You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2016/03/25 02:11:30 UTC
[2/2] ambari git commit: AMBARI-15338. After exporting blueprint from
ranger enabled cluster ranger.service.https.attrib.keystore.pass is exported.
(Amruta Borkar via rlevas)
AMBARI-15338. After exporting blueprint from ranger enabled cluster ranger.service.https.attrib.keystore.pass is exported. (Amruta Borkar via rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f3cab462
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f3cab462
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f3cab462
Branch: refs/heads/trunk
Commit: f3cab462ff78081dd65d87ef873b278f6261319c
Parents: 838fbeb
Author: Amruta Borkar <ar...@us.ibm.com>
Authored: Thu Mar 24 21:11:37 2016 -0400
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Thu Mar 24 21:11:37 2016 -0400
----------------------------------------------------------------------
.../BlueprintConfigurationProcessor.java | 30 +++++++++++++++++-
.../BlueprintConfigurationProcessorTest.java | 33 ++++++++++++++++++++
2 files changed, 62 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/f3cab462/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
index 1e891e4..9cc7b13 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
@@ -163,7 +163,8 @@ public class BlueprintConfigurationProcessor {
new SimplePropertyNameExportFilter("kdc_type", "kerberos-env"),
new SimplePropertyNameExportFilter("ldap-url", "kerberos-env"),
new SimplePropertyNameExportFilter("container_dn", "kerberos-env"),
- new SimplePropertyNameExportFilter("domains", "krb5-conf")
+ new SimplePropertyNameExportFilter("domains", "krb5-conf"),
+ new StackPasswordPropertyFilter()
};
/**
@@ -2721,6 +2722,33 @@ public class BlueprintConfigurationProcessor {
return !PASSWORD_NAME_REGEX.matcher(propertyName).matches();
}
}
+ /**
+ * A Filter that excludes properties if in stack a property is marked as password property
+ *
+ */
+ private static class StackPasswordPropertyFilter implements PropertyFilter {
+
+ /**
+ * Query to determine if a given property should be included in a collection of
+ * properties.
+ *
+ * This implementation filters property if in stack configuration is the property type is password.
+ *
+ * @param propertyName property name
+ * @param propertyValue property value
+ * @param configType config type that contains this property
+ * @param topology cluster topology instance
+ *
+ * @return true if the property should be included
+ * false if the property should not be included
+ */
+ @Override
+ public boolean isPropertyIncluded(String propertyName, String propertyValue, String configType, ClusterTopology topology) {
+ Stack stack = topology.getBlueprint().getStack();
+ final String serviceName = stack.getServiceForConfigType(configType);
+ return !stack.isPasswordProperty(serviceName, configType, propertyName);
+ }
+ }
/**
* Simple filter implementation used to remove named properties from
http://git-wip-us.apache.org/repos/asf/ambari/blob/f3cab462/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
index a6839e6..14a718d 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
@@ -6845,6 +6845,39 @@ public class BlueprintConfigurationProcessorTest {
assertEquals("host1:6188",
clusterConfig.getPropertyValue("ams-site", "timeline.metrics.service.webapp.address"));
}
+ @Test
+ public void testStackPasswordPropertyFilter() throws Exception{
+ Map<String, Map<String, String>> properties = new HashMap<String, Map<String, String>>();
+ Map<String, String> rangerAdminSiteProps = new HashMap<String, String>();
+ rangerAdminSiteProps.put("ranger.service.https.attrib.keystore.pass", "SECRET:admin-prp:1:ranger.service.pass");
+ properties.put("ranger-admin-site", rangerAdminSiteProps);
+ Map<String, Map<String, String>> parentProperties = new HashMap<String, Map<String, String>>();
+ Configuration parentClusterConfig = new Configuration(parentProperties,
+ Collections.<String, Map<String, Map<String, String>>>emptyMap());
+
+ Configuration clusterConfig = new Configuration(properties,
+ Collections.<String, Map<String, Map<String, String>>>emptyMap(), parentClusterConfig);
+ Collection<String> hgComponents = new HashSet<String>();
+ hgComponents.add("NAMENODE");
+ hgComponents.add("SECONDARY_NAMENODE");
+ hgComponents.add("RESOURCEMANAGER");
+ TestHostGroup group1 = new TestHostGroup("group1", hgComponents, Collections.singleton("testhost"));
+
+ Collection<String> hgComponents2 = new HashSet<String>();
+ hgComponents2.add("DATANODE");
+ hgComponents2.add("HDFS_CLIENT");
+ TestHostGroup group2 = new TestHostGroup("group2", hgComponents2, Collections.singleton("testhost2"));
+ Collection<TestHostGroup> hostGroups = new HashSet<TestHostGroup>();
+ hostGroups.add(group1);
+ hostGroups.add(group2);
+
+ expect(stack.isPasswordProperty((String) anyObject(),(String) anyObject(),(String) anyObject())).andReturn(true).once();
+ ClusterTopology topology = createClusterTopology(bp, clusterConfig, hostGroups);
+ BlueprintConfigurationProcessor configProcessor = new BlueprintConfigurationProcessor(topology);
+ configProcessor.doUpdateForBlueprintExport();
+
+ assertFalse(properties.get("ranger-admin-site").containsKey("ranger.service.https.attrib.keystore.pass"));
+ }
private Map<String, AdvisedConfiguration> createAdvisedConfigMap() {
Map<String, AdvisedConfiguration> advMap = new HashMap<String, AdvisedConfiguration>();