You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by pe...@apache.org on 2022/04/12 10:23:43 UTC

[pulsar] branch branch-2.8 updated (fc0d67ced19 -> 9b403f1a6b9)

This is an automated email from the ASF dual-hosted git repository.

penghui pushed a change to branch branch-2.8
in repository https://gitbox.apache.org/repos/asf/pulsar.git


    from fc0d67ced19 Ignore case when obfuscating passwords in python configuration scripts (#15077)
     new 8b66a17c603 [Security] Use dependencyManagement to enforce snakeyaml version to 1.30 (#13722)
     new 9b403f1a6b9 handle NPE when getLeader returns null (#15058)

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 distribution/server/src/assemble/LICENSE.bin.txt               |  2 +-
 pom.xml                                                        |  6 ++++++
 .../java/org/apache/pulsar/functions/worker/LeaderService.java |  3 ++-
 .../apache/pulsar/functions/worker/PulsarWorkerService.java    |  3 ++-
 .../java/org/apache/pulsar/functions/worker/WorkerUtils.java   | 10 ++++++++++
 .../apache/pulsar/functions/worker/rest/api/FunctionsImpl.java |  2 +-
 .../apache/pulsar/functions/worker/rest/api/WorkerImpl.java    |  6 +++++-
 pulsar-sql/presto-distribution/LICENSE                         |  2 +-
 8 files changed, 28 insertions(+), 6 deletions(-)

[pulsar] 01/02: [Security] Use dependencyManagement to enforce snakeyaml version to 1.30 (#13722)

Posted by pe...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

penghui pushed a commit to branch branch-2.8
in repository https://gitbox.apache.org/repos/asf/pulsar.git

commit 8b66a17c603061ab92b69689f6c0807803fc18e5
Author: Lari Hotari <lh...@users.noreply.github.com>
AuthorDate: Wed Jan 12 17:03:17 2022 +0200

    [Security] Use dependencyManagement to enforce snakeyaml version to 1.30 (#13722)
    
    - snakeyaml changelog https://bitbucket.org/snakeyaml/snakeyaml/wiki/Changes
    
    - Pulsar Offloaders contained vulnerable version 1.21
    
    (cherry picked from commit e5d828ac92f8102fc3c70d122b1270110757c591)
---
 distribution/server/src/assemble/LICENSE.bin.txt | 2 +-
 pom.xml                                          | 6 ++++++
 pulsar-sql/presto-distribution/LICENSE           | 2 +-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/distribution/server/src/assemble/LICENSE.bin.txt b/distribution/server/src/assemble/LICENSE.bin.txt
index 42dfa316eb8..7e8f189dcc6 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -445,7 +445,7 @@ The Apache Software License, Version 2.0
     - org.eclipse.jetty.websocket-websocket-servlet-9.4.43.v20210629.jar
     - org.eclipse.jetty-jetty-alpn-conscrypt-server-9.4.43.v20210629.jar
     - org.eclipse.jetty-jetty-alpn-server-9.4.43.v20210629.jar
- * SnakeYaml -- org.yaml-snakeyaml-1.27.jar
+ * SnakeYaml -- org.yaml-snakeyaml-1.30.jar
  * RocksDB - org.rocksdb-rocksdbjni-6.10.2.jar
  * Google Error Prone Annotations - com.google.errorprone-error_prone_annotations-2.5.1.jar
  * Apache Thrifth - org.apache.thrift-libthrift-0.14.2.jar
diff --git a/pom.xml b/pom.xml
index 8a79ac5903f..d3a37af7a2d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -198,6 +198,7 @@ flexible messaging model and an intuitive client API.</description>
     <spring-context.version>5.3.15</spring-context.version>
     <apache-http-client.version>4.5.13</apache-http-client.version>
     <seancfoley.ipaddress.version>5.3.3</seancfoley.ipaddress.version>
+    <snakeyaml.version>1.30</snakeyaml.version>
 
     <!-- test dependencies -->
     <cassandra.version>3.6.0</cassandra.version>
@@ -1140,6 +1141,11 @@ flexible messaging model and an intuitive client API.</description>
         <version>${j2objc-annotations.version}</version>
       </dependency>
 
+      <dependency>
+        <groupId>org.yaml</groupId>
+        <artifactId>snakeyaml</artifactId>
+        <version>${snakeyaml.version}</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>
 
diff --git a/pulsar-sql/presto-distribution/LICENSE b/pulsar-sql/presto-distribution/LICENSE
index 137993c9934..7970280b6a2 100644
--- a/pulsar-sql/presto-distribution/LICENSE
+++ b/pulsar-sql/presto-distribution/LICENSE
@@ -393,7 +393,7 @@ The Apache Software License, Version 2.0
   * RocksDB JNI
     - rocksdbjni-6.10.2.jar
   * SnakeYAML
-    - snakeyaml-1.27.jar
+    - snakeyaml-1.30.jar
   * Bean Validation API
     - validation-api-2.0.1.Final.jar
   * Objectsize

[pulsar] 02/02: handle NPE when getLeader returns null (#15058)

Posted by pe...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

penghui pushed a commit to branch branch-2.8
in repository https://gitbox.apache.org/repos/asf/pulsar.git

commit 9b403f1a6b9e083671855a929401e64df6c7b8d9
Author: Rui Fu <fr...@users.noreply.github.com>
AuthorDate: Fri Apr 8 10:07:36 2022 +0800

    handle NPE when getLeader returns null (#15058)
    
