You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@impala.apache.org by cs...@apache.org on 2020/03/22 15:15:55 UTC
[impala] branch master updated (030c12a -> 01684ab)
This is an automated email from the ASF dual-hosted git repository.
csringhofer pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/impala.git.
from 030c12a IMPALA-9492: Fix test_unescaped_string_partition failing on S3
new f1c8176 IMPALA-3343: Part 2 - Add thrift_sasl library to shell/ext_py/
new ed70492 IMPALA-3343: Part 3 - Fix py2->3 changes re: libs, built-ins, imports
new 01684ab IMPALA-9191 (part 1): Allow Impala to run tests without Sentry
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
LICENSE.txt | 1 +
bin/impala-config.sh | 2 +
bin/rat_exclude_files.txt | 5 +-
.../authorization/AuthorizationStmtTest.java | 7 ++-
.../impala/authorization/AuthorizationTest.java | 26 +++++----
.../authorization/sentry/SentryProxyTest.java | 3 +
fe/src/test/resources/hive-site.xml.py | 5 +-
infra/python/deps/compiled-requirements.txt | 8 +--
shell/.gitignore | 3 +
testdata/tzdb/alias.conf => shell/compatibility.py | 29 +++++-----
shell/ext-py/thrift_sasl-0.4.1/CHANGELOG.md | 10 ++++
.../ext-py/thrift_sasl-0.4.1/LICENSE | 1 +
shell/ext-py/thrift_sasl-0.4.1/README.md | 7 +++
shell/ext-py/thrift_sasl-0.4.1/setup.py | 53 ++++++++++++++++++
.../thrift_sasl-0.4.1/thrift_sasl/__init__.py} | 64 +++++++++++++---------
shell/impala_client.py | 1 +
shell/impala_shell.py | 1 +
shell/make_shell_tarball.sh | 2 +-
shell/option_parser.py | 20 ++++---
shell/packaging/make_python_package.sh | 1 +
shell/packaging/requirements.txt | 2 +-
shell/shell_output.py | 6 +-
testdata/bin/run-all.sh | 8 ++-
tests/authorization/test_authorization.py | 12 ++++
tests/authorization/test_authorized_proxy.py | 4 ++
tests/authorization/test_grant_revoke.py | 2 +
tests/authorization/test_owner_privileges.py | 3 +-
tests/authorization/test_sentry.py | 2 +
tests/authorization/test_show_grant.py | 2 +
tests/common/skip.py | 2 +
tests/util/thrift_util.py | 8 +--
31 files changed, 223 insertions(+), 77 deletions(-)
copy testdata/tzdb/alias.conf => shell/compatibility.py (69%)
create mode 100644 shell/ext-py/thrift_sasl-0.4.1/CHANGELOG.md
copy be/src/thirdparty/pcg-cpp-0.98/LICENSE.txt => shell/ext-py/thrift_sasl-0.4.1/LICENSE (99%)
create mode 100644 shell/ext-py/thrift_sasl-0.4.1/README.md
create mode 100644 shell/ext-py/thrift_sasl-0.4.1/setup.py
rename shell/{thrift_sasl.py => ext-py/thrift_sasl-0.4.1/thrift_sasl/__init__.py} (83%)
[impala] 02/03: IMPALA-3343: Part 3 - Fix py2->3 changes re: libs,
built-ins, imports
Posted by cs...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
csringhofer pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/impala.git
commit ed7049258055a07635c6412c159b8e08a6f0ca5d
Author: David Knupp <dk...@cloudera.com>
AuthorDate: Thu Mar 19 19:44:10 2020 -0700
IMPALA-3343: Part 3 - Fix py2->3 changes re: libs, built-ins, imports
A few built-ins were changed in python 3 -- e.g., xrange became range,
ConfigParser became configparser, etc. We can redefine some of those
things in a single place, and import them from there as needed. Other
items may also be added as we go along.
Change-Id: Ibd3d86df524666a98cbfa463756adac48bd1f8a3
Reviewed-on: http://gerrit.cloudera.org:8080/15514
Reviewed-by: David Knupp <dk...@cloudera.com>
Reviewed-by: Impala Public Jenkins <im...@cloudera.com>
Tested-by: Impala Public Jenkins <im...@cloudera.com>
---
infra/python/deps/compiled-requirements.txt | 8 +++---
.../compatibility.py | 31 +++++++++++++---------
shell/impala_client.py | 1 +
shell/impala_shell.py | 1 +
shell/make_shell_tarball.sh | 1 +
shell/option_parser.py | 20 +++++++-------
shell/packaging/make_python_package.sh | 1 +
shell/shell_output.py | 6 ++++-
8 files changed, 42 insertions(+), 27 deletions(-)
diff --git a/infra/python/deps/compiled-requirements.txt b/infra/python/deps/compiled-requirements.txt
index 66a01e7..0ff2586 100644
--- a/infra/python/deps/compiled-requirements.txt
+++ b/infra/python/deps/compiled-requirements.txt
@@ -20,10 +20,10 @@
argparse == 1.4.0
impyla == 0.16.2
- bitarray == 0.9.0
- sasl == 0.1.3
- six == 1.11.0
- thrift-sasl == 0.1.0
+ bitarray == 1.2.1
+ sasl == 0.2.1
+ six == 1.14.0
+ thrift_sasl == 0.4.1
psutil == 5.6.3
# Required for Kudu:
Cython == 0.23.4
diff --git a/infra/python/deps/compiled-requirements.txt b/shell/compatibility.py
similarity index 68%
copy from infra/python/deps/compiled-requirements.txt
copy to shell/compatibility.py
index 66a01e7..635f827 100644
--- a/infra/python/deps/compiled-requirements.txt
+++ b/shell/compatibility.py
@@ -1,3 +1,6 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
@@ -14,18 +17,20 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
+from __future__ import print_function, unicode_literals
+
+
+"""
+A module where we can aggregate python2 -> 3 code contortions.
