You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2017/09/18 17:45:55 UTC
ambari git commit: AMBARI-21938. Validate kerberos.json files to
ensure they meet the expected schema (rlevas)
Repository: ambari
Updated Branches:
refs/heads/trunk cf98c01f4 -> c52ddc9d7
AMBARI-21938. Validate kerberos.json files to ensure they meet the expected schema (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/c52ddc9d
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/c52ddc9d
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/c52ddc9d
Branch: refs/heads/trunk
Commit: c52ddc9d70ce9389d6cb6a827e2313bca99bc9be
Parents: cf98c01
Author: Robert Levas <rl...@hortonworks.com>
Authored: Mon Sep 18 13:45:41 2017 -0400
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Mon Sep 18 13:45:49 2017 -0400
----------------------------------------------------------------------
ambari-server/pom.xml | 8 +-
.../kerberos/AbstractKerberosDescriptor.java | 4 +-
.../AbstractKerberosDescriptorContainer.java | 16 +-
.../kerberos/KerberosComponentDescriptor.java | 2 +-
.../state/kerberos/KerberosDescriptor.java | 11 +-
.../kerberos/KerberosIdentityDescriptor.java | 78 ++-------
.../kerberos/KerberosKeytabDescriptor.java | 42 +++--
.../kerberos/KerberosPrincipalDescriptor.java | 25 +--
.../kerberos/KerberosServiceDescriptor.java | 12 +-
.../stacks/HDP/2.6/kerberos_preconfigure.json | 2 -
.../server/stack/KerberosDescriptorTest.java | 164 ++++++++-----------
.../KerberosComponentDescriptorTest.java | 18 +-
.../KerberosConfigurationDescriptorTest.java | 2 +-
.../state/kerberos/KerberosDescriptorTest.java | 52 +++---
.../KerberosDescriptorUpdateHelperTest.java | 2 +-
.../KerberosIdentityDescriptorTest.java | 49 +++---
.../kerberos/KerberosKeytabDescriptorTest.java | 28 ++--
.../KerberosPrincipalDescriptorTest.java | 24 +--
.../kerberos/KerberosServiceDescriptorTest.java | 24 ++-
19 files changed, 255 insertions(+), 308 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-server/pom.xml b/ambari-server/pom.xml
index 29a820a..4a896ad 100644
--- a/ambari-server/pom.xml
+++ b/ambari-server/pom.xml
@@ -1597,7 +1597,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.1.4</version>
+ <version>2.8.0</version>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
@@ -1686,6 +1686,12 @@
<artifactId>jna</artifactId>
<version>4.2.2</version>
</dependency>
+ <dependency>
+ <groupId>com.networknt</groupId>
+ <artifactId>json-schema-validator</artifactId>
+ <version>0.1.7</version>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<pluginRepositories>
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java
index 0d1da9c..b496942 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java
@@ -34,6 +34,8 @@ import org.apache.commons.lang.StringUtils;
*/
public abstract class AbstractKerberosDescriptor {
+ static final String KEY_NAME = "name";
+
/**
* An AbstractKerberosDescriptor serving as the parent (or container) for this
* AbstractKerberosDescriptor.
@@ -74,7 +76,7 @@ public abstract class AbstractKerberosDescriptor {
String name = getName();
if (name != null) {
- dataMap.put("name", name);
+ dataMap.put(KEY_NAME, name);
}
return dataMap;
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java
index 5658133..85d4f69 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java
@@ -96,6 +96,10 @@ import com.google.common.collect.Sets;
public abstract class AbstractKerberosDescriptorContainer extends AbstractKerberosDescriptor {
private static final Logger LOG = LoggerFactory.getLogger(AbstractKerberosDescriptorContainer.class);
+ static final String KEY_IDENTITIES = Type.IDENTITY.getDescriptorPluralName();
+ static final String KEY_CONFIGURATIONS = Type.CONFIGURATION.getDescriptorPluralName();
+ static final String KEY_AUTH_TO_LOCAL_PROPERTIES = Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName();
+
/**
* Regular expression pattern used to parse auth_to_local property specifications into the following
* parts:
@@ -135,7 +139,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
Object list;
// (Safely) Get the set of KerberosIdentityDescriptors
- list = data.get(Type.IDENTITY.getDescriptorPluralName());
+ list = data.get(KEY_IDENTITIES);
if (list instanceof Collection) {
for (Object item : (Collection) list) {
if (item instanceof Map) {
@@ -145,7 +149,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
}
// (Safely) Get the set of KerberosConfigurationDescriptors
- list = data.get(Type.CONFIGURATION.getDescriptorPluralName());
+ list = data.get(KEY_CONFIGURATIONS);
if (list instanceof Collection) {
for (Object item : (Collection) list) {
if (item instanceof Map) {
@@ -155,7 +159,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
}
// (Safely) Get the set of KerberosConfigurationDescriptors
- list = data.get(Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName());
+ list = data.get(KEY_AUTH_TO_LOCAL_PROPERTIES);
if (list instanceof Collection) {
for (Object item : (Collection) list) {
if (item instanceof String) {
@@ -759,7 +763,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
for (KerberosIdentityDescriptor identity : identities) {
list.put(identity.getName(), identity.toMap());
}
- map.put(Type.IDENTITY.getDescriptorPluralName(), list.values());
+ map.put(KEY_IDENTITIES, list.values());
}
if (configurations != null) {
@@ -769,11 +773,11 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
for (KerberosConfigurationDescriptor configuration : configurations.values()) {
list.put(configuration.getType(), configuration.toMap());
}
- map.put(Type.CONFIGURATION.getDescriptorPluralName(), list.values());
+ map.put(KEY_CONFIGURATIONS, list.values());
}
if (authToLocalProperties != null) {
- map.put(Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalProperties);
+ map.put(KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalProperties);
}
return map;
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java
