in encryption/src/main/java/org/apache/solr/encryption/EncryptionRequestHandler.java [513:547]
private void encryptAsync(SolrQueryRequest req) {
log.debug("Submitting async encryption");
executor.submit(() -> {
try {
EncryptionUpdateLog updateLog = getEncryptionUpdateLog(req.getCore());
if (updateLog != null) {
log.debug("Encrypting update log");
long startTimeNs = getTimeSource().getTimeNs();
boolean logEncryptionComplete = updateLog.encryptLogs();
log.info("{} encrypted the update log in {} ms",
logEncryptionComplete ? "Successfully" : "Partially", toMs(elapsedTimeNs(startTimeNs)));
// If the logs encryption is not complete, it means some logs are currently in use.
// The encryption will be automatically be retried after the next commit which should
// release the old transaction log and make it ready for encryption.
}
log.debug("Triggering index encryption");
long startTimeNs = getTimeSource().getTimeNs();
CommitUpdateCommand commitCmd = new CommitUpdateCommand(req, true);
// Trigger EncryptionMergePolicy.findForcedMerges() to re-encrypt
// each segment which is not encrypted with the latest active key id.
commitCmd.maxOptimizeSegments = Integer.MAX_VALUE;
req.getCore().getUpdateHandler().commit(commitCmd);
log.info("Successfully triggered index encryption with commit in {} ms", toMs(elapsedTimeNs(startTimeNs)));
} catch (IOException e) {
log.error("Exception while encrypting the index", e);
} finally {
synchronized (pendingEncryptionLock) {
pendingEncryptions.remove(req.getCore().getName());
}
}
return null;
});
}