You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2017/09/18 17:48:49 UTC
[1/2] ambari git commit: Revert "AMBARI-21938. Validate kerberos.json
files to ensure they meet the expected schema (rlevas)"
Repository: ambari
Updated Branches:
refs/heads/trunk c52ddc9d7 -> dd6cc606b
Revert "AMBARI-21938. Validate kerberos.json files to ensure they meet the expected schema (rlevas)"
This reverts commit c52ddc9d70ce9389d6cb6a827e2313bca99bc9be.
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/3cdac5f9
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/3cdac5f9
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/3cdac5f9
Branch: refs/heads/trunk
Commit: 3cdac5f907b6a244ff439b674c7a3005a425a97d
Parents: c52ddc9
Author: Robert Levas <rl...@hortonworks.com>
Authored: Mon Sep 18 13:47:30 2017 -0400
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Mon Sep 18 13:47:30 2017 -0400
----------------------------------------------------------------------
ambari-server/pom.xml | 8 +-
.../kerberos/AbstractKerberosDescriptor.java | 4 +-
.../AbstractKerberosDescriptorContainer.java | 16 +-
.../kerberos/KerberosComponentDescriptor.java | 2 +-
.../state/kerberos/KerberosDescriptor.java | 11 +-
.../kerberos/KerberosIdentityDescriptor.java | 78 +++++++--
.../kerberos/KerberosKeytabDescriptor.java | 42 ++---
.../kerberos/KerberosPrincipalDescriptor.java | 25 ++-
.../kerberos/KerberosServiceDescriptor.java | 12 +-
.../stacks/HDP/2.6/kerberos_preconfigure.json | 2 +
.../server/stack/KerberosDescriptorTest.java | 164 +++++++++++--------
.../KerberosComponentDescriptorTest.java | 18 +-
.../KerberosConfigurationDescriptorTest.java | 2 +-
.../state/kerberos/KerberosDescriptorTest.java | 52 +++---
.../KerberosDescriptorUpdateHelperTest.java | 2 +-
.../KerberosIdentityDescriptorTest.java | 49 +++---
.../kerberos/KerberosKeytabDescriptorTest.java | 28 ++--
.../KerberosPrincipalDescriptorTest.java | 24 +--
.../kerberos/KerberosServiceDescriptorTest.java | 24 +--
19 files changed, 308 insertions(+), 255 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-server/pom.xml b/ambari-server/pom.xml
index 4a896ad..29a820a 100644
--- a/ambari-server/pom.xml
+++ b/ambari-server/pom.xml
@@ -1597,7 +1597,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.8.0</version>
+ <version>2.1.4</version>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
@@ -1686,12 +1686,6 @@
<artifactId>jna</artifactId>
<version>4.2.2</version>
</dependency>
- <dependency>
- <groupId>com.networknt</groupId>
- <artifactId>json-schema-validator</artifactId>
- <version>0.1.7</version>
- <scope>test</scope>
- </dependency>
</dependencies>
<pluginRepositories>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java
index b496942..0d1da9c 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java
@@ -34,8 +34,6 @@ import org.apache.commons.lang.StringUtils;
*/
public abstract class AbstractKerberosDescriptor {
- static final String KEY_NAME = "name";
-
/**
* An AbstractKerberosDescriptor serving as the parent (or container) for this
* AbstractKerberosDescriptor.
@@ -76,7 +74,7 @@ public abstract class AbstractKerberosDescriptor {
String name = getName();
if (name != null) {
- dataMap.put(KEY_NAME, name);
+ dataMap.put("name", name);
}
return dataMap;
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java
index 85d4f69..5658133 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java
@@ -96,10 +96,6 @@ import com.google.common.collect.Sets;
public abstract class AbstractKerberosDescriptorContainer extends AbstractKerberosDescriptor {
private static final Logger LOG = LoggerFactory.getLogger(AbstractKerberosDescriptorContainer.class);
- static final String KEY_IDENTITIES = Type.IDENTITY.getDescriptorPluralName();
- static final String KEY_CONFIGURATIONS = Type.CONFIGURATION.getDescriptorPluralName();
- static final String KEY_AUTH_TO_LOCAL_PROPERTIES = Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName();
-
/**
* Regular expression pattern used to parse auth_to_local property specifications into the following
* parts:
@@ -139,7 +135,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
Object list;
// (Safely) Get the set of KerberosIdentityDescriptors
- list = data.get(KEY_IDENTITIES);
+ list = data.get(Type.IDENTITY.getDescriptorPluralName());
if (list instanceof Collection) {
for (Object item : (Collection) list) {
if (item instanceof Map) {
@@ -149,7 +145,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
}
// (Safely) Get the set of KerberosConfigurationDescriptors
- list = data.get(KEY_CONFIGURATIONS);
+ list = data.get(Type.CONFIGURATION.getDescriptorPluralName());
if (list instanceof Collection) {
for (Object item : (Collection) list) {
if (item instanceof Map) {
@@ -159,7 +155,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
}
// (Safely) Get the set of KerberosConfigurationDescriptors
- list = data.get(KEY_AUTH_TO_LOCAL_PROPERTIES);
+ list = data.get(Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName());
if (list instanceof Collection) {
for (Object item : (Collection) list) {
if (item instanceof String) {
@@ -763,7 +759,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
for (KerberosIdentityDescriptor identity : identities) {
list.put(identity.getName(), identity.toMap());
}
- map.put(KEY_IDENTITIES, list.values());
+ map.put(Type.IDENTITY.getDescriptorPluralName(), list.values());
}
if (configurations != null) {
@@ -773,11 +769,11 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber
for (KerberosConfigurationDescriptor configuration : configurations.values()) {
list.put(configuration.getType(), configuration.toMap());
}
- map.put(KEY_CONFIGURATIONS, list.values());
+ map.put(Type.CONFIGURATION.getDescriptorPluralName(), list.values());
}
if (authToLocalProperties != null) {
- map.put(KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalProperties);
+ map.put(Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalProperties);
}
return map;
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java
index 3bf1dad..768a17e 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java
@@ -20,7 +20,7 @@ package org.apache.ambari.server.state.kerberos;
import java.util.Collection;
import java.util.Map;
-/*
+/**
* KerberosComponentDescriptor implements AbstractKerberosDescriptorContainer. It contains the data
* related to a component which include the following properties:
* <ul>
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java
index a1d373b..0eb3733 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java
@@ -90,9 +90,6 @@ import org.apache.commons.lang.StringUtils;
*/
public class KerberosDescriptor extends AbstractKerberosDescriptorContainer {
- static final String KEY_PROPERTIES = "properties";
- static final String KEY_SERVICES = Type.SERVICE.getDescriptorPluralName();
-
/**
* A Map of the "global" properties contained within this KerberosDescriptor
*/
@@ -124,7 +121,7 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer {
super(data);
if (data != null) {
- Object list = data.get(KEY_SERVICES);
+ Object list = data.get(Type.SERVICE.getDescriptorPluralName());
if (list instanceof Collection) {
for (Object item : (Collection) list) {
if (item instanceof Map) {
@@ -133,7 +130,7 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer {
