fix: provide fallback partition for single partition context runtimes (#5396)

ndr-brt · web-flow · commit b8324eb94979 · 2025-12-09T10:39:27.000+01:00
diff --git a/core/common/boot/build.gradle.kts b/core/common/boot/build.gradle.kts
@@ -19,6 +19,7 @@ plugins {
 
 dependencies {
     api(project(":spi:common:boot-spi"))
+    api(project(":spi:common:participant-context-single-spi"))
 
     implementation(project(":core:common:lib:boot-lib"))
 
diff --git a/core/common/boot/src/main/java/org/eclipse/edc/boot/BootServicesExtension.java b/core/common/boot/src/main/java/org/eclipse/edc/boot/BootServicesExtension.java
@@ -18,7 +18,9 @@
 import org.eclipse.edc.boot.health.HealthCheckServiceImpl;
 import org.eclipse.edc.boot.system.ExtensionLoader;
 import org.eclipse.edc.boot.vault.InMemoryVault;
+import org.eclipse.edc.participantcontext.single.spi.SingleParticipantContextSupplier;
 import org.eclipse.edc.runtime.metamodel.annotation.Extension;
+import org.eclipse.edc.runtime.metamodel.annotation.Inject;
 import org.eclipse.edc.runtime.metamodel.annotation.Provider;
 import org.eclipse.edc.runtime.metamodel.annotation.Setting;
 import org.eclipse.edc.spi.security.Vault;
@@ -43,6 +45,9 @@ public class BootServicesExtension implements ServiceExtension {
     @Setting(description = "Configures this component's ID. This should be a unique, stable and deterministic identifier.", defaultValue = "<random UUID>")
     public static final String COMPONENT_ID = "edc.component.id";
 
+    @Inject(required = false)
+    private SingleParticipantContextSupplier singleParticipantContextSupplier;
+
     private HealthCheckServiceImpl healthCheckService;
 
     @Override
@@ -55,7 +60,6 @@ public void initialize(ServiceExtensionContext context) {
         healthCheckService = new HealthCheckServiceImpl();
     }
 
-
     @Provider
     public Clock clock() {
         return Clock.systemUTC();
@@ -84,7 +88,7 @@ public ExecutorInstrumentation defaultInstrumentation() {
     @Provider(isDefault = true)
     public Vault createInmemVault(ServiceExtensionContext context) {
         context.getMonitor().warning("Using the InMemoryVault is not suitable for production scenarios and should be replaced with an actual Vault!");
-        return new InMemoryVault(context.getMonitor());
+        return new InMemoryVault(context.getMonitor(), singleParticipantContextSupplier);
     }
 
     @Provider
diff --git a/core/common/edr-store-core/src/test/java/org/eclipse/edc/edr/store/EndpointDataReferenceStoreImplTest.java b/core/common/edr-store-core/src/test/java/org/eclipse/edc/edr/store/EndpointDataReferenceStoreImplTest.java
@@ -28,7 +28,7 @@
 public class EndpointDataReferenceStoreImplTest extends EndpointDataReferenceStoreTestBase {
 
     private final InMemoryEndpointDataReferenceEntryIndex store = new InMemoryEndpointDataReferenceEntryIndex(CriterionOperatorRegistryImpl.ofDefaults());
-    private final VaultEndpointDataReferenceCache cache = new VaultEndpointDataReferenceCache(new InMemoryVault(mock()), "", new ObjectMapper());
+    private final VaultEndpointDataReferenceCache cache = new VaultEndpointDataReferenceCache(new InMemoryVault(mock(), null), "", new ObjectMapper());
     private final EndpointDataReferenceStoreImpl endpointDataReferenceService = new EndpointDataReferenceStoreImpl(store, cache, new NoopTransactionContext());
 
     @Override
diff --git a/core/common/edr-store-core/src/test/java/org/eclipse/edc/edr/store/defaults/VaultEndpointDataReferenceCacheTest.java b/core/common/edr-store-core/src/test/java/org/eclipse/edc/edr/store/defaults/VaultEndpointDataReferenceCacheTest.java
@@ -23,7 +23,7 @@
 
 public class VaultEndpointDataReferenceCacheTest extends EndpointDataReferenceCacheTestBase {
 
-    private final VaultEndpointDataReferenceCache cache = new VaultEndpointDataReferenceCache(new InMemoryVault(mock()), "", new ObjectMapper());
+    private final VaultEndpointDataReferenceCache cache = new VaultEndpointDataReferenceCache(new InMemoryVault(mock(), null), "", new ObjectMapper());
 