+"""
+
+try:
+ _xrange = xrange
+except NameError:
+ _xrange = range # python3 compatibilty
-# Requirements that require a C/C++ compiler to build, which may not be available until
-# after the toolchain is bootstrapped. Installed after requirements.txt
-argparse == 1.4.0
-impyla == 0.16.2
- bitarray == 0.9.0
- sasl == 0.1.3
- six == 1.11.0
- thrift-sasl == 0.1.0
-psutil == 5.6.3
-# Required for Kudu:
- Cython == 0.23.4
- numpy == 1.10.4
- pytz == 2018.3
+try:
+ _basestring = basestring
+except NameError:
+ _basestring = str # python3 compatibility
diff --git a/shell/impala_client.py b/shell/impala_client.py
index e74cfa4..6feaa8a 100755
--- a/shell/impala_client.py
+++ b/shell/impala_client.py
@@ -17,6 +17,7 @@
# specific language governing permissions and limitations
# under the License.
from __future__ import print_function
+from compatibility import _xrange as xrange
from bitarray import bitarray
import base64
diff --git a/shell/impala_shell.py b/shell/impala_shell.py
index 87600d9..942ba41 100755
--- a/shell/impala_shell.py
+++ b/shell/impala_shell.py
@@ -19,6 +19,7 @@
#
# Impala's shell
from __future__ import print_function
+from compatibility import _xrange as xrange
import cmd
import errno
diff --git a/shell/make_shell_tarball.sh b/shell/make_shell_tarball.sh
index ff76858..1f027f0 100755
--- a/shell/make_shell_tarball.sh
+++ b/shell/make_shell_tarball.sh
@@ -124,6 +124,7 @@ cp ${SHELL_HOME}/shell_output.py ${TARBALL_ROOT}/lib
cp ${SHELL_HOME}/pkg_resources.py ${TARBALL_ROOT}/lib
cp ${SHELL_HOME}/impala-shell ${TARBALL_ROOT}
cp ${SHELL_HOME}/impala_shell.py ${TARBALL_ROOT}
+cp ${SHELL_HOME}/compatibility.py ${TARBALL_ROOT}
pushd ${BUILD_DIR} > /dev/null
echo "Making tarball in ${BUILD_DIR}"
diff --git a/shell/option_parser.py b/shell/option_parser.py
index 808c97a..4f4d79b 100755
--- a/shell/option_parser.py
+++ b/shell/option_parser.py
@@ -28,8 +28,13 @@
# MT_DOP=2
from __future__ import print_function
-import ConfigParser
import sys
+
+try:
+ from configparser import ConfigParser # python3
+except ImportError:
+ from ConfigParser import ConfigParser # python2
+
from impala_shell_config_defaults import impala_shell_defaults
from optparse import OptionParser, SUPPRESS_HELP
@@ -119,7 +124,11 @@ def get_config_from_file(config_filename, option_list):
Returns a pair of dictionaries (shell_options, query_options), with option names
as keys and option values as values.
"""
- config = ConfigParser.ConfigParser()
+ try:
+ config = ConfigParser(strict=False) # python3
+ except TypeError:
+ config = ConfigParser() # python2
+
# Preserve case-sensitivity since flag names are case sensitive.
config.optionxform = str
try:
@@ -137,13 +146,6 @@ def get_config_from_file(config_filename, option_list):
print('\n{0}'.format(warn_msg), file=sys.stderr)
shell_options["config_file"] = config_filename
- config = ConfigParser.ConfigParser()
- try:
- config.read(config_filename)
- except Exception as e:
- raise ConfigFileFormatError(
- "Unable to read configuration file correctly. Check formatting: %s" % e)
-
query_options = {}
if config.has_section("impala.query_options"):
# Query option keys must be "normalized" to upper case before updating with
diff --git a/shell/packaging/make_python_package.sh b/shell/packaging/make_python_package.sh
index 591823b..ee62572 100755
--- a/shell/packaging/make_python_package.sh
+++ b/shell/packaging/make_python_package.sh
@@ -49,6 +49,7 @@ assemble_package_files() {
cp -r "${THRIFT_HOME}/python/lib/python2.7/site-packages/thrift" "${MODULE_LIB_DIR}"
cp "${WORKING_DIR}/__init__.py" "${MODULE_LIB_DIR}"
+ cp "${SHELL_HOME}/compatibility.py" "${MODULE_LIB_DIR}"
cp "${SHELL_HOME}/impala_shell.py" "${MODULE_LIB_DIR}"
cp "${SHELL_HOME}/impala_client.py" "${MODULE_LIB_DIR}"
cp "${SHELL_HOME}/option_parser.py" "${MODULE_LIB_DIR}"
diff --git a/shell/shell_output.py b/shell/shell_output.py
index 75ead3b..d9d3625 100644
--- a/shell/shell_output.py
+++ b/shell/shell_output.py
@@ -21,7 +21,11 @@ from __future__ import print_function
import csv
import re
import sys
-from cStringIO import StringIO
+
+try:
+ from cStringIO import StringIO # python 2
+except ImportError:
+ from io import StringIO # python 3
class PrettyOutputFormatter(object):
[impala] 03/03: IMPALA-9191 (part 1): Allow Impala to run tests
without Sentry
Posted by cs...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
csringhofer pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/impala.git
commit 01684ab3aa03645d3e0ab77026816f015b8aee23
Author: Fang-Yu Rao <fa...@cloudera.com>
AuthorDate: Mon Mar 16 14:17:37 2020 -0700
IMPALA-9191 (part 1): Allow Impala to run tests without Sentry
This patch adds an environment variable DISABLE_SENTRY to allow Impala
to run tests without Sentry. Specifically, we start up Sentry only when
$DISABLE_SENTRY does not evaluate to true. The corresponding Sentry FE
and E2E tests will also be skipped if $DISABLE_SENTRY is true.
