You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sw...@apache.org on 2016/12/01 08:13:59 UTC
[16/50] ambari git commit: AMBARI-18834 Add Ranger proxy user under
Ranger KMS config during stack upgrade (mugdha)
AMBARI-18834 Add Ranger proxy user under Ranger KMS config during stack upgrade (mugdha)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/d3c75557
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/d3c75557
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/d3c75557
Branch: refs/heads/branch-feature-AMBARI-18901
Commit: d3c75557ec7bc20fa9b2782137a6412aa09a8afb
Parents: 68a881e
Author: Mugdha Varadkar <mu...@apache.org>
Authored: Wed Nov 23 10:55:03 2016 +0530
Committer: Mugdha Varadkar <mu...@apache.org>
Committed: Tue Nov 29 09:31:12 2016 +0530
----------------------------------------------------------------------
.../upgrades/RangerKmsProxyConfig.java | 95 +++++++++++++
.../HDP/2.3/upgrades/nonrolling-upgrade-2.5.xml | 7 +
.../HDP/2.3/upgrades/nonrolling-upgrade-2.6.xml | 7 +
.../stacks/HDP/2.3/upgrades/upgrade-2.5.xml | 11 ++
.../stacks/HDP/2.3/upgrades/upgrade-2.6.xml | 11 ++
.../HDP/2.4/upgrades/nonrolling-upgrade-2.5.xml | 7 +
.../HDP/2.4/upgrades/nonrolling-upgrade-2.6.xml | 7 +
.../stacks/HDP/2.4/upgrades/upgrade-2.5.xml | 11 ++
.../stacks/HDP/2.4/upgrades/upgrade-2.6.xml | 11 ++
.../upgrades/RangerKmsProxyConfigTest.java | 141 +++++++++++++++++++
10 files changed, 308 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/java/org/apache/ambari/server/serveraction/upgrades/RangerKmsProxyConfig.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/upgrades/RangerKmsProxyConfig.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/upgrades/RangerKmsProxyConfig.java
new file mode 100644
index 0000000..bb88f55
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/upgrades/RangerKmsProxyConfig.java
@@ -0,0 +1,95 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.serveraction.upgrades;
+
+import java.text.MessageFormat;
+import java.util.Map;
+import java.util.concurrent.ConcurrentMap;
+
+import org.apache.ambari.server.AmbariException;
+import org.apache.ambari.server.actionmanager.HostRoleStatus;
+import org.apache.ambari.server.agent.CommandReport;
+import org.apache.ambari.server.serveraction.AbstractServerAction;
+import org.apache.ambari.server.state.Cluster;
+import org.apache.ambari.server.state.Clusters;
+import org.apache.ambari.server.state.Config;
+import org.apache.ambari.server.state.SecurityType;
+import org.apache.commons.lang.StringUtils;
+
+import com.google.inject.Inject;
+
+/**
+* Computes Ranger KMS Proxy properties in kms-site
+*/
+
+public class RangerKmsProxyConfig extends AbstractServerAction {
+ private static final String RANGER_ENV_CONFIG_TYPE = "ranger-env";
+ private static final String RANGER_KMS_SITE_CONFIG_TYPE = "kms-site";
+
+ @Inject
+ private Clusters m_clusters;
+
+ @Override
+ public CommandReport execute(ConcurrentMap<String, Object> requestSharedDataContext)
+ throws AmbariException, InterruptedException {
+
+ String clusterName = getExecutionCommand().getClusterName();
+ Cluster cluster = m_clusters.getCluster(clusterName);
+ String outputMsg = "";
+
+ Config rangerEnv = cluster.getDesiredConfigByType(RANGER_ENV_CONFIG_TYPE);
+
+ if (null == rangerEnv) {
+ return createCommandReport(0, HostRoleStatus.COMPLETED, "{}",
+ MessageFormat.format("Config source type {0} not found, skipping adding properties to {1}.", RANGER_ENV_CONFIG_TYPE, RANGER_KMS_SITE_CONFIG_TYPE), "");
+ }
+
+ String rangerUserProp = "ranger_user";
+ String rangerUser = rangerEnv.getProperties().get(rangerUserProp);
+
+ if (null == rangerUser) {
+ return createCommandReport(0, HostRoleStatus.COMPLETED, "{}",
+ MessageFormat.format("Required user service user value from {0}/{1} not found, skipping adding properties to {2}.", RANGER_ENV_CONFIG_TYPE, rangerUserProp, RANGER_KMS_SITE_CONFIG_TYPE), "");
+ }
+
+ Config kmsSite = cluster.getDesiredConfigByType(RANGER_KMS_SITE_CONFIG_TYPE);
+
+ if (null == kmsSite) {
+ return createCommandReport(0, HostRoleStatus.COMPLETED, "{}",
+ MessageFormat.format("Config type {0} not found, skipping adding properties to it.", RANGER_KMS_SITE_CONFIG_TYPE), "");
+ }
+
+ Map<String, String> targetValues = kmsSite.getProperties();
