You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2017/04/24 02:21:11 UTC
[29/45] ambari git commit: AMBARI-20733. /var/log/krb5kdc.log is
growing rapidly on the KDC server (echekanskiy)
http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.1/YARN/test_apptimelineserver.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.1/YARN/test_apptimelineserver.py b/ambari-server/src/test/python/stacks/2.1/YARN/test_apptimelineserver.py
index 5730783..530d1d9 100644
--- a/ambari-server/src/test/python/stacks/2.1/YARN/test_apptimelineserver.py
+++ b/ambari-server/src/test/python/stacks/2.1/YARN/test_apptimelineserver.py
@@ -266,116 +266,6 @@ class TestAppTimelineServer(RMFTestCase):
group = 'hadoop',
)
-
- @patch("resource_management.libraries.functions.security_commons.build_expectations")
- @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem")
- @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties")
- @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor")
- @patch("resource_management.libraries.script.Script.put_structured_out")
- def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock):
- # Test that function works when is called with correct parameters
-
- security_params = {
- 'yarn-site': {
- 'yarn.timeline-service.keytab': '/path/to/applicationtimeline/keytab',
- 'yarn.timeline-service.principal': 'applicationtimeline_principal',
- 'yarn.timeline-service.http-authentication.kerberos.keytab': 'path/to/timeline/kerberos/keytab',
- 'yarn.timeline-service.http-authentication.kerberos.principal': 'timeline_principal'
- }
- }
- result_issues = []
- props_value_check = {"yarn.timeline-service.enabled": "true",
- "yarn.timeline-service.http-authentication.type": "kerberos",
- "yarn.acl.enable": "true"}
- props_empty_check = ["yarn.timeline-service.principal",
- "yarn.timeline-service.keytab",
- "yarn.timeline-service.http-authentication.kerberos.principal",
- "yarn.timeline-service.http-authentication.kerberos.keytab"]
-
- props_read_check = ["yarn.timeline-service.keytab",
- "yarn.timeline-service.http-authentication.kerberos.keytab"]
-
- get_params_mock.return_value = security_params
- validate_security_config_mock.return_value = result_issues
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/application_timeline_server.py",
- classname="ApplicationTimelineServer",
- command="security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- build_exp_mock.assert_called_with('yarn-site', props_value_check, props_empty_check, props_read_check)
- put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"})
- self.assertTrue(cached_kinit_executor_mock.call_count, 2)
- cached_kinit_executor_mock.assert_called_with('/usr/bin/kinit',
- self.config_dict['configurations']['yarn-env']['yarn_user'],
- security_params['yarn-site']['yarn.timeline-service.http-authentication.kerberos.keytab'],
- security_params['yarn-site']['yarn.timeline-service.http-authentication.kerberos.principal'],
- self.config_dict['hostname'],
- '/tmp')
-
- # Testing that the exception throw by cached_executor is caught
- cached_kinit_executor_mock.reset_mock()
- cached_kinit_executor_mock.side_effect = Exception("Invalid command")
-
- try:
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/application_timeline_server.py",
- classname="ApplicationTimelineServer",
- command="security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- except:
- self.assertTrue(True)
-
- # Testing with a security_params which doesn't contains yarn-site
- empty_security_params = {}
- cached_kinit_executor_mock.reset_mock()
- get_params_mock.reset_mock()
- put_structured_out_mock.reset_mock()
- get_params_mock.return_value = empty_security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/application_timeline_server.py",
- classname="ApplicationTimelineServer",
- command="security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."})
-
- # Testing with not empty result_issues
- result_issues_with_params = {
- 'yarn-site': "Something bad happened"
- }
-
- validate_security_config_mock.reset_mock()
- get_params_mock.reset_mock()
- validate_security_config_mock.return_value = result_issues_with_params
- get_params_mock.return_value = security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/application_timeline_server.py",
- classname="ApplicationTimelineServer",
- command="security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
- # Testing with security_enable = false
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/application_timeline_server.py",
- classname="ApplicationTimelineServer",
- command="security_status",
- config_file="default.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
@patch.object(resource_management.libraries.functions, "get_stack_version", new = MagicMock(return_value='2.3.0.0-1234'))
def test_pre_upgrade_restart_23(self):
config_file = self.get_src_folder()+"/test/python/stacks/2.0.6/configs/default.json"
http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py b/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py
index e0118de..32b5d70 100644
--- a/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py
+++ b/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py
@@ -128,108 +128,6 @@ class TestKnoxGateway(RMFTestCase):
)
self.assertNoMoreResources()
-
- @patch("resource_management.libraries.functions.security_commons.build_expectations")
- @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem")
- @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties")
