You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "Hive QA (Jira)" <ji...@apache.org> on 2020/02/15 05:26:00 UTC

[jira] [Commented] (HIVE-21894) Hadoop credential password storage for the Kafka Storage handler when security is SSL

    [ https://issues.apache.org/jira/browse/HIVE-21894?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17037427#comment-17037427 ] 

Hive QA commented on HIVE-21894:
--------------------------------

| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
|| || || || {color:brown} Prechecks {color} ||
| {color:green}+1{color} | {color:green} @author {color} | {color:green}  0m  0s{color} | {color:green} The patch does not contain any @author tags. {color} |
|| || || || {color:brown} master Compile Tests {color} ||
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green}  9m 49s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green}  0m 18s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green}  0m 10s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green}  0m 29s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green}  0m 12s{color} | {color:green} master passed {color} |
|| || || || {color:brown} Patch Compile Tests {color} ||
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green}  0m 20s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green}  0m 19s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green}  0m 19s{color} | {color:green} the patch passed {color} |
| {color:red}-1{color} | {color:red} checkstyle {color} | {color:red}  0m 11s{color} | {color:red} kafka-handler: The patch generated 8 new + 2 unchanged - 0 fixed = 10 total (was 2) {color} |
| {color:red}-1{color} | {color:red} whitespace {color} | {color:red}  0m  0s{color} | {color:red} The patch has 3 line(s) that end in whitespace. Use git apply --whitespace=fix <<patch_file>>. Refer https://git-scm.com/docs/git-apply {color} |
| {color:red}-1{color} | {color:red} findbugs {color} | {color:red}  0m 37s{color} | {color:red} kafka-handler generated 1 new + 0 unchanged - 0 fixed = 1 total (was 0) {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green}  0m 13s{color} | {color:green} the patch passed {color} |
|| || || || {color:brown} Other Tests {color} ||
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green}  0m 14s{color} | {color:green} The patch does not generate ASF License warnings. {color} |
| {color:black}{color} | {color:black} {color} | {color:black} 13m 17s{color} | {color:black} {color} |
\\
\\
|| Reason || Tests ||
| FindBugs | module:kafka-handler |
|  |  Exceptional return value of java.io.File.mkdirs() ignored in org.apache.hadoop.hive.kafka.KafkaUtils.writeStoreToLocal(Configuration, String, String)  At KafkaUtils.java:ignored in org.apache.hadoop.hive.kafka.KafkaUtils.writeStoreToLocal(Configuration, String, String)  At KafkaUtils.java:[line 166] |
\\
\\
|| Subsystem || Report/Notes ||
| Optional Tests |  asflicense  javac  javadoc  findbugs  checkstyle  compile  |
| uname | Linux hiveptest-server-upstream 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux |
| Build tool | maven |
| Personality | /data/hiveptest/working/yetus_PreCommit-HIVE-Build-20640/dev-support/hive-personality.sh |
| git revision | master / 85255ed |
| Default Java | 1.8.0_111 |
| findbugs | v3.0.1 |
| checkstyle | http://104.198.109.242/logs//PreCommit-HIVE-Build-20640/yetus/diff-checkstyle-kafka-handler.txt |
| whitespace | http://104.198.109.242/logs//PreCommit-HIVE-Build-20640/yetus/whitespace-eol.txt |
| findbugs | http://104.198.109.242/logs//PreCommit-HIVE-Build-20640/yetus/new-findbugs-kafka-handler.html |
| modules | C: kafka-handler U: kafka-handler |
| Console output | http://104.198.109.242/logs//PreCommit-HIVE-Build-20640/yetus.txt |
| Powered by | Apache Yetus    http://yetus.apache.org |


This message was automatically generated.



> Hadoop credential password storage for the Kafka Storage handler when security is SSL
> -------------------------------------------------------------------------------------
>
>                 Key: HIVE-21894
>                 URL: https://issues.apache.org/jira/browse/HIVE-21894
>             Project: Hive
>          Issue Type: Improvement
>          Components: kafka integration
>    Affects Versions: 4.0.0
>            Reporter: Kristopher Kane
>            Assignee: Justin Leet
>            Priority: Minor
>              Labels: pull-request-available
>             Fix For: 4.0.0
>
>         Attachments: HIVE-21894.1.patch
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The Kafka storage handler assumes that if the Hive service is configured with Kerberos then the destination Kafka cluster is also secured with the same Kerberos realm or trust of realms.  The security configuration of the Kafka client can be overwritten due to the additive operations of the Kafka client configs, but, the only way to specify SSL and the keystore/truststore user/pass is via plain text table properties. 
> This ticket proposes adding Hadoop credential security to the Kafka storage handler in support of SSL secured Kafka clusters.  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)