Moreover, in this patch we will set DISABLE_SENTRY to true if
$USE_CDP_HIVE evaluates to true, allowing one to only test Impala's
authorization with Ranger when support for Sentry is dropped after we
switch to the CDP Hive.
Note that in this patch we also change the way we generate
hive-site.xml when $DISABLE_SENTRY is true. To be more precise, when
generating hive-site.xml, we do not add the Sentry server as a metastore
event listener if $DISABLE_SENTRY is true. Recall that both CDH Hive and
CDP Hive would make an RPC to the registered listeners every time after
the method of create_database_core() in HiveMetaStore.java is called,
which happens when Hive instead of Impala is used to create a database,
e.g., when some databases in the TPC-DS data set are created during the
execution of create-load-data.sh. Thus the removal of Sentry as an event
listener is necessary when $DISABLE_SENTRY is true in that it prevents
the HiveMetaStore from keeping connecting to the Sentry server that is
not online, which could make create-load-data.sh time out.
Testing:
Except for two currently known issues of IMPALA-9513 AND IMPALA-9451,
verified this patch passes the exhaustive tests in the DEBUG build
- when $USE_CDP_HIVE is false, and
- when $USE_CDP_HIVE is true.
Change-Id: Ifa3f1840a77a7b32310a5c8b78a2c26300ccb41e
Reviewed-on: http://gerrit.cloudera.org:8080/15505
Reviewed-by: Impala Public Jenkins <im...@cloudera.com>
Tested-by: Impala Public Jenkins <im...@cloudera.com>
---
bin/impala-config.sh | 2 ++
.../authorization/AuthorizationStmtTest.java | 7 +++++-
.../impala/authorization/AuthorizationTest.java | 26 +++++++++++++---------
.../authorization/sentry/SentryProxyTest.java | 3 +++
fe/src/test/resources/hive-site.xml.py | 5 ++++-
testdata/bin/run-all.sh | 8 ++++---
tests/authorization/test_authorization.py | 12 ++++++++++
tests/authorization/test_authorized_proxy.py | 4 ++++
tests/authorization/test_grant_revoke.py | 2 ++
tests/authorization/test_owner_privileges.py | 3 ++-
tests/authorization/test_sentry.py | 2 ++
tests/authorization/test_show_grant.py | 2 ++
tests/common/skip.py | 2 ++
13 files changed, 61 insertions(+), 17 deletions(-)
diff --git a/bin/impala-config.sh b/bin/impala-config.sh
index 413ca34..bfbb2cf 100755
--- a/bin/impala-config.sh
+++ b/bin/impala-config.sh
@@ -244,6 +244,7 @@ if $USE_CDP_HIVE; then
export IMPALA_TEZ_URL=${CDP_TEZ_URL-}
export IMPALA_KNOX_VERSION=${CDP_KNOX_VERSION}
export HADOOP_HOME="$CDP_COMPONENTS_HOME/hadoop-${IMPALA_HADOOP_VERSION}/"
+ export DISABLE_SENTRY=${DISABLE_SENTRY_OVERRIDE:-"true"}
else
# CDH hive version is used to build and deploy in minicluster when USE_CDP_HIVE is
# false
@@ -255,6 +256,7 @@ else
export IMPALA_HBASE_VERSION=${CDH_HBASE_VERSION}
export IMPALA_HBASE_URL=${CDH_HBASE_URL-}
export HADOOP_HOME="$CDH_COMPONENTS_HOME/hadoop-${IMPALA_HADOOP_VERSION}/"
+ export DISABLE_SENTRY="false"
fi
# Ozone always uses the CDP version
diff --git a/fe/src/test/java/org/apache/impala/authorization/AuthorizationStmtTest.java b/fe/src/test/java/org/apache/impala/authorization/AuthorizationStmtTest.java
index ac0ea11..ee8e90a 100644
--- a/fe/src/test/java/org/apache/impala/authorization/AuthorizationStmtTest.java
+++ b/fe/src/test/java/org/apache/impala/authorization/AuthorizationStmtTest.java
@@ -93,7 +93,12 @@ public class AuthorizationStmtTest extends AuthorizationTestBase {
@Parameters
public static Collection<AuthorizationProvider> data() {
- return Arrays.asList(AuthorizationProvider.SENTRY, AuthorizationProvider.RANGER);
+ String envDisableSentry = System.getenv("DISABLE_SENTRY");
+ if (envDisableSentry != null && envDisableSentry.equals("true")) {
+ return Arrays.asList(AuthorizationProvider.RANGER);
+ } else {
+ return Arrays.asList(AuthorizationProvider.SENTRY, AuthorizationProvider.RANGER);
+ }
}
private static final String[] ALLTYPES_COLUMNS_WITHOUT_ID = new String[]{"bool_col",
diff --git a/fe/src/test/java/org/apache/impala/authorization/AuthorizationTest.java b/fe/src/test/java/org/apache/impala/authorization/AuthorizationTest.java
index b046691..620246f 100644
--- a/fe/src/test/java/org/apache/impala/authorization/AuthorizationTest.java
+++ b/fe/src/test/java/org/apache/impala/authorization/AuthorizationTest.java
@@ -67,6 +67,7 @@ import com.google.common.collect.Maps;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
+import org.junit.Assume;
import org.junit.BeforeClass;
import org.junit.Test;
@@ -82,24 +83,27 @@ public class AuthorizationTest extends FrontendTestBase {
private static final SentryAuthorizationConfig AUTHZ_CONFIG =
SentryAuthorizationConfig.createHadoopGroupAuthConfig("server1",
System.getenv("IMPALA_HOME") + "/fe/src/test/resources/sentry-site.xml");
- private static final ImpaladTestCatalog AUTHZ_CATALOG =
- new ImpaladTestCatalog(new SentryAuthorizationFactory(AUTHZ_CONFIG));
- private static final AuthorizationFactory AUTHZ_FACTORY =
- new SentryAuthorizationFactory(AUTHZ_CONFIG);
- private static final Frontend AUTHZ_FE;
+ private static ImpaladTestCatalog AUTHZ_CATALOG = null;
+ private static AuthorizationFactory AUTHZ_FACTORY = null;
+ private static Frontend AUTHZ_FE = null;
- static {
+ private final AnalysisContext authzCtx;
+
+ public AuthorizationTest() throws ImpalaException {
+ String envDisableSentry = System.getenv("DISABLE_SENTRY");
+ if (envDisableSentry != null) Assume.assumeTrue(envDisableSentry.equals("false"));
+
+ // Initialize 'AUTHZ_CATALOG' and 'AUTHZ_FACTORY' only if $DISABLE_SENTRY evaluates
+ // to false, in which case the Sentry service is available to answer the RPC's
+ // resulting from SentryAuthorizationFactory().