- @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor")
- @patch("resource_management.libraries.script.Script.put_structured_out")
- def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock,
- validate_security_config_mock, get_params_mock, build_exp_mock):
- # Test that function works when is called with correct parameters
-
- security_params = {
- "krb5JAASLogin":
- {
- 'keytab': "/path/to/keytab",
- 'principal': "principal"
- },
- "gateway-site" : {
- "gateway.hadoop.kerberos.secured" : "true"
- }
- }
-
- result_issues = []
-
- get_params_mock.return_value = security_params
- validate_security_config_mock.return_value = result_issues
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/knox_gateway.py",
- classname = "KnoxGateway",
- command="security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- self.assertTrue(build_exp_mock.call_count, 2)
- build_exp_mock.assert_called_with('gateway-site', {"gateway.hadoop.kerberos.secured": "true"}, None, None)
- put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"})
- self.assertTrue(cached_kinit_executor_mock.call_count, 1)
- cached_kinit_executor_mock.assert_called_with('/usr/bin/kinit',
- self.config_dict['configurations']['knox-env']['knox_user'],
- security_params['krb5JAASLogin']['keytab'],
- security_params['krb5JAASLogin']['principal'],
- self.config_dict['hostname'],
- '/tmp')
-
- # Testing that the exception throw by cached_executor is caught
- cached_kinit_executor_mock.reset_mock()
- cached_kinit_executor_mock.side_effect = Exception("Invalid command")
-
- try:
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/knox_gateway.py",
- classname = "KnoxGateway",
- command="security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- except:
- self.assertTrue(True)
-
- # Testing with a security_params which doesn't contains krb5JAASLogin
- empty_security_params = {"krb5JAASLogin" : {}}
- cached_kinit_executor_mock.reset_mock()
- get_params_mock.reset_mock()
- put_structured_out_mock.reset_mock()
- get_params_mock.return_value = empty_security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/knox_gateway.py",
- classname = "KnoxGateway",
- command="security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file and principal are not set."})
-
- # Testing with not empty result_issues
- result_issues_with_params = {'krb5JAASLogin': "Something bad happened"}
- validate_security_config_mock.reset_mock()
- get_params_mock.reset_mock()
- validate_security_config_mock.return_value = result_issues_with_params
- get_params_mock.return_value = security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/knox_gateway.py",
- classname = "KnoxGateway",
- command="security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
- # Testing with security_enable = false
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/knox_gateway.py",
- classname = "KnoxGateway",
- command="security_status",
- config_file="default.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
@patch("os.path.isdir")
def test_pre_upgrade_restart(self, isdir_mock):
isdir_mock.return_value = True
http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.5/ATLAS/test_atlas_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.5/ATLAS/test_atlas_server.py b/ambari-server/src/test/python/stacks/2.5/ATLAS/test_atlas_server.py
index cd2fac8..539bef5 100644
--- a/ambari-server/src/test/python/stacks/2.5/ATLAS/test_atlas_server.py
+++ b/ambari-server/src/test/python/stacks/2.5/ATLAS/test_atlas_server.py
@@ -184,45 +184,3 @@ class TestAtlasServer(RMFTestCase):
self.assertResourceCalled('File', '/usr/hdp/current/atlas-server/conf/hdfs-site.xml',action = ['delete'],)
self.assertNoMoreResources()
-
- @patch("resource_management.libraries.functions.security_commons.build_expectations")
- @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem")
- @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties")
- @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor")
- @patch("resource_management.libraries.script.Script.put_structured_out")
- def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock):
-
- security_params = {
- 'atlas-application': {
- 'atlas.authentication.keytab': '/etc/security/keytabs/atlas.service.keytab',
- 'atlas.authentication.method.file': 'true',
- 'atlas.authentication.method.kerberos': 'true',
- 'atlas.authentication.method.kerberos.keytab': '/etc/security/keytabs/spnego.service.keytab',
- 'atlas.authentication.method.kerberos.principal': 'HTTP/_HOST@EXAMPLE.COM',
- 'atlas.authentication.principal': 'atlas/_HOST@EXAMPLE.COM'
- }
- }
- result_issues = []
- props_value_check = {'atlas.authentication.method.kerberos': 'true',
- 'atlas.solr.kerberos.enable': 'true'}
- props_empty_check = ['atlas.authentication.principal',
- 'atlas.authentication.keytab',
- 'atlas.authentication.method.kerberos.principal',
- 'atlas.authentication.method.kerberos.keytab']
- props_read_check = ['atlas.authentication.keytab',
- 'atlas.authentication.method.kerberos.keytab']
-
- get_params_mock.return_value = security_params
- validate_security_config_mock.return_value = result_issues
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/metadata_server.py",
- classname = "MetadataServer",
- command = "security_status",
- config_file="default.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- build_exp_mock.assert_called_with('atlas-application', props_value_check, props_empty_check, props_read_check)
- put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"})
-
- self.assertNoMoreResources()