index 768a17e..3bf1dad 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java
@@ -20,7 +20,7 @@ package org.apache.ambari.server.state.kerberos;
import java.util.Collection;
import java.util.Map;
-/**
+/*
* KerberosComponentDescriptor implements AbstractKerberosDescriptorContainer. It contains the data
* related to a component which include the following properties:
* <ul>
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java
index 0eb3733..a1d373b 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java
@@ -90,6 +90,9 @@ import org.apache.commons.lang.StringUtils;
*/
public class KerberosDescriptor extends AbstractKerberosDescriptorContainer {
+ static final String KEY_PROPERTIES = "properties";
+ static final String KEY_SERVICES = Type.SERVICE.getDescriptorPluralName();
+
/**
* A Map of the "global" properties contained within this KerberosDescriptor
*/
@@ -121,7 +124,7 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer {
super(data);
if (data != null) {
- Object list = data.get(Type.SERVICE.getDescriptorPluralName());
+ Object list = data.get(KEY_SERVICES);
if (list instanceof Collection) {
for (Object item : (Collection) list) {
if (item instanceof Map) {
@@ -130,7 +133,7 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer {
}
}
- Object map = data.get("properties");
+ Object map = data.get(KEY_PROPERTIES);
if (map instanceof Map) {
for (Map.Entry<?, ?> entry : ((Map<?, ?>) map).entrySet()) {
Object value = entry.getValue();
@@ -326,11 +329,11 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer {
for (KerberosServiceDescriptor service : services.values()) {
list.add(service.toMap());
}
- map.put(Type.SERVICE.getDescriptorPluralName(), list);
+ map.put(KEY_SERVICES, list);
}
if (properties != null) {
- map.put("properties", new TreeMap<>(properties));
+ map.put(KEY_PROPERTIES, new TreeMap<>(properties));
}
return map;
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java
index 911723b..ef45343 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java
@@ -33,7 +33,6 @@ import com.google.common.base.Optional;
* <li>name</li>
* <li>principal</li>
* <li>keytab</li>
- * <li>password</li>
* </ul>
* <p/>
* The following (pseudo) JSON Schema will yield a valid KerberosIdentityDescriptor
@@ -58,11 +57,6 @@ import com.google.common.base.Optional;
* "type": "{@link org.apache.ambari.server.state.kerberos.KerberosKeytabDescriptor}",
* }
* }
- * "password": {
- * "description": "The password to use for this identity. If not set a secure random
- * password will automatically be generated",
- * "type": "string"
- * }
* }
* }
* </pre>
@@ -73,6 +67,11 @@ import com.google.common.base.Optional;
*/
public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
+ static final String KEY_REFERENCE = "reference";
+ static final String KEY_PRINCIPAL = Type.PRINCIPAL.getDescriptorName();
+ static final String KEY_KEYTAB = Type.KEYTAB.getDescriptorName();
+ static final String KEY_WHEN = "when";
+
/**
* The path to the Kerberos Identity definitions this {@link KerberosIdentityDescriptor} references
*/
@@ -89,13 +88,6 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
private KerberosKeytabDescriptor keytab = null;
/**
- * A String containing the password for this Kerberos identity
- * <p/>
- * If this value is null or empty, a random password will be generated as necessary.
- */
- private String password = null;
-
- /**
* An expression used to determine when this {@link KerberosIdentityDescriptor} is relevant for the
* cluster. If the process expression is not <code>null</code> and evaluates to <code>false</code>
* then this {@link KerberosIdentityDescriptor} will be ignored when processing identities.
@@ -105,11 +97,11 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
/**
* Creates a new KerberosIdentityDescriptor
*
- * @param name the name of this identity descriptor
+ * @param name the name of this identity descriptor
* @param reference an optional path to a referenced KerberosIdentityDescriptor
* @param principal a KerberosPrincipalDescriptor
- * @param keytab a KerberosKeytabDescriptor
- * @param when a predicate
+ * @param keytab a KerberosKeytabDescriptor
+ * @param when a predicate
*/
public KerberosIdentityDescriptor(String name, String reference, KerberosPrincipalDescriptor principal, KerberosKeytabDescriptor keytab, Predicate when) {
setName(name);
@@ -133,24 +125,22 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
// This is not automatically set by the super classes.
setName(getStringValue(data, "name"));
- setReference(getStringValue(data, "reference"));
+ setReference(getStringValue(data, KEY_REFERENCE));
if (data != null) {
Object item;
- setPassword(getStringValue(data, "password"));
-
- item = data.get(Type.PRINCIPAL.getDescriptorName());
+ item = data.get(KEY_PRINCIPAL);
if (item instanceof Map) {
setPrincipalDescriptor(new KerberosPrincipalDescriptor((Map<?, ?>) item));
}
- item = data.get(Type.KEYTAB.getDescriptorName());
+ item = data.get(KEY_KEYTAB);
if (item instanceof Map) {
setKeytabDescriptor(new KerberosKeytabDescriptor((Map<?, ?>) item));
}
- item = data.get("when");
+ item = data.get(KEY_WHEN);
if (item instanceof Map) {
setWhen(PredicateUtils.fromMap((Map<?, ?>) item));
}
@@ -221,27 +211,6 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
}
/**
- * Gets the password for this this KerberosIdentityDescriptor
- *
- * @return A String containing the password for this this KerberosIdentityDescriptor
- * @see #password
- */
- public String getPassword() {
- return password;
- }
-
- /**
- * Sets the password for this this KerberosIdentityDescriptor
- *
- * @param password A String containing the password for this this KerberosIdentityDescriptor
- * @see #password
- */
- public void setPassword(String password) {
- this.password = password;
- }
-
-
- /**
* Gets the expression (or {@link Predicate}) to use to determine when to include this Kerberos
* identity while processing Kerberos identities.
