Repository: ambari Updated Branches: refs/heads/trunk c52ddc9d7 -> dd6cc606b
Revert "AMBARI-21938. Validate kerberos.json files to ensure they meet the expected schema (rlevas)" This reverts commit c52ddc9d70ce9389d6cb6a827e2313bca99bc9be. Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/3cdac5f9 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/3cdac5f9 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/3cdac5f9 Branch: refs/heads/trunk Commit: 3cdac5f907b6a244ff439b674c7a3005a425a97d Parents: c52ddc9 Author: Robert Levas <rle...@hortonworks.com> Authored: Mon Sep 18 13:47:30 2017 -0400 Committer: Robert Levas <rle...@hortonworks.com> Committed: Mon Sep 18 13:47:30 2017 -0400 ---------------------------------------------------------------------- ambari-server/pom.xml | 8 +- .../kerberos/AbstractKerberosDescriptor.java | 4 +- .../AbstractKerberosDescriptorContainer.java | 16 +- .../kerberos/KerberosComponentDescriptor.java | 2 +- .../state/kerberos/KerberosDescriptor.java | 11 +- .../kerberos/KerberosIdentityDescriptor.java | 78 +++++++-- .../kerberos/KerberosKeytabDescriptor.java | 42 ++--- .../kerberos/KerberosPrincipalDescriptor.java | 25 ++- .../kerberos/KerberosServiceDescriptor.java | 12 +- .../stacks/HDP/2.6/kerberos_preconfigure.json | 2 + .../server/stack/KerberosDescriptorTest.java | 164 +++++++++++-------- .../KerberosComponentDescriptorTest.java | 18 +- .../KerberosConfigurationDescriptorTest.java | 2 +- .../state/kerberos/KerberosDescriptorTest.java | 52 +++--- .../KerberosDescriptorUpdateHelperTest.java | 2 +- .../KerberosIdentityDescriptorTest.java | 49 +++--- .../kerberos/KerberosKeytabDescriptorTest.java | 28 ++-- .../KerberosPrincipalDescriptorTest.java | 24 +-- .../kerberos/KerberosServiceDescriptorTest.java | 24 +-- 19 files changed, 308 insertions(+), 255 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/pom.xml ---------------------------------------------------------------------- diff --git a/ambari-server/pom.xml b/ambari-server/pom.xml index 4a896ad..29a820a 100644 --- a/ambari-server/pom.xml +++ b/ambari-server/pom.xml @@ -1597,7 +1597,7 @@ <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-annotations</artifactId> - <version>2.8.0</version> + <version>2.1.4</version> </dependency> <dependency> <groupId>net.sf.ehcache</groupId> @@ -1686,12 +1686,6 @@ <artifactId>jna</artifactId> <version>4.2.2</version> </dependency> - <dependency> - <groupId>com.networknt</groupId> - <artifactId>json-schema-validator</artifactId> - <version>0.1.7</version> - <scope>test</scope> - </dependency> </dependencies> <pluginRepositories> http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java index b496942..0d1da9c 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptor.java @@ -34,8 +34,6 @@ import org.apache.commons.lang.StringUtils; */ public abstract class AbstractKerberosDescriptor { - static final String KEY_NAME = "name"; - /** * An AbstractKerberosDescriptor serving as the parent (or container) for this * AbstractKerberosDescriptor. @@ -76,7 +74,7 @@ public abstract class AbstractKerberosDescriptor { String name = getName(); if (name != null) { - dataMap.put(KEY_NAME, name); + dataMap.put("name", name); } return dataMap; http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java index 85d4f69..5658133 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/AbstractKerberosDescriptorContainer.java @@ -96,10 +96,6 @@ import com.google.common.collect.Sets; public abstract class AbstractKerberosDescriptorContainer extends AbstractKerberosDescriptor { private static final Logger LOG = LoggerFactory.getLogger(AbstractKerberosDescriptorContainer.class); - static final String KEY_IDENTITIES = Type.IDENTITY.getDescriptorPluralName(); - static final String KEY_CONFIGURATIONS = Type.CONFIGURATION.getDescriptorPluralName(); - static final String KEY_AUTH_TO_LOCAL_PROPERTIES = Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(); - /** * Regular expression pattern used to parse auth_to_local property specifications into the following * parts: @@ -139,7 +135,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber Object list; // (Safely) Get the set of KerberosIdentityDescriptors - list = data.get(KEY_IDENTITIES); + list = data.get(Type.IDENTITY.getDescriptorPluralName()); if (list instanceof Collection) { for (Object item : (Collection) list) { if (item instanceof Map) { @@ -149,7 +145,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber } // (Safely) Get the set of KerberosConfigurationDescriptors - list = data.get(KEY_CONFIGURATIONS); + list = data.get(Type.CONFIGURATION.getDescriptorPluralName()); if (list instanceof Collection) { for (Object item : (Collection) list) { if (item instanceof Map) { @@ -159,7 +155,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber } // (Safely) Get the set of KerberosConfigurationDescriptors - list = data.get(KEY_AUTH_TO_LOCAL_PROPERTIES); + list = data.get(Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName()); if (list instanceof Collection) { for (Object item : (Collection) list) { if (item instanceof String) { @@ -763,7 +759,7 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber for (KerberosIdentityDescriptor identity : identities) { list.put(identity.getName(), identity.toMap()); } - map.put(KEY_IDENTITIES, list.values()); + map.put(Type.IDENTITY.getDescriptorPluralName(), list.values()); } if (configurations != null) { @@ -773,11 +769,11 @@ public abstract class AbstractKerberosDescriptorContainer extends AbstractKerber for (KerberosConfigurationDescriptor configuration : configurations.values()) { list.put(configuration.getType(), configuration.toMap()); } - map.put(KEY_CONFIGURATIONS, list.values()); + map.put(Type.CONFIGURATION.getDescriptorPluralName(), list.values()); } if (authToLocalProperties != null) { - map.put(KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalProperties); + map.put(Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalProperties); } return map; http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java index 3bf1dad..768a17e 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptor.java @@ -20,7 +20,7 @@ package org.apache.ambari.server.state.kerberos; import java.util.Collection; import java.util.Map; -/* +/** * KerberosComponentDescriptor implements AbstractKerberosDescriptorContainer. It contains the data * related to a component which include the following properties: * <ul> http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java index a1d373b..0eb3733 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosDescriptor.java @@ -90,9 +90,6 @@ import org.apache.commons.lang.StringUtils; */ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer { - static final String KEY_PROPERTIES = "properties"; - static final String KEY_SERVICES = Type.SERVICE.getDescriptorPluralName(); - /** * A Map of the "global" properties contained within this KerberosDescriptor */ @@ -124,7 +121,7 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer { super(data); if (data != null) { - Object list = data.get(KEY_SERVICES); + Object list = data.get(Type.SERVICE.getDescriptorPluralName()); if (list instanceof Collection) { for (Object item : (Collection) list) { if (item instanceof Map) { @@ -133,7 +130,7 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer { } } - Object map = data.get(KEY_PROPERTIES); + Object map = data.get("properties"); if (map instanceof Map) { for (Map.Entry<?, ?> entry : ((Map<?, ?>) map).entrySet()) { Object value = entry.getValue(); @@ -329,11 +326,11 @@ public class KerberosDescriptor extends AbstractKerberosDescriptorContainer { for (KerberosServiceDescriptor service : services.values()) { list.add(service.toMap()); } - map.put(KEY_SERVICES, list); + map.put(Type.SERVICE.getDescriptorPluralName(), list); } if (properties != null) { - map.put(KEY_PROPERTIES, new TreeMap<>(properties)); + map.put("properties", new TreeMap<>(properties)); } return map; http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java index ef45343..911723b 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptor.java @@ -33,6 +33,7 @@ import com.google.common.base.Optional; * <li>name</li> * <li>principal</li> * <li>keytab</li> + * <li>password</li> * </ul> * <p/> * The following (pseudo) JSON Schema will yield a valid KerberosIdentityDescriptor @@ -57,6 +58,11 @@ import com.google.common.base.Optional; * "type": "{@link org.apache.ambari.server.state.kerberos.KerberosKeytabDescriptor}", * } * } + * "password": { + * "description": "The password to use for this identity. If not set a secure random + * password will automatically be generated", + * "type": "string" + * } * } * } * </pre> @@ -67,11 +73,6 @@ import com.google.common.base.Optional; */ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { - static final String KEY_REFERENCE = "reference"; - static final String KEY_PRINCIPAL = Type.PRINCIPAL.getDescriptorName(); - static