}
}
- Object map = data.get(KEY_PROPERTIES);
+ Object map = data.get("properties");
if (map instanceof Map) {
for (Map.Entry<?, ?> entry : ((Map<?, ?>) map).entrySet()) {
Object value = entry.getValue();
@@ -329,11 +326,11 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer {
for (KerberosServiceDescriptor service : services.values()) {
list.add(service.toMap());
}
- map.put(KEY_SERVICES, list);
+ map.put(Type.SERVICE.getDescriptorPluralName(), list);
}
if (properties != null) {
- map.put(KEY_PROPERTIES, new TreeMap<>(properties));
+ map.put("properties", new TreeMap<>(properties));
}
return map;
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java
index ef45343..911723b 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java
@@ -33,6 +33,7 @@ import com.google.common.base.Optional;
* <li>name</li>
* <li>principal</li>
* <li>keytab</li>
+ * <li>password</li>
* </ul>
* <p/>
* The following (pseudo) JSON Schema will yield a valid KerberosIdentityDescriptor
@@ -57,6 +58,11 @@ import com.google.common.base.Optional;
* "type": "{@link org.apache.ambari.server.state.kerberos.KerberosKeytabDescriptor}",
* }
* }
+ * "password": {
+ * "description": "The password to use for this identity. If not set a secure random
+ * password will automatically be generated",
+ * "type": "string"
+ * }
* }
* }
* </pre>
@@ -67,11 +73,6 @@ import com.google.common.base.Optional;
*/
public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
- static final String KEY_REFERENCE = "reference";
- static final String KEY_PRINCIPAL = Type.PRINCIPAL.getDescriptorName();
- static final String KEY_KEYTAB = Type.KEYTAB.getDescriptorName();
- static final String KEY_WHEN = "when";
-
/**
* The path to the Kerberos Identity definitions this {@link KerberosIdentityDescriptor} references
*/
@@ -88,6 +89,13 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
private KerberosKeytabDescriptor keytab = null;
/**
+ * A String containing the password for this Kerberos identity
+ * <p/>
+ * If this value is null or empty, a random password will be generated as necessary.
+ */
+ private String password = null;
+
+ /**
* An expression used to determine when this {@link KerberosIdentityDescriptor} is relevant for the
* cluster. If the process expression is not <code>null</code> and evaluates to <code>false</code>
* then this {@link KerberosIdentityDescriptor} will be ignored when processing identities.
@@ -97,11 +105,11 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
/**
* Creates a new KerberosIdentityDescriptor
*
- * @param name the name of this identity descriptor
+ * @param name the name of this identity descriptor
* @param reference an optional path to a referenced KerberosIdentityDescriptor
* @param principal a KerberosPrincipalDescriptor
- * @param keytab a KerberosKeytabDescriptor
- * @param when a predicate
+ * @param keytab a KerberosKeytabDescriptor
+ * @param when a predicate
*/
public KerberosIdentityDescriptor(String name, String reference, KerberosPrincipalDescriptor principal, KerberosKeytabDescriptor keytab, Predicate when) {
setName(name);
@@ -125,22 +133,24 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
// This is not automatically set by the super classes.
setName(getStringValue(data, "name"));
- setReference(getStringValue(data, KEY_REFERENCE));
+ setReference(getStringValue(data, "reference"));
if (data != null) {
Object item;
- item = data.get(KEY_PRINCIPAL);
+ setPassword(getStringValue(data, "password"));
+
+ item = data.get(Type.PRINCIPAL.getDescriptorName());
if (item instanceof Map) {
setPrincipalDescriptor(new KerberosPrincipalDescriptor((Map<?, ?>) item));
}
- item = data.get(KEY_KEYTAB);
+ item = data.get(Type.KEYTAB.getDescriptorName());
if (item instanceof Map) {
setKeytabDescriptor(new KerberosKeytabDescriptor((Map<?, ?>) item));
}
- item = data.get(KEY_WHEN);
+ item = data.get("when");
if (item instanceof Map) {
setWhen(PredicateUtils.fromMap((Map<?, ?>) item));
}
@@ -211,6 +221,27 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
}
/**
+ * Gets the password for this this KerberosIdentityDescriptor
+ *
+ * @return A String containing the password for this this KerberosIdentityDescriptor
+ * @see #password
+ */
+ public String getPassword() {
+ return password;
+ }
+
+ /**
+ * Sets the password for this this KerberosIdentityDescriptor
+ *
+ * @param password A String containing the password for this this KerberosIdentityDescriptor
+ * @see #password
+ */
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+
+ /**
* Gets the expression (or {@link Predicate}) to use to determine when to include this Kerberos
* identity while processing Kerberos identities.
* <p>
@@ -264,6 +295,8 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
setReference(updates.getReference());
+ setPassword(updates.getPassword());
+
KerberosPrincipalDescriptor existingPrincipal = getPrincipalDescriptor();
if (existingPrincipal == null) {
setPrincipalDescriptor(updates.getPrincipalDescriptor());
@@ -279,7 +312,7 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
}
Predicate updatedWhen = updates.getWhen();
- if (updatedWhen != null) {
+ if(updatedWhen != null) {
setWhen(updatedWhen);
}
}
@@ -298,19 +331,23 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
Map<String, Object> dataMap = super.toMap();
if (reference != null) {
- dataMap.put(KEY_REFERENCE, reference);
+ dataMap.put("reference", reference);
}
if (principal != null) {
- dataMap.put(KEY_PRINCIPAL, principal.toMap());
+ dataMap.put(Type.PRINCIPAL.getDescriptorName(), principal.toMap());
}
if (keytab != null) {
- dataMap.put(KEY_KEYTAB, keytab.toMap());
+ dataMap.put(Type.KEYTAB.getDescriptorName(), keytab.toMap());
+ }
+
+ if (password != null) {
+ dataMap.put("password", password);
}
- if (when != null) {
- dataMap.put(KEY_WHEN, PredicateUtils.toMap(when));
+ if(when != null) {
+ dataMap.put("when", PredicateUtils.toMap(when));
}
return dataMap;
@@ -398,6 +435,11 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor {
: getKeytabDescriptor().equals(descriptor.getKeytabDescriptor())
) &&
(
+ (getPassword() == null)
+ ? (descriptor.getPassword() == null)
+ : getPassword().equals(descriptor.getPassword())
+ ) &&
+ (
(getWhen() == null)
? (descriptor.getWhen() == null)
: getWhen().equals(descriptor.getWhen())
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java
index 7047c81..a17caad 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java
@@ -97,14 +97,6 @@ import java.util.TreeMap;
*/
public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor {
- static final String KEY_FILE = "file";
- static final String KEY_OWNER = "owner";
- static final String KEY_GROUP = "group";
- static final String KEY_CONFIGURATION = "configuration";
- static final String KEY_CACHABLE = "cachable";
- static final String KEY_ACL_NAME = "name";
- static final String KEY_ACL_ACCESS = "access";
-
/**
* A String declaring the local username that should be set as the owner of the keytab file
*/
@@ -196,29 +188,29 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor {
public KerberosKeytabDescriptor(Map<?, ?> data) {
// The name for this KerberosKeytabDescriptor is stored in the "file" entry in the map
// This is not automatically set by the super classes.