+ if (cluster.getSecurityType() == SecurityType.KERBEROS) {
+ String userProp = "hadoop.kms.proxyuser." + rangerUser + ".users";
+ String groupProp = "hadoop.kms.proxyuser." + rangerUser + ".groups";
+ String hostProp = "hadoop.kms.proxyuser." + rangerUser + ".hosts";
+ targetValues.put(userProp, "*");
+ targetValues.put(groupProp, "*");
+ targetValues.put(hostProp, "*");
+ kmsSite.setProperties(targetValues);
+ kmsSite.persist(false);
+ outputMsg = outputMsg + MessageFormat.format("Successfully added properties to {0}", RANGER_KMS_SITE_CONFIG_TYPE);
+ } else {
+ outputMsg = outputMsg + MessageFormat.format("Kerberos not enable, not setting proxy properties to {0}", RANGER_KMS_SITE_CONFIG_TYPE);
+ }
+
+ return createCommandReport(0, HostRoleStatus.COMPLETED, "{}", outputMsg, "");
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.5.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.5.xml b/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.5.xml
index 04e4f3e..7a15e0e 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.5.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.5.xml
@@ -435,6 +435,13 @@
<task xsi:type="configure" id="hdp_2_5_0_0_remove_ranger_kms_audit_db"/>
</execute-stage>
+ <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Ranger Properties">
+ <condition xsi:type="security" type="kerberos"/>
+ <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig">
+ <summary>Adding Ranger proxy user properties</summary>
+ </task>
+ </execute-stage>
+
<!-- KNOX -->
<execute-stage service="KNOX" component="KNOX_GATEWAY" title="Apply config changes for Knox Gateway">
<task xsi:type="configure" id="hdp_2_5_0_0_remove_ranger_knox_audit_db"/>
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.6.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.6.xml b/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.6.xml
index 3233f7e..fe2598b 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.6.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/nonrolling-upgrade-2.6.xml
@@ -436,6 +436,13 @@
<task xsi:type="configure" id="hdp_2_5_0_0_remove_ranger_kms_audit_db"/>
</execute-stage>
+ <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Ranger Properties">
+ <condition xsi:type="security" type="kerberos"/>
+ <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig">
+ <summary>Adding Ranger proxy user properties</summary>
+ </task>
+ </execute-stage>
+
<!-- KNOX -->
<execute-stage service="KNOX" component="KNOX_GATEWAY" title="Apply config changes for Knox Gateway">
<task xsi:type="configure" id="hdp_2_5_0_0_remove_ranger_knox_audit_db"/>
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.5.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.5.xml b/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.5.xml
index 95c5f06..bbf5299 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.5.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.5.xml
@@ -130,6 +130,17 @@
</service>
</group>
+ <group xsi:type="cluster" name="UPDATE_RANGER_KMS_SITE" title="Update Ranger KMS Configuration">
+ <direction>UPGRADE</direction>
+ <skippable>true</skippable>
+ <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Proxy Properties under kms-site">
+ <condition xsi:type="security" type="kerberos"/>
+ <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig">
+ <summary>Adding Ranger proxy user properties under kms-site</summary>
+ </task>
+ </execute-stage>
+ </group>
+
<group name="RANGER_KMS" title="Ranger_KMS">
<skippable>true</skippable>
<supports-auto-skip-failure>false</supports-auto-skip-failure>
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.6.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.6.xml b/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.6.xml
index a01996a..c5fdc99 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.6.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/upgrades/upgrade-2.6.xml
@@ -131,6 +131,17 @@
</service>
</group>
+ <group xsi:type="cluster" name="UPDATE_RANGER_KMS_SITE" title="Update Ranger KMS Configuration">
+ <direction>UPGRADE</direction>
+ <skippable>true</skippable>
+ <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Proxy Properties under kms-site">
+ <condition xsi:type="security" type="kerberos"/>
+ <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig">
