You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by be...@apache.org on 2017/11/23 17:10:52 UTC
ambari git commit: AMBARI-22325 SecurityConfigurationTest,
small refactors (benyoka)
Repository: ambari
Updated Branches:
refs/heads/branch-feature-AMBARI-14714-blueprintv2 45ac9fabd -> c0eaadd60
AMBARI-22325 SecurityConfigurationTest, small refactors (benyoka)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/c0eaadd6
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/c0eaadd6
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/c0eaadd6
Branch: refs/heads/branch-feature-AMBARI-14714-blueprintv2
Commit: c0eaadd6005151e8f9c87b14c7ee109b4660fe98
Parents: 45ac9fa
Author: Balazs Bence Sari <be...@apache.org>
Authored: Thu Nov 23 18:08:38 2017 +0100
Committer: Balazs Bence Sari <be...@apache.org>
Committed: Thu Nov 23 18:10:33 2017 +0100
----------------------------------------------------------------------
.../server/topology/SecurityConfiguration.java | 24 +++++++
.../server/topology/ConfigurableTest.java | 17 +++++
.../topology/SecurityConfigurationTest.java | 71 ++++++++++++++++++++
.../server/topology/TopologyManagerTest.java | 1 -
.../topology/TopologyTemplateFactoryTest.java | 20 +++---
.../ambari/server/utils/ResourceUtils.java | 34 ++++++++++
.../blueprintv2/cluster_template_v2.json | 58 +++++++++++++++-
.../resources/blueprintv2/security_config.json | 58 ++++++++++++++++
8 files changed, 270 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/c0eaadd6/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java b/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java
index 7a8b8a9..864e802 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java
@@ -19,10 +19,15 @@
package org.apache.ambari.server.topology;
+import java.io.IOException;
+import java.util.Map;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
import org.apache.ambari.server.state.SecurityType;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
+import org.codehaus.jackson.map.ObjectMapper;
/**
* Holds security related properties, the securityType and security descriptor (in case of KERBEROS
@@ -36,16 +41,19 @@ public class SecurityConfiguration {
/**
* Security Type
*/
+ @JsonProperty("type")
private SecurityType type;
/**
* Holds a reference to a kerberos_descriptor resource.
*/
+ @JsonProperty("kerberos_descriptor_reference")
private String descriptorReference;
/**
* Content of a kerberos_descriptor as String.
*/
+ @JsonProperty("kerberos_descriptor")
private String descriptor;
@@ -64,6 +72,7 @@ public class SecurityConfiguration {
return type;
}
+ @JsonIgnore
public String getDescriptor() {
return descriptor;
}
@@ -71,4 +80,19 @@ public class SecurityConfiguration {
public String getDescriptorReference() {
return descriptorReference;
}
+
+ public void setDescriptorReference(String descriptorReference) {
+ this.descriptorReference = descriptorReference;
+ }
+
+ @JsonIgnore
+ public void setDescriptor(String descriptor) {
+ this.descriptor = descriptor;
+ }
+
+ @JsonProperty("kerberos_descriptor")
+ public void setKerberosDescriptorFromJson(Map<String, ?> kerberosDescriptor) throws IOException {
+ setDescriptor(new ObjectMapper().writeValueAsString(kerberosDescriptor));
+ }
+
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/c0eaadd6/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java
index 2c74dc5..080438d 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java
@@ -1,3 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.apache.ambari.server.topology;
import static org.junit.Assert.assertEquals;
http://git-wip-us.apache.org/repos/asf/ambari/blob/c0eaadd6/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationTest.java
new file mode 100644
index 0000000..4af0806