* <p>
@@ -295,8 +264,6 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
setReference(updates.getReference());
- setPassword(updates.getPassword());
-
KerberosPrincipalDescriptor existingPrincipal = getPrincipalDescriptor();
if (existingPrincipal == null) {
setPrincipalDescriptor(updates.getPrincipalDescriptor());
@@ -312,7 +279,7 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
}
Predicate updatedWhen = updates.getWhen();
- if(updatedWhen != null) {
+ if (updatedWhen != null) {
setWhen(updatedWhen);
}
}
@@ -331,23 +298,19 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
Map<String, Object> dataMap = super.toMap();
if (reference != null) {
- dataMap.put("reference", reference);
+ dataMap.put(KEY_REFERENCE, reference);
}
if (principal != null) {
- dataMap.put(Type.PRINCIPAL.getDescriptorName(), principal.toMap());
+ dataMap.put(KEY_PRINCIPAL, principal.toMap());
}
if (keytab != null) {
- dataMap.put(Type.KEYTAB.getDescriptorName(), keytab.toMap());
- }
-
- if (password != null) {
- dataMap.put("password", password);
+ dataMap.put(KEY_KEYTAB, keytab.toMap());
}
- if(when != null) {
- dataMap.put("when", PredicateUtils.toMap(when));
+ if (when != null) {
+ dataMap.put(KEY_WHEN, PredicateUtils.toMap(when));
}
return dataMap;
@@ -435,11 +398,6 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
: getKeytabDescriptor().equals(descriptor.getKeytabDescriptor())
) &&
(
- (getPassword() == null)
- ? (descriptor.getPassword() == null)
- : getPassword().equals(descriptor.getPassword())
- ) &&
- (
(getWhen() == null)
? (descriptor.getWhen() == null)
: getWhen().equals(descriptor.getWhen())
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java
index a17caad..7047c81 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java
@@ -97,6 +97,14 @@ import java.util.TreeMap;
*/
public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor {
+ static final String KEY_FILE = "file";
+ static final String KEY_OWNER = "owner";
+ static final String KEY_GROUP = "group";
+ static final String KEY_CONFIGURATION = "configuration";
+ static final String KEY_CACHABLE = "cachable";
+ static final String KEY_ACL_NAME = "name";
+ static final String KEY_ACL_ACCESS = "access";
+
/**
* A String declaring the local username that should be set as the owner of the keytab file
*/
@@ -188,29 +196,29 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor {
public KerberosKeytabDescriptor(Map<?, ?> data) {
// The name for this KerberosKeytabDescriptor is stored in the "file" entry in the map
// This is not automatically set by the super classes.
- setName(getStringValue(data, "file"));
+ setName(getStringValue(data, KEY_FILE));
if (data != null) {
Object object;
- object = data.get("owner");
+ object = data.get(KEY_OWNER);
if (object instanceof Map) {
Map<?, ?> map = (Map<?, ?>) object;
- setOwnerName(getStringValue(map, "name"));
- setOwnerAccess(getStringValue(map, "access"));
+ setOwnerName(getStringValue(map, KEY_ACL_NAME));
+ setOwnerAccess(getStringValue(map, KEY_ACL_ACCESS));
}
- object = data.get("group");
+ object = data.get(KEY_GROUP);
if (object instanceof Map) {
Map<?, ?> map = (Map<?, ?>) object;
- setGroupName(getStringValue(map, "name"));
- setGroupAccess(getStringValue(map, "access"));
+ setGroupName(getStringValue(map, KEY_ACL_NAME));
+ setGroupAccess(getStringValue(map, KEY_ACL_ACCESS));
}
- setConfiguration(getStringValue(data, "configuration"));
+ setConfiguration(getStringValue(data, KEY_CONFIGURATION));
// If the "cachable" value is anything but false, set it to true
- setCachable(!"false".equalsIgnoreCase(getStringValue(data, "cachable")));
+ setCachable(!"false".equalsIgnoreCase(getStringValue(data, KEY_CACHABLE)));
}
}
@@ -422,23 +430,23 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor {
String data;
data = getFile();
- map.put("file", data);
+ map.put(KEY_FILE, data);
// Build file owner map
Map<String, String> owner = new TreeMap<>();
data = getOwnerName();
if (data != null) {
- owner.put("name", data);
+ owner.put(KEY_ACL_NAME, data);
}
data = getOwnerAccess();
if (data != null) {
- owner.put("access", data);
+ owner.put(KEY_ACL_ACCESS, data);
}
if (!owner.isEmpty()) {
- map.put("owner", owner);
+ map.put(KEY_OWNER, owner);
}
// Build file owner map (end)
@@ -447,22 +455,22 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor {
data = getGroupName();
if (data != null) {
- group.put("name", data);
+ group.put(KEY_ACL_NAME, data);
}
data = getGroupAccess();
if (data != null) {
- group.put("access", data);
+ group.put(KEY_ACL_ACCESS, data);
}
if (!owner.isEmpty()) {
- map.put("group", group);
+ map.put(KEY_GROUP, group);
}
// Build file owner map (end)
data = getConfiguration();
if (data != null) {
- map.put("configuration", data);
+ map.put(KEY_CONFIGURATION, data);
}
return map;
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
index 74254e3..a8e094f94 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
@@ -68,6 +68,11 @@ import java.util.TreeMap;
*/
public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor {
+ static final String KEY_VALUE = "value";
+ static final String KEY_TYPE = "type";
+ static final String KEY_CONFIGURATION = "configuration";
+ static final String KEY_LOCAL_USERNAME = "local_username";
+
/**
* A string declaring the type of principal this KerberosPrincipalDescriptor represents.
* <p/>
@@ -100,8 +105,8 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor {
/**
* Creates a new KerberosPrincipalDescriptor
*
- * @param principal the principal name
- * @param type the principal type (user, service, etc...)
+ * @param principal the principal name
+ * @param type the principal type (user, service, etc...)
