You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ozone.apache.org by sa...@apache.org on 2020/07/22 13:00:42 UTC
[hadoop-ozone] 32/39: HDDS-3987. Encrypted bucket creation failed
with INVALID_REQUEST Encryption cannot be set for bucket links (#1221)
This is an automated email from the ASF dual-hosted git repository.
sammichen pushed a commit to branch ozone-0.6.0
in repository https://gitbox.apache.org/repos/asf/hadoop-ozone.git
commit de093ec2506d828816659273cb31423df56d9cde
Author: Doroszlai, Attila <64...@users.noreply.github.com>
AuthorDate: Mon Jul 20 22:02:55 2020 +0200
HDDS-3987. Encrypted bucket creation failed with INVALID_REQUEST Encryption cannot be set for bucket links (#1221)
(cherry picked from commit 8339b38517c879ac9ce410b8cb0679a462b3d5c7)
---
.../dist/src/main/compose/ozonesecure/test.sh | 4 +++
hadoop-ozone/dist/src/main/compose/testlib.sh | 2 +-
.../dist/src/main/smoketest/ozone-lib/shell.robot | 5 +++
.../smoketest/security/bucket-encryption.robot | 40 ++++++++++++++++++++++
.../om/request/bucket/OMBucketCreateRequest.java | 4 +--
5 files changed, 52 insertions(+), 3 deletions(-)
diff --git a/hadoop-ozone/dist/src/main/compose/ozonesecure/test.sh b/hadoop-ozone/dist/src/main/compose/ozonesecure/test.sh
index ce50fa0..84de2a9 100755
--- a/hadoop-ozone/dist/src/main/compose/ozonesecure/test.sh
+++ b/hadoop-ozone/dist/src/main/compose/ozonesecure/test.sh
@@ -23,8 +23,12 @@ source "$COMPOSE_DIR/../testlib.sh"
export SECURITY_ENABLED=true
+: ${OZONE_BUCKET_KEY_NAME:=key1}
+
start_docker_env
+execute_command_in_container kms hadoop key create ${OZONE_BUCKET_KEY_NAME}
+
execute_robot_test scm kinit.robot
execute_robot_test scm basic
diff --git a/hadoop-ozone/dist/src/main/compose/testlib.sh b/hadoop-ozone/dist/src/main/compose/testlib.sh
index 56c35c1..5a05633 100755
--- a/hadoop-ozone/dist/src/main/compose/testlib.sh
+++ b/hadoop-ozone/dist/src/main/compose/testlib.sh
@@ -114,7 +114,7 @@ execute_robot_test(){
OUTPUT_PATH="$RESULT_DIR_INSIDE/${OUTPUT_FILE}"
# shellcheck disable=SC2068
docker-compose exec -T "$CONTAINER" mkdir -p "$RESULT_DIR_INSIDE" \
- && docker-compose exec -T "$CONTAINER" robot -v OM_SERVICE_ID:"${OM_SERVICE_ID}" -v SECURITY_ENABLED:"${SECURITY_ENABLED}" -v OM_HA_PARAM:"${OM_HA_PARAM}" ${ARGUMENTS[@]} --log NONE -N "$TEST_NAME" --report NONE "${OZONE_ROBOT_OPTS[@]}" --output "$OUTPUT_PATH" "$SMOKETEST_DIR_INSIDE/$TEST"
+ && docker-compose exec -T "$CONTAINER" robot -v OM_SERVICE_ID:"${OM_SERVICE_ID}" -v SECURITY_ENABLED:"${SECURITY_ENABLED}" -v OM_HA_PARAM:"${OM_HA_PARAM}" -v KEY_NAME:"${OZONE_BUCKET_KEY_NAME}" ${ARGUMENTS[@]} --log NONE -N "$TEST_NAME" --report NONE "${OZONE_ROBOT_OPTS[@]}" --output "$OUTPUT_PATH" "$SMOKETEST_DIR_INSIDE/$TEST"
local -i rc=$?
FULL_CONTAINER_NAME=$(docker-compose ps | grep "_${CONTAINER}_" | head -n 1 | awk '{print $1}')
diff --git a/hadoop-ozone/dist/src/main/smoketest/ozone-lib/shell.robot b/hadoop-ozone/dist/src/main/smoketest/ozone-lib/shell.robot
index 2e56ae4..9afc6df 100644
--- a/hadoop-ozone/dist/src/main/smoketest/ozone-lib/shell.robot
+++ b/hadoop-ozone/dist/src/main/smoketest/ozone-lib/shell.robot
@@ -46,3 +46,8 @@ Verify ACL
[arguments] ${object_type} ${object} ${type} ${name} ${acls}
${actual_acls} = Execute ozone sh ${object_type} getacl ${object} | jq -r '.[] | select(.type == "${type}") | select(.name == "${name}") | .aclList[]' | xargs
Should Be Equal ${acls} ${actual_acls}
+
+Create Random Volume
+ ${random} = Generate Random String 5 [LOWER]
+ Execute ozone sh volume create o3://${OM_SERVICE_ID}/vol-${random}
+ [return] vol-${random}
diff --git a/hadoop-ozone/dist/src/main/smoketest/security/bucket-encryption.robot b/hadoop-ozone/dist/src/main/smoketest/security/bucket-encryption.robot
new file mode 100644
index 0000000..e1f96b1
--- /dev/null
+++ b/hadoop-ozone/dist/src/main/smoketest/security/bucket-encryption.robot
@@ -0,0 +1,40 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+*** Settings ***
+Documentation Test for bucket encryption
+Library BuiltIn
+Library String
+Resource ../commonlib.robot
+Resource ../lib/os.robot
+Resource ../ozone-lib/shell.robot
+Test Setup Setup Test
+Test Timeout 5 minutes
+
+*** Variables ***
+${KEY_NAME} key1
+${VOLUME}
+
+*** Keywords ***
+Setup Test
+ ${volume} = Create Random Volume
+ Set Suite Variable ${VOLUME} ${volume}
+
+
+*** Test Cases ***
+Create Encrypted Bucket
+ ${output} = Execute ozone sh bucket create -k ${KEY_NAME} o3://${OM_SERVICE_ID}/${VOLUME}/encrypted-bucket
+ Should Not Contain ${output} INVALID_REQUEST
+ Bucket Exists o3://${OM_SERVICE_ID}/${VOLUME}/encrypted-bucket
diff --git a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/bucket/OMBucketCreateRequest.java b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/bucket/OMBucketCreateRequest.java
index 71d5458..7c60f61 100644
--- a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/bucket/OMBucketCreateRequest.java
+++ b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/bucket/OMBucketCreateRequest.java
@@ -115,8 +115,8 @@ public class OMBucketCreateRequest extends OMClientRequest {
newBucketInfo.setBeinfo(getBeinfo(kmsProvider, bucketInfo));
}
- boolean hasSourceVolume = bucketInfo.getSourceVolume() != null;
- boolean hasSourceBucket = bucketInfo.getSourceBucket() != null;
+ boolean hasSourceVolume = bucketInfo.hasSourceVolume();
+ boolean hasSourceBucket = bucketInfo.hasSourceBucket();
if (hasSourceBucket != hasSourceVolume) {
throw new OMException("Both source volume and source bucket are " +
---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-commits-help@hadoop.apache.org