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationTest.java
@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.topology;
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.Map;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import org.apache.ambari.server.utils.ResourceUtils;
+import org.junit.Test;
+
+public class SecurityConfigurationTest {
+
+ public static final String SECURITY_CONFIG_JSON = ResourceUtils.getResource("blueprintv2/security_config.json");
+ public static final Map<String, ?> EXPECTED_KERBEROS_DESCRIPTOR = ImmutableMap.of(
+ "identities", ImmutableList.of(identity("smokeuser","${cluster-env/smokeuser}@${realm}")),
+ "services", ImmutableList.of(
+ ImmutableMap.of(
+ "name", "AMBARI",
+ "identities", ImmutableList.of(),
+ "components", ImmutableList.of(ImmutableMap.of(
+ "name", "AMBARI_SERVER",
+ "identities", ImmutableList.of(identity("ambari-server", "ambari-server@${realm}"))
+ ))
+ ),
+ ImmutableMap.of(
+ "name", "HDFS",
+ "identities", ImmutableList.of(),
+ "components", ImmutableList.of(ImmutableMap.of(
+ "name", "NAMENODE",
+ "identities", ImmutableList.of(identity("hdfs", "${hadoop-env/hdfs_user}@${realm}"))
+ ))
+ )
+ ),
+ "properties", ImmutableMap.of("principal_suffix", "")
+ );
+
+
+ @Test
+ public void getDescriptor() throws Exception {
+ SecurityConfiguration securityConfig = new ObjectMapper().readValue(SECURITY_CONFIG_JSON, SecurityConfiguration.class);
+ assertEquals(EXPECTED_KERBEROS_DESCRIPTOR, new ObjectMapper().readValue(securityConfig.getDescriptor(), Map.class));
+ }
+
+ private static final Map<String, ?> identity(String name, String value) {
+ return ImmutableMap.of(
+ "name", name,
+ "principal", ImmutableMap.of(
+ "value", value,
+ "type", "user"
+ ));
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/c0eaadd6/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java
index 5f61c85..f6a42fc 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java
@@ -290,7 +290,6 @@ public class TopologyManagerTest {
expect(request.getConfigRecommendationStrategy()).andReturn(ConfigRecommendationStrategy.NEVER_APPLY).anyTimes();
expect(request.getSecurityConfiguration()).andReturn(null).anyTimes();
-
expect(group1.getBlueprintName()).andReturn(BLUEPRINT_NAME).anyTimes();
expect(group1.getCardinality()).andReturn("test cardinality").anyTimes();
expect(group1.containsMasterComponent()).andReturn(true).anyTimes();
http://git-wip-us.apache.org/repos/asf/ambari/blob/c0eaadd6/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java
index 17f443b..7efbbd6 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java
@@ -21,10 +21,13 @@ package org.apache.ambari.server.topology;
import static java.util.stream.Collectors.toSet;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import java.io.IOException;
import java.util.Map;
+import org.apache.ambari.server.state.SecurityType;
+import org.apache.ambari.server.utils.ResourceUtils;
import org.junit.Test;
import com.google.common.base.Charsets;
@@ -35,9 +38,9 @@ import com.google.common.io.Resources;
public class TopologyTemplateFactoryTest {
public static final String CLUSTER_TEMPLATE =
- getResource("blueprintv2/cluster_template_v2.json");
+ ResourceUtils.getResource("blueprintv2/cluster_template_v2.json");
public static final String CLUSTER_TEMPLATE_INVALID =
- getResource("blueprintv2/cluster_template_v2_invalid_hostgroup.json");
+ ResourceUtils.getResource("blueprintv2/cluster_template_v2_invalid_hostgroup.json");
@Test
@@ -80,15 +83,10 @@ public class TopologyTemplateFactoryTest {
assertEquals(0, hostGroup2.getHosts().size());
assertEquals(2, hostGroup2.getHostCount());
assertEquals("Hosts/os_type=centos6&Hosts/cpu_count=2", hostGroup2.getHostPredicate());
- }
-
- private static String getResource(String fileName) {