- setName(getStringValue(data, KEY_FILE));
+ setName(getStringValue(data, "file"));
if (data != null) {
Object object;
- object = data.get(KEY_OWNER);
+ object = data.get("owner");
if (object instanceof Map) {
Map<?, ?> map = (Map<?, ?>) object;
- setOwnerName(getStringValue(map, KEY_ACL_NAME));
- setOwnerAccess(getStringValue(map, KEY_ACL_ACCESS));
+ setOwnerName(getStringValue(map, "name"));
+ setOwnerAccess(getStringValue(map, "access"));
}
- object = data.get(KEY_GROUP);
+ object = data.get("group");
if (object instanceof Map) {
Map<?, ?> map = (Map<?, ?>) object;
- setGroupName(getStringValue(map, KEY_ACL_NAME));
- setGroupAccess(getStringValue(map, KEY_ACL_ACCESS));
+ setGroupName(getStringValue(map, "name"));
+ setGroupAccess(getStringValue(map, "access"));
}
- setConfiguration(getStringValue(data, KEY_CONFIGURATION));
+ setConfiguration(getStringValue(data, "configuration"));
// If the "cachable" value is anything but false, set it to true
- setCachable(!"false".equalsIgnoreCase(getStringValue(data, KEY_CACHABLE)));
+ setCachable(!"false".equalsIgnoreCase(getStringValue(data, "cachable")));
}
}
@@ -430,23 +422,23 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor {
String data;
data = getFile();
- map.put(KEY_FILE, data);
+ map.put("file", data);
// Build file owner map
Map<String, String> owner = new TreeMap<>();
data = getOwnerName();
if (data != null) {
- owner.put(KEY_ACL_NAME, data);
+ owner.put("name", data);
}
data = getOwnerAccess();
if (data != null) {
- owner.put(KEY_ACL_ACCESS, data);
+ owner.put("access", data);
}
if (!owner.isEmpty()) {
- map.put(KEY_OWNER, owner);
+ map.put("owner", owner);
}
// Build file owner map (end)
@@ -455,22 +447,22 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor {
data = getGroupName();
if (data != null) {
- group.put(KEY_ACL_NAME, data);
+ group.put("name", data);
}
data = getGroupAccess();
if (data != null) {
- group.put(KEY_ACL_ACCESS, data);
+ group.put("access", data);
}
if (!owner.isEmpty()) {
- map.put(KEY_GROUP, group);
+ map.put("group", group);
}
// Build file owner map (end)
data = getConfiguration();
if (data != null) {
- map.put(KEY_CONFIGURATION, data);
+ map.put("configuration", data);
}
return map;
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
index a8e094f94..74254e3 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
@@ -68,11 +68,6 @@ import java.util.TreeMap;
*/
public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor {
- static final String KEY_VALUE = "value";
- static final String KEY_TYPE = "type";
- static final String KEY_CONFIGURATION = "configuration";
- static final String KEY_LOCAL_USERNAME = "local_username";
-
/**
* A string declaring the type of principal this KerberosPrincipalDescriptor represents.
* <p/>
@@ -105,8 +100,8 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor {
/**
* Creates a new KerberosPrincipalDescriptor
*
- * @param principal the principal name
- * @param type the principal type (user, service, etc...)
+ * @param principal the principal name
+ * @param type the principal type (user, service, etc...)
* @param configuration the configuration used to store the principal name
* @param localUsername the local username to map to the principal
*/
@@ -129,10 +124,10 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor {
* @see org.apache.ambari.server.state.kerberos.KerberosPrincipalDescriptor
*/
public KerberosPrincipalDescriptor(Map<?, ?> data) {
- this(getStringValue(data, KEY_VALUE),
- getKerberosPrincipalTypeValue(data, KEY_TYPE),
- getStringValue(data, KEY_CONFIGURATION),
- getStringValue(data, KEY_LOCAL_USERNAME)
+ this(getStringValue(data, "value"),
+ getKerberosPrincipalTypeValue(data, "type"),
+ getStringValue(data, "configuration"),
+ getStringValue(data, "local_username")
);
}
@@ -274,10 +269,10 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor {
public Map<String, Object> toMap() {
Map<String, Object> map = new TreeMap<>();
- map.put(KEY_VALUE, getValue());
- map.put(KEY_TYPE, KerberosPrincipalType.translate(getType()));
- map.put(KEY_CONFIGURATION, getConfiguration());
- map.put(KEY_LOCAL_USERNAME, getLocalUsername());
+ map.put("value", getValue());
+ map.put("type", KerberosPrincipalType.translate(getType()));
+ map.put("configuration", getConfiguration());
+ map.put("local_username", getLocalUsername());
return map;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java
index 51b7cd0..5da3399 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java
@@ -46,7 +46,6 @@ import org.apache.commons.lang.builder.HashCodeBuilder;
* "title": "KerberosServiceDescriptor",
* "description": "Describes an Ambari service",
* "type": "object",
- * "preconfigure": "boolean",
* "properties": {
* "name": {
* "description": "An identifying name for this service descriptor.",
@@ -86,9 +85,6 @@ import org.apache.commons.lang.builder.HashCodeBuilder;
*/
public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContainer {
- static final String KEY_PRECONFIGURE = "preconfigure";
- static final String KEY_COMPONENTS = Type.COMPONENT.getDescriptorPluralName();
-
/**
* A Map of the components contained within this KerberosServiceDescriptor
*/
@@ -141,7 +137,7 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain
setName(name);
if (data != null) {
- Object list = data.get(KEY_COMPONENTS);
+ Object list = data.get(Type.COMPONENT.getDescriptorPluralName());
if (list instanceof Collection) {
// Assume list is Collection<Map<String, Object>>
for (Object item : (Collection) list) {
@@ -151,7 +147,7 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain
}
}
- setPreconfigure(getBooleanValue(data, KEY_PRECONFIGURE));
+ setPreconfigure(getBooleanValue(data, "preconfigure"));
}
}
@@ -279,11 +275,11 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain
for (KerberosComponentDescriptor component : components.values()) {
list.add(component.toMap());
}
- map.put(KEY_COMPONENTS, list);
+ map.put(Type.COMPONENT.getDescriptorPluralName(), list);
}
if (preconfigure != null) {
- map.put(KEY_PRECONFIGURE, preconfigure.toString());
+ map.put("preProcess", preconfigure.toString());
}
return map;
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json b/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json
index 9c29393..c9d8c91 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json
+++ b/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json
@@ -7,6 +7,8 @@
{
"name": "BEACON",
"preconfigure" : true,
+ "configurations": {
+ },
"identities": [
{
"name": "beacon_server",
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java
index d208cfc..0f1dd55 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java
@@ -19,113 +19,147 @@
package org.apache.ambari.server.stack;
import java.io.File;