+ <summary>Adding Ranger proxy user properties under kms-site</summary>
+ </task>
+ </execute-stage>
+ </group>
+
<group name="RANGER_KMS" title="Ranger_KMS">
<skippable>true</skippable>
<supports-auto-skip-failure>false</supports-auto-skip-failure>
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.5.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.5.xml b/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.5.xml
index 05e2be1..a46ac9e 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.5.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.5.xml
@@ -423,6 +423,13 @@
<task xsi:type="configure" id="hdp_2_5_0_0_remove_ranger_kms_audit_db"/>
</execute-stage>
+ <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Ranger Properties">
+ <condition xsi:type="security" type="kerberos"/>
+ <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig">
+ <summary>Adding Ranger proxy user properties</summary>
+ </task>
+ </execute-stage>
+
<!-- SPARK -->
<execute-stage service="SPARK" component="SPARK_JOBHISTORYSERVER" title="Apply config changes for Spark JobHistoryServer">
<task xsi:type="configure" id="hdp_2_5_0_0_spark_jobhistoryserver"/>
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.6.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.6.xml b/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.6.xml
index 1a26e59..6597cde 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.6.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/nonrolling-upgrade-2.6.xml
@@ -418,6 +418,13 @@
<execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Apply config changes for Ranger KMS Server">
<task xsi:type="configure" id="hdp_2_5_0_0_remove_ranger_kms_audit_db"/>
</execute-stage>
+
+ <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Ranger Properties">
+ <condition xsi:type="security" type="kerberos"/>
+ <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig">
+ <summary>Adding Ranger proxy user properties</summary>
+ </task>
+ </execute-stage>
</group>
<!--
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.5.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.5.xml b/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.5.xml
index f0c6131..f5a5669 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.5.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.5.xml
@@ -126,6 +126,17 @@
</service>
</group>
+ <group xsi:type="cluster" name="UPDATE_RANGER_KMS_SITE" title="Update Ranger KMS Configuration">
+ <direction>UPGRADE</direction>
+ <skippable>true</skippable>
+ <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Proxy Properties under kms-site">
+ <condition xsi:type="security" type="kerberos"/>
+ <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig">
+ <summary>Adding Ranger proxy user properties under kms-site</summary>
+ </task>
+ </execute-stage>
+ </group>
+
<group name="RANGER_KMS" title="Ranger_KMS">
<skippable>true</skippable>
<supports-auto-skip-failure>false</supports-auto-skip-failure>
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.6.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.6.xml b/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.6.xml
index f520faf..406f38e 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.6.xml
+++ b/ambari-server/src/main/resources/stacks/HDP/2.4/upgrades/upgrade-2.6.xml
@@ -131,6 +131,17 @@
</service>
</group>
+ <group xsi:type="cluster" name="UPDATE_RANGER_KMS_SITE" title="Update Ranger KMS Configuration">
+ <direction>UPGRADE</direction>
+ <skippable>true</skippable>
+ <execute-stage service="RANGER_KMS" component="RANGER_KMS_SERVER" title="Calculating Proxy Properties under kms-site">
+ <condition xsi:type="security" type="kerberos"/>
+ <task xsi:type="server_action" class="org.apache.ambari.server.serveraction.upgrades.RangerKmsProxyConfig">
+ <summary>Adding Ranger proxy user properties under kms-site</summary>
+ </task>
+ </execute-stage>
+ </group>
+
<group name="RANGER_KMS" title="Ranger_KMS">
<skippable>true</skippable>
<supports-auto-skip-failure>false</supports-auto-skip-failure>
http://git-wip-us.apache.org/repos/asf/ambari/blob/d3c75557/ambari-server/src/test/java/org/apache/ambari/server/serveraction/upgrades/RangerKmsProxyConfigTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/upgrades/RangerKmsProxyConfigTest.java b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/upgrades/RangerKmsProxyConfigTest.java