- try {
- return Resources.toString(Resources.getResource(fileName), Charsets.UTF_8);
- }
- catch (IOException ex) {
- throw new RuntimeException(ex);
- }
+ SecurityConfiguration securityConfig = template.getSecurityConfiguration();
+ assertEquals(SecurityType.KERBEROS, securityConfig.getType());
+ assertNotNull(securityConfig.getDescriptor());
+ assertNull(securityConfig.getDescriptorReference());
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/c0eaadd6/ambari-server/src/test/java/org/apache/ambari/server/utils/ResourceUtils.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/utils/ResourceUtils.java b/ambari-server/src/test/java/org/apache/ambari/server/utils/ResourceUtils.java
new file mode 100644
index 0000000..f00bc8b
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/utils/ResourceUtils.java
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.utils;
+
+import java.io.IOException;
+
+import com.google.common.base.Charsets;
+import com.google.common.io.Resources;
+
+public class ResourceUtils {
+ public static String getResource(String fileName) {
+ try {
+ return Resources.toString(Resources.getResource(fileName), Charsets.UTF_8);
+ }
+ catch (IOException ex) {
+ throw new RuntimeException(ex);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/c0eaadd6/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json b/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json
index d80f2f5..26ee307 100644
--- a/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json
+++ b/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json
@@ -1,5 +1,6 @@
{
"blueprint": "blueprint-name",
+ "config_recommendation_strategy": "ALWAYS_APPLY_DONT_OVERRIDE_CUSTOM_VALUES",
"default_password": "super-secret-password",
"services": [
{
@@ -70,6 +71,61 @@
}
],
"security": {
- "type": "NONE"
+ "type": "KERBEROS",
+ "kerberos_descriptor": {
+ "identities": [
+ {
+ "name": "smokeuser",
+ "principal": {
+ "value": "${cluster-env/smokeuser}@${realm}",
+ "type": "user"
+ }
+ }
+ ],
+ "services": [
+ {
+ "components": [
+ {
+ "name": "AMBARI_SERVER",
+ "identities": [
+ {
+ "name": "ambari-server",
+ "principal": {
+ "value": "ambari-server@${realm}",
+ "type": "user"
+ }
+ }
+ ]
+ }
+ ],
+ "name": "AMBARI",
+ "identities": [
+
+ ]
+ },
+ {
+ "components": [
+ {
+ "name": "NAMENODE",
+ "identities": [
+ {
+ "name": "hdfs",
+ "principal": {
+ "value": "${hadoop-env/hdfs_user}@${realm}",
+ "type": "user"
+ }
+ }
+ ]
+ }
+ ],
+ "name": "HDFS",
+ "identities": [
+ ]
+ }
+ ],
+ "properties": {
+ "principal_suffix": ""
+ }
+ }
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/c0eaadd6/ambari-server/src/test/resources/blueprintv2/security_config.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/resources/blueprintv2/security_config.json b/ambari-server/src/test/resources/blueprintv2/security_config.json
new file mode 100644
index 0000000..5478d1f
--- /dev/null
+++ b/ambari-server/src/test/resources/blueprintv2/security_config.json
@@ -0,0 +1,58 @@
+{
+ "type": "KERBEROS",
+ "kerberos_descriptor": {
+ "identities": [
+ {
+ "name": "smokeuser",
+ "principal": {
+ "value": "${cluster-env/smokeuser}@${realm}",
+ "type": "user"
+ }
+ }
+ ],
+ "services": [
+ {
+ "components": [
+ {
+ "name": "AMBARI_SERVER",
+ "identities": [
+ {
+ "name": "ambari-server",
+ "principal": {
+ "value": "ambari-server@${realm}",
+ "type": "user"
+ }
+ }
+ ]
+ }
+ ],
+ "name": "AMBARI",
+ "identities": [
+
+ ]
+ },
+ {
+ "components": [
+ {
+ "name": "NAMENODE",
+ "identities": [
+ {
+ "name": "hdfs",
+ "principal": {
+ "value": "${hadoop-env/hdfs_user}@${realm}",
+ "type": "user"
+ }
+ }
+ ]
+ }
+ ],
+ "name": "HDFS",
+ "identities": [
+ ]
+ }
+ ],
+ "properties": {
+ "principal_suffix": ""
+ }
+ }
+}
\ No newline at end of file