+ AUTHZ_CATALOG = new ImpaladTestCatalog(new SentryAuthorizationFactory(AUTHZ_CONFIG));
+ AUTHZ_FACTORY = new SentryAuthorizationFactory(AUTHZ_CONFIG);
try {
AUTHZ_FE = new Frontend(AUTHZ_FACTORY, AUTHZ_CATALOG);
} catch (ImpalaException e) {
throw new RuntimeException(e);
}
- }
-
- private final AnalysisContext authzCtx;
-
- public AuthorizationTest() throws ImpalaException {
authzCtx = createAnalysisCtx(AUTHZ_FACTORY, USER.getName());
setupImpalaCatalog(AUTHZ_CATALOG);
}
diff --git a/fe/src/test/java/org/apache/impala/authorization/sentry/SentryProxyTest.java b/fe/src/test/java/org/apache/impala/authorization/sentry/SentryProxyTest.java
index e3f2516..4c32fed 100644
--- a/fe/src/test/java/org/apache/impala/authorization/sentry/SentryProxyTest.java
+++ b/fe/src/test/java/org/apache/impala/authorization/sentry/SentryProxyTest.java
@@ -34,6 +34,7 @@ import org.apache.impala.authorization.sentry.SentryProxy.AuthorizationDelta;
import org.apache.sentry.api.service.thrift.TSentryPrivilege;
import org.apache.sentry.api.service.thrift.TSentryRole;
import org.junit.After;
+import org.junit.Assume;
import org.junit.Before;
import org.junit.Test;
@@ -56,6 +57,8 @@ public class SentryProxyTest {
private final SentryAuthorizationConfig authzConfig_;
public SentryProxyTest() {
+ String envDisableSentry = System.getenv("DISABLE_SENTRY");
+ if (envDisableSentry != null) Assume.assumeTrue(envDisableSentry.equals("false"));
authzConfig_ = SentryAuthorizationConfig.createHadoopGroupAuthConfig(
SENTRY_SERVER,
System.getenv("IMPALA_HOME") + "/fe/src/test/resources/sentry-site.xml");
diff --git a/fe/src/test/resources/hive-site.xml.py b/fe/src/test/resources/hive-site.xml.py
index d4f4b77..687303a 100644
--- a/fe/src/test/resources/hive-site.xml.py
+++ b/fe/src/test/resources/hive-site.xml.py
@@ -140,8 +140,11 @@ if hive_major_version >= 3:
'hive.metastore.warehouse.external.dir': '${WAREHOUSE_LOCATION_PREFIX}/test-warehouse'
})
else:
+ if os.environ.get('DISABLE_SENTRY') == "false":
+ CONFIG.update({
+ 'hive.metastore.event.listeners' : 'org.apache.sentry.binding.metastore.SentrySyncHMSNotificationsPostEventListener'
+ })
CONFIG.update({
- 'hive.metastore.event.listeners': 'org.apache.sentry.binding.metastore.SentrySyncHMSNotificationsPostEventListener',
# HMS-2 based environments have a different set of expected configurations for event processor
'hive.metastore.alter.notifications.basic': 'false',
'hive.metastore.notification.parameters.exclude.patterns': '',
diff --git a/testdata/bin/run-all.sh b/testdata/bin/run-all.sh
index 8bb666a..a37c333 100755
--- a/testdata/bin/run-all.sh
+++ b/testdata/bin/run-all.sh
@@ -74,9 +74,11 @@ if [[ ${DEFAULT_FS} == "hdfs://${INTERNAL_LISTEN_HOST}:20500" ]]; then
$IMPALA_HOME/testdata/bin/run-hive-server.sh $HIVE_FLAGS 2>&1 | \
tee ${IMPALA_CLUSTER_LOGS_DIR}/run-hive-server.log
- echo " --> Starting the Sentry Policy Server"
- $IMPALA_HOME/testdata/bin/run-sentry-service.sh 2>&1 | \
- tee ${IMPALA_CLUSTER_LOGS_DIR}/run-sentry-service.log
+ if [[ "$DISABLE_SENTRY" != true ]]; then
+ echo " --> Starting the Sentry Policy Server"
