adding multi-tenancy to config api and master key related changes

[dhrubo-os]

Description

[adding multi-tenancy to config api and master key related changes]

Related Issues

Resolves #[Issue number to be closed when this PR is merged]

Check List

• New functionality includes testing.
• New functionality has been documented.
• API changes companion pull request created.
• Commits are signed per the DCO using --signoff.
• Public documentation issue/PR created.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[codecov]

Codecov Report

Attention: Patch coverage is 69.67213% with 37 lines in your changes missing coverage. Please review.

Project coverage is 80.45%. Comparing base (f28bb74) to head (6e94702).
Report is 181 commits behind head on main.

Files with missing lines	Patch %	Lines
...ml/action/tasks/CancelBatchJobTransportAction.java	40.00%	6 Missing ⚠️
...va/org/opensearch/ml/common/utils/StringUtils.java	0.00%	5 Missing ⚠️
.../opensearch/ml/engine/encryptor/EncryptorImpl.java	85.71%	4 Missing and 1 partial ⚠️
...ction/deploy/TransportDeployModelOnNodeAction.java	0.00%	4 Missing ⚠️
...org/opensearch/ml/rest/RestMLPredictionAction.java	0.00%	4 Missing ⚠️
...va/org/opensearch/ml/task/MLPredictTaskRunner.java	69.23%	4 Missing ⚠️
...rch/ml/action/config/GetConfigTransportAction.java	57.14%	2 Missing and 1 partial ⚠️
...n/java/org/opensearch/ml/model/MLModelManager.java	0.00%	3 Missing ⚠️
.../opensearch/ml/common/connector/HttpConnector.java	66.66%	1 Missing ⚠️
...search/ml/action/tasks/GetTaskTransportAction.java	0.00%	1 Missing ⚠️
... and 1 more

Additional details and impacted files

@@             Coverage Diff              @@
##               main    #3439      +/-   ##
============================================
- Coverage     81.31%   80.45%   -0.87%     
- Complexity     6094     6723     +629     
============================================
  Files           573      599      +26     
  Lines         25268    29186    +3918     
  Branches       2666     3232     +566     
============================================
+ Hits          20547    23481    +2934     
- Misses         3601     4304     +703     
- Partials       1120     1401     +281     

Flag	Coverage Δ
ml-commons	80.45% <69.67%> (-0.87%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[arjunkumargiri]

Looks good. Please add missing unit test for lines missing code coverage.

[arjunkumargiri]

Currently tenantId is not being used. Please add a comment that tenantId will be used as part of SDKClient migration.

[b4sjoo]

I do see a lot of place did not cover by UT according to codecov report. I know the release time line is quite tense but could you please mark them and add those later?

[dbwiddis]

LGTM with a question

[dbwiddis]

Do we need the tenant ID field added to the config? We use a hash of the key as part of the document ID and never actually compare vs. this.

[dhrubo-os]

We had is here in the multi-tenancy branch, I will deep dive later (after merging all the code) if we can remove it from here.

[arjunkumargiri]

Code changes looks good. Seems build is failing due to flaky test. Please validate that build succeeds before merging.

[jngz-es]

I don't get why we have different key for every tenant. Currently this key is shared on the cluster level and crosses users. It's only for the node internal use, doesn't matter with user information. If we did so, we would also need to have different key for every user.

[dhrubo-os]

Tenant isn't an user here. So every tenant will have their own separate master key which will be used to encrypt/decrypt their connector credentials. If we have only one master key, that'll be a security concern for multi-tenancy.