You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ds...@apache.org on 2018/04/19 07:58:21 UTC
[ambari] branch trunk updated: [AMBARI-23609] Credential store is
not working (dsen)
This is an automated email from the ASF dual-hosted git repository.
dsen pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new e9373fb [AMBARI-23609] Credential store is not working (dsen)
e9373fb is described below
commit e9373fb73cffc683e5b896b2620318896e154aa5
Author: Dmytro Sen <ds...@apache.org>
AuthorDate: Wed Apr 18 17:27:53 2018 +0300
[AMBARI-23609] Credential store is not working (dsen)
---
.../ambari_agent/CustomServiceOrchestrator.py | 7 ++-
.../ambari/server/agent/stomp/MetadataHolder.java | 7 +++
.../agent/stomp/dto/MetadataServiceInfo.java | 24 +++++++++-
.../controller/AmbariManagementControllerImpl.java | 24 +++++++++-
.../apache/ambari/server/events/AmbariEvent.java | 7 ++-
.../events/ServiceCredentialStoreUpdateEvent.java | 52 ++++++++++++++++++++++
.../apache/ambari/server/state/ServiceImpl.java | 14 ++++++
7 files changed, 129 insertions(+), 6 deletions(-)
diff --git a/ambari-agent/src/main/python/ambari_agent/CustomServiceOrchestrator.py b/ambari-agent/src/main/python/ambari_agent/CustomServiceOrchestrator.py
index a806199..0bf50d4 100644
--- a/ambari-agent/src/main/python/ambari_agent/CustomServiceOrchestrator.py
+++ b/ambari-agent/src/main/python/ambari_agent/CustomServiceOrchestrator.py
@@ -211,8 +211,8 @@ class CustomServiceOrchestrator():
:return:
"""
configtype_credentials = {}
- if 'configuration_credentials' in commandJson:
- for config_type, password_properties in commandJson['configuration_credentials'].items():
+ if 'serviceLevelParams' in commandJson and 'configuration_credentials' in commandJson['serviceLevelParams']:
+ for config_type, password_properties in commandJson['serviceLevelParams']['configuration_credentials'].items():
if config_type in commandJson['configurations']:
value_names = []
config = commandJson['configurations'][config_type]
@@ -278,6 +278,9 @@ class CustomServiceOrchestrator():
if len(configtype_credentials) == 0:
logger.info("Credential store is enabled but no property are found that can be encrypted.")
commandJson['credentialStoreEnabled'] = "false"
+ # CS is enabled and config properties are available
+ else:
+ commandJson['credentialStoreEnabled'] = "true"
for config_type, credentials in configtype_credentials.items():
config = commandJson['configurations'][config_type]
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/MetadataHolder.java b/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/MetadataHolder.java
index 11aa512..596808f 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/MetadataHolder.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/MetadataHolder.java
@@ -25,6 +25,7 @@ import org.apache.ambari.server.controller.AmbariManagementControllerImpl;
import org.apache.ambari.server.events.ClusterComponentsRepoChangedEvent;
import org.apache.ambari.server.events.ClusterConfigChangedEvent;
import org.apache.ambari.server.events.MetadataUpdateEvent;
+import org.apache.ambari.server.events.ServiceCredentialStoreUpdateEvent;
import org.apache.ambari.server.events.ServiceInstalledEvent;
import org.apache.ambari.server.events.publishers.AmbariEventPublisher;
import org.apache.ambari.server.state.Cluster;
@@ -100,4 +101,10 @@ public class MetadataHolder extends AgentClusterDataHolder<MetadataUpdateEvent>
Cluster cluster = m_clusters.get().getCluster(clusterComponentsRepoChangedEvent.getClusterId());
updateData(ambariManagementController.getClusterMetadataOnRepoUpdate(cluster));
}
+
+ @Subscribe
+ public void onServiceCredentialStoreUpdate(ServiceCredentialStoreUpdateEvent serviceCredentialStoreUpdateEvent) throws AmbariException {
+ Cluster cluster = m_clusters.get().getCluster(serviceCredentialStoreUpdateEvent.getClusterId());
+ updateData(ambariManagementController.getClusterMetadataOnServiceCredentialStoreUpdate(cluster, serviceCredentialStoreUpdateEvent.getServiceName()));
+ }
}
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/dto/MetadataServiceInfo.java b/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/dto/MetadataServiceInfo.java
index 9b4bc02..d0d8374 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/dto/MetadataServiceInfo.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/dto/MetadataServiceInfo.java
@@ -18,21 +18,30 @@
package org.apache.ambari.server.agent.stomp.dto;
+import java.util.Map;
+
import com.fasterxml.jackson.annotation.JsonProperty;
+
public class MetadataServiceInfo {
private String version;
private Boolean credentialStoreEnabled;
+
+ @JsonProperty("configuration_credentials")
+ private Map<String, Map<String, String>> credentialStoreEnabledProperties;
+
@JsonProperty("status_commands_timeout")
