You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by alopresto <gi...@git.apache.org> on 2018/08/22 04:01:59 UTC
[GitHub] nifi pull request #2959: NIFI-5540 Provide default `nifi.sensitive.props.key...
GitHub user alopresto opened a pull request:
https://github.com/apache/nifi/pull/2959
NIFI-5540 Provide default `nifi.sensitive.props.key` value if none provided in cluster communications
Thank you for submitting a contribution to Apache NiFi.
In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:
### For all changes:
- [x] Is there a JIRA ticket associated with this PR? Is it referenced
in the commit message?
- [x] Does your PR title start with NIFI-XXXX where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character.
- [x] Has your PR been rebased against the latest commit within the target branch (typically master)?
- [ ] Is your initial contribution a single, squashed commit?
### For code changes:
- [x] Have you ensured that the full suite of tests is executed via mvn -Pcontrib-check clean install at the root nifi folder?
- [x] Have you written or updated unit tests to verify your changes?
- [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the LICENSE file, including the main LICENSE file under nifi-assembly?
- [ ] If applicable, have you updated the NOTICE file, including the main NOTICE file found under nifi-assembly?
- [ ] If adding new Properties, have you added .displayName in addition to .name (programmatic access) for each of the new properties?
### For documentation related changes:
- [ ] Have you ensured that format looks appropriate for the output in which it is rendered?
### Note:
Please ensure that once the PR is submitted, you check travis-ci for build issues and submit an update to your PR as soon as possible.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/alopresto/nifi NIFI-5540
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi/pull/2959.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #2959
----
commit 89c24274aa6808dbc1a24a4d1389a693f3ade2c4
Author: Andy LoPresto <al...@...>
Date: 2018-08-20T22:24:39Z
NIFI-5540 Added unit test to demonstrate missing default sensitive properties key in flow election encryptor creation.
commit b97d6c3c7d31928c52b671bd30339b16814b4ade
Author: Andy LoPresto <al...@...>
Date: 2018-08-21T00:53:18Z
NIFI-5540 Added failing unit test and ignored regression test to demonstrate missing default sensitive properties key in flow election encryptor creation.
commit 694e70743c41c6b6fb7fc2b527ef339235afc3e6
Author: Andy LoPresto <al...@...>
Date: 2018-08-21T00:54:32Z
NIFI-5540 Added equality logic to StringEncryptor and utility equality methods to CryptoUtils.
commit 229d12b2ecdb431e327aa9e80dd8a6c00e780a23
Author: Andy LoPresto <al...@...>
Date: 2018-08-21T01:08:12Z
NIFI-5540 Added default sensitive properties key population logic and log warning to StringEncryptor.
commit 037ddfa16f709c9ddb9065d0931bca9566e7fa4a
Author: Andy LoPresto <al...@...>
Date: 2018-08-21T01:09:08Z
NIFI-5540 Cleaned up formatting.
commit 12c2d7ff4e2e7bb0fdadb40eed6ad594e35db029
Author: Andy LoPresto <al...@...>
Date: 2018-08-21T01:11:49Z
NIFI-5540 Cleaned up boolean logic.
commit d80cc9b2af9d4ac9986eae9f383ee5a5db8511b7
Author: Andy LoPresto <al...@...>
Date: 2018-08-21T01:14:47Z
NIFI-5540 Added Javadoc to StringEncryptor.
commit ca5b12bfa643d1567ca6cb77966f401e65558aa9
Author: Andy LoPresto <al...@...>
Date: 2018-08-21T02:41:35Z
NIFI-5540 Added unit test for StringEncryptor#equals().
commit 885c17c9689d60129818e9952f47921d16ddadde
Author: Andy LoPresto <al...@...>
Date: 2018-08-22T02:53:59Z
NIFI-5540 Added performance benchmarking unit tests for constantTimeEquals methods for String, byte[], and char[].
commit 85d6a3fe24ded423276f2c77db1537dc1b2fc681
Author: Andy LoPresto <al...@...>
Date: 2018-08-22T03:00:31Z
NIFI-5540 Fixed checkstyle issue.
commit 05db0d127c65e0b1e2de600c3aac893e99f2f925
Author: Andy LoPresto <al...@...>
Date: 2018-08-22T03:16:44Z
NIFI-5540 Fixed unit tests for default key population.
----
---
[GitHub] nifi pull request #2959: NIFI-5540 Provide default `nifi.sensitive.props.key...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/nifi/pull/2959
---
[GitHub] nifi issue #2959: NIFI-5540 Provide default `nifi.sensitive.props.key` value...
Posted by bbende <gi...@git.apache.org>.
Github user bbende commented on the issue:
https://github.com/apache/nifi/pull/2959
Verified that I am now able to start up a cluster without explicitly specifying a sensitive properties key, same as it previously worked before this issue, thanks Andy! Will merge shortly
---
[GitHub] nifi issue #2959: NIFI-5540 Provide default `nifi.sensitive.props.key` value...
Posted by alopresto <gi...@git.apache.org>.
Github user alopresto commented on the issue:
https://github.com/apache/nifi/pull/2959
As discovered by @bbende , I introduced a bug in my commit [f60585a](https://github.com/apache/nifi/commit/f60585a9b6df6b3b28be1eb80a0a60deac6c0493#diff-882d0904bb315ac8a455aec69e6d44d8) as part of [PR 2841](https://github.com/apache/nifi/pull/2841) for [NIFI-5376](https://issues.apache.org/jira/browse/NIFI-5376) which stops cluster startup if no `nifi.sensitive.props.key` value is entered in `nifi.properties`. Previously, a default static value is used (all docs indicate this should *not* be relied on and a custom, unique value should be provided at deployment time), but this is an unintentional regression and was not documented.
This fix prints a warning to the log if no value is provided but restores the previous functionality of using the default.
---