final String KEY_KEYTAB = Type.KEYTAB.getDescriptorName(); - static final String KEY_WHEN = "when"; - /** * The path to the Kerberos Identity definitions this {@link KerberosIdentityDescriptor} references */ @@ -88,6 +89,13 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { private KerberosKeytabDescriptor keytab = null; /** + * A String containing the password for this Kerberos identity + * <p/> + * If this value is null or empty, a random password will be generated as necessary. + */ + private String password = null; + + /** * An expression used to determine when this {@link KerberosIdentityDescriptor} is relevant for the * cluster. If the process expression is not <code>null</code> and evaluates to <code>false</code> * then this {@link KerberosIdentityDescriptor} will be ignored when processing identities. @@ -97,11 +105,11 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { /** * Creates a new KerberosIdentityDescriptor * - * @param name the name of this identity descriptor + * @param name the name of this identity descriptor * @param reference an optional path to a referenced KerberosIdentityDescriptor * @param principal a KerberosPrincipalDescriptor - * @param keytab a KerberosKeytabDescriptor - * @param when a predicate + * @param keytab a KerberosKeytabDescriptor + * @param when a predicate */ public KerberosIdentityDescriptor(String name, String reference, KerberosPrincipalDescriptor principal, KerberosKeytabDescriptor keytab, Predicate when) { setName(name); @@ -125,22 +133,24 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { // This is not automatically set by the super classes. setName(getStringValue(data, "name")); - setReference(getStringValue(data, KEY_REFERENCE)); + setReference(getStringValue(data, "reference")); if (data != null) { Object item; - item = data.get(KEY_PRINCIPAL); + setPassword(getStringValue(data, "password")); + + item = data.get(Type.PRINCIPAL.getDescriptorName()); if (item instanceof Map) { setPrincipalDescriptor(new KerberosPrincipalDescriptor((Map<?, ?>) item)); } - item = data.get(KEY_KEYTAB); + item = data.get(Type.KEYTAB.getDescriptorName()); if (item instanceof Map) { setKeytabDescriptor(new KerberosKeytabDescriptor((Map<?, ?>) item)); } - item = data.get(KEY_WHEN); + item = data.get("when"); if (item instanceof Map) { setWhen(PredicateUtils.fromMap((Map<?, ?>) item)); } @@ -211,6 +221,27 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { } /** + * Gets the password for this this KerberosIdentityDescriptor + * + * @return A String containing the password for this this KerberosIdentityDescriptor + * @see #password + */ + public String getPassword() { + return password; + } + + /** + * Sets the password for this this KerberosIdentityDescriptor + * + * @param password A String containing the password for this this KerberosIdentityDescriptor + * @see #password + */ + public void setPassword(String password) { + this.password = password; + } + + + /** * Gets the expression (or {@link Predicate}) to use to determine when to include this Kerberos * identity while processing Kerberos identities. * <p> @@ -264,6 +295,8 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { setReference(updates.getReference()); + setPassword(updates.getPassword()); + KerberosPrincipalDescriptor existingPrincipal = getPrincipalDescriptor(); if (existingPrincipal == null) { setPrincipalDescriptor(updates.getPrincipalDescriptor()); @@ -279,7 +312,7 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { } Predicate updatedWhen = updates.getWhen(); - if (updatedWhen != null) { + if(updatedWhen != null) { setWhen(updatedWhen); } } @@ -298,19 +331,23 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { Map<String, Object> dataMap = super.toMap(); if (reference != null) { - dataMap.put(KEY_REFERENCE, reference); + dataMap.put("reference", reference); } if (principal != null) { - dataMap.put(KEY_PRINCIPAL, principal.toMap()); + dataMap.put(Type.PRINCIPAL.getDescriptorName(), principal.toMap()); } if (keytab != null) { - dataMap.put(KEY_KEYTAB, keytab.toMap()); + dataMap.put(Type.KEYTAB.getDescriptorName(), keytab.toMap()); + } + + if (password != null) { + dataMap.put("password", password); } - if (when != null) { - dataMap.put(KEY_WHEN, PredicateUtils.toMap(when)); + if(when != null) { + dataMap.put("when", PredicateUtils.toMap(when)); } return dataMap; @@ -398,6 +435,11 @@ public class KerberosIdentityDescriptor extends