+ $IMPALA_HOME/testdata/bin/run-sentry-service.sh 2>&1 | \
+ tee ${IMPALA_CLUSTER_LOGS_DIR}/run-sentry-service.log
+ fi
elif [[ ${DEFAULT_FS} == "${LOCAL_FS}" ]]; then
# When the local file system is used as default, we only start the Hive metastore.
diff --git a/tests/authorization/test_authorization.py b/tests/authorization/test_authorization.py
index 7f57ddb..83dd0b6 100644
--- a/tests/authorization/test_authorization.py
+++ b/tests/authorization/test_authorization.py
@@ -36,6 +36,7 @@ from thrift.protocol import TBinaryProtocol
from tests.common.custom_cluster_test_suite import CustomClusterTestSuite
from tests.common.file_utils import assert_file_in_dir_contains,\
assert_no_files_in_dir_contain
+from tests.common.skip import SkipIf
SENTRY_CONFIG_DIR = os.getenv('IMPALA_HOME') + '/fe/src/test/resources/'
SENTRY_BASE_LOG_DIR = os.getenv('IMPALA_CLUSTER_LOGS_DIR') + "/sentry"
@@ -93,6 +94,7 @@ class TestAuthorization(CustomClusterTestSuite):
TestHS2.check_response(resp)
return resp
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 "
@@ -121,6 +123,7 @@ class TestAuthorization(CustomClusterTestSuite):
finally:
self.__execute_hs2_stmt("drop role {0}".format(unique_role))
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 "
@@ -232,6 +235,7 @@ class TestAuthorization(CustomClusterTestSuite):
assert "User %s is not authorized to access the runtime profile or "\
"execution summary." % (getuser()) in str(exec_summary_resp)
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=" + SENTRY_CONFIG_FILE,
@@ -251,6 +255,7 @@ class TestAuthorization(CustomClusterTestSuite):
assert_file_in_dir_contains(self.impala_log_dir, "Ignoring removed flag "
"authorization_policy_file")
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=%s" % SENTRY_CONFIG_FILE,
@@ -306,6 +311,7 @@ class TestAuthorization(CustomClusterTestSuite):
return cols[0:len(cols) - 1]
assert map(columns, result.data) == expected
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=%s" % SENTRY_CONFIG_FILE,
@@ -343,6 +349,7 @@ class TestAuthorization(CustomClusterTestSuite):
finally:
self.role_cleanup(unique_role)
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=%s" % SENTRY_CONFIG_FILE,
@@ -375,6 +382,7 @@ class TestAuthorization(CustomClusterTestSuite):
finally:
self.role_cleanup(unique_role)
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=%s" % SENTRY_CONFIG_FILE,
@@ -551,6 +559,7 @@ class TestAuthorization(CustomClusterTestSuite):
"drop database if exists db_%s_%s cascade" % (unique_name, priv))
self.role_cleanup(unique_role)
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=%s "
@@ -563,6 +572,7 @@ class TestAuthorization(CustomClusterTestSuite):
def test_sentry_show_stmts_with_select(self, unique_role, unique_name):
self._test_sentry_show_stmts_helper(unique_role, unique_name, ['select'])
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=%s "
@@ -577,6 +587,7 @@ class TestAuthorization(CustomClusterTestSuite):
self._test_sentry_show_stmts_helper(unique_role, unique_name,
['select', 'insert'])
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=%s "
@@ -663,6 +674,7 @@ class TestAuthorization(CustomClusterTestSuite):
def test_num_check_authorization_threads_with_ranger(self, unique_name):
self._test_ranger_show_stmts_helper(unique_name, PRIVILEGES)
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="--server_name=server1 --sentry_config=%s "
diff --git a/tests/authorization/test_authorized_proxy.py b/tests/authorization/test_authorized_proxy.py
index 1d1b95e..bb3df8c 100644
--- a/tests/authorization/test_authorized_proxy.py
+++ b/tests/authorization/test_authorized_proxy.py
@@ -30,6 +30,7 @@ from thrift.transport.TSocket import TSocket
from thrift.transport.TTransport import TBufferedTransport
from thrift.protocol import TBinaryProtocol
from tests.common.custom_cluster_test_suite import CustomClusterTestSuite
+from tests.common.skip import SkipIf
from tests.hs2.hs2_test_suite import operation_id_to_query_id
AUDIT_LOG_DIR = tempfile.mkdtemp(dir=os.getenv("LOG_DIR"))
@@ -104,6 +105,7 @@ class TestAuthorizedProxy(CustomClusterTestSuite):
TestHS2.check_response(resp)
return resp
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="{0} --authorized_proxy_user_config=foo=bar;hue={1} "
@@ -124,6 +126,7 @@ class TestAuthorizedProxy(CustomClusterTestSuite):
self._test_authorized_proxy_with_ranger(self._test_authorized_proxy, "non_owner",
False)
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="{0} --authorized_proxy_user_config=hue=bar "
@@ -147,6 +150,7 @@ class TestAuthorizedProxy(CustomClusterTestSuite):
self._test_authorized_proxy_with_ranger(self._test_authorized_proxy, "non_owner",
True)
+ @SkipIf.sentry_disabled
@pytest.mark.execute_serially
@CustomClusterTestSuite.with_args(
impalad_args="{0} --authorized_proxy_user_config=foo=bar "
diff --git a/tests/authorization/test_grant_revoke.py b/tests/authorization/test_grant_revoke.py
index 9803690..6b3fd30 100644
--- a/tests/authorization/test_grant_revoke.py
+++ b/tests/authorization/test_grant_revoke.py
@@ -25,6 +25,7 @@ from time import sleep
from tests.common.test_dimensions import create_uncompressed_text_dimension
from tests.common.sentry_cache_test_suite import SentryCacheTestSuite, TestObject
+from tests.common.skip import SkipIf
from tests.util.calculation_util import get_random_id
from tests.verifiers.metric_verifier import MetricVerifier
@@ -36,6 +37,7 @@ SENTRY_CONFIG_FILE_OO = "%s/sentry-site_oo.xml" % SENTRY_CONFIG_DIR
SENTRY_LONG_POLLING_FREQUENCY_S = 3600
+@SkipIf.sentry_disabled
class TestGrantRevoke(SentryCacheTestSuite):
@classmethod
def add_test_dimensions(cls):
diff --git a/tests/authorization/test_owner_privileges.py b/tests/authorization/test_owner_privileges.py
index 4bc4fde..1ee3df5 100644
--- a/tests/authorization/test_owner_privileges.py
+++ b/tests/authorization/test_owner_privileges.py
@@ -24,7 +24,7 @@ from os import getenv
from tests.common.sentry_cache_test_suite import SentryCacheTestSuite, TestObject