* @param configuration the configuration used to store the principal name
* @param localUsername the local username to map to the principal
*/
@@ -124,10 +129,10 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor {
* @see org.apache.ambari.server.state.kerberos.KerberosPrincipalDescriptor
*/
public KerberosPrincipalDescriptor(Map<?, ?> data) {
- this(getStringValue(data, "value"),
- getKerberosPrincipalTypeValue(data, "type"),
- getStringValue(data, "configuration"),
- getStringValue(data, "local_username")
+ this(getStringValue(data, KEY_VALUE),
+ getKerberosPrincipalTypeValue(data, KEY_TYPE),
+ getStringValue(data, KEY_CONFIGURATION),
+ getStringValue(data, KEY_LOCAL_USERNAME)
);
}
@@ -269,10 +274,10 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor {
public Map<String, Object> toMap() {
Map<String, Object> map = new TreeMap<>();
- map.put("value", getValue());
- map.put("type", KerberosPrincipalType.translate(getType()));
- map.put("configuration", getConfiguration());
- map.put("local_username", getLocalUsername());
+ map.put(KEY_VALUE, getValue());
+ map.put(KEY_TYPE, KerberosPrincipalType.translate(getType()));
+ map.put(KEY_CONFIGURATION, getConfiguration());
+ map.put(KEY_LOCAL_USERNAME, getLocalUsername());
return map;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java
index 5da3399..51b7cd0 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java
@@ -46,6 +46,7 @@ import org.apache.commons.lang.builder.HashCodeBuilder;
* "title": "KerberosServiceDescriptor",
* "description": "Describes an Ambari service",
* "type": "object",
+ * "preconfigure": "boolean",
* "properties": {
* "name": {
* "description": "An identifying name for this service descriptor.",
@@ -85,6 +86,9 @@ import org.apache.commons.lang.builder.HashCodeBuilder;
*/
public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContainer {
+ static final String KEY_PRECONFIGURE = "preconfigure";
+ static final String KEY_COMPONENTS = Type.COMPONENT.getDescriptorPluralName();
+
/**
* A Map of the components contained within this KerberosServiceDescriptor
*/
@@ -137,7 +141,7 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain
setName(name);
if (data != null) {
- Object list = data.get(Type.COMPONENT.getDescriptorPluralName());
+ Object list = data.get(KEY_COMPONENTS);
if (list instanceof Collection) {
// Assume list is Collection<Map<String, Object>>
for (Object item : (Collection) list) {
@@ -147,7 +151,7 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain
}
}
- setPreconfigure(getBooleanValue(data, "preconfigure"));
+ setPreconfigure(getBooleanValue(data, KEY_PRECONFIGURE));
}
}
@@ -275,11 +279,11 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain
for (KerberosComponentDescriptor component : components.values()) {
list.add(component.toMap());
}
- map.put(Type.COMPONENT.getDescriptorPluralName(), list);
+ map.put(KEY_COMPONENTS, list);
}
if (preconfigure != null) {
- map.put("preProcess", preconfigure.toString());
+ map.put(KEY_PRECONFIGURE, preconfigure.toString());
}
return map;
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json b/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json
index c9d8c91..9c29393 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json
+++ b/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json
@@ -7,8 +7,6 @@
{
"name": "BEACON",
"preconfigure" : true,
- "configurations": {
- },
"identities": [
{
"name": "beacon_server",
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java
index 0f1dd55..d208cfc 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java
@@ -19,147 +19,113 @@
package org.apache.ambari.server.stack;
import java.io.File;
-import java.io.IOException;
+import java.io.InputStream;
import java.net.URL;
+import java.util.Set;
+import java.util.regex.Pattern;
-import org.apache.ambari.server.state.kerberos.KerberosDescriptor;
-import org.apache.ambari.server.state.kerberos.KerberosDescriptorFactory;
import org.junit.BeforeClass;
-import org.junit.Ignore;
import org.junit.Test;
-import org.springframework.util.Assert;
+import org.junit.experimental.categories.Category;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.networknt.schema.JsonSchema;
+import com.networknt.schema.JsonSchemaFactory;
+import com.networknt.schema.ValidationMessage;
+
+import junit.framework.Assert;
/**
* KerberosDescriptorTest tests the stack- and service-level descriptors for certain stacks
* and services
*/
-@Ignore
+@Category({category.KerberosTest.class})
public class KerberosDescriptorTest {
- private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory();
+ private static Logger LOG = LoggerFactory.getLogger(KerberosDescriptorTest.class);
+
+ private static final Pattern PATTERN_KERBEROS_DESCRIPTOR_FILENAME = Pattern.compile("^kerberos(?:_preconfigure)?\\.json$");
private static File stacksDirectory;
- private static File hdpStackDirectory;
- private static File hdp22StackDirectory;
- private static File hdp22ServicesDirectory;
private static File commonServicesDirectory;
@BeforeClass
public static void beforeClass() {
URL rootDirectoryURL = KerberosDescriptorTest.class.getResource("/");
- Assert.notNull(rootDirectoryURL);
+ Assert.assertNotNull(rootDirectoryURL);
File resourcesDirectory = new File(new File(rootDirectoryURL.getFile()).getParentFile().getParentFile(), "src/main/resources");
- Assert.notNull(resourcesDirectory);
- Assert.isTrue(resourcesDirectory.canRead());
+ Assert.assertNotNull(resourcesDirectory);
+ Assert.assertTrue(resourcesDirectory.canRead());
stacksDirectory = new File(resourcesDirectory, "stacks");
- Assert.notNull(stacksDirectory);
- Assert.isTrue(stacksDirectory.canRead());
-
- hdpStackDirectory = new File(stacksDirectory, "HDP");
- Assert.notNull(hdpStackDirectory);
- Assert.isTrue(hdpStackDirectory.canRead());
-
- hdp22StackDirectory = new File(hdpStackDirectory, "2.2");
- Assert.notNull(hdp22StackDirectory);
- Assert.isTrue(hdp22StackDirectory.canRead());
-
- hdp22ServicesDirectory = new File(hdp22StackDirectory, "services");
- Assert.notNull(hdp22ServicesDirectory);
- Assert.isTrue(hdp22ServicesDirectory.canRead());
+ Assert.assertNotNull(stacksDirectory);
+ Assert.assertTrue(stacksDirectory.canRead());
commonServicesDirectory = new File(resourcesDirectory, "common-services");
- Assert.notNull(commonServicesDirectory);
- Assert.isTrue(commonServicesDirectory.canRead());
+ Assert.assertNotNull(commonServicesDirectory);
+ Assert.assertTrue(commonServicesDirectory.canRead());
}
@Test
- public void testCommonHBASEServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HBASE", "0.96.0.2.0");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("HBASE"));
+ public void testCommonServiceDescriptor() throws Exception {
