PT-1530 Add support for encryption status to mysql-summary

Changelog

@@ -2,6 +2,7 @@ Changelog for Percona Toolkit
 
 v3.0.9 
 
+ * Feature     PT-1530 : Add support for encryption status to mysql-summary
  * Feature     PT-1526 : Add ndb status to pt-mysql-summary (Thanks Fernando Ipar)
  * Feature     PT-1525 : Added support for MySQL 8 roles into pt-mysql-summary
  * Feature     PT-1509 : Only set binlog_format when necessary (Thanks Moritz Lenz)

bin/pt-mysql-summary

@@ -1177,6 +1177,15 @@ get_plugin_status () {
    echo ${status:-"Not found"}
 }
 
+collect_keyring_plugins() {
+    $CMD_MYSQL $EXT_ARGV --table -ss -e 'SELECT PLUGIN_NAME, PLUGIN_STATUS FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME LIKE "keyring%";'
+}
+
+collect_encrypted_tables() {
+    $CMD_MYSQL $EXT_ARGV --table -ss -e "SELECT TABLE_SCHEMA, TABLE_NAME, CREATE_OPTIONS FROM INFORMATION_SCHEMA.TABLES WHERE CREATE_OPTIONS LIKE '%ENCRYPTION=\"Y\"%';"
+}
+
+
 
 _NO_FALSE_NEGATIVES=""
 parse_mysqld_instances () {
@@ -1598,6 +1607,29 @@ format_ndb_status() {
    egrep '^[ \t]*Name:|[ \t]*Status:' $file|sed 's/^[ \t]*//g'|while read line; do echo $line; echo $line | grep '^Status:'>/dev/null && echo ; done
 }
 
+format_keyring_plugins() {
+    local keyring_plugins="$1"
+    local encrypted_tables="$2"
+
+    if [ -z "$keyring_plugins" ]; then 
+        echo "No keyring plugins found"
+        if [ ! -z "$encrypted_tables" ]; then
+            echo "Warning! There are encrypted tables but keyring plugins are not loaded"
+        fi
+     else
+        echo "Keyring plugins:"
+        echo "'$keyring_plugins'"
+    fi
+}
+
+format_encrypted_tables() {
+   local encrypted_tables="$1"
+   if [ ! -z "$encrypted_tables" ]; then
+       echo "Encrypted tables:"
+       echo "$encrypted_tables"
+   fi
+}
+
 format_mysql_roles() {
    local file=$1
    [ -e "$file" ] || return
@@ -2475,6 +2507,13 @@ report_mysql_summary () {
        format_mysql_roles "$dir/mysql-roles"
    fi
 
+   section "Encryption"
+   local keyring_plugins="$(collect_keyring_plugins)"
+   local encrypted_tables="$(collect_encrypted_tables)"
+
+   format_keyring_plugins "$keyring_plugins" "$encrypted_tables"
+   format_encrypted_tables "$encrypted_tables"
+
    section "Binary Logging"
 
    if    [ -s "$dir/mysql-master-logs" ] \

lib/bash/report_mysql_info.sh

@@ -107,6 +107,15 @@ get_plugin_status () {
    echo ${status:-"Not found"}
 }
 
+collect_keyring_plugins() {
+    $CMD_MYSQL $EXT_ARGV --table -ss -e 'SELECT PLUGIN_NAME, PLUGIN_STATUS FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME LIKE "keyring%";'
+}
+
+collect_encrypted_tables() {
+    $CMD_MYSQL $EXT_ARGV --table -ss -e "SELECT TABLE_SCHEMA, TABLE_NAME, CREATE_OPTIONS FROM INFORMATION_SCHEMA.TABLES WHERE CREATE_OPTIONS LIKE '%ENCRYPTION=\"Y\"%';"
+}
+
+
 # ##############################################################################
 # Functions for parsing specific files and getting desired info from them.
 # These are called from within main() and are separated so they can be tested
@@ -565,6 +574,29 @@ format_ndb_status() {
    egrep '^[ \t]*Name:|[ \t]*Status:' $file|sed 's/^[ \t]*//g'|while read line; do echo $line; echo $line | grep '^Status:'>/dev/null && echo ; done
 }
 
