🐛Destination-dynamodb: enforce ssl connection

[etsybaev]

What

Users are able to use a non-secure connection

How

Updated check method to enforce SSL connection.

🚨 User Impact 🚨

No breaking changes expected

Pre-merge Checklist

Expand the relevant checklist and delete the others.

New Connector

Community member or Airbyter

• Community member? Grant edit access to maintainers (instructions)
• Secrets in the connector's spec are annotated with airbyte_secret
• Unit & integration tests added and passing. Community members, please provide proof of success locally e.g: screenshot or copy-paste unit, integration, and acceptance test output. To run acceptance tests for a Python connector, follow instructions in the README. For java connectors run ./gradlew :airbyte-integrations:connectors:<name>:integrationTest.
• Code reviews completed
• Documentation updated
  • Connector's README.md
  • Connector's bootstrap.md. See description and examples
  • docs/integrations/<source or destination>/<name>.md including changelog. See changelog example
  • docs/integrations/README.md
  • airbyte-integrations/builds.md
• PR name follows PR naming conventions

Airbyter

If this is a community PR, the Airbyte engineer reviewing this PR is responsible for the below items.

• Create a non-forked branch based on this PR and test the below items on it
• Build is successful
• If new credentials are required for use in CI, add them to GSM. Instructions.
• /test connector=connectors/<name> command is passing
• New Connector version released on Dockerhub by running the /publish command described here
• After the connector is published, connector added to connector index as described here
• Seed specs have been re-generated by building the platform and committing the changes to the seed spec files, as described here

Updating a connector

Community member or Airbyter

• Grant edit access to maintainers (instructions)
• Secrets in the connector's spec are annotated with airbyte_secret
• Unit & integration tests added and passing. Community members, please provide proof of success locally e.g: screenshot or copy-paste unit, integration, and acceptance test output. To run acceptance tests for a Python connector, follow instructions in the README. For java connectors run ./gradlew :airbyte-integrations:connectors:<name>:integrationTest.
• Code reviews completed
• Documentation updated
  • Connector's README.md
  • Connector's bootstrap.md. See description and examples
  • Changelog updated in docs/integrations/<source or destination>/<name>.md including changelog. See changelog example
• PR name follows PR naming conventions

Airbyter

If this is a community PR, the Airbyte engineer reviewing this PR is responsible for the below items.

• Create a non-forked branch based on this PR and test the below items on it
• Build is successful
• If new credentials are required for use in CI, add them to GSM. Instructions.
• /test connector=connectors/<name> command is passing
• New Connector version released on Dockerhub and connector version bumped by running the /publish command described here

Connector Generator

• Issue acceptance criteria met
• PR name follows PR naming conventions
• If adding a new generator, add it to the list of scaffold modules being tested
• The generator test modules (all connectors with -scaffold in their name) have been updated with the latest scaffold by running ./gradlew :airbyte-integrations:connector-templates:generator:testScaffoldTemplates then checking in your changes
• Documentation which references the generator is updated as needed

Tests

Unit

Put your unit tests output here.

Integration

Put your integration tests output here.

Acceptance

Put your acceptance tests output here.

[github-actions]

NOTE ⚠️ Changes in this PR affect the following connectors. Make sure to run corresponding integration tests:

• destination-dynamodb

[etsybaev]

/test connector=connectors/destination-dynamodb

🕑 connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/3356926115
✅ connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/3356926115
No Python unittests run

Build Passed

Test summary info:

All Passed

[github-actions]

NOTE ⚠️ Changes in this PR affect the following connectors. Make sure to run corresponding integration tests:

• destination-dynamodb

[etsybaev]

/test connector=connectors/destination-dynamodb

🕑 connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/3370301467
✅ connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/3370301467
No Python unittests run

Build Passed

Test summary info:

All Passed

[suhomud]

LGTM

[github-actions]

Affected Connector Report

NOTE ⚠️ Changes in this PR affect the following connectors. Make sure to do the following as needed:

• Run integration tests
• Bump connector version
• Add changelog
• Publish the new version

✅ Sources (0)

Connector	Version	Changelog	Publish

• See "Actionable Items" below for how to resolve warnings and errors.

✅ Destinations (1)

Connector	Version	Changelog	Publish
destination-dynamodb	0.1.7	✅	✅

• See "Actionable Items" below for how to resolve warnings and errors.