AbstractKerberosDescriptor { : getKeytabDescriptor().equals(descriptor.getKeytabDescriptor()) ) && ( + (getPassword() == null) + ? (descriptor.getPassword() == null) + : getPassword().equals(descriptor.getPassword()) + ) && + ( (getWhen() == null) ? (descriptor.getWhen() == null) : getWhen().equals(descriptor.getWhen()) http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java index 7047c81..a17caad 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptor.java @@ -97,14 +97,6 @@ import java.util.TreeMap; */ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor { - static final String KEY_FILE = "file"; - static final String KEY_OWNER = "owner"; - static final String KEY_GROUP = "group"; - static final String KEY_CONFIGURATION = "configuration"; - static final String KEY_CACHABLE = "cachable"; - static final String KEY_ACL_NAME = "name"; - static final String KEY_ACL_ACCESS = "access"; - /** * A String declaring the local username that should be set as the owner of the keytab file */ @@ -196,29 +188,29 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor { public KerberosKeytabDescriptor(Map<?, ?> data) { // The name for this KerberosKeytabDescriptor is stored in the "file" entry in the map // This is not automatically set by the super classes. - setName(getStringValue(data, KEY_FILE)); + setName(getStringValue(data, "file")); if (data != null) { Object object; - object = data.get(KEY_OWNER); + object = data.get("owner"); if (object instanceof Map) { Map<?, ?> map = (Map<?, ?>) object; - setOwnerName(getStringValue(map, KEY_ACL_NAME)); - setOwnerAccess(getStringValue(map, KEY_ACL_ACCESS)); + setOwnerName(getStringValue(map, "name")); + setOwnerAccess(getStringValue(map, "access")); } - object = data.get(KEY_GROUP); + object = data.get("group"); if (object instanceof Map) { Map<?, ?> map = (Map<?, ?>) object; - setGroupName(getStringValue(map, KEY_ACL_NAME)); - setGroupAccess(getStringValue(map, KEY_ACL_ACCESS)); + setGroupName(getStringValue(map, "name")); + setGroupAccess(getStringValue(map, "access")); } - setConfiguration(getStringValue(data, KEY_CONFIGURATION)); + setConfiguration(getStringValue(data, "configuration")); // If the "cachable" value is anything but false, set it to true - setCachable(!"false".equalsIgnoreCase(getStringValue(data, KEY_CACHABLE))); + setCachable(!"false".equalsIgnoreCase(getStringValue(data, "cachable"))); } } @@ -430,23 +422,23 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor { String data; data = getFile(); - map.put(KEY_FILE, data); + map.put("file", data); // Build file owner map Map<String, String> owner = new TreeMap<>(); data = getOwnerName(); if (data != null) { - owner.put(KEY_ACL_NAME, data); + owner.put("name", data); } data = getOwnerAccess(); if (data != null) { - owner.put(KEY_ACL_ACCESS, data); + owner.put("access", data); } if (!owner.isEmpty()) { - map.put(KEY_OWNER, owner); + map.put("owner", owner); } // Build file owner map (end) @@ -455,22 +447,22 @@ public class KerberosKeytabDescriptor extends AbstractKerberosDescriptor { data = getGroupName(); if (data != null) { - group.put(KEY_ACL_NAME, data); + group.put("name", data); } data = getGroupAccess(); if (data != null) { - group.put(KEY_ACL_ACCESS, data); + group.put("access", data); } if (!owner.isEmpty()) { - map.put(KEY_GROUP, group); + map.put("group", group); } // Build file owner map (end) data = getConfiguration(); if (data != null) { - map.put(KEY_CONFIGURATION, data); + map.put("configuration", data); } return map; http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java index a8e094f94..74254e3 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java @@ -68,11 +68,6 @@ import java.util.TreeMap; */ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor { - static final String KEY_VALUE = "value"; - static final String KEY_TYPE = "type"; - static final String KEY_CONFIGURATION = "configuration"; - static final String KEY_LOCAL_USERNAME = "local_username"; - /** * A string declaring the type of principal this KerberosPrincipalDescriptor represents. * <p/> @@ -105,8 +100,8 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor { /** * Creates a new KerberosPrincipalDescriptor * - * @param principal the principal name - * @param type the principal type (user, service, etc...) + * @param principal the principal name + * @param type the principal type (user, service, etc...) * @param configuration the configuration used to store the principal name * @param localUsername the local username to map to the principal */ @@ -129,10 +124,10 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor { * @see org.apache.ambari.server.state.kerberos.KerberosPrincipalDescriptor */ public KerberosPrincipalDescriptor(Map<?, ?