+ JsonSchema schema = getJsonSchemaFromPath("kerberos_descriptor_schema.json");
+ Assert.assertTrue(visitFile(schema, commonServicesDirectory, true));
}
@Test
- public void testCommonHDFSServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HDFS", "2.1.0.2.0");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("HDFS"));
+ public void testStackServiceDescriptor() throws Exception {
+ JsonSchema schema = getJsonSchemaFromPath("kerberos_descriptor_schema.json");
+ Assert.assertTrue(visitFile(schema, stacksDirectory, true));
}
- @Test
- public void testCommonYarnServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "YARN", "2.1.0.2.0");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("YARN"));
- Assert.notNull(descriptor.getService("MAPREDUCE2"));
- }
+ private boolean visitFile(JsonSchema schema, File file, boolean previousResult) throws Exception {
- @Test
- public void testCommonFalconServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "FALCON", "0.5.0.2.1");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("FALCON"));
- }
+ if (file.isDirectory()) {
+ boolean currentResult = true;
- @Test
- public void testCommonHiveServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HIVE", "0.12.0.2.0");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("HIVE"));
- }
+ File[] files = file.listFiles();
+ if (files != null) {
+ for (File currentFile : files) {
+ currentResult = visitFile(schema, currentFile, previousResult) && currentResult;
+ }
+ }
+ return previousResult && currentResult;
+ } else if (file.isFile()) {
+ if (PATTERN_KERBEROS_DESCRIPTOR_FILENAME.matcher(file.getName()).matches()) {
+ LOG.info("Validating " + file.getAbsolutePath());
- @Test
- public void testCommonKnoxServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "KNOX", "0.5.0.2.2");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("KNOX"));
- }
+ JsonNode node = getJsonNodeFromUrl(file.toURI().toURL().toExternalForm());
+ Set<ValidationMessage> errors = schema.validate(node);
- @Test
- public void testCommonOozieServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor;
+ if ((errors != null) && !errors.isEmpty()) {
+ for (ValidationMessage message : errors) {
+ LOG.error(message.getMessage());
+ }
- descriptor = getKerberosDescriptor(commonServicesDirectory, "OOZIE", "4.0.0.2.0");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("OOZIE"));
- }
+ return false;
+ }
- @Test
- public void testCommonStormServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "STORM", "0.9.1");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("STORM"));
- }
+ return true;
+ } else {
+ return true;
+ }
+ }
- @Test
- public void testCommonZookeepeerServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "ZOOKEEPER", "3.4.5");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("ZOOKEEPER"));
+ return previousResult;
}
- @Test
- public void testCommonSparkServiceDescriptor() throws IOException {
- KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "SPARK", "1.2.1");
- Assert.notNull(descriptor);
- Assert.notNull(descriptor.getServices());
- Assert.notNull(descriptor.getService("SPARK"));
+ private JsonNode getJsonNodeFromUrl(String url) throws Exception {
+ ObjectMapper mapper = new ObjectMapper();
+ return mapper.readTree(new URL(url));
}
- private KerberosDescriptor getKerberosDescriptor(File baseDirectory, String service, String version) throws IOException {
- File serviceDirectory = new File(baseDirectory, service);
- File serviceVersionDirectory = new File(serviceDirectory, version);
- return KERBEROS_DESCRIPTOR_FACTORY.createInstance(new File(serviceVersionDirectory, "kerberos.json"));
+ private JsonSchema getJsonSchemaFromPath(String name) throws Exception {
+ JsonSchemaFactory factory = new JsonSchemaFactory();
+ InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(name);
+ return factory.getSchema(is);
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java
index 09699c6..a33d842 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java
@@ -35,9 +35,9 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({ category.KerberosTest.class})
+@Category({category.KerberosTest.class})
public class KerberosComponentDescriptorTest {
- public static final String JSON_VALUE =
+ static final String JSON_VALUE =
" {" +
" \"name\": \"COMPONENT_NAME\"," +
" \"identities\": [" +
@@ -60,9 +60,9 @@ public class KerberosComponentDescriptorTest {
static {
Map<String, Object> identitiesMap = new TreeMap<>();
- identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE);
- identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_ALT.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE_ALT);
- identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE);
+ identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE);
+ identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_ALT.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE_ALT);
+ identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE);
Map<String, Object> serviceSiteProperties = new TreeMap<>();
serviceSiteProperties.put("service.component.property1", "red");
@@ -78,10 +78,10 @@ public class KerberosComponentDescriptorTest {
authToLocalRules.add("component.name.rules2");
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put("name", "A_DIFFERENT_COMPONENT_NAME");
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), new ArrayList<>(identitiesMap.values()));
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values());
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules);
+ MAP_VALUE.put(KerberosIdentityDescriptor.KEY_NAME, "A_DIFFERENT_COMPONENT_NAME");
+ MAP_VALUE.put(KerberosComponentDescriptor.KEY_IDENTITIES, new ArrayList<>(identitiesMap.values()));
+ MAP_VALUE.put(KerberosComponentDescriptor.KEY_CONFIGURATIONS, configurationsMap.values());
+ MAP_VALUE.put(KerberosComponentDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules);
}
static void validateFromJSON(KerberosComponentDescriptor componentDescriptor) {
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java
index e891fde..3a461aa 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java
@@ -32,7 +32,7 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({ category.KerberosTest.class})
+@Category({category.KerberosTest.class})
public class KerberosConfigurationDescriptorTest {
private static final String JSON_SINGLE_VALUE =
"{ \"configuration-type\": {" +
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java
index 7fb5624..d0d57d5 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java
@@ -40,12 +40,12 @@ import com.google.gson.Gson;
import junit.framework.Assert;
-@Category({ category.KerberosTest.class})
