You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by am...@apache.org on 2018/05/31 13:35:50 UTC
[ambari] branch trunk updated: AMBARI-23994. "Ambari persisted
credential store" pre check appearing in Patch Upgrade. (amagyar) (#1425)
This is an automated email from the ASF dual-hosted git repository.
amagyar pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new ed1f013 AMBARI-23994. "Ambari persisted credential store" pre check appearing in Patch Upgrade. (amagyar) (#1425)
ed1f013 is described below
commit ed1f013086b227471dcb1a17f56c644814fb7706
Author: Attila Magyar <m....@gmail.com>
AuthorDate: Thu May 31 15:35:36 2018 +0200
AMBARI-23994. "Ambari persisted credential store" pre check appearing in Patch Upgrade. (amagyar) (#1425)
---
.../server/checks/ComponentsExistInRepoCheck.java | 3 ++-
.../KerberosAdminPersistedCredentialCheck.java | 28 +++++++++++++++++++++-
.../server/controller/PrereqCheckRequest.java | 11 ---------
.../ambari/server/state/stack/UpgradePack.java | 11 +++++++++
.../checks/ComponentExistsInRepoCheckTest.java | 3 ++-
.../KerberosAdminPersistedCredentialCheckTest.java | 24 +++++++++++++++++++
6 files changed, 66 insertions(+), 14 deletions(-)
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/checks/ComponentsExistInRepoCheck.java b/ambari-server/src/main/java/org/apache/ambari/server/checks/ComponentsExistInRepoCheck.java
index a64d381..fca4131 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/checks/ComponentsExistInRepoCheck.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/checks/ComponentsExistInRepoCheck.java
@@ -30,6 +30,7 @@ import org.apache.ambari.server.state.stack.PrereqCheckStatus;
import org.apache.ambari.server.state.stack.PrerequisiteCheck;
import org.apache.ambari.server.state.stack.UpgradePack;
import org.apache.ambari.server.state.stack.upgrade.ClusterGrouping;
+import org.apache.ambari.server.state.stack.upgrade.Direction;
import org.apache.ambari.server.state.stack.upgrade.ServerActionTask;
import org.apache.ambari.server.state.stack.upgrade.Task;
import org.apache.ambari.server.state.stack.upgrade.UpgradeType;
@@ -87,7 +88,7 @@ public class ComponentsExistInRepoCheck extends AbstractCheckDescriptor {
request.getClusterName(),
request.getSourceStackId(),
request.getTargetRepositoryVersion().getStackId(),
- request.getDirection(),
+ Direction.UPGRADE,
request.getUpgradeType(),
null);
}
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/checks/KerberosAdminPersistedCredentialCheck.java b/ambari-server/src/main/java/org/apache/ambari/server/checks/KerberosAdminPersistedCredentialCheck.java
index 1e5821d..7735e4b 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/checks/KerberosAdminPersistedCredentialCheck.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/checks/KerberosAdminPersistedCredentialCheck.java
@@ -17,6 +17,8 @@
*/
package org.apache.ambari.server.checks;
+import static org.apache.ambari.server.state.stack.upgrade.Task.Type.REGENERATE_KEYTABS;
+
import java.util.Collections;
import java.util.Set;
@@ -27,9 +29,14 @@ import org.apache.ambari.server.security.encryption.CredentialStoreService;
import org.apache.ambari.server.security.encryption.CredentialStoreType;
import org.apache.ambari.server.state.Cluster;
import org.apache.ambari.server.state.SecurityType;
+import org.apache.ambari.server.state.UpgradeHelper;
import org.apache.ambari.server.state.stack.PrereqCheckStatus;
import org.apache.ambari.server.state.stack.PrerequisiteCheck;
+import org.apache.ambari.server.state.stack.UpgradePack;
+import org.apache.ambari.server.state.stack.upgrade.Direction;
import org.apache.ambari.server.state.stack.upgrade.UpgradeType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import com.google.inject.Inject;
@@ -45,7 +52,7 @@ import com.google.inject.Inject;
group = UpgradeCheckGroup.KERBEROS,
required = {UpgradeType.ROLLING, UpgradeType.NON_ROLLING, UpgradeType.HOST_ORDERED})
public class KerberosAdminPersistedCredentialCheck extends AbstractCheckDescriptor {
-
+ private static final Logger LOG = LoggerFactory.getLogger(KerberosAdminPersistedCredentialCheck.class);
public static final String KEY_PERSISTED_STORE_NOT_CONFIGURED = "persisted_store_no_configured";
public static final String KEY_CREDENTIAL_NOT_STORED = "admin_credential_not_stored";
@@ -53,6 +60,9 @@ public class KerberosAdminPersistedCredentialCheck extends AbstractCheckDescript
@Inject
private CredentialStoreService credentialStoreService;
+ @Inject
+ private UpgradeHelper upgradeHelper;
+
/**
* Constructor.