> data) { - this(getStringValue(data, KEY_VALUE), - getKerberosPrincipalTypeValue(data, KEY_TYPE), - getStringValue(data, KEY_CONFIGURATION), - getStringValue(data, KEY_LOCAL_USERNAME) + this(getStringValue(data, "value"), + getKerberosPrincipalTypeValue(data, "type"), + getStringValue(data, "configuration"), + getStringValue(data, "local_username") ); } @@ -274,10 +269,10 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor { public Map<String, Object> toMap() { Map<String, Object> map = new TreeMap<>(); - map.put(KEY_VALUE, getValue()); - map.put(KEY_TYPE, KerberosPrincipalType.translate(getType())); - map.put(KEY_CONFIGURATION, getConfiguration()); - map.put(KEY_LOCAL_USERNAME, getLocalUsername()); + map.put("value", getValue()); + map.put("type", KerberosPrincipalType.translate(getType())); + map.put("configuration", getConfiguration()); + map.put("local_username", getLocalUsername()); return map; } http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java index 51b7cd0..5da3399 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptor.java @@ -46,7 +46,6 @@ import org.apache.commons.lang.builder.HashCodeBuilder; * "title": "KerberosServiceDescriptor", * "description": "Describes an Ambari service", * "type": "object", - * "preconfigure": "boolean", * "properties": { * "name": { * "description": "An identifying name for this service descriptor.", @@ -86,9 +85,6 @@ import org.apache.commons.lang.builder.HashCodeBuilder; */ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContainer { - static final String KEY_PRECONFIGURE = "preconfigure"; - static final String KEY_COMPONENTS = Type.COMPONENT.getDescriptorPluralName(); - /** * A Map of the components contained within this KerberosServiceDescriptor */ @@ -141,7 +137,7 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain setName(name); if (data != null) { - Object list = data.get(KEY_COMPONENTS); + Object list = data.get(Type.COMPONENT.getDescriptorPluralName()); if (list instanceof Collection) { // Assume list is Collection<Map<String, Object>> for (Object item : (Collection) list) { @@ -151,7 +147,7 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain } } - setPreconfigure(getBooleanValue(data, KEY_PRECONFIGURE)); + setPreconfigure(getBooleanValue(data, "preconfigure")); } } @@ -279,11 +275,11 @@ public class KerberosServiceDescriptor extends AbstractKerberosDescriptorContain for (KerberosComponentDescriptor component : components.values()) { list.add(component.toMap()); } - map.put(KEY_COMPONENTS, list); + map.put(Type.COMPONENT.getDescriptorPluralName(), list); } if (preconfigure != null) { - map.put(KEY_PRECONFIGURE, preconfigure.toString()); + map.put("preProcess", preconfigure.toString()); } return map; http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json b/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json index 9c29393..c9d8c91 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json +++ b/ambari-server/src/main/resources/stacks/HDP/2.6/kerberos_preconfigure.json @@ -7,6 +7,8 @@ { "name": "BEACON", "preconfigure" : true, + "configurations": { + }, "identities": [ { "name": "beacon_server", http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java index d208cfc..0f1dd55 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/stack/KerberosDescriptorTest.java @@ -19,113 +19,147 @@ package org.apache.ambari.server.stack; import java.io.File; -import java.io.InputStream; +import java.io.IOException; import java.net.URL; -import java.util.Set; -import java.util.regex.Pattern; +import org.apache.ambari.server.state.kerberos.KerberosDescriptor; +import org.apache.ambari.server.state.kerberos.KerberosDescriptorFactory; import org.junit.BeforeClass; +import org.junit.Ignore; import org.junit.Test; -import org.junit.experimental.categories.Category; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.networknt.schema.JsonSchema; -import com.networknt.schema.JsonSchemaFactory; -import com.networknt.schema.ValidationMessage; - -import junit.framework.Assert; +import org.springframework.util.Assert; /** * KerberosDescriptorTest tests the stack- and service-level descriptors for certain stacks * and services */ -@Category({category.KerberosTest.class}) +@Ignore public class KerberosDescriptorTest { - private static Logger LOG = LoggerFactory.getLogger(KerberosDescriptorTest.class); - - private static final Pattern PATTERN_KERBEROS_DESCRIPTOR_FILENAME = Pattern.compile("^kerberos(?:_preconfigure)?