new file mode 100644
index 0000000..e000c65
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/upgrades/RangerKmsProxyConfigTest.java
@@ -0,0 +1,141 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.serveraction.upgrades;
+
+import static org.easymock.EasyMock.anyObject;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.lang.reflect.Field;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.ambari.server.actionmanager.ExecutionCommandWrapper;
+import org.apache.ambari.server.actionmanager.HostRoleCommand;
+import org.apache.ambari.server.agent.CommandReport;
+import org.apache.ambari.server.agent.ExecutionCommand;
+import org.apache.ambari.server.state.Cluster;
+import org.apache.ambari.server.state.Clusters;
+import org.apache.ambari.server.state.SecurityType;
+import org.apache.ambari.server.state.Config;
+import org.apache.ambari.server.state.ConfigImpl;
+import org.easymock.EasyMock;
+import org.junit.Before;
+import org.junit.Test;
+
+import com.google.inject.Injector;
+
+
+public class RangerKmsProxyConfigTest {
+ private Injector m_injector;
+ private Clusters m_clusters;
+ private Field m_clusterField;
+
+ @Before
+ public void setup() throws Exception {
+ m_injector = EasyMock.createMock(Injector.class);
+ m_clusters = EasyMock.createMock(Clusters.class);
+ Cluster cluster = EasyMock.createMock(Cluster.class);
+
+ Config rangerEnv = new ConfigImpl("ranger-env") {
+ Map<String, String> mockProperties = new HashMap<String, String>() {{
+ put("ranger_user", "ranger");
+ }};
+
+ @Override
+ public Map<String, String> getProperties() {
+ return mockProperties;
+ }
+ };
+
+ Config kmsSite = new ConfigImpl("kms-site") {
+ Map<String, String> mockProperties = new HashMap<String, String>();
+ @Override
+ public Map<String, String> getProperties() {
+ return mockProperties;
+ }
+
+ @Override
+ public void setProperties(Map<String, String> properties) {
+ mockProperties.putAll(properties);
+ }
+
+ @Override
+ public void persist(boolean newConfig) {
+ // no-op
+ }
+ };
+
+ expect(cluster.getDesiredConfigByType("ranger-env")).andReturn(rangerEnv).atLeastOnce();
+ expect(cluster.getDesiredConfigByType("kms-site")).andReturn(kmsSite).atLeastOnce();
+ expect(m_clusters.getCluster((String) anyObject())).andReturn(cluster).anyTimes();
+ expect(m_injector.getInstance(Clusters.class)).andReturn(m_clusters).atLeastOnce();
+ expect(cluster.getSecurityType()).andReturn(SecurityType.KERBEROS).anyTimes();
+
+ replay(m_injector, m_clusters, cluster);
+
+ m_clusterField = RangerKmsProxyConfig.class.getDeclaredField("m_clusters");
+ m_clusterField.setAccessible(true);
+ }
+
+ @Test
+ public void testAction() throws Exception {
+
+ Map<String, String> commandParams = new HashMap<String, String>();
+ commandParams.put("clusterName", "c1");
+
+ ExecutionCommand executionCommand = new ExecutionCommand();
+ executionCommand.setCommandParams(commandParams);
+ executionCommand.setClusterName("c1");
+
+ HostRoleCommand hrc = EasyMock.createMock(HostRoleCommand.class);
+ expect(hrc.getRequestId()).andReturn(1L).anyTimes();
+ expect(hrc.getStageId()).andReturn(2L).anyTimes();
+ expect(hrc.getExecutionCommandWrapper()).andReturn(new ExecutionCommandWrapper(executionCommand)).anyTimes();
+ replay(hrc);
+
+ RangerKmsProxyConfig action = new RangerKmsProxyConfig();
+ m_clusterField.set(action, m_clusters);
+
+ action.setExecutionCommand(executionCommand);
+ action.setHostRoleCommand(hrc);
+
+ CommandReport report = action.execute(null);
+ assertNotNull(report);
+
+ Cluster c = m_clusters.getCluster("c1");
+ Config config = c.getDesiredConfigByType("kms-site");
+ Map<String, String> map = config.getProperties();
+
+ assertTrue(map.containsKey("hadoop.kms.proxyuser.ranger.users"));
+ assertTrue(map.containsKey("hadoop.kms.proxyuser.ranger.groups"));
+ assertTrue(map.containsKey("hadoop.kms.proxyuser.ranger.hosts"));
+
+
+ assertEquals("*", map.get("hadoop.kms.proxyuser.ranger.users"));
+ assertEquals("*", map.get("hadoop.kms.proxyuser.ranger.groups"));
+ assertEquals("*", map.get("hadoop.kms.proxyuser.ranger.hosts"));
+
+ report = action.execute(null);
+ assertNotNull(report);
+
+ }
+}
\ No newline at end of file