+@Category({category.KerberosTest.class})
public class KerberosDescriptorTest {
private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory();
private static final KerberosServiceDescriptorFactory KERBEROS_SERVICE_DESCRIPTOR_FACTORY = new KerberosServiceDescriptorFactory();
- public static final String JSON_VALUE =
+ private static final String JSON_VALUE =
"{" +
" \"properties\": {" +
" \"realm\": \"${cluster-env/kerberos_domain}\"," +
@@ -59,30 +59,30 @@ public class KerberosDescriptorTest {
" ]" +
"}";
- public static final Map<String, Object> MAP_VALUE;
+ private static final Map<String, Object> MAP_VALUE;
static {
Map<String, Object> keytabOwnerMap = new TreeMap<>();
- keytabOwnerMap.put("name", "root");
- keytabOwnerMap.put("access", "rw");
+ keytabOwnerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "root");
+ keytabOwnerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw");
Map<String, Object> keytabGroupMap = new TreeMap<>();
- keytabGroupMap.put("name", "hadoop");
- keytabGroupMap.put("access", "r");
+ keytabGroupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "hadoop");
+ keytabGroupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "r");
Map<String, Object> keytabMap = new TreeMap<>();
- keytabMap.put("file", "/etc/security/keytabs/subject.service.keytab");
- keytabMap.put("owner", keytabOwnerMap);
- keytabMap.put("group", keytabGroupMap);
- keytabMap.put("configuration", "service-site/service2.component.keytab.file");
+ keytabMap.put(KerberosKeytabDescriptor.KEY_FILE, "/etc/security/keytabs/subject.service.keytab");
+ keytabMap.put(KerberosKeytabDescriptor.KEY_OWNER, keytabOwnerMap);
+ keytabMap.put(KerberosKeytabDescriptor.KEY_GROUP, keytabGroupMap);
+ keytabMap.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/service2.component.keytab.file");
Map<String, Object> sharedIdentityMap = new TreeMap<>();
- sharedIdentityMap.put("name", "shared");
- sharedIdentityMap.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE);
- sharedIdentityMap.put("keytab", keytabMap);
+ sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_NAME, "shared");
+ sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE);
+ sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_KEYTAB, keytabMap);
Map<String, Object> servicesMap = new TreeMap<>();
- servicesMap.put((String) KerberosServiceDescriptorTest.MAP_VALUE.get("name"), KerberosServiceDescriptorTest.MAP_VALUE);
+ servicesMap.put((String) KerberosServiceDescriptorTest.MAP_VALUE.get(KerberosServiceDescriptor.KEY_NAME), KerberosServiceDescriptorTest.MAP_VALUE);
Map<String, Object> identitiesMap = new TreeMap<>();
identitiesMap.put("shared", sharedIdentityMap);
@@ -104,14 +104,14 @@ public class KerberosDescriptorTest {
properties.put("some.property", "Hello World");
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put("properties", properties);
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules);
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.SERVICE.getDescriptorPluralName(), servicesMap.values());
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values());
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), identitiesMap.values());
+ MAP_VALUE.put(KerberosDescriptor.KEY_PROPERTIES, properties);
+ MAP_VALUE.put(KerberosDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules);
+ MAP_VALUE.put(KerberosDescriptor.KEY_SERVICES, servicesMap.values());
+ MAP_VALUE.put(KerberosDescriptor.KEY_CONFIGURATIONS, configurationsMap.values());
+ MAP_VALUE.put(KerberosDescriptor.KEY_IDENTITIES, identitiesMap.values());
}
- public static void validateFromJSON(KerberosDescriptor descriptor) {
+ private static void validateFromJSON(KerberosDescriptor descriptor) {
Assert.assertNotNull(descriptor);
Assert.assertTrue(descriptor.isContainer());
@@ -146,7 +146,7 @@ public class KerberosDescriptorTest {
Assert.assertNull(configurations);
}
- public static void validateFromMap(KerberosDescriptor descriptor) throws AmbariException {
+ private static void validateFromMap(KerberosDescriptor descriptor) throws AmbariException {
Assert.assertNotNull(descriptor);
Assert.assertTrue(descriptor.isContainer());
@@ -219,7 +219,7 @@ public class KerberosDescriptorTest {
Assert.assertEquals("red", configProperties.get("property1"));
}
- public void validateUpdatedData(KerberosDescriptor descriptor) {
+ private void validateUpdatedData(KerberosDescriptor descriptor) {
Assert.assertNotNull(descriptor);
Map<String, String> properties = descriptor.getProperties();
@@ -420,7 +420,7 @@ public class KerberosDescriptorTest {
@Test
public void testGetReferencedIdentityDescriptor_Recursive() throws IOException {
- boolean identityFound = false;
+ boolean identityFound;
List<KerberosIdentityDescriptor> identities;
URL systemResourceURL = ClassLoader.getSystemResource("kerberos/test_get_referenced_identity_descriptor.json");
@@ -482,8 +482,8 @@ public class KerberosDescriptorTest {
public void testFiltersOutIdentitiesBasedonInstalledServices() throws IOException {
URL systemResourceURL = ClassLoader.getSystemResource("kerberos/test_filtering_identity_descriptor.json");
KerberosComponentDescriptor componentDescriptor = KERBEROS_DESCRIPTOR_FACTORY.createInstance(new File(systemResourceURL.getFile()))
- .getService("SERVICE1")
- .getComponent("SERVICE1_COMPONENT1");
+ .getService("SERVICE1")
+ .getComponent("SERVICE1_COMPONENT1");
List<KerberosIdentityDescriptor> identities = componentDescriptor.getIdentities(true, new HashedMap() {{
put("services", Collections.emptySet());
}});
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java
index 44812de..293e050 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java
@@ -50,7 +50,7 @@ import com.google.inject.assistedinject.FactoryModuleBuilder;
import junit.framework.Assert;
-@Category({ category.KerberosTest.class})
+@Category({category.KerberosTest.class})
public class KerberosDescriptorUpdateHelperTest extends EasyMockSupport {
private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory();
private static final Gson GSON = new Gson();
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java
index d11962b..21e87a6 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java
@@ -31,9 +31,9 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({ category.KerberosTest.class})
+@Category({category.KerberosTest.class})
public class KerberosIdentityDescriptorTest {
- public static final String JSON_VALUE =
+ static final String JSON_VALUE =
"{" +
" \"name\": \"identity_1\"" +
"," +
@@ -50,63 +50,58 @@ public class KerberosIdentityDescriptorTest {
static {
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put("name", "identity_1");
- MAP_VALUE.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE);
