AMBARI-21227 Updating Ranger install.properties file (mugdha)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/1f19461f Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/1f19461f Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/1f19461f Branch: refs/heads/branch-feature-AMBARI-20859 Commit: 1f19461f10a2c54d3ed81efedc3f9d3d64397700 Parents: 8cdf232 Author: Mugdha Varadkar <[email protected]> Authored: Mon Jun 12 14:53:45 2017 +0530 Committer: Mugdha Varadkar <[email protected]> Committed: Tue Jun 13 10:18:23 2017 +0530 ---------------------------------------------------------------------- .../libraries/providers/modify_properties_file.py | 9 +++++++-- .../RANGER/0.4.0/package/scripts/ranger_admin.py | 11 ++++++++++- .../RANGER/0.4.0/package/scripts/setup_ranger_xml.py | 13 +++++++++++++ .../RANGER_KMS/0.5.0.2.3/package/scripts/kms.py | 8 ++++++++ .../RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py | 10 +++++++++- .../test/python/stacks/2.2/RANGER/test_ranger_admin.py | 8 ++++++++ .../test/python/stacks/2.5/RANGER/test_ranger_admin.py | 10 ++++++++++ .../python/stacks/2.5/RANGER_KMS/test_kms_server.py | 10 ++++++++++ .../test/python/stacks/2.6/RANGER/test_ranger_admin.py | 10 ++++++++++ 9 files changed, 85 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py ---------------------------------------------------------------------- diff --git a/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py b/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py index 53d7d2f..f45f27d 100644 --- a/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py +++ b/ambari-common/src/main/python/resource_management/libraries/providers/modify_properties_file.py @@ -37,6 +37,7 @@ class ModifyPropertiesFileProvider(Provider): properties = self.resource.properties unsaved_values = properties.keys() new_content_lines = [] + final_content_lines = "" if sudo.path_isfile(filename): file_content = sudo.read_file(filename, encoding=self.resource.encoding) @@ -62,9 +63,13 @@ class ModifyPropertiesFileProvider(Provider): value = InlineTemplate(unicode(properties[property_name])).get_content() line = u"{0}{1}{2}".format(unicode(property_name), delimiter, value) new_content_lines.append(line) - + + final_content_lines = u"\n".join(new_content_lines) + if not final_content_lines.endswith("\n"): + final_content_lines = final_content_lines + "\n" + File (filename, - content = u"\n".join(new_content_lines) + "\n", + content = final_content_lines, owner = self.resource.owner, group = self.resource.group, mode = self.resource.mode, http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py index b849d58..ecbacbf 100644 --- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py +++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py @@ -29,7 +29,7 @@ from resource_management.libraries.functions.format import format from resource_management.core.logger import Logger from resource_management.core import shell from ranger_service import ranger_service -from setup_ranger_xml import setup_ranger_audit_solr, setup_ranger_admin_passwd_change +from setup_ranger_xml import setup_ranger_audit_solr, setup_ranger_admin_passwd_change, update_password_configs from resource_management.libraries.functions import solr_cloud_util from ambari_commons.constants import UPGRADE_TYPE_NON_ROLLING, UPGRADE_TYPE_ROLLING from resource_management.libraries.functions.constants import Direction @@ -45,6 +45,14 @@ class RangerAdmin(Script): self.install_packages(env) import params env.set_params(params) + + # taking backup of install.properties file + Execute(('cp', '-f', format('{ranger_home}/install.properties'), format('{ranger_home}/install-backup.properties')), + not_if = format('ls {ranger_home}/install-backup.properties'), + only_if = format('ls {ranger_home}/install.properties'), + sudo = True + ) + # call config and setup db only in case of HDP version < 2.6 if not params.stack_supports_ranger_setup_db_on_start: self.configure(env, setup_db=True) @@ -92,6 +100,7 @@ class RangerAdmin(Script): solr_cloud_util.setup_solr_client(params.config, custom_log4j = params.custom_log4j) setup_ranger_audit_solr() + update_password_configs() ranger_service('ranger_admin') http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py index 26e6578..85eb796 100644 --- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py +++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py @@ -851,3 +851,16 @@ def setup_tagsync_ssl_configs(): mode = 0640 ) Logger.info("Configuring tagsync-ssl configurations done successfully.") + +def update_password_configs(): + import params + + password_configs = {'db_root_password': '_', 'db_password': '_'} + + if params.stack_supports_ranger_audit_db: + password_configs['audit_db_password'] = '_' + + ModifyPropertiesFile(format("{ranger_home}/install.properties"), + properties = password_configs, + owner = params.unix_user, + ) \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py index 5a25b92..bbc438b 100755 --- a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py +++ b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py @@ -675,3 +675,11 @@ def check_ranger_service_support_kerberos(user, keytab, principal): else: Logger.error('Ranger service is not reachable') return False + +def update_password_configs(): + import params + + ModifyPropertiesFile(format("{kms_home}/install.properties"), + properties = {'db_root_password': '_', 'db_password': '_', 'KMS_MASTER_KEY_PASSWD': '_', 'REPOSITORY_CONFIG_PASSWORD': '_'}, + owner = params.kms_user, + ) \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py index 44d61da..829a998 100755 --- a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py +++ b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms_server.py @@ -27,7 +27,7 @@ from resource_management.libraries.functions.format import format from resource_management.core.logger import Logger from resource_management.core import shell from resource_management.libraries.functions.default import default -from kms import kms, setup_kms_db, setup_java_patch, enable_kms_plugin, setup_kms_jce +from kms import kms, setup_kms_db, setup_java_patch, enable_kms_plugin, setup_kms_jce, update_password_configs