): # Plain column name > cipherColumn: # Cipher column name > encryptorName: # Cipher encrypt algorithm name > assistedQueryColumn (?): # Assisted query column name > assistedQueryEncryptorName: # Assisted query encrypt algorithm > name > likeQueryColumn (?): # Like query column name > likeQueryEncryptorName: # Like query encrypt algorithm name > queryWithCipherColumn(?): # The current table whether query with > cipher column for data encrypt. > > # Encrypt algorithm configuration > encryptors: > <encrypt_algorithm_name> (+): # Encrypt algorithm name > type: # Encrypt algorithm type > props: # Encrypt algorithm properties > # ... > > queryWithCipherColumn: # Whether query with cipher column for data > encrypt. User you can use plaintext to query if have > Some of configuration items are necessary for encrypt feature, such as: > cipherColumn, encryptorName, assistedQueryColumn, > assistedQueryEncryptorName, likeQueryColumn and likeQueryEncryptorName. > These configuration items allow users to configure encrypt columns and > encrypt algorithms. > > Some other configuration items, such as plainColumn and different levels of > queryWithCipherColumn, have nothing to do with the encrypt feature, but > only to meet the switching of business traffic. Maintaining plainColumn and > different levels of queryWithCipherColumn has brought great challenges to > ShardingSphere, resulting in too complicated SQL rewriting logic. > Currently, encrypt SQL rewriting logic is already very complicated. > > In order to improve the maintainability of the encrypt feature, it is time > to simplify the encrypt configuration and remove plainColumn and > queryWithCipherColumn. The work of switching business traffic is handed > over to users themselves, while ShardingSphere focuses on increasing the > core capabilities of encrypt. > > Everyone is welcome to participate in the discussion and express their > views. Thank you. > > For more details, you can also refer github issue - > https://github.com/apache/shardingsphere/issues/25383. > > Best regards, > Zhengqiang > —————————————————————— > Zhengqiang Duan (duanzhengqi...@apache.org) > Apache ShardingSphere PMC > GitHub@strongduanmu >
