You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@spark.apache.org by GitBox <gi...@apache.org> on 2021/04/06 13:36:10 UTC

[GitHub] [spark] gengliangwang opened a new pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

gengliangwang opened a new pull request #32066:
URL: https://github.com/apache/spark/pull/32066


   <!--
   Thanks for sending a pull request!  Here are some tips for you:
     1. If this is your first time, please read our contributor guidelines: https://spark.apache.org/contributing.html
     2. Ensure you have added or run the appropriate tests for your PR: https://spark.apache.org/developer-tools.html
     3. If the PR is unfinished, add '[WIP]' in your PR title, e.g., '[WIP][SPARK-XXXX] Your PR title ...'.
     4. Be sure to keep the PR description updated to reflect all changes.
     5. Please write your PR title to summarize what this PR proposes.
     6. If possible, provide a concise example to reproduce the issue for a faster review.
     7. If you want to add a new configuration, please read the guideline first for naming configurations in
        'core/src/main/scala/org/apache/spark/internal/config/ConfigEntry.scala'.
   -->
   
   ### What changes were proposed in this pull request?
   <!--
   Please clarify what changes you are proposing. The purpose of this section is to outline the changes and how this PR fixes the issue. 
   If possible, please consider writing useful notes for better and faster reviews in your PR. See the examples below.
     1. If you refactor some codes with changing classes, showing the class hierarchy will help reviewers.
     2. If you fix some SQL features, you can provide some references of other DBMSes.
     3. If there is design documentation, please add the link.
     4. If there is a discussion in the mailing list, please add the link.
   -->
   The `explain()` method prints the arguments of tree nodes in logical/physical plans. The arguments could contain a map-type option that contains sensitive data.
   We should map-type options in the output of `explain()`. `Otherwise` we will see sensitive data in explain output or Spark UI.
   ![image](https://user-images.githubusercontent.com/1097932/113719178-326ffb00-96a2-11eb-8a2c-28fca3e72941.png)
   
   
   ### Why are the changes needed?
   <!--
   Please clarify why the changes are needed. For instance,
     1. If you propose a new API, clarify the use case for a new API.
     2. If you fix a bug, you can clarify why it is a bug.
   -->
   Data security.
   
   ### Does this PR introduce _any_ user-facing change?
   <!--
   Note that it means *any* user-facing change including all aspects such as the documentation fix.
   If yes, please clarify the previous behavior and the change this PR proposes - provide the console output, description and/or an example to show the behavior difference if possible.
   If possible, please also clarify if this is a user-facing change compared to the released Spark versions or within the unreleased branches such as master.
   If no, write 'No'.
   -->
   Yes, redact the map-type options in the output of `explain()`
   
   ### How was this patch tested?
   <!--
   If tests were added, say they were added here. Please make sure to add some test cases that check the changes thoroughly including negative and positive cases if possible.
   If it was tested in a way different from regular unit tests, please clarify how you tested step by step, ideally copy and paste-able, so that other reviewers can test and check, and descendants can verify in the future.
   If tests were not added, please describe why they were not added and/or why it was difficult to add.
   -->
   Unit tests


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
SparkQA commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814585911


   **[Test build #136986 has started](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/136986/testReport)** for PR 32066 at commit [`b76f664`](https://github.com/apache/spark/commit/b76f664d78125d2f2499477cbea6c94d8512b3dd).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
AmplabJenkins commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814612482


   
   Refer to this link for build results (access rights to CI server needed): 
   https://amplab.cs.berkeley.edu/jenkins//job/SparkPullRequestBuilder-K8s/41563/
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
SparkQA commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814357897


   **[Test build #136948 has finished](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/136948/testReport)** for PR 32066 at commit [`7f8d34f`](https://github.com/apache/spark/commit/7f8d34f2b99cda8b91329c1d5040c3e49bc4c5a9).
    * This patch passes all tests.
    * This patch merges cleanly.
    * This patch adds no public classes.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
gengliangwang commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814794108


   GA passes. Merging to master and branch-3.1.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang closed pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
gengliangwang closed pull request #32066:
URL: https://github.com/apache/spark/pull/32066


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins removed a comment on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
AmplabJenkins removed a comment on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814370100


   
   Refer to this link for build results (access rights to CI server needed): 
   https://amplab.cs.berkeley.edu/jenkins//job/SparkPullRequestBuilder/136948/
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA removed a comment on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
SparkQA removed a comment on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814150853


   **[Test build #136948 has started](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/136948/testReport)** for PR 32066 at commit [`7f8d34f`](https://github.com/apache/spark/commit/7f8d34f2b99cda8b91329c1d5040c3e49bc4c5a9).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] mridulm commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
mridulm commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814724371


   +CC @xkrogen 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] dongjoon-hyun commented on a change in pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
dongjoon-hyun commented on a change in pull request #32066:
URL: https://github.com/apache/spark/pull/32066#discussion_r608218197