*/
@@ -83,6 +93,11 @@ public class KerberosAdminPersistedCredentialCheck extends AbstractCheckDescript
return;
}
+ if (!upgradePack(request).anyGroupTaskMatch(task -> task.getType() == REGENERATE_KEYTABS)) {
+ LOG.info("Skipping upgrade check {} because there is no {} in the upgrade pack.", this.getClass().getSimpleName(), REGENERATE_KEYTABS);
+ return;
+ }
+
// Perform the check only if Ambari is managing the Kerberos identities
if (!"true".equalsIgnoreCase(getProperty(request, "kerberos-env", "manage_identities"))) {
return;
@@ -101,4 +116,15 @@ public class KerberosAdminPersistedCredentialCheck extends AbstractCheckDescript
}
}
+
+ private UpgradePack upgradePack(PrereqCheckRequest request) throws AmbariException {
+ return upgradeHelper.suggestUpgradePack(
+ request.getClusterName(),
+ request.getSourceStackId(),
+ request.getTargetRepositoryVersion().getStackId(),
+ Direction.UPGRADE,
+ request.getUpgradeType(),
+ null);
+ }
+
}
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/PrereqCheckRequest.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/PrereqCheckRequest.java
index 40e21e5..6d9f655 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/PrereqCheckRequest.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/PrereqCheckRequest.java
@@ -25,7 +25,6 @@ import org.apache.ambari.server.orm.entities.RepositoryVersionEntity;
import org.apache.ambari.server.state.StackId;
import org.apache.ambari.server.state.stack.PrereqCheckStatus;
import org.apache.ambari.server.state.stack.UpgradePack.PrerequisiteCheckConfig;
-import org.apache.ambari.server.state.stack.upgrade.Direction;
import org.apache.ambari.server.state.stack.upgrade.UpgradeType;
/**
@@ -151,14 +150,4 @@ public class PrereqCheckRequest {
public boolean isRevert() {
return m_revert;
}
-
- public Direction getDirection() {
- int direction = m_sourceStackId.compareTo(m_targetRepositoryVersion.getStackId());
- if (direction < 0) {
- return Direction.UPGRADE;
- } else if (direction > 0) {
- return Direction.DOWNGRADE;
- }
- throw new RuntimeException("Invalid upgrade direction. Source and target version is the same.");
- }
}
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/stack/UpgradePack.java b/ambari-server/src/main/java/org/apache/ambari/server/state/stack/UpgradePack.java
index 35c081a..33b145a 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/stack/UpgradePack.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/stack/UpgradePack.java
@@ -23,6 +23,7 @@ import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
+import java.util.function.Predicate;
import java.util.regex.Pattern;
import javax.xml.bind.Unmarshaller;
@@ -779,4 +780,14 @@ public class UpgradePack {
private List<Task> tasks = new ArrayList<>();
}
+ /**
+ * @return true if this upgrade pack contains a group with a task that matches the given predicate
+ */
+ public boolean anyGroupTaskMatch(Predicate<Task> taskPredicate) {
+ return getAllGroups().stream()
+ .filter(ClusterGrouping.class::isInstance)
+ .flatMap(group -> ((ClusterGrouping) group).executionStages.stream())
+ .map(executeStage -> executeStage.task)
+ .anyMatch(taskPredicate);
+ }
}
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/checks/ComponentExistsInRepoCheckTest.java b/ambari-server/src/test/java/org/apache/ambari/server/checks/ComponentExistsInRepoCheckTest.java
index f5635fe..35f381d 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/checks/ComponentExistsInRepoCheckTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/checks/ComponentExistsInRepoCheckTest.java
@@ -38,6 +38,7 @@ import org.apache.ambari.server.state.stack.PrereqCheckStatus;
import org.apache.ambari.server.state.stack.PrerequisiteCheck;
import org.apache.ambari.server.state.stack.UpgradePack;
import org.apache.ambari.server.state.stack.upgrade.ClusterGrouping;
+import org.apache.ambari.server.state.stack.upgrade.Direction;
import org.apache.ambari.server.state.stack.upgrade.ServerActionTask;
import org.easymock.EasyMockRunner;
import org.easymock.EasyMockSupport;
@@ -113,7 +114,7 @@ public class ComponentExistsInRepoCheckTest extends EasyMockSupport {
"cluster",
request.getSourceStackId(),
request.getTargetRepositoryVersion().getStackId(),
- request.getDirection(),
+ Direction.UPGRADE,
request.getUpgradeType(),
null)).andReturn(upgradePack).anyTimes();
}