     @Override
     protected EndpointDataReferenceCache getCache() {
diff --git a/core/common/lib/boot-lib/build.gradle.kts b/core/common/lib/boot-lib/build.gradle.kts
@@ -19,8 +19,8 @@ plugins {
 }
 
 dependencies {
-
     api(project(":spi:common:boot-spi"))
+    api(project(":spi:common:connector-participant-context-spi"))
 
     testImplementation(libs.awaitility)
 }
diff --git a/core/common/lib/boot-lib/src/main/java/org/eclipse/edc/boot/vault/InMemoryVault.java b/core/common/lib/boot-lib/src/main/java/org/eclipse/edc/boot/vault/InMemoryVault.java
@@ -14,43 +14,51 @@
 
 package org.eclipse.edc.boot.vault;
 
+import org.eclipse.edc.participantcontext.spi.service.ParticipantContextSupplier;
+import org.eclipse.edc.participantcontext.spi.types.ParticipantContext;
 import org.eclipse.edc.spi.monitor.Monitor;
 import org.eclipse.edc.spi.result.Result;
+import org.eclipse.edc.spi.result.ServiceResult;
 import org.eclipse.edc.spi.security.Vault;
+import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 
 import java.util.Map;
+import java.util.Optional;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.function.Supplier;
 
 import static java.util.Optional.ofNullable;
 
 public class InMemoryVault implements Vault {
     private static final String DEFAULT_PARTITION = "default";
     private final Map<String, Map<String, String>> secrets = new ConcurrentHashMap<>();
     private final Monitor monitor;
+    private final ParticipantContextSupplier participantContextSupplier;
 
-    public InMemoryVault(Monitor monitor) {
+    public InMemoryVault(Monitor monitor, ParticipantContextSupplier participantContextSupplier) {
         this.monitor = monitor;
+        this.participantContextSupplier = participantContextSupplier;
     }
 
     @Override
     public @Nullable String resolveSecret(String key) {
-        return resolveSecret(DEFAULT_PARTITION, key);
+        return resolveSecret(getPartition(), key);
     }
 
     @Override
     public Result<Void> storeSecret(String key, String value) {
-        return storeSecret(DEFAULT_PARTITION, key, value);
+        return storeSecret(getPartition(), key, value);
     }
 
     @Override
     public Result<Void> deleteSecret(String key) {
-        return deleteSecret(DEFAULT_PARTITION, key);
+        return deleteSecret(getPartition(), key);
     }
 
     @Override
     public @Nullable String resolveSecret(String vaultPartition, String s) {
-        vaultPartition = ofNullable(vaultPartition).orElse(DEFAULT_PARTITION);
+        vaultPartition = ofNullable(vaultPartition).orElse(getPartition());
 
         monitor.debug("Resolving secret " + s);
         if (s == null) {
@@ -62,7 +70,7 @@ public Result<Void> deleteSecret(String key) {
 
     @Override
     public Result<Void> storeSecret(String vaultPartition, String s, String s1) {
-        vaultPartition = ofNullable(vaultPartition).orElse(DEFAULT_PARTITION);
+        vaultPartition = ofNullable(vaultPartition).orElse(getPartition());
         monitor.debug("Storing secret " + s);
 
         var partition = secrets.computeIfAbsent(vaultPartition, k -> new ConcurrentHashMap<>());
@@ -72,7 +80,7 @@ public Result<Void> storeSecret(String vaultPartition, String s, String s1) {
 
     @Override
     public Result<Void> deleteSecret(String vaultPartition, String s) {
-        vaultPartition = ofNullable(vaultPartition).orElse(DEFAULT_PARTITION);
+        vaultPartition = ofNullable(vaultPartition).orElse(getPartition());
         monitor.debug("Deleting secret " + s);
 
         var result = ofNullable(secrets.get(vaultPartition)).map(map -> map.remove(s)).orElse(null);
@@ -81,4 +89,10 @@ public Result<Void> deleteSecret(String vaultPartition, String s) {
                 Result.failure("Secret with key " + s + " does not exist") :
                 Result.success();
     }
+
+    private @NotNull String getPartition() {
+        return Optional.ofNullable(participantContextSupplier)
+                .map(Supplier::get).filter(ServiceResult::succeeded).map(ServiceResult::getContent)
+                .map(ParticipantContext::getParticipantContextId).orElse(DEFAULT_PARTITION);
+    }
 }
diff --git a/core/common/lib/boot-lib/src/test/java/org/eclipse/edc/boot/vault/InMemoryVaultTest.java b/core/common/lib/boot-lib/src/test/java/org/eclipse/edc/boot/vault/InMemoryVaultTest.java
@@ -14,72 +14,109 @@
 
 package org.eclipse.edc.boot.vault;
 
