You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pinot.apache.org by ja...@apache.org on 2023/11/14 00:29:33 UTC
(pinot) branch master updated: add an option to skip controller cert validation in AddTableCommand (#11967)
This is an automated email from the ASF dual-hosted git repository.
jackie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pinot.git
The following commit(s) were added to refs/heads/master by this push:
new 0dd2522afd add an option to skip controller cert validation in AddTableCommand (#11967)
0dd2522afd is described below
commit 0dd2522afdaa6747fc8285b4288258cf26e7d04e
Author: Haitao Zhang <ha...@startree.ai>
AuthorDate: Mon Nov 13 16:29:26 2023 -0800
add an option to skip controller cert validation in AddTableCommand (#11967)
---
.../admin/command/AbstractBaseAdminCommand.java | 13 +++++++++++
.../pinot/tools/admin/command/AddTableCommand.java | 26 ++++++++++++++++++----
2 files changed, 35 insertions(+), 4 deletions(-)
diff --git a/pinot-tools/src/main/java/org/apache/pinot/tools/admin/command/AbstractBaseAdminCommand.java b/pinot-tools/src/main/java/org/apache/pinot/tools/admin/command/AbstractBaseAdminCommand.java
index a9daa01a01..62f77c72b9 100644
--- a/pinot-tools/src/main/java/org/apache/pinot/tools/admin/command/AbstractBaseAdminCommand.java
+++ b/pinot-tools/src/main/java/org/apache/pinot/tools/admin/command/AbstractBaseAdminCommand.java
@@ -31,6 +31,9 @@ import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.List;
import java.util.Map;
+import javax.annotation.Nullable;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
import org.apache.commons.configuration2.ex.ConfigurationException;
import org.apache.http.Header;
import org.apache.pinot.tools.AbstractBaseCommand;
@@ -76,6 +79,16 @@ public class AbstractBaseAdminCommand extends AbstractBaseCommand {
public static String sendRequest(String requestMethod, String urlString, String payload, List<Header> headers)
throws IOException {
+ return sendRequest(requestMethod, urlString, payload, headers, null);
+ }
+
+ public static String sendRequest(String requestMethod, String urlString, String payload, List<Header> headers,
+ @Nullable SSLContext sslContext)
+ throws IOException {
+ if (sslContext != null) {
+ // Set the default SSL socket factory to use the custom SSL context
+ HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
+ }
final URL url = new URL(urlString);
final HttpURLConnection conn = (HttpURLConnection) url.openConnection();
diff --git a/pinot-tools/src/main/java/org/apache/pinot/tools/admin/command/AddTableCommand.java b/pinot-tools/src/main/java/org/apache/pinot/tools/admin/command/AddTableCommand.java
index 898ef86e86..8873c7bf87 100644
--- a/pinot-tools/src/main/java/org/apache/pinot/tools/admin/command/AddTableCommand.java
+++ b/pinot-tools/src/main/java/org/apache/pinot/tools/admin/command/AddTableCommand.java
@@ -23,12 +23,15 @@ import com.google.common.base.Preconditions;
import java.io.File;
import java.io.IOException;
import java.util.concurrent.Callable;
+import javax.net.ssl.SSLContext;
import org.apache.pinot.common.auth.AuthProviderUtils;
+import org.apache.pinot.common.utils.ClientSSLContextGenerator;
import org.apache.pinot.spi.auth.AuthProvider;
import org.apache.pinot.spi.config.TableConfigs;
import org.apache.pinot.spi.config.table.TableConfig;
import org.apache.pinot.spi.config.table.TableType;
import org.apache.pinot.spi.data.Schema;
+import org.apache.pinot.spi.env.PinotConfiguration;
import org.apache.pinot.spi.utils.CommonConstants;
import org.apache.pinot.spi.utils.JsonUtils;
import org.apache.pinot.spi.utils.NetUtils;
@@ -76,13 +79,17 @@ public class AddTableCommand extends AbstractBaseAdminCommand implements Command
@CommandLine.Option(names = {"-controllerProtocol"}, required = false, description = "protocol for controller.")
private String _controllerProtocol = CommonConstants.HTTP_PROTOCOL;
- @CommandLine.Option(names = {"-update"}, required = false,
- description = "Update the existing table instead of creating new one")
+ @CommandLine.Option(names = {"-update"}, required = false, description = "Update the existing table instead of "
+ + "creating new one")
private boolean _update = false;
@CommandLine.Option(names = {"-exec"}, required = false, description = "Execute the command.")
private boolean _exec;
+ @CommandLine.Option(names = {"-skipControllerCertValidation"}, required = false, description = "Whether to skip"
+ + " controller certification validation.")
+ private boolean _skipControllerCertValidation = false;
+
@CommandLine.Option(names = {"-user"}, required = false, description = "Username for basic auth.")
private String _user;
@@ -190,7 +197,8 @@ public class AddTableCommand extends AbstractBaseAdminCommand implements Command
String res = AbstractBaseAdminCommand.sendRequest("POST",
ControllerRequestURLBuilder.baseUrl(_controllerAddress).forTableConfigsCreate(), node.toString(),
AuthProviderUtils.makeAuthHeaders(
- AuthProviderUtils.makeAuthProvider(_authProvider, _authTokenUrl, _authToken, _user, _password)));
+ AuthProviderUtils.makeAuthProvider(_authProvider, _authTokenUrl, _authToken, _user, _password)),
+ makeTrustAllSSLContext());
LOGGER.info(res);
return res.contains("successfully added");
}
@@ -200,11 +208,21 @@ public class AddTableCommand extends AbstractBaseAdminCommand implements Command
String res = AbstractBaseAdminCommand.sendRequest("PUT",
ControllerRequestURLBuilder.baseUrl(_controllerAddress).forTableConfigsUpdate(tableName), node.toString(),
AuthProviderUtils.makeAuthHeaders(
- AuthProviderUtils.makeAuthProvider(_authProvider, _authTokenUrl, _authToken, _user, _password)));
+ AuthProviderUtils.makeAuthProvider(_authProvider, _authTokenUrl, _authToken, _user, _password)),
+ makeTrustAllSSLContext());
LOGGER.info(res);
return res.contains("TableConfigs updated");
}
+ private SSLContext makeTrustAllSSLContext() {
+ if (_skipControllerCertValidation) {
+ PinotConfiguration trustAllSslConfig = new PinotConfiguration();
+ return new ClientSSLContextGenerator(trustAllSslConfig).generate();
+ } else {
+ return null;
+ }
+ }
+
@Override
public boolean execute()
throws Exception {
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org