from tests.common.test_dimensions import create_uncompressed_text_dimension
-from tests.common.skip import SkipIfHive3
+from tests.common.skip import SkipIf, SkipIfHive3
from tests.util.filesystem_utils import FILESYSTEM_PREFIX
# Sentry long polling frequency to make Sentry refresh not run.
@@ -37,6 +37,7 @@ SENTRY_CONFIG_FILE_OO_NOGRANT = SENTRY_CONFIG_DIR + 'sentry-site_oo_nogrant.xml'
SENTRY_CONFIG_FILE_NO_OO = SENTRY_CONFIG_DIR + 'sentry-site_no_oo.xml'
+@SkipIf.sentry_disabled
@SkipIfHive3.sentry_not_supported
class TestOwnerPrivileges(SentryCacheTestSuite):
@classmethod
diff --git a/tests/authorization/test_sentry.py b/tests/authorization/test_sentry.py
index 9b7aa33..b019b93 100644
--- a/tests/authorization/test_sentry.py
+++ b/tests/authorization/test_sentry.py
@@ -22,11 +22,13 @@ from getpass import getuser
from tests.common.custom_cluster_test_suite import CustomClusterTestSuite
from tests.common.sentry_cache_test_suite import SentryCacheTestSuite
+from tests.common.skip import SkipIf
SENTRY_CONFIG_DIR = os.getenv('IMPALA_HOME') + '/fe/src/test/resources/'
SENTRY_CONFIG_FILE = SENTRY_CONFIG_DIR + 'sentry-site.xml'
+@SkipIf.sentry_disabled
class TestSentry(CustomClusterTestSuite):
"""This class contains Sentry specific authorization tests."""
@pytest.mark.execute_serially
diff --git a/tests/authorization/test_show_grant.py b/tests/authorization/test_show_grant.py
index 0cbfc48..2c824ca 100644
--- a/tests/authorization/test_show_grant.py
+++ b/tests/authorization/test_show_grant.py
@@ -27,11 +27,13 @@ from os import getenv
from impala.dbapi import connect as impala_connect
from tests.common.test_dimensions import create_uncompressed_text_dimension
from tests.common.custom_cluster_test_suite import CustomClusterTestSuite
+from tests.common.skip import SkipIf
SENTRY_CONFIG_FILE = getenv('IMPALA_HOME') + \
'/fe/src/test/resources/sentry-site_oo.xml'
+@SkipIf.sentry_disabled
class TestShowGrant(CustomClusterTestSuite):
@classmethod
def add_test_dimensions(cls):
diff --git a/tests/common/skip.py b/tests/common/skip.py
index 628ceb9..a24884b 100644
--- a/tests/common/skip.py
+++ b/tests/common/skip.py
@@ -127,6 +127,8 @@ class SkipIf:
reason="Secondary filesystem needed")
is_buggy_el6_kernel = pytest.mark.skipif(
IS_BUGGY_EL6_KERNEL, reason="Kernel is affected by KUDU-1508")
+ sentry_disabled = pytest.mark.skipif(os.getenv('DISABLE_SENTRY') == "true",
+ reason="$DISABLE_SENTRY evaluates to true.")
class SkipIfIsilon:
[impala] 01/03: IMPALA-3343: Part 2 - Add thrift_sasl library to
shell/ext_py/
Posted by cs...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
csringhofer pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/impala.git
commit f1c8176e656a46c7e245649c2f737841ffae460f
Author: David Knupp <dk...@cloudera.com>
AuthorDate: Fri Mar 20 10:13:46 2020 -0700
IMPALA-3343: Part 2 - Add thrift_sasl library to shell/ext_py/
We've relied on a copied version of thrift_sasl.py, which needs
to be updated to be compatible with python 3, so taking this
opportunity to add the thrift_sasl 0.4.1 package to ext-py like
the other external python libs we use.
Change-Id: I7e66c728883ceb5b3e96bc5fd120d44ab81bbb75
Reviewed-on: http://gerrit.cloudera.org:8080/15513
Reviewed-by: David Knupp <dk...@cloudera.com>
Tested-by: Impala Public Jenkins <im...@cloudera.com>
---
LICENSE.txt | 1 +
bin/rat_exclude_files.txt | 5 +-
shell/.gitignore | 3 +
shell/ext-py/thrift_sasl-0.4.1/CHANGELOG.md | 10 +
shell/ext-py/thrift_sasl-0.4.1/LICENSE | 202 +++++++++++++++++++++
shell/ext-py/thrift_sasl-0.4.1/README.md | 7 +
shell/ext-py/thrift_sasl-0.4.1/setup.py | 53 ++++++
.../thrift_sasl-0.4.1/thrift_sasl/__init__.py} | 64 ++++---
shell/make_shell_tarball.sh | 1 -
shell/packaging/requirements.txt | 2 +-
tests/util/thrift_util.py | 8 +-
11 files changed, 323 insertions(+), 33 deletions(-)
diff --git a/LICENSE.txt b/LICENSE.txt
index 161423d..6786ce0 100644
--- a/LICENSE.txt
+++ b/LICENSE.txt
@@ -697,6 +697,7 @@ be/src/thirdparty/mustache: Apache 2.0 license
be/src/thirdparty/pcg-cpp-0.98: Apache 2.0 license
be/src/expr/hll-bias.h: Apache 2.0 license
shell/ext-py/sasl-0.1.1: Apache 2.0 license
+shell/ext-py/thrift_sasl-0.4.1: Apache 2.0 license
--------------------------------------------------------------------------------
diff --git a/bin/rat_exclude_files.txt b/bin/rat_exclude_files.txt
index 06a6515..0a4f6c5 100644
--- a/bin/rat_exclude_files.txt
+++ b/bin/rat_exclude_files.txt
@@ -41,11 +41,12 @@ www/favicon.ico
tests/comparison/leopard/static/css/bootstrap*
tests/comparison/leopard/static/fonts/glyphicons-halflings*
tests/comparison/leopard/static/js/bootstrap*
+shell/ext-py/bitarray-0.9.0/*
shell/ext-py/prettytable-0.7.1/*
+shell/ext-py/sasl-0.1.1/*