##########
File path: sql/core/src/test/scala/org/apache/spark/sql/ExplainSuite.scala
##########
@@ -69,6 +71,18 @@ trait ExplainSuiteHelper extends QueryTest with SharedSparkSession {
   protected def checkKeywordsExistsInExplain(df: DataFrame, keywords: String*): Unit = {
     checkKeywordsExistsInExplain(df, ExtendedMode, keywords: _*)
   }
+
+    /**

Review comment:
       indentation?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] dongjoon-hyun commented on a change in pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
dongjoon-hyun commented on a change in pull request #32066:
URL: https://github.com/apache/spark/pull/32066#discussion_r608218435



##########
File path: sql/core/src/test/scala/org/apache/spark/sql/ExplainSuite.scala
##########
@@ -346,6 +360,45 @@ class ExplainSuite extends ExplainSuiteHelper with DisableAdaptiveExecutionSuite
         Nil: _*)
   }
 
+  test("Redact Map type options in explain output") {
+    val password = "MyPassWord"
+    val token = "MyToken"
+    val value = "value"
+    val options = Map("password" -> password, "token" -> token, "key" -> value)
+    val cmd = SaveIntoDataSourceCommand(spark.range(10).logicalPlan, new TestOptionsSource,
+      options, SaveMode.Overwrite)
+
+    Seq(SimpleMode, ExtendedMode, FormattedMode).foreach { mode =>
+      checkKeywordsExistsInExplain(cmd, mode, value)
+    }
+    Seq(SimpleMode, ExtendedMode, CodegenMode, CostMode, FormattedMode).foreach { mode =>
+      checkKeywordsNotExistsInExplain(cmd, mode, password)
+      checkKeywordsNotExistsInExplain(cmd, mode, token)
+    }
+  }
+
+  test("Redact CaseInsensitiveMap type options in explain output") {

Review comment:
       ditto.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
SparkQA commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814775821


   **[Test build #136986 has finished](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/136986/testReport)** for PR 32066 at commit [`b76f664`](https://github.com/apache/spark/commit/b76f664d78125d2f2499477cbea6c94d8512b3dd).
    * This patch **fails SparkR unit tests**.
    * This patch merges cleanly.
    * This patch adds no public classes.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA removed a comment on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
SparkQA removed a comment on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814585911


   **[Test build #136986 has started](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/136986/testReport)** for PR 32066 at commit [`b76f664`](https://github.com/apache/spark/commit/b76f664d78125d2f2499477cbea6c94d8512b3dd).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
SparkQA commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814150853


   **[Test build #136948 has started](https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder/136948/testReport)** for PR 32066 at commit [`7f8d34f`](https://github.com/apache/spark/commit/7f8d34f2b99cda8b91329c1d5040c3e49bc4c5a9).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
AmplabJenkins commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814788674


   
   Refer to this link for build results (access rights to CI server needed): 
   https://amplab.cs.berkeley.edu/jenkins//job/SparkPullRequestBuilder/136986/
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
AmplabJenkins commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814196320


   
   Refer to this link for build results (access rights to CI server needed): 
   https://amplab.cs.berkeley.edu/jenkins//job/SparkPullRequestBuilder-K8s/41524/
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins removed a comment on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
AmplabJenkins removed a comment on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814196320


   
   Refer to this link for build results (access rights to CI server needed): 
   https://amplab.cs.berkeley.edu/jenkins//job/SparkPullRequestBuilder-K8s/41524/
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins removed a comment on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
AmplabJenkins removed a comment on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814612482






-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] dongjoon-hyun commented on a change in pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
dongjoon-hyun commented on a change in pull request #32066:
URL: https://github.com/apache/spark/pull/32066#discussion_r608218343



##########
File path: sql/core/src/test/scala/org/apache/spark/sql/ExplainSuite.scala
##########
@@ -346,6 +360,45 @@ class ExplainSuite extends ExplainSuiteHelper with DisableAdaptiveExecutionSuite
         Nil: _*)
   }
 
+  test("Redact Map type options in explain output") {

Review comment:
       Shall we add `SPARK-34970: ` prefix?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] gengliangwang edited a comment on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
gengliangwang edited a comment on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814794108


   GA passes. Merging to master.
   I will create another PR for branch 3.1.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
AmplabJenkins commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814370100


   
   Refer to this link for build results (access rights to CI server needed): 
   https://amplab.cs.berkeley.edu/jenkins//job/SparkPullRequestBuilder/136948/
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
SparkQA commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814196275






-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] SparkQA commented on pull request #32066: [SPARK-34970][SQL][SERCURITY] Redact map-type options in the output of explain()

Posted by GitBox <gi...@apache.org>.
SparkQA commented on pull request #32066:
URL: https://github.com/apache/spark/pull/32066#issuecomment-814612454






-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org