- MAP_VALUE.put("keytab", KerberosKeytabDescriptorTest.MAP_VALUE);
- MAP_VALUE.put("password", "secret");
+ MAP_VALUE.put(KerberosIdentityDescriptor.KEY_NAME, "identity_1");
+ MAP_VALUE.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE);
+ MAP_VALUE.put(KerberosIdentityDescriptor.KEY_KEYTAB, KerberosKeytabDescriptorTest.MAP_VALUE);
MAP_VALUE_ALT = new TreeMap<>();
- MAP_VALUE_ALT.put("name", "identity_2");
- MAP_VALUE_ALT.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE);
- MAP_VALUE_ALT.put("keytab", KerberosKeytabDescriptorTest.MAP_VALUE);
- MAP_VALUE_ALT.put("password", "secret2");
+ MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_NAME, "identity_2");
+ MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE);
+ MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_KEYTAB, KerberosKeytabDescriptorTest.MAP_VALUE);
TreeMap<String, Object> ownerMap = new TreeMap<>();
- ownerMap.put("name", "me");
- ownerMap.put("access", "rw");
+ ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "me");
+ ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw");
TreeMap<String, Object> groupMap = new TreeMap<>();
- groupMap.put("name", "nobody");
- groupMap.put("access", "");
+ groupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "nobody");
+ groupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "");
TreeMap<String, Object> keytabMap = new TreeMap<>();
- keytabMap.put("file", "/home/user/me/subject.service.keytab");
- keytabMap.put("owner", ownerMap);
- keytabMap.put("group", groupMap);
- keytabMap.put("configuration", "service-site/me.component.keytab.file");
+ keytabMap.put(KerberosKeytabDescriptor.KEY_FILE, "/home/user/me/subject.service.keytab");
+ keytabMap.put(KerberosKeytabDescriptor.KEY_OWNER, ownerMap);
+ keytabMap.put(KerberosKeytabDescriptor.KEY_GROUP, groupMap);
+ keytabMap.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/me.component.keytab.file");
MAP_VALUE_REFERENCE = new TreeMap<>();
- MAP_VALUE_REFERENCE.put("name", "shared_identity");
- MAP_VALUE_REFERENCE.put("reference", "/shared");
- MAP_VALUE_REFERENCE.put("keytab", keytabMap);
+ MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_NAME, "shared_identity");
+ MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_REFERENCE, "/shared");
+ MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_KEYTAB, keytabMap);
}
- public static void validateFromJSON(KerberosIdentityDescriptor identityDescriptor) {
+ static void validateFromJSON(KerberosIdentityDescriptor identityDescriptor) {
Assert.assertNotNull(identityDescriptor);
Assert.assertFalse(identityDescriptor.isContainer());
KerberosPrincipalDescriptorTest.validateFromJSON(identityDescriptor.getPrincipalDescriptor());
KerberosKeytabDescriptorTest.validateFromJSON(identityDescriptor.getKeytabDescriptor());
- Assert.assertNull(identityDescriptor.getPassword());
}
- public static void validateFromMap(KerberosIdentityDescriptor identityDescriptor) {
+ static void validateFromMap(KerberosIdentityDescriptor identityDescriptor) {
Assert.assertNotNull(identityDescriptor);
Assert.assertFalse(identityDescriptor.isContainer());
KerberosPrincipalDescriptorTest.validateFromMap(identityDescriptor.getPrincipalDescriptor());
KerberosKeytabDescriptorTest.validateFromMap(identityDescriptor.getKeytabDescriptor());
- Assert.assertEquals("secret", identityDescriptor.getPassword());
}
- public static void validateUpdatedData(KerberosIdentityDescriptor identityDescriptor) {
+ static void validateUpdatedData(KerberosIdentityDescriptor identityDescriptor) {
Assert.assertNotNull(identityDescriptor);
KerberosPrincipalDescriptorTest.validateUpdatedData(identityDescriptor.getPrincipalDescriptor());
KerberosKeytabDescriptorTest.validateUpdatedData(identityDescriptor.getKeytabDescriptor());
- Assert.assertEquals("secret", identityDescriptor.getPassword());
}
private static KerberosIdentityDescriptor createFromJSON() {
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java
index 8cdb39e..bc41912 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java
@@ -29,9 +29,9 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({ category.KerberosTest.class})
+@Category({category.KerberosTest.class})
public class KerberosKeytabDescriptorTest {
- public static final String JSON_VALUE =
+ static final String JSON_VALUE =
"{" +
" \"file\": \"/etc/security/keytabs/${host}/subject.service.keytab\"," +
" \"owner\": {" +
@@ -45,25 +45,25 @@ public class KerberosKeytabDescriptorTest {
" \"configuration\": \"service-site/service.component.keytab.file\"" +
"}";
- public static final Map<String, Object> MAP_VALUE;
+ static final Map<String, Object> MAP_VALUE;
static {
TreeMap<String, Object> ownerMap = new TreeMap<>();
- ownerMap.put("name", "root");
- ownerMap.put("access", "rw");
+ ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "root");
+ ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw");
TreeMap<String, Object> groupMap = new TreeMap<>();
- groupMap.put("name", "hadoop");
- groupMap.put("access", "r");
+ groupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "hadoop");
+ groupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "r");
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put("file", "/etc/security/keytabs/subject.service.keytab");
- MAP_VALUE.put("owner", ownerMap);
- MAP_VALUE.put("group", groupMap);
- MAP_VALUE.put("configuration", "service-site/service2.component.keytab.file");
+ MAP_VALUE.put(KerberosKeytabDescriptor.KEY_FILE, "/etc/security/keytabs/subject.service.keytab");
+ MAP_VALUE.put(KerberosKeytabDescriptor.KEY_OWNER, ownerMap);
+ MAP_VALUE.put(KerberosKeytabDescriptor.KEY_GROUP, groupMap);
+ MAP_VALUE.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/service2.component.keytab.file");
}
- public static void validateFromJSON(KerberosKeytabDescriptor keytabDescriptor) {
+ static void validateFromJSON(KerberosKeytabDescriptor keytabDescriptor) {
Assert.assertNotNull(keytabDescriptor);
Assert.assertFalse(keytabDescriptor.isContainer());
@@ -75,7 +75,7 @@ public class KerberosKeytabDescriptorTest {
Assert.assertEquals("service-site/service.component.keytab.file", keytabDescriptor.getConfiguration());
}
- public static void validateFromMap(KerberosKeytabDescriptor keytabDescriptor) {
+ static void validateFromMap(KerberosKeytabDescriptor keytabDescriptor) {
Assert.assertNotNull(keytabDescriptor);
Assert.assertFalse(keytabDescriptor.isContainer());
@@ -87,7 +87,7 @@ public class KerberosKeytabDescriptorTest {
Assert.assertEquals("service-site/service2.component.keytab.file", keytabDescriptor.getConfiguration());
}
- public static void validateUpdatedData(KerberosKeytabDescriptor keytabDescriptor) {
+ static void validateUpdatedData(KerberosKeytabDescriptor keytabDescriptor) {