shell/ext-py/six-1.14.0/*
shell/ext-py/sqlparse-0.1.19/*
-shell/ext-py/sasl-0.1.1/*
-shell/ext-py/bitarray-0.9.0/*
+shell/ext-py/thrift_sasl-0.4.1/*
www/d3.v3.min.js
www/jquery/jquery-3.4.1.min.js
tests/comparison/leopard/static/css/hljs.css
diff --git a/shell/.gitignore b/shell/.gitignore
index 1a081c2..60a2275 100644
--- a/shell/.gitignore
+++ b/shell/.gitignore
@@ -13,6 +13,9 @@ ext-py/sqlparse-0.1.19/build/
ext-py/sqlparse-0.1.19/sqlparse.egg-info/
ext-py/bitarray-0.9.0/bitarray.egg-info/
ext-py/bitarray-0.9.0/dist/
+ext-py/thrift_sasl-0.4.1/dist/
+ext-py/thrift_sasl-0.4.1/build/
+ext-py/thrift_sasl-0.4.1/six.egg-info/
# This file is used by buildall.sh to find files that need to be removed during the
# clean phase. Previous version of deps should be kept here for cleaning otherwise they
diff --git a/shell/ext-py/thrift_sasl-0.4.1/CHANGELOG.md b/shell/ext-py/thrift_sasl-0.4.1/CHANGELOG.md
new file mode 100644
index 0000000..08ac33a
--- /dev/null
+++ b/shell/ext-py/thrift_sasl-0.4.1/CHANGELOG.md
@@ -0,0 +1,10 @@
+Changelog
+=========
+
+0.4.1
+------
+* **Bug Fixes**
+ - Fix compatibility with Python 2 and 3 (#19)
+
+* **Improvements**
+ - Add CHANGELOG.md and remove old contacts from setup.py (#20)
diff --git a/shell/ext-py/thrift_sasl-0.4.1/LICENSE b/shell/ext-py/thrift_sasl-0.4.1/LICENSE
new file mode 100644
index 0000000..8f71f43
--- /dev/null
+++ b/shell/ext-py/thrift_sasl-0.4.1/LICENSE
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "{}"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright {yyyy} {name of copyright owner}
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/shell/ext-py/thrift_sasl-0.4.1/README.md b/shell/ext-py/thrift_sasl-0.4.1/README.md
new file mode 100644
index 0000000..499bb4f
--- /dev/null
+++ b/shell/ext-py/thrift_sasl-0.4.1/README.md
@@ -0,0 +1,7 @@
+# thrift_sasl.py
+
+Thrift SASL Python module that implements SASL transports for Thrift
+(`TSaslClientTransport`).
+
+On Linux, this requires `libsasl2-dev` to be installed. On OS X you may have to
+install Cyrus SASL v2 from source.
\ No newline at end of file
diff --git a/shell/ext-py/thrift_sasl-0.4.1/setup.py b/shell/ext-py/thrift_sasl-0.4.1/setup.py
new file mode 100644
index 0000000..26c51db
--- /dev/null
+++ b/shell/ext-py/thrift_sasl-0.4.1/setup.py
@@ -0,0 +1,53 @@
+# Copyright 2015 Cloudera Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import absolute_import
+
+import sys
+from setuptools import setup
+
+
+PY3 = sys.version_info[0] == 3
+WINDOWS = sys.platform == 'win32' or sys.platform == 'cygwin'
+
+description = ("Thrift SASL Python module that implements SASL transports for "
+ "Thrift (`TSaslClientTransport`).")
+
+setup(
+ name='thrift_sasl',
+ version='0.4.1',
+ description=description,
+ long_description=description,
+ url='https://github.com/cloudera/thrift_sasl',
+ install_requires=[
+ # Python 3 support was added to thrift in version 0.10.0.
+ 'thrift>=0.10.0' if PY3 else 'thrift==0.9.3',
+ # Installing sasl on Windows is rather painful, so use the pure python
+ # implementation on Windows
+ 'pure-sasl>=0.3.0' if WINDOWS else 'sasl>=0.2.1',
+ 'six>=1.13.0'
+ ],
+ packages=['thrift_sasl'],
+ keywords='thrift sasl transport',
+ license='Apache License, Version 2.0',
+ classifiers=[
+ 'Programming Language :: Python :: 2',
+ 'Programming Language :: Python :: 2.6',
+ 'Programming Language :: Python :: 2.7',
+ 'Programming Language :: Python :: 3',
+ 'Programming Language :: Python :: 3.3',
+ 'Programming Language :: Python :: 3.4',
+ 'Programming Language :: Python :: 3.5',
+ 'Programming Language :: Python :: 3.6']
+)
diff --git a/shell/thrift_sasl.py b/shell/ext-py/thrift_sasl-0.4.1/thrift_sasl/__init__.py
similarity index 83%
rename from shell/thrift_sasl.py
rename to shell/ext-py/thrift_sasl-0.4.1/thrift_sasl/__init__.py
index c63c0d5..534b7b2 100644
--- a/shell/thrift_sasl.py
+++ b/shell/ext-py/thrift_sasl-0.4.1/thrift_sasl/__init__.py
@@ -1,6 +1,3 @@
-#!/usr/bin/env python
-
-#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
@@ -20,17 +17,25 @@
#
""" SASL transports for Thrift. """
-import sys
+# Initially copied from the Impala repo
-from cStringIO import StringIO
-from thrift.transport import TTransport
-from thrift.transport.TTransport import *
-try:
- import saslwrapper as sasl
-except ImportError:
- import sasl
+from __future__ import absolute_import
+
+import six
+import sys
import struct
+from thrift.transport.TTransport import (TTransportException, TTransportBase, CReadableTransport)
+
+# TODO: Check whether the following distinction is necessary. Does not appear to
+# break anything when `io.BytesIO` is used everywhere, but there may be some edge
+# cases where things break down.