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/checks/KerberosAdminPersistedCredentialCheckTest.java b/ambari-server/src/test/java/org/apache/ambari/server/checks/KerberosAdminPersistedCredentialCheckTest.java
index 46184ec..0a6888a 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/checks/KerberosAdminPersistedCredentialCheckTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/checks/KerberosAdminPersistedCredentialCheckTest.java
@@ -17,6 +17,8 @@
*/
package org.apache.ambari.server.checks;
+import static org.easymock.EasyMock.anyObject;
+import static org.easymock.EasyMock.eq;
import static org.easymock.EasyMock.expect;
import java.util.Collections;
@@ -46,6 +48,7 @@ import org.apache.ambari.server.metadata.RoleCommandOrderProvider;
import org.apache.ambari.server.orm.DBAccessor;
import org.apache.ambari.server.orm.dao.ArtifactDAO;
import org.apache.ambari.server.orm.dao.HostRoleCommandDAO;
+import org.apache.ambari.server.orm.entities.RepositoryVersionEntity;
import org.apache.ambari.server.scheduler.ExecutionScheduler;
import org.apache.ambari.server.scheduler.ExecutionSchedulerImpl;
import org.apache.ambari.server.security.SecurityHelper;
@@ -60,16 +63,22 @@ import org.apache.ambari.server.state.ConfigHelper;
import org.apache.ambari.server.state.DesiredConfig;
import org.apache.ambari.server.state.SecurityType;
import org.apache.ambari.server.state.ServiceComponentHostFactory;
+import org.apache.ambari.server.state.UpgradeHelper;
import org.apache.ambari.server.state.stack.OsFamily;
import org.apache.ambari.server.state.stack.PrereqCheckStatus;
import org.apache.ambari.server.state.stack.PrerequisiteCheck;
import org.apache.ambari.server.state.stack.UpgradePack;
+import org.apache.ambari.server.state.stack.upgrade.Direction;
+import org.apache.ambari.server.state.stack.upgrade.UpgradeType;
import org.apache.ambari.server.testutils.PartialNiceMockBinder;
import org.apache.ambari.server.topology.PersistedState;
import org.apache.ambari.server.topology.PersistedStateImpl;
+import org.easymock.EasyMockRunner;
import org.easymock.EasyMockSupport;
+import org.easymock.Mock;
import org.junit.Assert;
import org.junit.Test;
+import org.junit.runner.RunWith;
import org.springframework.security.crypto.password.PasswordEncoder;
import com.google.inject.AbstractModule;
@@ -77,7 +86,10 @@ import com.google.inject.Guice;
import com.google.inject.Injector;
import com.google.inject.Provider;
+@RunWith(EasyMockRunner.class)
public class KerberosAdminPersistedCredentialCheckTest extends EasyMockSupport {
+ @Mock
+ private UpgradeHelper upgradeHelper;
@Test
public void testMissingCredentialStoreKerberosEnabledManagingIdentities() throws Exception {
@@ -146,8 +158,14 @@ public class KerberosAdminPersistedCredentialCheckTest extends EasyMockSupport {
PrerequisiteCheck prerequisiteCheck = new PrerequisiteCheck(null, null);
PrereqCheckRequest request = new PrereqCheckRequest(clusterName);
+
+ RepositoryVersionEntity repositoryVersion = new RepositoryVersionEntity();
+ request.setTargetRepositoryVersion(repositoryVersion);
request.setPrerequisiteCheckConfig(prerequisiteCheckConfig);
+ expect(upgradeHelper.suggestUpgradePack(eq(clusterName), anyObject(), anyObject(), eq(Direction.UPGRADE), eq(UpgradeType.ROLLING), anyObject()))
+ .andReturn(upgradePackWithRegenKeytab()).anyTimes();
+
DesiredConfig desiredKerberosEnv = createMock(DesiredConfig.class);
expect(desiredKerberosEnv.getTag()).andReturn("tag").anyTimes();
@@ -188,6 +206,11 @@ public class KerberosAdminPersistedCredentialCheckTest extends EasyMockSupport {
return prerequisiteCheck;
}
+ private UpgradePack upgradePackWithRegenKeytab() {
+ UpgradePack upgradePack = createMock(UpgradePack.class);
+ expect(upgradePack.anyGroupTaskMatch(anyObject())).andReturn(true).anyTimes();
+ return upgradePack;
+ }
Injector getInjector() {
return Guice.createInjector(new AbstractModule() {
@@ -221,6 +244,7 @@ public class KerberosAdminPersistedCredentialCheckTest extends EasyMockSupport {
bind(AuditLogger.class).toInstance(createNiceMock(AuditLogger.class));
bind(ArtifactDAO.class).toInstance(createNiceMock(ArtifactDAO.class));
bind(RoleCommandOrderProvider.class).to(CachedRoleCommandOrderProvider.class);
+ bind(UpgradeHelper.class).toInstance(upgradeHelper);
bind(CredentialStoreService.class).toInstance(createMock(CredentialStoreService.class));
}
--
To stop receiving notification emails like this one, please contact
amagyar@apache.org.