Actionable Items

(click to expand)

Category	Status	Actionable Item
Version	❌ mismatch	The version of the connector is different from its normal variant. Please bump the version of the connector.
	⚠ doc not found	The connector does not seem to have a documentation file. This can be normal (e.g. basic connector like source-jdbc is not published or documented). Please double-check to make sure that it is not a bug.
Changelog	⚠ doc not found	The connector does not seem to have a documentation file. This can be normal (e.g. basic connector like source-jdbc is not published or documented). Please double-check to make sure that it is not a bug.
	❌ changelog missing	There is no chnagelog for the current version of the connector. If you are the author of the current version, please add a changelog.
Publish	⚠ not in seed	The connector is not in the seed file (e.g. source_definitions.yaml), so its publication status cannot be checked. This can be normal (e.g. some connectors are cloud-specific, and only listed in the cloud seed file). Please double-check to make sure that it is not a bug.
	❌ diff seed version	The connector exists in the seed file, but the latest version is not listed there. This usually means that the latest version is not published. Please use the /publish command to publish the latest version.

[etsybaev]

[etsybaev]

/publish connector=connectors/destination-dynamodb

🕑 Publishing the following connectors:
connectors/destination-dynamodb
https://github.com/airbytehq/airbyte/actions/runs/3372319361

Connector	Did it publish?	Were definitions generated?
connectors/destination-dynamodb	✅	✅

if you have connectors that successfully published but failed definition generation, follow step 4 here ▶️

[grishick]

If I am reading the code correctly, this change will always enforce HTTPS for DynamoDB. However, we only need this to happen in Airbyte Cloud and we want to continue allowing non-SSL connections in Open Source. @ryankfu could you walk @etsybaev through how to introduce strict encrypt variant to an existing destination connector w/o creating a new image and how to add the check only in Airbyte Cloud scope (what you did for destination-S3)?

[ryankfu]

Hi @etsybaev, in case you weren't aware there's a PR that captures a very similar change here. Basically the main pieces that would help to separate this functionality so that it only affects cloud is to:

• create a new DynamoDestinationRunner and DynamoDestinationStrictEncrypt in the same package as DynamoDestination
• update dynamo destination's build.gradle to point to the DynamoDestinationRunner

If you have any questions regarding the work, let's set up a quick 1:1 to knowledge share. For most context the Runner class will act similar to a case scenario where it will run a different class based on the environment variable

Also note that you'd probably want to create a new StrictEncryptTest so that it only tests for this behavior in an isolated manner

[ryankfu]

minor code reusability changes but overall looks good

[ryankfu]

nit: type for fails

[etsybaev]

Updated, thanks

[ryankfu]

How come you've commented out the prettier() method? presume this is simply pretty printing but regardless doesn't seem relevant to this PR

[etsybaev]

Accidentally committed. Already rolled back.
How this could come? There was a version bumping change in check-style some time ago. Since then some linux users started seeing issues with importing and refreshing project in IntellijIdea but still works when executing build from console. I raised that issue but it seems like the author was busy with other tasks and wasn't going to switch back to his changes. I tried to check it in my free time and found that the issue comes from "prettier" and then stuck. Also found a few similar issues raised on the internet but without answers. So since then every time I have to comment it while working with code and then uncomment from time to time to run "./gradlew --no-daemon format --scan" command to format code and then comment it back.
Here is what the issue looks like for me in IntellijIdea when I refresh gradle project with uncommented Prettier

[ryankfu]

Overall looks good, there's a minor nit and a question regarding a prettier() method getting commented out in build.gradle

[etsybaev]

/test connector=connectors/destination-dynamodb

🕑 connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/3384239320
✅ connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/3384239320
No Python unittests run

Build Passed

Test summary info:

All Passed

[grishick]

@etsybaev now that you've made the changes to enforce SSL only in Cloud you also need to bump the version again and publish the newer version before merging

[grishick]

Approved assuming you'll bump the connector version and publish ;)

[etsybaev]

/test connector=connectors/destination-dynamodb

🕑 connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/3388504702
✅ connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/3388504702
No Python unittests run

Build Passed

Test summary info:

All Passed

[etsybaev]

[etsybaev]

/publish connector=connectors/destination-dynamodb

🕑 Publishing the following connectors:
connectors/destination-dynamodb
https://github.com/airbytehq/airbyte/actions/runs/3388820224

Connector	Did it publish?	Were definitions generated?
connectors/destination-dynamodb	✅	✅

if you have connectors that successfully published but failed definition generation, follow step 4 here ▶️