private Long statusCommandsTimeout;
@JsonProperty("service_package_folder")
private String servicePackageFolder;
- public MetadataServiceInfo(String version, Boolean credentialStoreEnabled, Long statusCommandsTimeout,
- String servicePackageFolder) {
+ public MetadataServiceInfo(String version, Boolean credentialStoreEnabled,
+ Map<String, Map<String, String>> credentialStoreEnabledProperties,
+ Long statusCommandsTimeout, String servicePackageFolder) {
this.version = version;
this.credentialStoreEnabled = credentialStoreEnabled;
+ this.credentialStoreEnabledProperties = credentialStoreEnabledProperties;
this.statusCommandsTimeout = statusCommandsTimeout;
this.servicePackageFolder = servicePackageFolder;
}
@@ -53,6 +62,14 @@ public class MetadataServiceInfo {
this.credentialStoreEnabled = credentialStoreEnabled;
}
+ public Map<String, Map<String, String>> getCredentialStoreEnabledProperties() {
+ return credentialStoreEnabledProperties;
+ }
+
+ public void setCredentialStoreEnabledProperties(Map<String, Map<String, String>> credentialStoreEnabledProperties) {
+ this.credentialStoreEnabledProperties = credentialStoreEnabledProperties;
+ }
+
public Long getStatusCommandsTimeout() {
return statusCommandsTimeout;
}
@@ -79,6 +96,8 @@ public class MetadataServiceInfo {
if (version != null ? !version.equals(that.version) : that.version != null) return false;
if (credentialStoreEnabled != null ? !credentialStoreEnabled.equals(that.credentialStoreEnabled) : that.credentialStoreEnabled != null)
return false;
+ if (credentialStoreEnabledProperties != null ? !credentialStoreEnabledProperties.equals(that.credentialStoreEnabledProperties) : that.credentialStoreEnabledProperties != null)
+ return false;
if (statusCommandsTimeout != null ? !statusCommandsTimeout.equals(that.statusCommandsTimeout) : that.statusCommandsTimeout != null)
return false;
return servicePackageFolder != null ? servicePackageFolder.equals(that.servicePackageFolder) : that.servicePackageFolder == null;
@@ -88,6 +107,7 @@ public class MetadataServiceInfo {
public int hashCode() {
int result = version != null ? version.hashCode() : 0;
result = 31 * result + (credentialStoreEnabled != null ? credentialStoreEnabled.hashCode() : 0);
+ result = 31 * result + (credentialStoreEnabledProperties != null ? credentialStoreEnabledProperties.hashCode() : 0);
result = 31 * result + (statusCommandsTimeout != null ? statusCommandsTimeout.hashCode() : 0);
result = 31 * result + (servicePackageFolder != null ? servicePackageFolder.hashCode() : 0);
return result;
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
index 04facf1..c0a82d2 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
@@ -5640,6 +5640,19 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
return metadataUpdateEvent;
}
+ public MetadataUpdateEvent getClusterMetadataOnServiceCredentialStoreUpdate(Cluster cl, String serviceName) throws AmbariException {
+ TreeMap<String, MetadataCluster> metadataClusters = new TreeMap<>();
+
+ MetadataCluster metadataCluster = new MetadataCluster(null,
+ getMetadataServiceLevelParams(cl.getService(serviceName)),
+ new TreeMap<>());
+ metadataClusters.put(Long.toString(cl.getClusterId()), metadataCluster);
+
+ MetadataUpdateEvent metadataUpdateEvent = new MetadataUpdateEvent(metadataClusters,
+ null);
+ return metadataUpdateEvent;
+ }
+
private String getClientsToUpdateConfigs(ComponentInfo componentInfo) {
List<String> clientsToUpdateConfigsList = componentInfo.getClientsToUpdateConfigs();
if (clientsToUpdateConfigsList == null) {
@@ -5836,9 +5849,18 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
String servicePackageFolder = serviceInfo.getServicePackageFolder();
+ // Get the map of service config type to password properties for the service
+ Map<String, Map<String, String>> configCredentials;
+ configCredentials = configCredentialsForService.get(service.getName());
+ if (configCredentials == null) {
+ configCredentials = configHelper.getCredentialStoreEnabledProperties(serviceStackId, service);
+ configCredentialsForService.put(service.getName(), configCredentials);
+ }
+
serviceLevelParams.put(serviceInfo.getName(),
new MetadataServiceInfo(serviceInfo.getVersion(),
- serviceInfo.isCredentialStoreEnabled(),
+ service.isCredentialStoreEnabled(),
+ configCredentials,
statusCommandTimeout,
servicePackageFolder));
}
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/events/AmbariEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/events/AmbariEvent.java
index a5900a3..fb5f298 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/events/AmbariEvent.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/events/AmbariEvent.java
@@ -175,7 +175,12 @@ public abstract class AmbariEvent {
/**
* Service component's repo has been changed..