-import java.io.InputStream;
+import java.io.IOException;
import java.net.URL;
-import java.util.Set;
-import java.util.regex.Pattern;
+import org.apache.ambari.server.state.kerberos.KerberosDescriptor;
+import org.apache.ambari.server.state.kerberos.KerberosDescriptorFactory;
import org.junit.BeforeClass;
+import org.junit.Ignore;
import org.junit.Test;
-import org.junit.experimental.categories.Category;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.networknt.schema.JsonSchema;
-import com.networknt.schema.JsonSchemaFactory;
-import com.networknt.schema.ValidationMessage;
-
-import junit.framework.Assert;
+import org.springframework.util.Assert;
/**
* KerberosDescriptorTest tests the stack- and service-level descriptors for certain stacks
* and services
*/
-@Category({category.KerberosTest.class})
+@Ignore
public class KerberosDescriptorTest {
- private static Logger LOG = LoggerFactory.getLogger(KerberosDescriptorTest.class);
-
- private static final Pattern PATTERN_KERBEROS_DESCRIPTOR_FILENAME = Pattern.compile("^kerberos(?:_preconfigure)?\\.json$");
+ private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory();
private static File stacksDirectory;
+ private static File hdpStackDirectory;
+ private static File hdp22StackDirectory;
+ private static File hdp22ServicesDirectory;
private static File commonServicesDirectory;
@BeforeClass
public static void beforeClass() {
URL rootDirectoryURL = KerberosDescriptorTest.class.getResource("/");
- Assert.assertNotNull(rootDirectoryURL);
+ Assert.notNull(rootDirectoryURL);
File resourcesDirectory = new File(new File(rootDirectoryURL.getFile()).getParentFile().getParentFile(), "src/main/resources");
- Assert.assertNotNull(resourcesDirectory);
- Assert.assertTrue(resourcesDirectory.canRead());
+ Assert.notNull(resourcesDirectory);
+ Assert.isTrue(resourcesDirectory.canRead());
stacksDirectory = new File(resourcesDirectory, "stacks");
- Assert.assertNotNull(stacksDirectory);
- Assert.assertTrue(stacksDirectory.canRead());
+ Assert.notNull(stacksDirectory);
+ Assert.isTrue(stacksDirectory.canRead());
+
+ hdpStackDirectory = new File(stacksDirectory, "HDP");
+ Assert.notNull(hdpStackDirectory);
+ Assert.isTrue(hdpStackDirectory.canRead());
+
+ hdp22StackDirectory = new File(hdpStackDirectory, "2.2");
+ Assert.notNull(hdp22StackDirectory);
+ Assert.isTrue(hdp22StackDirectory.canRead());
+
+ hdp22ServicesDirectory = new File(hdp22StackDirectory, "services");
+ Assert.notNull(hdp22ServicesDirectory);
+ Assert.isTrue(hdp22ServicesDirectory.canRead());
commonServicesDirectory = new File(resourcesDirectory, "common-services");
- Assert.assertNotNull(commonServicesDirectory);
- Assert.assertTrue(commonServicesDirectory.canRead());
+ Assert.notNull(commonServicesDirectory);
+ Assert.isTrue(commonServicesDirectory.canRead());
}
@Test
- public void testCommonServiceDescriptor() throws Exception {
- JsonSchema schema = getJsonSchemaFromPath("kerberos_descriptor_schema.json");
- Assert.assertTrue(visitFile(schema, commonServicesDirectory, true));
+ public void testCommonHBASEServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HBASE", "0.96.0.2.0");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("HBASE"));
}
@Test
- public void testStackServiceDescriptor() throws Exception {
- JsonSchema schema = getJsonSchemaFromPath("kerberos_descriptor_schema.json");
- Assert.assertTrue(visitFile(schema, stacksDirectory, true));
+ public void testCommonHDFSServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HDFS", "2.1.0.2.0");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("HDFS"));
}
- private boolean visitFile(JsonSchema schema, File file, boolean previousResult) throws Exception {
+ @Test
+ public void testCommonYarnServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "YARN", "2.1.0.2.0");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("YARN"));
+ Assert.notNull(descriptor.getService("MAPREDUCE2"));
+ }
- if (file.isDirectory()) {
- boolean currentResult = true;
+ @Test
+ public void testCommonFalconServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "FALCON", "0.5.0.2.1");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("FALCON"));
+ }
- File[] files = file.listFiles();
- if (files != null) {
- for (File currentFile : files) {
- currentResult = visitFile(schema, currentFile, previousResult) && currentResult;
- }
- }
- return previousResult && currentResult;
- } else if (file.isFile()) {
- if (PATTERN_KERBEROS_DESCRIPTOR_FILENAME.matcher(file.getName()).matches()) {
- LOG.info("Validating " + file.getAbsolutePath());
+ @Test
+ public void testCommonHiveServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HIVE", "0.12.0.2.0");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("HIVE"));
+ }
- JsonNode node = getJsonNodeFromUrl(file.toURI().toURL().toExternalForm());
- Set<ValidationMessage> errors = schema.validate(node);
+ @Test
+ public void testCommonKnoxServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "KNOX", "0.5.0.2.2");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("KNOX"));
+ }
- if ((errors != null) && !errors.isEmpty()) {
- for (ValidationMessage message : errors) {
- LOG.error(message.getMessage());
- }
+ @Test
+ public void testCommonOozieServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor;
- return false;
- }
+ descriptor = getKerberosDescriptor(commonServicesDirectory, "OOZIE", "4.0.0.2.0");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("OOZIE"));
+ }
- return true;
- } else {
- return true;
- }
- }
+ @Test
+ public void testCommonStormServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "STORM", "0.9.1");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("STORM"));
+ }
- return previousResult;
+ @Test
+ public void testCommonZookeepeerServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "ZOOKEEPER", "3.4.5");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("ZOOKEEPER"));
}
- private JsonNode getJsonNodeFromUrl(String url) throws Exception {
- ObjectMapper mapper = new ObjectMapper();
- return mapper.readTree(new URL(url));
+ @Test
+ public void testCommonSparkServiceDescriptor() throws IOException {
+ KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "SPARK", "1.2.1");
+ Assert.notNull(descriptor);
+ Assert.notNull(descriptor.getServices());
+ Assert.notNull(descriptor.getService("SPARK"));
}
- private JsonSchema getJsonSchemaFromPath(String name) throws Exception {
- JsonSchemaFactory factory = new JsonSchemaFactory();
- InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(name);
- return factory.getSchema(is);
+ private KerberosDescriptor getKerberosDescriptor(File baseDirectory, String service, String version) throws IOException {
+ File serviceDirectory = new File(baseDirectory, service);