+format_keyring_plugins() {
+    local keyring_plugins="$1"
+    local encrypted_tables="$2"
+
+    if [ -z "$keyring_plugins" ]; then 
+        echo "No keyring plugins found"
+        if [ ! -z "$encrypted_tables" ]; then
+            echo "Warning! There are encrypted tables but keyring plugins are not loaded"
+        fi
+     else
+        echo "Keyring plugins:"
+        echo "'$keyring_plugins'"
+    fi
+}
+
+format_encrypted_tables() {
+   local encrypted_tables="$1"
+   if [ ! -z "$encrypted_tables" ]; then
+       echo "Encrypted tables:"
+       echo "$encrypted_tables"
+   fi
+}
+
 format_mysql_roles() {
    local file=$1
    [ -e "$file" ] || return
@@ -1533,6 +1565,13 @@ report_mysql_summary () {
        format_mysql_roles "$dir/mysql-roles"
    fi
 
+   section "Encryption"
+   local keyring_plugins="$(collect_keyring_plugins)"
+   local encrypted_tables="$(collect_encrypted_tables)"
+
+   format_keyring_plugins "$keyring_plugins" "$encrypted_tables"
+   format_encrypted_tables "$encrypted_tables"
+
    # ########################################################################
    # Binary Logging
    # ########################################################################

sandbox/servers/start

@@ -57,21 +57,21 @@ plugins_dir_cmd=""
 plugins_cmd=""
 keyring_cmd=""
 
-# if [ -e "${BASEDIR}/lib/mysql/plugin/keyring_file.so" ]; then
-#      encryption_plugins="${BASEDIR}/lib/mysql/plugin/keyring_file.so"
-# fi
-# 
-# if [ ! -z "$encryption_plugins" ]; then
-#     plugins_cmd="--early-plugin-load=${encryption_plugins}"
-#     keyring_cmd="--keyring_file_data=/tmp/PORT/data/keyring"
-#     plugins_dir_cmd="--plugin-dir=${BASEDIR}/lib/mysql/plugin/"
-# fi
+if [ -e "${BASEDIR}/lib/mysql/plugin/keyring_file.so" ]; then
+     encryption_plugins="${BASEDIR}/lib/mysql/plugin/keyring_file.so"
+fi
 
-init_file="/tmp/12345/mysql-init"
+if [ ! -z "$encryption_plugins" ]; then
+    plugins_cmd="--early-plugin-load=${encryption_plugins}"
+    keyring_cmd="--keyring_file_data=/tmp/PORT/data/keyring"
+    plugins_dir_cmd="--plugin-dir=${BASEDIR}/lib/mysql/plugin/"
+fi
+
+init_file="/tmp/PORT/mysql-init"
 if [ -e $init_file ]; then
-    $BASEDIR/bin/mysqld --defaults-file=/tmp/12345/my.sandbox.cnf -u root --init-file $init_file $plugins_cmd $plugins_dir_cmd $keyring_cmd &
+    $BASEDIR/bin/mysqld --defaults-file=/tmp/PORT/my.sandbox.cnf -u root --init-file $init_file $plugins_cmd $plugins_dir_cmd $keyring_cmd &
 else
-    $BASEDIR/bin/mysqld --defaults-file=/tmp/12345/my.sandbox.cnf --keyring_file_data=/tmp/12345/data/keyring $plugins_cmd $plugins_dir_cmd $keyring_cmd > /dev/null 2>&1 &
+    $BASEDIR/bin/mysqld --defaults-file=/tmp/PORT/my.sandbox.cnf $plugins_cmd $plugins_dir_cmd $keyring_cmd > /dev/null 2>&1 &
 fi
 cd $PWD