You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2016/03/25 02:11:30 UTC
[2/2] ambari git commit: AMBARI-15338. After exporting blueprint from ranger enabled cluster ranger.service.https.attrib.keystore.pass is exported. (Amruta Borkar via rlevas)

AMBARI-15338. After exporting blueprint from ranger enabled cluster ranger.service.https.attrib.keystore.pass is exported. (Amruta Borkar via rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f3cab462
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f3cab462
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f3cab462

Branch: refs/heads/trunk
Commit: f3cab462ff78081dd65d87ef873b278f6261319c
Parents: 838fbeb
Author: Amruta Borkar <ar...@us.ibm.com>
Authored: Thu Mar 24 21:11:37 2016 -0400
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Thu Mar 24 21:11:37 2016 -0400

----------------------------------------------------------------------
 .../BlueprintConfigurationProcessor.java        | 30 +++++++++++++++++-
 .../BlueprintConfigurationProcessorTest.java    | 33 ++++++++++++++++++++
 2 files changed, 62 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/f3cab462/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
index 1e891e4..9cc7b13 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
@@ -163,7 +163,8 @@ public class BlueprintConfigurationProcessor {
       new SimplePropertyNameExportFilter("kdc_type", "kerberos-env"),
       new SimplePropertyNameExportFilter("ldap-url", "kerberos-env"),
       new SimplePropertyNameExportFilter("container_dn", "kerberos-env"),
-      new SimplePropertyNameExportFilter("domains", "krb5-conf")
+      new SimplePropertyNameExportFilter("domains", "krb5-conf"),
+      new StackPasswordPropertyFilter()
     };
 
   /**
@@ -2721,6 +2722,33 @@ public class BlueprintConfigurationProcessor {
       return !PASSWORD_NAME_REGEX.matcher(propertyName).matches();
     }
   }
+  /**
+   * A Filter that excludes properties if in stack a property is marked as password property
+   *
+   */
+  private static class StackPasswordPropertyFilter implements PropertyFilter {
+
+    /**
+     * Query to determine if a given property should be included in a collection of
+     * properties.
+     *
+     * This implementation filters property if in stack configuration is the property type is password.
+     *
+     * @param propertyName property name
+     * @param propertyValue property value
+     * @param configType config type that contains this property
+     * @param topology cluster topology instance
+     *
+     * @return true if the property should be included
+     *         false if the property should not be included
+     */
+    @Override
+    public boolean isPropertyIncluded(String propertyName, String propertyValue, String configType, ClusterTopology topology) {
+        Stack stack = topology.getBlueprint().getStack();
+        final String serviceName = stack.getServiceForConfigType(configType);
+        return !stack.isPasswordProperty(serviceName, configType, propertyName);
+    }
+  }
 
   /**
    * Simple filter implementation used to remove named properties from

http://git-wip-us.apache.org/repos/asf/ambari/blob/f3cab462/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
index a6839e6..14a718d 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
@@ -6845,6 +6845,39 @@ public class BlueprintConfigurationProcessorTest {
     assertEquals("host1:6188",
       clusterConfig.getPropertyValue("ams-site", "timeline.metrics.service.webapp.address"));
   }
+  @Test
+  public void testStackPasswordPropertyFilter() throws Exception{
+	Map<String, Map<String, String>> properties = new HashMap<String, Map<String, String>>();
+	Map<String, String> rangerAdminSiteProps = new HashMap<String, String>();
+	rangerAdminSiteProps.put("ranger.service.https.attrib.keystore.pass", "SECRET:admin-prp:1:ranger.service.pass");
+	properties.put("ranger-admin-site", rangerAdminSiteProps);
+	Map<String, Map<String, String>> parentProperties = new HashMap<String, Map<String, String>>();
+	Configuration parentClusterConfig = new Configuration(parentProperties,
+	Collections.<String, Map<String, Map<String, String>>>emptyMap());
+
+	Configuration clusterConfig = new Configuration(properties,
+	Collections.<String, Map<String, Map<String, String>>>emptyMap(), parentClusterConfig);
+	Collection<String> hgComponents = new HashSet<String>();
+	hgComponents.add("NAMENODE");
+        hgComponents.add("SECONDARY_NAMENODE");
+	hgComponents.add("RESOURCEMANAGER");
+	TestHostGroup group1 = new TestHostGroup("group1", hgComponents, Collections.singleton("testhost"));
+
+	Collection<String> hgComponents2 = new HashSet<String>();
+	hgComponents2.add("DATANODE");
+	hgComponents2.add("HDFS_CLIENT");
+	TestHostGroup group2 = new TestHostGroup("group2", hgComponents2, Collections.singleton("testhost2"));
+	Collection<TestHostGroup> hostGroups = new HashSet<TestHostGroup>();
+	hostGroups.add(group1);
+	hostGroups.add(group2);
+
+	expect(stack.isPasswordProperty((String) anyObject(),(String) anyObject(),(String) anyObject())).andReturn(true).once();
+	ClusterTopology topology = createClusterTopology(bp, clusterConfig, hostGroups);
+	BlueprintConfigurationProcessor configProcessor = new BlueprintConfigurationProcessor(topology);
+	configProcessor.doUpdateForBlueprintExport();
+
+	assertFalse(properties.get("ranger-admin-site").containsKey("ranger.service.https.attrib.keystore.pass"));
+  }
 
   private Map<String, AdvisedConfiguration> createAdvisedConfigMap() {
     Map<String, AdvisedConfiguration> advMap = new HashMap<String, AdvisedConfiguration>();