+ File serviceVersionDirectory = new File(serviceDirectory, version);
+ return KERBEROS_DESCRIPTOR_FACTORY.createInstance(new File(serviceVersionDirectory, "kerberos.json"));
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java
index a33d842..09699c6 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java
@@ -35,9 +35,9 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({category.KerberosTest.class})
+@Category({ category.KerberosTest.class})
public class KerberosComponentDescriptorTest {
- static final String JSON_VALUE =
+ public static final String JSON_VALUE =
" {" +
" \"name\": \"COMPONENT_NAME\"," +
" \"identities\": [" +
@@ -60,9 +60,9 @@ public class KerberosComponentDescriptorTest {
static {
Map<String, Object> identitiesMap = new TreeMap<>();
- identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE);
- identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_ALT.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE_ALT);
- identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE);
+ identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE);
+ identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_ALT.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE_ALT);
+ identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE);
Map<String, Object> serviceSiteProperties = new TreeMap<>();
serviceSiteProperties.put("service.component.property1", "red");
@@ -78,10 +78,10 @@ public class KerberosComponentDescriptorTest {
authToLocalRules.add("component.name.rules2");
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put(KerberosIdentityDescriptor.KEY_NAME, "A_DIFFERENT_COMPONENT_NAME");
- MAP_VALUE.put(KerberosComponentDescriptor.KEY_IDENTITIES, new ArrayList<>(identitiesMap.values()));
- MAP_VALUE.put(KerberosComponentDescriptor.KEY_CONFIGURATIONS, configurationsMap.values());
- MAP_VALUE.put(KerberosComponentDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules);
+ MAP_VALUE.put("name", "A_DIFFERENT_COMPONENT_NAME");
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), new ArrayList<>(identitiesMap.values()));
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values());
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules);
}
static void validateFromJSON(KerberosComponentDescriptor componentDescriptor) {
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java
index 3a461aa..e891fde 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java
@@ -32,7 +32,7 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({category.KerberosTest.class})
+@Category({ category.KerberosTest.class})
public class KerberosConfigurationDescriptorTest {
private static final String JSON_SINGLE_VALUE =
"{ \"configuration-type\": {" +
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java
index d0d57d5..7fb5624 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java
@@ -40,12 +40,12 @@ import com.google.gson.Gson;
import junit.framework.Assert;
-@Category({category.KerberosTest.class})
+@Category({ category.KerberosTest.class})
public class KerberosDescriptorTest {
private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory();
private static final KerberosServiceDescriptorFactory KERBEROS_SERVICE_DESCRIPTOR_FACTORY = new KerberosServiceDescriptorFactory();
- private static final String JSON_VALUE =
+ public static final String JSON_VALUE =
"{" +
" \"properties\": {" +
" \"realm\": \"${cluster-env/kerberos_domain}\"," +
@@ -59,30 +59,30 @@ public class KerberosDescriptorTest {
" ]" +
"}";
- private static final Map<String, Object> MAP_VALUE;
+ public static final Map<String, Object> MAP_VALUE;
static {
Map<String, Object> keytabOwnerMap = new TreeMap<>();
- keytabOwnerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "root");
- keytabOwnerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw");
+ keytabOwnerMap.put("name", "root");
+ keytabOwnerMap.put("access", "rw");
Map<String, Object> keytabGroupMap = new TreeMap<>();
- keytabGroupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "hadoop");
- keytabGroupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "r");
+ keytabGroupMap.put("name", "hadoop");
+ keytabGroupMap.put("access", "r");
Map<String, Object> keytabMap = new TreeMap<>();
- keytabMap.put(KerberosKeytabDescriptor.KEY_FILE, "/etc/security/keytabs/subject.service.keytab");
- keytabMap.put(KerberosKeytabDescriptor.KEY_OWNER, keytabOwnerMap);
- keytabMap.put(KerberosKeytabDescriptor.KEY_GROUP, keytabGroupMap);
- keytabMap.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/service2.component.keytab.file");
+ keytabMap.put("file", "/etc/security/keytabs/subject.service.keytab");
+ keytabMap.put("owner", keytabOwnerMap);
+ keytabMap.put("group", keytabGroupMap);
+ keytabMap.put("configuration", "service-site/service2.component.keytab.file");
Map<String, Object> sharedIdentityMap = new TreeMap<>();
- sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_NAME, "shared");
- sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE);
- sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_KEYTAB, keytabMap);
+ sharedIdentityMap.put("name", "shared");
+ sharedIdentityMap.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE);
+ sharedIdentityMap.put("keytab", keytabMap);
Map<String, Object> servicesMap = new TreeMap<>();
- servicesMap.put((String) KerberosServiceDescriptorTest.MAP_VALUE.get(KerberosServiceDescriptor.KEY_NAME), KerberosServiceDescriptorTest.MAP_VALUE);
+ servicesMap.put((String) KerberosServiceDescriptorTest.MAP_VALUE.get("name"), KerberosServiceDescriptorTest.MAP_VALUE);
Map<String, Object> identitiesMap = new TreeMap<>();
identitiesMap.put("shared", sharedIdentityMap);
@@ -104,14 +104,14 @@ public class KerberosDescriptorTest {
properties.put("some.property", "Hello World");
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put(KerberosDescriptor.KEY_PROPERTIES, properties);
- MAP_VALUE.put(KerberosDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules);
- MAP_VALUE.put(KerberosDescriptor.KEY_SERVICES, servicesMap.values());
- MAP_VALUE.put(KerberosDescriptor.KEY_CONFIGURATIONS, configurationsMap.values());
- MAP_VALUE.put(KerberosDescriptor.KEY_IDENTITIES, identitiesMap.values());
+ MAP_VALUE.put("properties", properties);
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules);
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.SERVICE.getDescriptorPluralName(), servicesMap.values());
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values());
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), identitiesMap.values());
}
- private static void validateFromJSON(KerberosDescriptor descriptor) {
+ public static void validateFromJSON(KerberosDescriptor descriptor) {
Assert.assertNotNull(descriptor);
Assert.assertTrue(descriptor.isContainer());