Assert.assertNotNull(keytabDescriptor);
Assert.assertEquals("/etc/security/keytabs/subject.service.keytab", keytabDescriptor.getFile());
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
index b84223f..90a3f0f 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
@@ -29,9 +29,9 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({ category.KerberosTest.class})
+@Category({category.KerberosTest.class})
public class KerberosPrincipalDescriptorTest {
- public static final String JSON_VALUE =
+ static final String JSON_VALUE =
"{" +
"\"value\": \"service/_HOST@_REALM\"," +
"\"configuration\": \"service-site/service.component.kerberos.principal\"," +
@@ -39,27 +39,27 @@ public class KerberosPrincipalDescriptorTest {
"\"local_username\": \"localUser\"" +
"}";
- public static final String JSON_VALUE_SPARSE =
+ private static final String JSON_VALUE_SPARSE =
"{" +
"\"value\": \"serviceOther/_HOST@_REALM\"" +
"}";
public static final Map<String, Object> MAP_VALUE;
- public static final Map<String, Object> MAP_VALUE_SPARSE;
+ private static final Map<String, Object> MAP_VALUE_SPARSE;
static {
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put("value", "user@_REALM");
- MAP_VALUE.put("configuration", "service-site/service.component.kerberos.https.principal");
- MAP_VALUE.put("type", "user");
- MAP_VALUE.put("local_username", null);
+ MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_VALUE, "user@_REALM");
+ MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_CONFIGURATION, "service-site/service.component.kerberos.https.principal");
+ MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_TYPE, "user");
+ MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_LOCAL_USERNAME, null);
MAP_VALUE_SPARSE = new TreeMap<>();
- MAP_VALUE_SPARSE.put("value", "userOther@_REALM");
+ MAP_VALUE_SPARSE.put(KerberosPrincipalDescriptor.KEY_VALUE, "userOther@_REALM");
}
- public static void validateFromJSON(KerberosPrincipalDescriptor principalDescriptor) {
+ static void validateFromJSON(KerberosPrincipalDescriptor principalDescriptor) {
Assert.assertNotNull(principalDescriptor);
Assert.assertFalse(principalDescriptor.isContainer());
Assert.assertEquals("service/_HOST@_REALM", principalDescriptor.getValue());
@@ -68,7 +68,7 @@ public class KerberosPrincipalDescriptorTest {
Assert.assertEquals("localUser", principalDescriptor.getLocalUsername());
}
- public static void validateFromMap(KerberosPrincipalDescriptor principalDescriptor) {
+ static void validateFromMap(KerberosPrincipalDescriptor principalDescriptor) {
Assert.assertNotNull(principalDescriptor);
Assert.assertFalse(principalDescriptor.isContainer());
Assert.assertEquals("user@_REALM", principalDescriptor.getValue());
@@ -77,7 +77,7 @@ public class KerberosPrincipalDescriptorTest {
Assert.assertNull(principalDescriptor.getLocalUsername());
}
- public static void validateUpdatedData(KerberosPrincipalDescriptor principalDescriptor) {
+ static void validateUpdatedData(KerberosPrincipalDescriptor principalDescriptor) {
Assert.assertNotNull(principalDescriptor);
Assert.assertEquals("user@_REALM", principalDescriptor.getValue());
Assert.assertEquals("service-site/service.component.kerberos.https.principal", principalDescriptor.getConfiguration());
http://git-wip-us.apache.org/repos/asf/ambari/blob/c52ddc9d/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java
index e4d3c90..400116d 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java
@@ -37,9 +37,9 @@ import com.google.gson.Gson;
import junit.framework.Assert;
-@Category({ category.KerberosTest.class})
+@Category({category.KerberosTest.class})
public class KerberosServiceDescriptorTest {
- public static final String JSON_VALUE =
+ static final String JSON_VALUE =
"{" +
" \"name\": \"SERVICE_NAME\"," +
" \"preconfigure\": \"true\"," +
@@ -62,7 +62,7 @@ public class KerberosServiceDescriptorTest {
" ]" +
"}";
- public static final String JSON_VALUE_SERVICES =
+ private static final String JSON_VALUE_SERVICES =
"{ " +
"\"services\" : [" +
"{" +
@@ -130,22 +130,22 @@ public class KerberosServiceDescriptorTest {
MAP_VALUE = new TreeMap<>();
MAP_VALUE.put("name", "A_DIFFERENT_SERVICE_NAME");
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), identitiesMap.values());
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.COMPONENT.getDescriptorPluralName(), componentsMap.values());
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values());
- MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules);
+ MAP_VALUE.put(KerberosServiceDescriptor.KEY_IDENTITIES, identitiesMap.values());
+ MAP_VALUE.put(KerberosServiceDescriptor.KEY_COMPONENTS, componentsMap.values());
+ MAP_VALUE.put(KerberosServiceDescriptor.KEY_CONFIGURATIONS, configurationsMap.values());
+ MAP_VALUE.put(KerberosServiceDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules);
}
private static final KerberosServiceDescriptorFactory KERBEROS_SERVICE_DESCRIPTOR_FACTORY = new KerberosServiceDescriptorFactory();
- public static void validateFromJSON(KerberosServiceDescriptor[] serviceDescriptors) {
+ private static void validateFromJSON(KerberosServiceDescriptor[] serviceDescriptors) {
Assert.assertNotNull(serviceDescriptors);
Assert.assertEquals(2, serviceDescriptors.length);
validateFromJSON(serviceDescriptors[0]);
}
- public static void validateFromJSON(KerberosServiceDescriptor serviceDescriptor) {
+ static void validateFromJSON(KerberosServiceDescriptor serviceDescriptor) {
Assert.assertNotNull(serviceDescriptor);
Assert.assertTrue(serviceDescriptor.isContainer());
@@ -190,7 +190,7 @@ public class KerberosServiceDescriptorTest {
Assert.assertEquals("service.name.rules1", authToLocalProperties.iterator().next());
}
- public static void validateFromMap(KerberosServiceDescriptor serviceDescriptor) {
+ static void validateFromMap(KerberosServiceDescriptor serviceDescriptor) {
Assert.assertNotNull(serviceDescriptor);
Assert.assertTrue(serviceDescriptor.isContainer());
@@ -235,7 +235,7 @@ public class KerberosServiceDescriptorTest {
Assert.assertEquals("service.name.rules2", authToLocalProperties.iterator().next());
}
- public void validateUpdatedData(KerberosServiceDescriptor serviceDescriptor) {
+ private void validateUpdatedData(KerberosServiceDescriptor serviceDescriptor) {
Assert.assertNotNull(serviceDescriptor);
Assert.assertEquals("A_DIFFERENT_SERVICE_NAME", serviceDescriptor.getName());
@@ -387,8 +387,6 @@ public class KerberosServiceDescriptorTest {
/**
* Test a JSON object in which only only a Service and configs are defined, but no Components.
- *
- * @throws AmbariException
*/
@Test
public void testJSONWithOnlyServiceNameAndConfigurations() throws AmbariException {