Develop support ram info switch (#12382)

* add new property to support agent situation.

* for checkstyle.

* Upgrade cheery pick ut to junit5.

* add ignored lefthook.yml.

* add ignored lefthook.yml.

.gitignore

@@ -18,3 +18,4 @@ test/logs
 derby.log
 yarn.lock
 .flattened-pom.xml
+lefthook.yml

api/src/main/java/com/alibaba/nacos/api/PropertyKeyConst.java

@@ -95,6 +95,11 @@ public class PropertyKeyConst {
 
     public static final String LOG_ALL_PROPERTIES = "logAllProperties";
 
+    /**
+     * Since 2.3.3, For some situation like java agent using nacos-client which can't use env ram info.
+     */
+    public static final String IS_USE_RAM_INFO_PARSING = "isUseRamInfoParsing";
+
     /**
      * Get the key value of some variable value from the system property.
      */

api/src/main/java/com/alibaba/nacos/api/SystemPropertyKeyConst.java

@@ -46,4 +46,9 @@ public interface SystemPropertyKeyConst {
      * It is also supported by the -D parameter.
      */
     String IS_USE_ENDPOINT_PARSING_RULE = "nacos.use.endpoint.parsing.rule";
+
+    /**
+     * Since 2.3.3, For some situation like java agent using nacos-client which can't use env ram info.
+     */
+    String IS_USE_RAM_INFO_PARSING = "nacos.use.ram.info.parsing";
 }

api/src/main/java/com/alibaba/nacos/api/common/Constants.java

@@ -247,6 +247,11 @@ public class Constants {
 
     public static final String CONFIG_GRAY_LABEL = "nacos.config.gray.label";
 
+    /**
+     * Since 2.3.3, For some situation like java agent using nacos-client which can't use env ram info.
+     */
+    public static final String DEFAULT_USE_RAM_INFO_PARSING = "true";
+
     /**
      * The constants in config directory.
      */

client/src/main/java/com/alibaba/nacos/client/auth/ram/RamClientAuthServiceImpl.java

@@ -22,6 +22,7 @@
 import com.alibaba.nacos.client.auth.ram.injector.AbstractResourceInjector;
 import com.alibaba.nacos.client.auth.ram.injector.ConfigResourceInjector;
 import com.alibaba.nacos.client.auth.ram.injector.NamingResourceInjector;
+import com.alibaba.nacos.client.auth.ram.utils.RamUtil;
 import com.alibaba.nacos.client.auth.ram.utils.SpasAdapter;
 import com.alibaba.nacos.common.utils.StringUtils;
 import com.alibaba.nacos.plugin.auth.api.LoginIdentityContext;
@@ -76,13 +77,11 @@ private void loadRoleName(Properties properties) {
     }
 
     private void loadAccessKey(Properties properties) {
-        String accessKey = properties.getProperty(PropertyKeyConst.ACCESS_KEY);
-        ramContext.setAccessKey(StringUtils.isBlank(accessKey) ? SpasAdapter.getAk() : accessKey);
+        ramContext.setAccessKey(RamUtil.getAccessKey(properties));
     }
 
     private void loadSecretKey(Properties properties) {
-        String secretKey = properties.getProperty(PropertyKeyConst.SECRET_KEY);
-        ramContext.setSecretKey(StringUtils.isBlank(secretKey) ? SpasAdapter.getSk() : secretKey);
+        ramContext.setSecretKey(RamUtil.getSecretKey(properties));
     }
 