*/
- SERVICE_COMPONENT_REPO_CHANGE;
+ SERVICE_COMPONENT_REPO_CHANGE,
+
+ /**
+ * Service credential store has been enabled or disabled..
+ */
+ SERVICE_CREDENTIAL_STORE_UPDATE;
}
/**
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/events/ServiceCredentialStoreUpdateEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/events/ServiceCredentialStoreUpdateEvent.java
new file mode 100644
index 0000000..ae31247
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/events/ServiceCredentialStoreUpdateEvent.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.events;
+
+/**
+ * The {@link ServiceCredentialStoreUpdateEvent} class is fired when a
+ * service credential store has been enabled or disabled
+ */
+public class ServiceCredentialStoreUpdateEvent extends ServiceEvent {
+ /**
+ * Constructor.
+ *
+ * @param clusterId
+ * @param stackName
+ * @param stackVersion
+ * @param serviceName
+ */
+ public ServiceCredentialStoreUpdateEvent(long clusterId, String stackName,
+ String stackVersion, String serviceName) {
+ super(AmbariEventType.SERVICE_CREDENTIAL_STORE_UPDATE, clusterId, stackName,
+ stackVersion, serviceName);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public String toString() {
+ StringBuilder buffer = new StringBuilder("ServiceCredentialStoreUpdateEvent{");
+ buffer.append("cluserId=").append(m_clusterId);
+ buffer.append(", stackName=").append(m_stackName);
+ buffer.append(", stackVersion=").append(m_stackVersion);
+ buffer.append(", serviceName=").append(m_serviceName);
+ buffer.append("}");
+ return buffer.toString();
+ }
+}
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/ServiceImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/state/ServiceImpl.java
index 7c5744c..3d81b55 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/ServiceImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/ServiceImpl.java
@@ -39,6 +39,7 @@ import org.apache.ambari.server.controller.ServiceResponse;
import org.apache.ambari.server.controller.internal.AmbariServerSSOConfigurationHandler;
import org.apache.ambari.server.controller.internal.DeleteHostComponentStatusMetaData;
import org.apache.ambari.server.events.MaintenanceModeEvent;
+import org.apache.ambari.server.events.ServiceCredentialStoreUpdateEvent;
import org.apache.ambari.server.events.ServiceInstalledEvent;
import org.apache.ambari.server.events.ServiceRemovedEvent;
import org.apache.ambari.server.events.publishers.AmbariEventPublisher;
@@ -448,8 +449,21 @@ public class ServiceImpl implements Service {
ServiceDesiredStateEntity desiredStateEntity = getServiceDesiredStateEntity();
if (desiredStateEntity != null) {
+ ServiceCredentialStoreUpdateEvent serviceCredentialStoreUpdateEvent = null;
+ //create event only if the value changed
+ if (desiredStateEntity.isCredentialStoreEnabled() != credentialStoreEnabled) {
+ StackId stackId = getDesiredStackId();
+ serviceCredentialStoreUpdateEvent =
+ new ServiceCredentialStoreUpdateEvent(getClusterId(), stackId.getStackName(),
+ stackId.getStackVersion(), getName());
+ }
desiredStateEntity.setCredentialStoreEnabled(credentialStoreEnabled);
desiredStateEntity = serviceDesiredStateDAO.merge(desiredStateEntity);
+
+ //publish event after the value has changed
+ if (serviceCredentialStoreUpdateEvent != null) {
+ eventPublisher.publish(serviceCredentialStoreUpdateEvent);
+ }
} else {
LOG.warn("Setting a member on an entity object that may have been "
+ "previously deleted, serviceName = " + getName());
--
To stop receiving notification emails like this one, please contact
dsen@apache.org.