    (cherry picked from commit 2e2cd4480d6ee7c6183826686a93a6e155ac3b7b)
---
 .../java/org/apache/pulsar/functions/worker/LeaderService.java |  3 ++-
 .../apache/pulsar/functions/worker/PulsarWorkerService.java    |  3 ++-
 .../java/org/apache/pulsar/functions/worker/WorkerUtils.java   | 10 ++++++++++
 .../apache/pulsar/functions/worker/rest/api/FunctionsImpl.java |  2 +-
 .../apache/pulsar/functions/worker/rest/api/WorkerImpl.java    |  6 +++++-
 5 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/LeaderService.java b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/LeaderService.java
index fb11fab785b..645cdcb2bae 100644
--- a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/LeaderService.java
+++ b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/LeaderService.java
@@ -103,7 +103,8 @@ public class LeaderService implements AutoCloseable, ConsumerEventListener {
 
                 // attempt to acquire exclusive publishers to both the metadata topic and assignments topic
                 // we should keep trying to acquire exclusive producers as long as we are still the leader
-                Supplier<Boolean> checkIsStillLeader = () -> membershipManager.getLeader().getWorkerId().equals(workerConfig.getWorkerId());
+                Supplier<Boolean> checkIsStillLeader = WorkerUtils.getIsStillLeaderSupplier(membershipManager,
+                        workerConfig.getWorkerId());
                 Producer<byte[]> scheduleManagerExclusiveProducer = null;
                 Producer<byte[]> functionMetaDataManagerExclusiveProducer = null;
                 try {
diff --git a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/PulsarWorkerService.java b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/PulsarWorkerService.java
index 93d426391b5..8eccb9d2751 100644
--- a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/PulsarWorkerService.java
+++ b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/PulsarWorkerService.java
@@ -512,7 +512,8 @@ public class PulsarWorkerService implements WorkerService {
             log.info("/** Initializing Runtime Manager **/");
 
             MessageId lastAssignmentMessageId = functionRuntimeManager.initialize();
-            Supplier<Boolean> checkIsStillLeader = () -> membershipManager.getLeader().getWorkerId().equals(workerConfig.getWorkerId());
+            Supplier<Boolean> checkIsStillLeader = WorkerUtils.getIsStillLeaderSupplier(membershipManager,
+                    workerConfig.getWorkerId());
 
             // Setting references to managers in scheduler
             schedulerManager.setFunctionMetaDataManager(functionMetaDataManager);
diff --git a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/WorkerUtils.java b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/WorkerUtils.java
index 4f0287f19ff..52065f60242 100644
--- a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/WorkerUtils.java
+++ b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/WorkerUtils.java
@@ -41,6 +41,8 @@ import org.apache.pulsar.client.api.PulsarClientException;
 import org.apache.pulsar.client.api.Reader;
 import org.apache.pulsar.client.api.ReaderBuilder;
 import org.apache.pulsar.common.conf.InternalConfigurationData;
+import org.apache.pulsar.common.functions.WorkerInfo;
+import org.apache.pulsar.common.policies.data.FunctionInstanceStatsDataImpl;
 import org.apache.pulsar.common.policies.data.FunctionInstanceStatsImpl;
 import org.apache.pulsar.common.policies.data.FunctionInstanceStatsDataImpl;
 import org.apache.pulsar.functions.proto.InstanceCommunication;
@@ -368,4 +370,12 @@ public final class WorkerUtils {
     public static class NotLeaderAnymore extends Exception {
 
     }
+
+    public static Supplier<Boolean> getIsStillLeaderSupplier(final MembershipManager membershipManager,
+                                                             final String workerId) {
+        return () -> {
+            WorkerInfo workerInfo = membershipManager.getLeader();
+            return workerInfo != null && workerInfo.getWorkerId().equals(workerId);
+        };
+    }
 }
diff --git a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/rest/api/FunctionsImpl.java b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/rest/api/FunctionsImpl.java
index b2d0f36787e..d9829e6471d 100644
--- a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/rest/api/FunctionsImpl.java
+++ b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/rest/api/FunctionsImpl.java
@@ -704,7 +704,7 @@ public class FunctionsImpl extends ComponentImpl implements Functions<PulsarWork
         // Redirect if we are not the leader
         if (!worker().getLeaderService().isLeader()) {
             WorkerInfo workerInfo = worker().getMembershipManager().getLeader();
-            if (workerInfo.getWorkerId().equals(worker().getWorkerConfig().getWorkerId())) {
+            if (workerInfo == null || workerInfo.getWorkerId().equals(worker().getWorkerConfig().getWorkerId())) {
                 throw new RestException(Response.Status.SERVICE_UNAVAILABLE,
                         "Leader not yet ready. Please retry again");
             }
diff --git a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/rest/api/WorkerImpl.java b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/rest/api/WorkerImpl.java
index 0d0a9f83621..2f80d1d6782 100644
--- a/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/rest/api/WorkerImpl.java
+++ b/pulsar-functions/worker/src/main/java/org/apache/pulsar/functions/worker/rest/api/WorkerImpl.java
@@ -229,7 +229,11 @@ public class WorkerImpl implements Workers<PulsarWorkerService> {
             }
         } else {
             WorkerInfo workerInfo = worker().getMembershipManager().getLeader();
-            URI redirect = UriBuilder.fromUri(uri).host(workerInfo.getWorkerHostname()).port(workerInfo.getPort()).build();
+            if (workerInfo == null) {
+                throw new RestException(Status.INTERNAL_SERVER_ERROR, "Leader cannot be determined");
+            }
+            URI redirect =
+                    UriBuilder.fromUri(uri).host(workerInfo.getWorkerHostname()).port(workerInfo.getPort()).build();
             throw new WebApplicationException(Response.temporaryRedirect(redirect).build());
         }
     }