in src/main/java/com/google/cloud/solutions/autotokenize/pipeline/EncryptionPipeline.java [223:254]
private static EncryptionPipelineOptions checkValid(EncryptionPipelineOptions options) {
checkArgument(
(options.getTokenizeColumns() != null && !options.getTokenizeColumns().isEmpty())
|| options.getDlpEncryptConfigJson() != null,
"No columns to tokenize");
checkArgument(
isNotBlank(options.getOutputDirectory()) || isNotBlank(options.getOutputBigQueryTable()),
"No output defined.%nProvide a GCS or BigQuery output");
boolean isEncryption =
(isNotBlank(options.getMainKmsKeyUri())
&& isNotBlank(options.getTinkEncryptionKeySetJson()))
|| (isNotBlank(options.getKeyMaterial()));
boolean isDlpDeid = isNotBlank(options.getDlpEncryptConfigJson());
checkArgument(
logicalXor(isEncryption, isDlpDeid),
"Provide one of Tink & KMS key or DlpDeidentifyConfig.\nFound both or none.");
if (isDlpDeid) {
// Validate DeidConfig is valid
DlpEncryptConfig encryptConfig =
JsonConvertor.parseJson(options.getDlpEncryptConfigJson(), DlpEncryptConfig.class);
checkArgument(
!DeidentifyColumns.columnNamesIn(encryptConfig).isEmpty(),
"DlpEncrypt config does not contain any tokenize columns.");
}
return options;
}