@@ -146,7 +146,7 @@ public class KerberosDescriptorTest {
Assert.assertNull(configurations);
}
- private static void validateFromMap(KerberosDescriptor descriptor) throws AmbariException {
+ public static void validateFromMap(KerberosDescriptor descriptor) throws AmbariException {
Assert.assertNotNull(descriptor);
Assert.assertTrue(descriptor.isContainer());
@@ -219,7 +219,7 @@ public class KerberosDescriptorTest {
Assert.assertEquals("red", configProperties.get("property1"));
}
- private void validateUpdatedData(KerberosDescriptor descriptor) {
+ public void validateUpdatedData(KerberosDescriptor descriptor) {
Assert.assertNotNull(descriptor);
Map<String, String> properties = descriptor.getProperties();
@@ -420,7 +420,7 @@ public class KerberosDescriptorTest {
@Test
public void testGetReferencedIdentityDescriptor_Recursive() throws IOException {
- boolean identityFound;
+ boolean identityFound = false;
List<KerberosIdentityDescriptor> identities;
URL systemResourceURL = ClassLoader.getSystemResource("kerberos/test_get_referenced_identity_descriptor.json");
@@ -482,8 +482,8 @@ public class KerberosDescriptorTest {
public void testFiltersOutIdentitiesBasedonInstalledServices() throws IOException {
URL systemResourceURL = ClassLoader.getSystemResource("kerberos/test_filtering_identity_descriptor.json");
KerberosComponentDescriptor componentDescriptor = KERBEROS_DESCRIPTOR_FACTORY.createInstance(new File(systemResourceURL.getFile()))
- .getService("SERVICE1")
- .getComponent("SERVICE1_COMPONENT1");
+ .getService("SERVICE1")
+ .getComponent("SERVICE1_COMPONENT1");
List<KerberosIdentityDescriptor> identities = componentDescriptor.getIdentities(true, new HashedMap() {{
put("services", Collections.emptySet());
}});
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java
index 293e050..44812de 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java
@@ -50,7 +50,7 @@ import com.google.inject.assistedinject.FactoryModuleBuilder;
import junit.framework.Assert;
-@Category({category.KerberosTest.class})
+@Category({ category.KerberosTest.class})
public class KerberosDescriptorUpdateHelperTest extends EasyMockSupport {
private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory();
private static final Gson GSON = new Gson();
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java
index 21e87a6..d11962b 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java
@@ -31,9 +31,9 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({category.KerberosTest.class})
+@Category({ category.KerberosTest.class})
public class KerberosIdentityDescriptorTest {
- static final String JSON_VALUE =
+ public static final String JSON_VALUE =
"{" +
" \"name\": \"identity_1\"" +
"," +
@@ -50,58 +50,63 @@ public class KerberosIdentityDescriptorTest {
static {
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put(KerberosIdentityDescriptor.KEY_NAME, "identity_1");
- MAP_VALUE.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE);
- MAP_VALUE.put(KerberosIdentityDescriptor.KEY_KEYTAB, KerberosKeytabDescriptorTest.MAP_VALUE);
+ MAP_VALUE.put("name", "identity_1");
+ MAP_VALUE.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE);
+ MAP_VALUE.put("keytab", KerberosKeytabDescriptorTest.MAP_VALUE);
+ MAP_VALUE.put("password", "secret");
MAP_VALUE_ALT = new TreeMap<>();
- MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_NAME, "identity_2");
- MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE);
- MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_KEYTAB, KerberosKeytabDescriptorTest.MAP_VALUE);
+ MAP_VALUE_ALT.put("name", "identity_2");
+ MAP_VALUE_ALT.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE);
+ MAP_VALUE_ALT.put("keytab", KerberosKeytabDescriptorTest.MAP_VALUE);
+ MAP_VALUE_ALT.put("password", "secret2");
TreeMap<String, Object> ownerMap = new TreeMap<>();
- ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "me");
- ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw");
+ ownerMap.put("name", "me");
+ ownerMap.put("access", "rw");
TreeMap<String, Object> groupMap = new TreeMap<>();
- groupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "nobody");
- groupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "");
+ groupMap.put("name", "nobody");
+ groupMap.put("access", "");
TreeMap<String, Object> keytabMap = new TreeMap<>();
- keytabMap.put(KerberosKeytabDescriptor.KEY_FILE, "/home/user/me/subject.service.keytab");
- keytabMap.put(KerberosKeytabDescriptor.KEY_OWNER, ownerMap);
- keytabMap.put(KerberosKeytabDescriptor.KEY_GROUP, groupMap);
- keytabMap.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/me.component.keytab.file");
+ keytabMap.put("file", "/home/user/me/subject.service.keytab");
+ keytabMap.put("owner", ownerMap);
+ keytabMap.put("group", groupMap);
+ keytabMap.put("configuration", "service-site/me.component.keytab.file");
MAP_VALUE_REFERENCE = new TreeMap<>();
- MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_NAME, "shared_identity");
- MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_REFERENCE, "/shared");
- MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_KEYTAB, keytabMap);
+ MAP_VALUE_REFERENCE.put("name", "shared_identity");
+ MAP_VALUE_REFERENCE.put("reference", "/shared");
+ MAP_VALUE_REFERENCE.put("keytab", keytabMap);
}
- static void validateFromJSON(KerberosIdentityDescriptor identityDescriptor) {
+ public static void validateFromJSON(KerberosIdentityDescriptor identityDescriptor) {
Assert.assertNotNull(identityDescriptor);
Assert.assertFalse(identityDescriptor.isContainer());
KerberosPrincipalDescriptorTest.validateFromJSON(identityDescriptor.getPrincipalDescriptor());
KerberosKeytabDescriptorTest.validateFromJSON(identityDescriptor.getKeytabDescriptor());
+ Assert.assertNull(identityDescriptor.getPassword());
}
- static void validateFromMap(KerberosIdentityDescriptor identityDescriptor) {
+ public static void validateFromMap(KerberosIdentityDescriptor identityDescriptor) {
Assert.assertNotNull(identityDescriptor);
Assert.assertFalse(identityDescriptor.isContainer());
KerberosPrincipalDescriptorTest.validateFromMap(identityDescriptor.getPrincipalDescriptor());
KerberosKeytabDescriptorTest.validateFromMap(identityDescriptor.getKeytabDescriptor());
+ Assert.assertEquals("secret", identityDescriptor.getPassword());
}
- static void validateUpdatedData(KerberosIdentityDescriptor identityDescriptor) {
+ public static void validateUpdatedData(KerberosIdentityDescriptor identityDescriptor) {
Assert.assertNotNull(identityDescriptor);
KerberosPrincipalDescriptorTest.validateUpdatedData(identityDescriptor.getPrincipalDescriptor());
KerberosKeytabDescriptorTest.validateUpdatedData(identityDescriptor.getKeytabDescriptor());
+ Assert.assertEquals("secret", identityDescriptor.getPassword());