+import org.eclipse.edc.participantcontext.spi.service.ParticipantContextSupplier;
+import org.eclipse.edc.participantcontext.spi.types.ParticipantContext;
 import org.eclipse.edc.spi.monitor.Monitor;
-import org.junit.jupiter.api.BeforeEach;
+import org.eclipse.edc.spi.result.ServiceResult;
+import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
 
 class InMemoryVaultTest {
 
-    private InMemoryVault vault;
+    @Nested
+    class NoParticipantContextSupplier {
+        private final InMemoryVault vault = new InMemoryVault(mock(Monitor.class), null);
 
-    @BeforeEach
-    void setUp() {
-        vault = new InMemoryVault(mock(Monitor.class));
-    }
+        @Test
+        void resolveSecret() {
+            assertThat(vault.resolveSecret("key")).isNull();
+            vault.storeSecret("key", "secret");
+            assertThat(vault.resolveSecret("key")).isEqualTo("secret");
+        }
 
-    @Test
-    void resolveSecret() {
-        assertThat(vault.resolveSecret("key")).isNull();
-        vault.storeSecret("key", "secret");
-        assertThat(vault.resolveSecret("key")).isEqualTo("secret");
-    }
+        @Test
+        void resolveSecret_partitioned() {
+            assertThat(vault.resolveSecret("key")).isNull();
+            vault.storeSecret("partition", "key", "secret");
+            assertThat(vault.resolveSecret("partition", "key")).isEqualTo("secret");
+            assertThat(vault.resolveSecret("another", "key")).isNull();
+        }
 
-    @Test
-    void resolveSecret_partitioned() {
-        assertThat(vault.resolveSecret("key")).isNull();
-        vault.storeSecret("partition", "key", "secret");
-        assertThat(vault.resolveSecret("partition", "key")).isEqualTo("secret");
-        assertThat(vault.resolveSecret("another", "key")).isNull();
-    }
+        @Test
+        void storeSecret() {
+            assertThat(vault.storeSecret("key", "value1").succeeded()).isTrue();
+            assertThat(vault.resolveSecret("key")).isEqualTo("value1");
+            assertThat(vault.storeSecret("key", "value2").succeeded()).isTrue();
+            assertThat(vault.resolveSecret("key")).isEqualTo("value2");
+        }
 
-    @Test
-    void storeSecret() {
-        assertThat(vault.storeSecret("key", "value1").succeeded()).isTrue();
-        assertThat(vault.resolveSecret("key")).isEqualTo("value1");
-        assertThat(vault.storeSecret("key", "value2").succeeded()).isTrue();
-        assertThat(vault.resolveSecret("key")).isEqualTo("value2");
-    }
+        @Test
+        void storeSecret_partitioned() {
+            assertThat(vault.storeSecret("partition", "key", "value1").succeeded()).isTrue();
+            assertThat(vault.resolveSecret("partition", "key")).isEqualTo("value1");
+            assertThat(vault.storeSecret("partition", "key", "value2").succeeded()).isTrue();
+            assertThat(vault.resolveSecret("partition", "key")).isEqualTo("value2");
 
-    @Test
-    void storeSecret_partitioned() {
-        assertThat(vault.storeSecret("partition", "key", "value1").succeeded()).isTrue();
-        assertThat(vault.resolveSecret("partition", "key")).isEqualTo("value1");
-        assertThat(vault.storeSecret("partition", "key", "value2").succeeded()).isTrue();
-        assertThat(vault.resolveSecret("partition", "key")).isEqualTo("value2");
+            assertThat(vault.storeSecret("partition", "key", "value2").succeeded()).isTrue();
+        }
 
-        assertThat(vault.storeSecret("partition", "key", "value2").succeeded()).isTrue();
-    }
+        @Test
+        void deleteSecret() {
+            assertThat(vault.deleteSecret("key").succeeded()).isFalse();
+            assertThat(vault.storeSecret("key", "value1").succeeded()).isTrue();
+            assertThat(vault.deleteSecret("key").succeeded()).isTrue();
+            assertThat(vault.resolveSecret("key")).isNull();
+
+        }
 