+if sys.version_info[0] == 3:
+ from io import BytesIO as BufferIO
+else:
+ from cStringIO import StringIO as BufferIO
+
+
class TSaslClientTransport(TTransportBase, CReadableTransport):
START = 1
OK = 2
@@ -48,16 +53,24 @@ class TSaslClientTransport(TTransportBase, CReadableTransport):
self.sasl_client_factory = sasl_client_factory
self.sasl = None
self.mechanism = mechanism
- self.__wbuf = StringIO()
- self.__rbuf = StringIO()
+ self.__wbuf = BufferIO()
+ self.__rbuf = BufferIO()
self.opened = False
self.encode = None
def isOpen(self):
- return self._trans.isOpen()
+ try:
+ is_open = self._trans.isOpen # Thrift
+ except AttributeError:
+ is_open = self._trans.is_open # thriftpy
+
+ return is_open()
+
+ def is_open(self):
+ return self.isOpen()
def open(self):
- if not self._trans.isOpen():
+ if not self.isOpen():
self._trans.open()
if self.sasl is not None:
@@ -91,14 +104,15 @@ class TSaslClientTransport(TTransportBase, CReadableTransport):
def _send_message(self, status, body):
header = struct.pack(">BI", status, len(body))
+ body = six.ensure_binary(body)
self._trans.write(header + body)
self._trans.flush()
def _recv_sasl_message(self):
- header = self._trans.readAll(5)
+ header = self._trans.read(5)
status, length = struct.unpack(">BI", header)
if length > 0:
- payload = self._trans.readAll(length)
+ payload = self._trans.read(length)
else:
payload = ""
return status, payload
@@ -129,7 +143,7 @@ class TSaslClientTransport(TTransportBase, CReadableTransport):
self._flushPlain(buffer)
self._trans.flush()
- self.__wbuf = StringIO()
+ self.__wbuf = BufferIO()
def _flushEncoded(self, buffer):
# sasl.ecnode() does the encoding and adds the length header, so nothing
@@ -153,28 +167,28 @@ class TSaslClientTransport(TTransportBase, CReadableTransport):
def read(self, sz):
ret = self.__rbuf.read(sz)
- if len(ret) != 0:
+ if len(ret) == sz:
return ret
self._read_frame()
- return self.__rbuf.read(sz)
+ return ret + self.__rbuf.read(sz - len(ret))
def _read_frame(self):
- header = self._trans.readAll(4)
+ header = self._trans.read(4)
(length,) = struct.unpack(">I", header)
if self.encode:
# If the frames are encoded (i.e. you're using a QOP of auth-int or
# auth-conf), then make sure to include the header in the bytes you send to
# sasl.decode()
- encoded = header + self._trans.readAll(length)
+ encoded = header + self._trans.read(length)
success, decoded = self.sasl.decode(encoded)
if not success:
raise TTransportException(type=TTransportException.UNKNOWN,
message=self.sasl.getError())
else:
# If the frames are not encoded, just pass it through
- decoded = self._trans.readAll(length)
- self.__rbuf = StringIO(decoded)
+ decoded = self._trans.read(length)
+ self.__rbuf = BufferIO(decoded)
def close(self):
self._trans.close()
@@ -193,5 +207,5 @@ class TSaslClientTransport(TTransportBase, CReadableTransport):
while len(prefix) < reqlen:
self._read_frame()
prefix += self.__rbuf.getvalue()
- self.__rbuf = StringIO(prefix)
+ self.__rbuf = BufferIO(prefix)
return self.__rbuf
diff --git a/shell/make_shell_tarball.sh b/shell/make_shell_tarball.sh
index 982b4dd..ff76858 100755
--- a/shell/make_shell_tarball.sh
+++ b/shell/make_shell_tarball.sh
@@ -114,7 +114,6 @@ else
${TARBALL_ROOT}/lib
fi
cp -r ${SHELL_HOME}/gen-py ${TARBALL_ROOT}
-cp ${SHELL_HOME}/thrift_sasl.py ${TARBALL_ROOT}/lib
cp ${SHELL_HOME}/option_parser.py ${TARBALL_ROOT}/lib
cp ${SHELL_HOME}/impala_shell_config_defaults.py ${TARBALL_ROOT}/lib
cp ${SHELL_HOME}/impala_client.py ${TARBALL_ROOT}/lib
diff --git a/shell/packaging/requirements.txt b/shell/packaging/requirements.txt
index 0f6d777..cc84d3f 100644
--- a/shell/packaging/requirements.txt
+++ b/shell/packaging/requirements.txt
@@ -5,4 +5,4 @@ setuptools>=36.8.0
six==1.14.0
sqlparse==0.1.19
thrift==0.9.3
-thrift_sasl==0.2.1
+thrift_sasl==0.4.1
diff --git a/tests/util/thrift_util.py b/tests/util/thrift_util.py
index 24e5fd7..e5f9360 100644
--- a/tests/util/thrift_util.py
+++ b/tests/util/thrift_util.py
@@ -16,13 +16,14 @@
# under the License.
#
# Thrift utility functions
-
-from thrift.transport.TSocket import TSocket
-from thrift.transport.TTransport import TBufferedTransport
import getpass
import sasl
import struct
+from thrift.transport.TSocket import TSocket
+from thrift.transport.TTransport import TBufferedTransport
+from thrift_sasl import TSaslClientTransport
+
def create_transport(host, port, service, transport_type="buffered", user=None,
password=None, use_ssl=False, ssl_cert=None):
"""
@@ -56,7 +57,6 @@ def create_transport(host, port, service, transport_type="buffered", user=None,
if password is None: password = ""
# Initializes a sasl client
- from shell.thrift_sasl import TSaslClientTransport
def sasl_factory():
sasl_client = sasl.Client()
sasl_client.setAttr("host", host)