added way to build without ee features #17
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @Wojtach, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request modifies the build process to allow building the Couchbase SDK without enterprise features. It achieves this by wrapping enterprise-specific code, particularly encryption key handling, within conditional compilation blocks that are only included when the COUCHBASE_ENTERPRISE flag is defined.
Highlights
- Conditional Compilation: Introduced
#if COUCHBASE_ENTERPRISEblocks to exclude code related to enterprise features when theCOUCHBASE_ENTERPRISEflag is not defined during compilation. - Encryption Key Handling: Wrapped the encryption key setting and changing logic within the
#if COUCHBASE_ENTERPRISEblock inDatabaseManager.swift.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
This pull request introduces conditional compilation to exclude enterprise-only encryption features from non-enterprise builds. The changes are functionally correct in that they remove the features. However, my review identifies two high-severity issues where these features are silently disabled, which could mislead developers into a false sense of security. I've suggested changes to provide explicit feedback—either by logging a warning or throwing an error—when an attempt is made to use these enterprise features in a non-enterprise build. This will improve clarity and prevent potential security vulnerabilities.
| #if COUCHBASE_ENTERPRISE | ||
| let key = EncryptionKey.password(encKey) | ||
| databaseConfiguration.encryptionKey = key | ||
| #endif |
There was a problem hiding this comment.
When building without COUCHBASE_ENTERPRISE, the encryptionKey from the configuration is silently ignored. This can be misleading, as a developer might assume the database is being encrypted when it is not. This could lead to sensitive data being stored unencrypted without any warning.
To prevent this, it's better to provide explicit feedback. Since this function doesn't throw, consider adding an #else block to print a warning to the console.
| #if COUCHBASE_ENTERPRISE | |
| let key = EncryptionKey.password(encKey) | |
| databaseConfiguration.encryptionKey = key | |
| #endif | |
| #if COUCHBASE_ENTERPRISE | |
| let key = EncryptionKey.password(encKey) | |
| databaseConfiguration.encryptionKey = key | |
| #else | |
| // Using print as a fallback, but a dedicated logger would be better if available. | |
| print("Warning: Encryption is an enterprise-only feature. The provided encryptionKey will be ignored.") | |
| #endif |
| #if COUCHBASE_ENTERPRISE | ||
| if let newKeyString = newKey { | ||
| let encryptionKey = EncryptionKey.password(newKeyString) | ||
| try database.changeEncryptionKey(encryptionKey) | ||
| return | ||
| } | ||
| try database.changeEncryptionKey(nil) | ||
| #endif |
There was a problem hiding this comment.
In a non-enterprise build, calling changeEncryptionKey currently does nothing and returns successfully. This is misleading and potentially dangerous, as the caller would assume the encryption key has been changed or removed when, in fact, no operation was performed.
Since this function can throw, it's better to throw an error in the non-enterprise case to clearly signal that the feature is not available. This prevents any misunderstanding about the database's encryption state.
#if COUCHBASE_ENTERPRISE
if let newKeyString = newKey {
let encryptionKey = EncryptionKey.password(newKeyString)
try database.changeEncryptionKey(encryptionKey)
return
}
try database.changeEncryptionKey(nil)
#else
throw DatabaseError.unknownError(message: "Changing the database encryption key is an enterprise-only feature.")
#endif1 participant
#if COUCHBASE_ENTERPRISE
Exclude code from build if
COUCHBASE_ENTERPISEis false