-    @Test
-    void deleteSecret() {
-        assertThat(vault.deleteSecret("key").succeeded()).isFalse();
-        assertThat(vault.storeSecret("key", "value1").succeeded()).isTrue();
-        assertThat(vault.deleteSecret("key").succeeded()).isTrue();
-        assertThat(vault.resolveSecret("key")).isNull();
+        @Test
+        void deleteSecret_partitioned() {
+            assertThat(vault.deleteSecret("partition", "key").succeeded()).isFalse();
+            assertThat(vault.storeSecret("partition", "key", "value1").succeeded()).isTrue();
+            assertThat(vault.deleteSecret("partition", "key").succeeded()).isTrue();
+            assertThat(vault.resolveSecret("partition", "key")).isNull();
 
+            assertThat(vault.storeSecret("partition", "key", "value1").succeeded()).isTrue();
+            assertThat(vault.deleteSecret("another", "key").succeeded()).isFalse();
+        }
     }
 
-    @Test
-    void deleteSecret_partitioned() {
-        assertThat(vault.deleteSecret("partition", "key").succeeded()).isFalse();
-        assertThat(vault.storeSecret("partition", "key", "value1").succeeded()).isTrue();
-        assertThat(vault.deleteSecret("partition", "key").succeeded()).isTrue();
-        assertThat(vault.resolveSecret("partition", "key")).isNull();
+    @Nested
+    class WithParticipantContextSupplier {
+        private final ParticipantContextSupplier participantContextSupplier = () -> ServiceResult.success(
+                ParticipantContext.Builder.newInstance().participantContextId("participantContextId").identity("identity").build()
+        );
+        private final InMemoryVault vault = new InMemoryVault(mock(Monitor.class), participantContextSupplier);
+
+        @Test
+        void shouldResolveFromParticipantContextIdPartition() {
+            vault.storeSecret("participantContextId", "key", "secret");
 
-        assertThat(vault.storeSecret("partition", "key", "value1").succeeded()).isTrue();
-        assertThat(vault.deleteSecret("another", "key").succeeded()).isFalse();
+            var resolved = vault.resolveSecret("key");
+
+            assertThat(resolved).isEqualTo("secret");
+        }
+
+        @Test
+        void shouldStoreOnTheParticipantContextIdPartition() {
+            vault.storeSecret("key", "secret");
+
+            var resolved = vault.resolveSecret("participantContextId", "key");
+            assertThat(resolved).isEqualTo("secret");
+        }
+
+        @Test
+        void shouldDeleteFromTheParticipantContextIdPartition() {
+            vault.storeSecret("participantContextId", "key", "secret");
+
+            var result = vault.deleteSecret("key");
+
+            assertThat(result.succeeded());
+            assertThat(vault.resolveSecret("participantContextId", "key")).isNull();
+        }
     }
-}
+
+}
diff --git a/extensions/common/sql/sql-pool/sql-pool-apache-commons/src/test/java/org/eclipse/edc/sql/pool/commons/CommonsConnectionPoolServiceExtensionTest.java b/extensions/common/sql/sql-pool/sql-pool-apache-commons/src/test/java/org/eclipse/edc/sql/pool/commons/CommonsConnectionPoolServiceExtensionTest.java
@@ -65,7 +65,7 @@ class CommonsConnectionPoolServiceExtensionTest {
     @BeforeEach
     void setUp(ServiceExtensionContext context) {
         context.registerService(DataSourceRegistry.class, dataSourceRegistry);
-        context.registerService(Vault.class, new InMemoryVault(mock()));
+        context.registerService(Vault.class, new InMemoryVault(mock(), null));
         context.registerService(ConnectionFactory.class, connectionFactory);
     }
 

Original file line number	Diff line number	Diff line change
`@@ -19,8 +19,8 @@ plugins {`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`dependencies {`
`22`		`-`
`23`	`22`	`api(project(":spi:common:boot-spi"))`
	`23`	`+ api(project(":spi:common:connector-participant-context-spi"))`
`24`	`24`
`25`	`25`	`testImplementation(libs.awaitility)`
`26`	`26`	`}`
Original file line number	Diff line number	Diff line change
`@@ -65,7 +65,7 @@ class CommonsConnectionPoolServiceExtensionTest {`
`65`	`65`	`@BeforeEach`
`66`	`66`	`void setUp(ServiceExtensionContext context) {`
`67`	`67`	`context.registerService(DataSourceRegistry.class, dataSourceRegistry);`
`68`		`- context.registerService(Vault.class, new InMemoryVault(mock()));`
	`68`	`+ context.registerService(Vault.class, new InMemoryVault(mock(), null));`
`69`	`69`	`context.registerService(ConnectionFactory.class, connectionFactory);`
`70`	`70`	`}`
`71`	`71`