[improve][pip] PIP-432: Add isEncrypted field to EncryptionContext

[codelipenghui]

Motivation

Applications using Pulsar's encryption feature with ConsumerCryptoFailureAction.CONSUME need to determine whether received messages were successfully decrypted or if decryption failed. This is essential for:

1. Error handling: Applications need to know when they receive encrypted (undecrypted) data to handle it appropriately
2. Monitoring: Applications want to track decryption success/failure rates for monitoring and alerting
3. Manual decryption: When automatic decryption fails, applications may want to attempt manual decryption using the EncryptionContext
4. Security compliance: Applications need to ensure they're not inadvertently processing encrypted data as plain text

Current situation:

• Consumers with CONSUME action receive messages regardless of decryption success
• No programmatic way to distinguish between successfully decrypted and failed decryption messages
• Applications must implement workarounds to detect encrypted vs. decrypted content

Use cases this solves:

1. Consumer without private key configured → should know decryption failed
2. Consumer with mismatched private key → should know decryption failed
3. Consumer with correct private key → should know decryption succeeded

Does this pull request potentially affect one of the following parts:

If the box was checked, please highlight the changes

• Dependencies (add or upgrade a dependency)
• The public API
• The schema
• The default values of configurations
• The threading model
• The binary protocol
• The REST endpoints
• The admin CLI options
• The metrics
• Anything that affects deployment

Documentation

• doc
• doc-required
• doc-not-needed
• doc-complete

[codelipenghui]

/pulsarbot run-failure-checks

[liangyepianzhou]

LGTM

[codelipenghui]

/pulsarbot run-failure-checks

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 74.27%. Comparing base (bbc6224) to head (e8ffd16).
⚠️ Report is 1250 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff              @@
##             master   #24481      +/-   ##
============================================
+ Coverage     73.57%   74.27%   +0.70%     
+ Complexity    32624    32494     -130     
============================================
  Files          1877     1868       -9     
  Lines        139502   145939    +6437     
  Branches      15299    16734    +1435     
============================================
+ Hits         102638   108399    +5761     
- Misses        28908    28951      +43     
- Partials       7956     8589     +633     

Flag	Coverage Δ
inttests	26.68% <50.00%> (+2.10%)	⬆️
systests	23.28% <75.00%> (-1.04%)	⬇️
unittests	73.77% <100.00%> (+0.93%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
...rg/apache/pulsar/common/api/EncryptionContext.java	100.00% <ø> (ø)
...va/org/apache/pulsar/client/impl/ConsumerImpl.java	78.93% <100.00%> (+1.36%)	⬆️
.../pulsar/client/impl/MessagePayloadContextImpl.java	74.46% <ø> (ø)
...ache/pulsar/client/impl/ZeroQueueConsumerImpl.java	65.43% <ø> (ø)

... and 1094 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[3pacccccc]

LGTM. Additionally, could we introduce a new decryptFailListener to handle decryption failures, instead of using if-else checks? This would provide a more elegant solution. The code might look like this:

pulsarClient.newConsumer()
    .topic(topicName)
    .subscriptionName(subName)
    .messageListener((consumer, msg) -> {
        // Handle successfully decrypted messages
        handleDecryptedMessage(msg);
    })
    .decryptFailListener((consumer, msg) -> {
        // Handle decryption failures
        handleEncryptedMessage(msg);
    });

[codelipenghui]

@3pacccccc Yes, that's a good idea to have a listener for the decryption failures. Do you want to create a proposal for it? With the decryption failure listener, we can suggest users to use listener instead of ConsumerCryptoFailureAction. They can decide in the listener to discard, or decrypt, or anything they want.

[3pacccccc]

@3pacccccc Yes, that's a good idea to have a listener for the decryption failures. Do you want to create a proposal for it? With the decryption failure listener, we can suggest users to use listener instead of ConsumerCryptoFailureAction. They can decide in the listener to discard, or decrypt, or anything they want.

yes，I‘m sooo glad if I can do anything to help

[codelipenghui]

/pulsarbot run-failure-checks