}
private static KerberosIdentityDescriptor createFromJSON() {
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java
index bc41912..8cdb39e 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java
@@ -29,9 +29,9 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({category.KerberosTest.class})
+@Category({ category.KerberosTest.class})
public class KerberosKeytabDescriptorTest {
- static final String JSON_VALUE =
+ public static final String JSON_VALUE =
"{" +
" \"file\": \"/etc/security/keytabs/${host}/subject.service.keytab\"," +
" \"owner\": {" +
@@ -45,25 +45,25 @@ public class KerberosKeytabDescriptorTest {
" \"configuration\": \"service-site/service.component.keytab.file\"" +
"}";
- static final Map<String, Object> MAP_VALUE;
+ public static final Map<String, Object> MAP_VALUE;
static {
TreeMap<String, Object> ownerMap = new TreeMap<>();
- ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "root");
- ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw");
+ ownerMap.put("name", "root");
+ ownerMap.put("access", "rw");
TreeMap<String, Object> groupMap = new TreeMap<>();
- groupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "hadoop");
- groupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "r");
+ groupMap.put("name", "hadoop");
+ groupMap.put("access", "r");
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put(KerberosKeytabDescriptor.KEY_FILE, "/etc/security/keytabs/subject.service.keytab");
- MAP_VALUE.put(KerberosKeytabDescriptor.KEY_OWNER, ownerMap);
- MAP_VALUE.put(KerberosKeytabDescriptor.KEY_GROUP, groupMap);
- MAP_VALUE.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/service2.component.keytab.file");
+ MAP_VALUE.put("file", "/etc/security/keytabs/subject.service.keytab");
+ MAP_VALUE.put("owner", ownerMap);
+ MAP_VALUE.put("group", groupMap);
+ MAP_VALUE.put("configuration", "service-site/service2.component.keytab.file");
}
- static void validateFromJSON(KerberosKeytabDescriptor keytabDescriptor) {
+ public static void validateFromJSON(KerberosKeytabDescriptor keytabDescriptor) {
Assert.assertNotNull(keytabDescriptor);
Assert.assertFalse(keytabDescriptor.isContainer());
@@ -75,7 +75,7 @@ public class KerberosKeytabDescriptorTest {
Assert.assertEquals("service-site/service.component.keytab.file", keytabDescriptor.getConfiguration());
}
- static void validateFromMap(KerberosKeytabDescriptor keytabDescriptor) {
+ public static void validateFromMap(KerberosKeytabDescriptor keytabDescriptor) {
Assert.assertNotNull(keytabDescriptor);
Assert.assertFalse(keytabDescriptor.isContainer());
@@ -87,7 +87,7 @@ public class KerberosKeytabDescriptorTest {
Assert.assertEquals("service-site/service2.component.keytab.file", keytabDescriptor.getConfiguration());
}
- static void validateUpdatedData(KerberosKeytabDescriptor keytabDescriptor) {
+ public static void validateUpdatedData(KerberosKeytabDescriptor keytabDescriptor) {
Assert.assertNotNull(keytabDescriptor);
Assert.assertEquals("/etc/security/keytabs/subject.service.keytab", keytabDescriptor.getFile());
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
index 90a3f0f..b84223f 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
@@ -29,9 +29,9 @@ import com.google.gson.reflect.TypeToken;
import junit.framework.Assert;
-@Category({category.KerberosTest.class})
+@Category({ category.KerberosTest.class})
public class KerberosPrincipalDescriptorTest {
- static final String JSON_VALUE =
+ public static final String JSON_VALUE =
"{" +
"\"value\": \"service/_HOST@_REALM\"," +
"\"configuration\": \"service-site/service.component.kerberos.principal\"," +
@@ -39,27 +39,27 @@ public class KerberosPrincipalDescriptorTest {
"\"local_username\": \"localUser\"" +
"}";
- private static final String JSON_VALUE_SPARSE =
+ public static final String JSON_VALUE_SPARSE =
"{" +
"\"value\": \"serviceOther/_HOST@_REALM\"" +
"}";
public static final Map<String, Object> MAP_VALUE;
- private static final Map<String, Object> MAP_VALUE_SPARSE;
+ public static final Map<String, Object> MAP_VALUE_SPARSE;
static {
MAP_VALUE = new TreeMap<>();
- MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_VALUE, "user@_REALM");
- MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_CONFIGURATION, "service-site/service.component.kerberos.https.principal");
- MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_TYPE, "user");
- MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_LOCAL_USERNAME, null);
+ MAP_VALUE.put("value", "user@_REALM");
+ MAP_VALUE.put("configuration", "service-site/service.component.kerberos.https.principal");
+ MAP_VALUE.put("type", "user");
+ MAP_VALUE.put("local_username", null);
MAP_VALUE_SPARSE = new TreeMap<>();
- MAP_VALUE_SPARSE.put(KerberosPrincipalDescriptor.KEY_VALUE, "userOther@_REALM");
+ MAP_VALUE_SPARSE.put("value", "userOther@_REALM");
}
- static void validateFromJSON(KerberosPrincipalDescriptor principalDescriptor) {
+ public static void validateFromJSON(KerberosPrincipalDescriptor principalDescriptor) {
Assert.assertNotNull(principalDescriptor);
Assert.assertFalse(principalDescriptor.isContainer());
Assert.assertEquals("service/_HOST@_REALM", principalDescriptor.getValue());
@@ -68,7 +68,7 @@ public class KerberosPrincipalDescriptorTest {
Assert.assertEquals("localUser", principalDescriptor.getLocalUsername());
}
- static void validateFromMap(KerberosPrincipalDescriptor principalDescriptor) {
+ public static void validateFromMap(KerberosPrincipalDescriptor principalDescriptor) {
Assert.assertNotNull(principalDescriptor);
Assert.assertFalse(principalDescriptor.isContainer());
Assert.assertEquals("user@_REALM", principalDescriptor.getValue());
@@ -77,7 +77,7 @@ public class KerberosPrincipalDescriptorTest {
Assert.assertNull(principalDescriptor.getLocalUsername());
}
- static void validateUpdatedData(KerberosPrincipalDescriptor principalDescriptor) {
+ public static void validateUpdatedData(KerberosPrincipalDescriptor principalDescriptor) {
Assert.assertNotNull(principalDescriptor);
Assert.assertEquals("user@_REALM", principalDescriptor.getValue());
Assert.assertEquals("service-site/service.component.kerberos.https.principal", principalDescriptor.getConfiguration());
http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java
index 400116d..e4d3c90 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java
@@ -37,9 +37,9 @@ import com.google.gson.Gson;
import junit.framework.Assert;
-@Category({category.KerberosTest.class})
+@Category({ category.KerberosTest.class})
public class KerberosServiceDescriptorTest {
- static final String JSON_VALUE =
+ public static final String JSON_VALUE =
"{" +
" \"name\": \"SERVICE_NAME\"," +
" \"preconfigure\": \"true\"," +
@@ -62,7 +62,7 @@ public class KerberosServiceDescriptorTest {