from kms_service import kms_service import upgrade @@ -41,6 +41,13 @@ class KmsServer(Script): import params env.set_params(params) + # taking backup of install.properties file + Execute(('cp', '-f', format('{kms_home}/install.properties'), format('{kms_home}/install-backup.properties')), + not_if = format('ls {kms_home}/install-backup.properties'), + only_if = format('ls {kms_home}/install.properties'), + sudo = True + ) + setup_kms_db() self.configure(env) setup_java_patch() @@ -62,6 +69,7 @@ class KmsServer(Script): self.configure(env) enable_kms_plugin() setup_kms_jce() + update_password_configs() kms_service(action = 'start', upgrade_type=upgrade_type) def status(self, env): http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py index d338c28..961be84 100644 --- a/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py +++ b/ambari-server/src/test/python/stacks/2.2/RANGER/test_ranger_admin.py @@ -48,6 +48,10 @@ class TestRangerAdmin(RMFTestCase): target = RMFTestCase.TARGET_COMMON_SERVICES ) self.assert_configure_default() + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'db_password': '_', 'db_root_password': '_', 'audit_db_password': '_'} + ) self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start', environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep', @@ -89,6 +93,10 @@ class TestRangerAdmin(RMFTestCase): target = RMFTestCase.TARGET_COMMON_SERVICES ) self.assert_configure_secured() + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'db_password': '_', 'db_root_password': '_', 'audit_db_password': '_'} + ) self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start', environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep', http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py index 8f2bd2e..9ba1275 100644 --- a/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py +++ b/ambari-server/src/test/python/stacks/2.5/RANGER/test_ranger_admin.py @@ -83,6 +83,11 @@ class TestRangerAdmin(RMFTestCase): self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --create-collection --collection ranger_audits --config-set ranger_audits --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10') + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'db_password': '_', 'db_root_password': '_'} + ) + self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start', environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep', @@ -178,6 +183,11 @@ class TestRangerAdmin(RMFTestCase): self.assertResourceCalled('Execute','ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /ambari-solr/configs/ranger_audits --secure-znode --jaas-file /usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf --sasl-users rangeradmin,infra-solr --retry 5 --interval 10') self.assertResourceCalled('Execute', 'ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /ambari-solr/collections/ranger_audits --secure-znode --jaas-file /usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf --sasl-users rangeradmin,infra-solr --retry 5 --interval 10') + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'db_password': '_', 'db_root_password': '_'} + ) + self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start', environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep', http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py b/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py index f6f0af3..7ebe2f5 100644 --- a/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py +++ b/ambari-server/src/test/python/stacks/2.5/RANGER_KMS/test_kms_server.py @@ -236,6 +236,11 @@ class TestRangerKMS(RMFTestCase): sudo=True ) + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-kms/install.properties', + owner = 'kms', + properties = {'db_password': '_', 'KMS_MASTER_KEY_PASSWD': '_', 'REPOSITORY_CONFIG_PASSWORD': '_', 'db_root_password': '_'} + ) + self.assertResourceCalled('Execute', '/usr/hdp/current/ranger-kms/ranger-kms start', environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, not_if = 'ps -ef | grep proc_rangerkms | grep -v grep', @@ -671,6 +676,11 @@ class TestRangerKMS(RMFTestCase): sudo=True ) + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-kms/install.properties', + owner = 'kms', + properties = {'db_password': '_', 'KMS_MASTER_KEY_PASSWD': '_', 'REPOSITORY_CONFIG_PASSWORD': '_', 'db_root_password': '_'} + ) + self.assertResourceCalled('Execute', '/usr/hdp/current/ranger-kms/ranger-kms start', environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, not_if = 'ps -ef | grep proc_rangerkms | grep -v grep', http://git-wip-us.apache.org/repos/asf/ambari/blob/1f19461f/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py index 9167017..e8bacbd 100644 --- a/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py +++ b/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py @@ -86,6 +86,11 @@ class TestRangerAdmin(RMFTestCase): create_parents=True) self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --create-collection --collection ranger_audits --config-set ranger_audits --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10') + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'db_password': '_', 'db_root_password': '_'} + ) + self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start', environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep', @@ -167,6 +172,11 @@ class TestRangerAdmin(RMFTestCase): self.assertResourceCalled('Execute','ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /infra-solr/configs/ranger_audits --secure-znode --jaas-file /usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf --sasl-users rangeradmin,infra-solr --retry 5 --interval 10') self.assertResourceCalled('Execute', 'ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /infra-solr/collections/ranger_audits --secure-znode --jaas-file /usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf --sasl-users rangeradmin,infra-solr --retry 5 --interval 10') + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'db_password': '_', 'db_root_password': '_'} + ) + self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start', environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep',