     private void loadRegionId(Properties properties) {

client/src/main/java/com/alibaba/nacos/client/auth/ram/utils/RamUtil.java

@@ -0,0 +1,58 @@
+/*
+ * Copyright 1999-2023 Alibaba Group Holding Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.alibaba.nacos.client.auth.ram.utils;
+
+import com.alibaba.nacos.api.PropertyKeyConst;
+import com.alibaba.nacos.api.SystemPropertyKeyConst;
+import com.alibaba.nacos.api.common.Constants;
+import com.alibaba.nacos.common.utils.StringUtils;
+
+import java.util.Properties;
+
+/**
+ * Util to get ram info, such as AK, SK and RAM role.
+ *
+ * @author xiweng.yy
+ */
+public class RamUtil {
+
+    public static String getAccessKey(Properties properties) {
+        boolean isUseRamInfoParsing = Boolean.parseBoolean(properties
+                .getProperty(PropertyKeyConst.IS_USE_RAM_INFO_PARSING,
+                        System.getProperty(SystemPropertyKeyConst.IS_USE_RAM_INFO_PARSING,
+                                Constants.DEFAULT_USE_RAM_INFO_PARSING)));
+
+        String result = properties.getProperty(PropertyKeyConst.ACCESS_KEY);
+        if (isUseRamInfoParsing && StringUtils.isBlank(result)) {
+            result = SpasAdapter.getAk();
+        }
+        return result;
+    }
+
+    public static String getSecretKey(Properties properties) {
+        boolean isUseRamInfoParsing = Boolean.parseBoolean(properties
+                .getProperty(PropertyKeyConst.IS_USE_RAM_INFO_PARSING,
+                        System.getProperty(SystemPropertyKeyConst.IS_USE_RAM_INFO_PARSING,
+                                Constants.DEFAULT_USE_RAM_INFO_PARSING)));
+
+        String result = properties.getProperty(PropertyKeyConst.SECRET_KEY);
+        if (isUseRamInfoParsing && StringUtils.isBlank(result)) {
+            result = SpasAdapter.getSk();
+        }
+        return result;
+    }
+}

client/src/test/java/com/alibaba/nacos/client/auth/ram/utils/RamUtilTest.java

@@ -0,0 +1,69 @@
+/*
+ * Copyright 1999-2023 Alibaba Group Holding Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.alibaba.nacos.client.auth.ram.utils;
+
+import com.alibaba.nacos.api.PropertyKeyConst;
+import com.alibaba.nacos.client.auth.ram.identify.CredentialService;
+import com.alibaba.nacos.client.auth.ram.identify.Credentials;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import java.util.Properties;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+
+public class RamUtilTest {
+
+    private Properties properties;
+
+    @BeforeEach
+    public void setUp() throws Exception {
+        SpasAdapter.freeCredentialInstance();
+        Credentials credentials = new Credentials("spasAk", "spasSk", "spasNamespaceId");
+        CredentialService.getInstance().setStaticCredential(credentials);
+        properties = new Properties();
+        properties.setProperty(PropertyKeyConst.ACCESS_KEY, "userAk");
+        properties.setProperty(PropertyKeyConst.SECRET_KEY, "userSk");
+    }
+
+    @AfterEach
+    public void tearDown() throws Exception {
+        SpasAdapter.freeCredentialInstance();
+    }
+
+    @Test
+    public void testGetAccessKeyWithUserAkSk() {
+        assertEquals("userAk", RamUtil.getAccessKey(properties));
+        assertEquals("userSk", RamUtil.getSecretKey(properties));
+    }
+
+    @Test
+    public void testGetAccessKeyWithSpasAkSk() {
+        assertEquals("spasAk", RamUtil.getAccessKey(new Properties()));
+        assertEquals("spasSk", RamUtil.getSecretKey(new Properties()));
+    }
+
+    @Test
+    public void testGetAccessKeyWithoutSpasAkSk() {
+        Properties properties1 = new Properties();
+        properties1.setProperty(PropertyKeyConst.IS_USE_RAM_INFO_PARSING, "false");
+        assertNull(RamUtil.getAccessKey(properties1));
+        assertNull(RamUtil.getSecretKey(properties1));
+    }
+}

pom.xml

@@ -361,6 +361,7 @@
                         <exclude>**/filter-config.json</exclude>
                         <exclude>**/disk_cache_test/**</exclude>
                         <exclude>**/failover_test/**</exclude>
+                        <exclude>lefthook.yml</exclude>
                     </excludes>
                 </configuration>
                 <executions>