" ]" +
"}";
- private static final String JSON_VALUE_SERVICES =
+ public static final String JSON_VALUE_SERVICES =
"{ " +
"\"services\" : [" +
"{" +
@@ -130,22 +130,22 @@ public class KerberosServiceDescriptorTest {
MAP_VALUE = new TreeMap<>();
MAP_VALUE.put("name", "A_DIFFERENT_SERVICE_NAME");
- MAP_VALUE.put(KerberosServiceDescriptor.KEY_IDENTITIES, identitiesMap.values());
- MAP_VALUE.put(KerberosServiceDescriptor.KEY_COMPONENTS, componentsMap.values());
- MAP_VALUE.put(KerberosServiceDescriptor.KEY_CONFIGURATIONS, configurationsMap.values());
- MAP_VALUE.put(KerberosServiceDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules);
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), identitiesMap.values());
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.COMPONENT.getDescriptorPluralName(), componentsMap.values());
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values());
+ MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules);
}
private static final KerberosServiceDescriptorFactory KERBEROS_SERVICE_DESCRIPTOR_FACTORY = new KerberosServiceDescriptorFactory();
- private static void validateFromJSON(KerberosServiceDescriptor[] serviceDescriptors) {
+ public static void validateFromJSON(KerberosServiceDescriptor[] serviceDescriptors) {
Assert.assertNotNull(serviceDescriptors);
Assert.assertEquals(2, serviceDescriptors.length);
validateFromJSON(serviceDescriptors[0]);
}
- static void validateFromJSON(KerberosServiceDescriptor serviceDescriptor) {
+ public static void validateFromJSON(KerberosServiceDescriptor serviceDescriptor) {
Assert.assertNotNull(serviceDescriptor);
Assert.assertTrue(serviceDescriptor.isContainer());
@@ -190,7 +190,7 @@ public class KerberosServiceDescriptorTest {
Assert.assertEquals("service.name.rules1", authToLocalProperties.iterator().next());
}
- static void validateFromMap(KerberosServiceDescriptor serviceDescriptor) {
+ public static void validateFromMap(KerberosServiceDescriptor serviceDescriptor) {
Assert.assertNotNull(serviceDescriptor);
Assert.assertTrue(serviceDescriptor.isContainer());
@@ -235,7 +235,7 @@ public class KerberosServiceDescriptorTest {
Assert.assertEquals("service.name.rules2", authToLocalProperties.iterator().next());
}
- private void validateUpdatedData(KerberosServiceDescriptor serviceDescriptor) {
+ public void validateUpdatedData(KerberosServiceDescriptor serviceDescriptor) {
Assert.assertNotNull(serviceDescriptor);
Assert.assertEquals("A_DIFFERENT_SERVICE_NAME", serviceDescriptor.getName());
@@ -387,6 +387,8 @@ public class KerberosServiceDescriptorTest {
/**
* Test a JSON object in which only only a Service and configs are defined, but no Components.
+ *
+ * @throws AmbariException
*/
@Test
public void testJSONWithOnlyServiceNameAndConfigurations() throws AmbariException {
[2/2] ambari git commit: AMBARI-21938. Validate kerberos.json files
to ensure they meet the expected schema (rlevas)
Posted by rl...@apache.org.
AMBARI-21938. Validate kerberos.json files to ensure they meet the expected schema (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/dd6cc606
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/dd6cc606
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/dd6cc606
Branch: refs/heads/trunk
Commit: dd6cc606b3918f339037a66b54f6debb8ea10586
Parents: 3cdac5f
Author: Robert Levas <rl...@hortonworks.com>
Authored: Mon Sep 18 13:48:23 2017 -0400
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Mon Sep 18 13:48:23 2017 -0400
----------------------------------------------------------------------
.../resources/kerberos_descriptor_schema.json | 193 +++++++++++++++++++
1 file changed, 193 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/dd6cc606/ambari-server/src/main/resources/kerberos_descriptor_schema.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/kerberos_descriptor_schema.json b/ambari-server/src/main/resources/kerberos_descriptor_schema.json
new file mode 100644
index 0000000..34cdd49
--- /dev/null
+++ b/ambari-server/src/main/resources/kerberos_descriptor_schema.json
@@ -0,0 +1,193 @@
+{
+ "definitions": {
+ "identity": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "pattern": "^(\\.\\/)?[/a-zA-Z0-9_\\-]+$"
+ },
+ "reference": {
+ "type": "string"
+ },
+ "principal": {
+ "type": "object",
+ "properties": {
+ "value": {
+ "type": "string"
+ },
+ "type": {
+ "type": "string",
+ "pattern": "^user|service|USER|SERVICE$"
+ },
+ "configuration": {
+ "type": "string"
+ },
+ "local_username": {
+ "type": "string"
+ }
+ }
+ },
+ "keytab": {
+ "type": "object",
+ "properties": {
+ "file": {
+ "type": "string"
+ },
+ "owner": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "access": {
+ "type": "string",
+ "pattern": "^r?|rw$"
+ }
+ }
+ },
+ "group": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "access": {
+ "type": "string",
+ "pattern": "^r?|rw$"
+ }
+ }
+ },
+ "configuration": {
+ "type": "string"
+ }
+ }
+ },
+ "when": {
+ "type": "object",
+ "properties": {
+ "contains": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "additionalProperties": false
+ },
+ "identities": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/identity"
+ }
+ },
+ "configurations": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/configuration"
+ }
+ },
+ "configuration": {
+ "type": "object",
+ "properties": {
+ "type": "object",
+ "patternProperties": {
+ "^.+$": {
+ "type": "integer"
+ }
+ },
+ "additionalProperties": false
+ }
+ },
+ "service": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "identities": {
+ "$ref": "#/definitions/identities"
+ },
+ "configurations": {
+ "$ref": "#/definitions/configurations"
+ },
+ "preconfigure": {
+ "type": "boolean"
+ },
+ "components": {
+ "$ref": "#/definitions/components"
+ },
+ "auth_to_local_properties": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "additionalProperties": false
+ },
+ "services": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/service"
+ }
+ },
+ "component": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "identities": {
+ "$ref": "#/definitions/identities"
+ },
+ "configurations": {
+ "$ref": "#/definitions/configurations"
+ },
+ "auth_to_local_properties": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ "required": [
+ "name"
+ ],
+ "additionalProperties": false
+ },
+ "components": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/component"
+ }
+ }
+ },
+ "type": "object",
+ "properties": {
+ "properties": {
+ "type": "object",
+ "patternProperties": {
+ "^.+$": {
+ "type": "string"
+ }
+ },
+ "additionalProperties": false
+ },
+ "identities": {
+ "$ref": "#/definitions/identities"
+ },
+ "services": {
+ "$ref": "#/definitions/services"
+ }
+ },
+ "additionalProperties": false
+}
\ No newline at end of file