\\.json$"); + private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory(); private static File stacksDirectory; + private static File hdpStackDirectory; + private static File hdp22StackDirectory; + private static File hdp22ServicesDirectory; private static File commonServicesDirectory; @BeforeClass public static void beforeClass() { URL rootDirectoryURL = KerberosDescriptorTest.class.getResource("/"); - Assert.assertNotNull(rootDirectoryURL); + Assert.notNull(rootDirectoryURL); File resourcesDirectory = new File(new File(rootDirectoryURL.getFile()).getParentFile().getParentFile(), "src/main/resources"); - Assert.assertNotNull(resourcesDirectory); - Assert.assertTrue(resourcesDirectory.canRead()); + Assert.notNull(resourcesDirectory); + Assert.isTrue(resourcesDirectory.canRead()); stacksDirectory = new File(resourcesDirectory, "stacks"); - Assert.assertNotNull(stacksDirectory); - Assert.assertTrue(stacksDirectory.canRead()); + Assert.notNull(stacksDirectory); + Assert.isTrue(stacksDirectory.canRead()); + + hdpStackDirectory = new File(stacksDirectory, "HDP"); + Assert.notNull(hdpStackDirectory); + Assert.isTrue(hdpStackDirectory.canRead()); + + hdp22StackDirectory = new File(hdpStackDirectory, "2.2"); + Assert.notNull(hdp22StackDirectory); + Assert.isTrue(hdp22StackDirectory.canRead()); + + hdp22ServicesDirectory = new File(hdp22StackDirectory, "services"); + Assert.notNull(hdp22ServicesDirectory); + Assert.isTrue(hdp22ServicesDirectory.canRead()); commonServicesDirectory = new File(resourcesDirectory, "common-services"); - Assert.assertNotNull(commonServicesDirectory); - Assert.assertTrue(commonServicesDirectory.canRead()); + Assert.notNull(commonServicesDirectory); + Assert.isTrue(commonServicesDirectory.canRead()); } @Test - public void testCommonServiceDescriptor() throws Exception { - JsonSchema schema = getJsonSchemaFromPath("kerberos_descriptor_schema.json"); - Assert.assertTrue(visitFile(schema, commonServicesDirectory, true)); + public void testCommonHBASEServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HBASE", "0.96.0.2.0"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("HBASE")); } @Test - public void testStackServiceDescriptor() throws Exception { - JsonSchema schema = getJsonSchemaFromPath("kerberos_descriptor_schema.json"); - Assert.assertTrue(visitFile(schema, stacksDirectory, true)); + public void testCommonHDFSServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HDFS", "2.1.0.2.0"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("HDFS")); } - private boolean visitFile(JsonSchema schema, File file, boolean previousResult) throws Exception { + @Test + public void testCommonYarnServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "YARN", "2.1.0.2.0"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("YARN")); + Assert.notNull(descriptor.getService("MAPREDUCE2")); + } - if (file.isDirectory()) { - boolean currentResult = true; + @Test + public void testCommonFalconServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "FALCON", "0.5.0.2.1"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("FALCON")); + } - File[] files = file.listFiles(); - if (files != null) { - for (File currentFile : files) { - currentResult = visitFile(schema, currentFile, previousResult) && currentResult; - } - } - return previousResult && currentResult; - } else if (file.isFile()) { - if (PATTERN_KERBEROS_DESCRIPTOR_FILENAME.matcher(file.getName()).matches()) { - LOG.info("Validating " + file.getAbsolutePath()); + @Test + public void testCommonHiveServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "HIVE", "0.12.0.2.0"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("HIVE")); + } - JsonNode node = getJsonNodeFromUrl(file.toURI().toURL().toExternalForm()); - Set<ValidationMessage> errors = schema.validate(node); + @Test + public void testCommonKnoxServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "KNOX", "0.5.0.2.2"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("KNOX")); + } - if ((errors != null) && !errors.isEmpty()) { - for (ValidationMessage message : errors) { - LOG.error(message.getMessage()); - } + @Test + public void testCommonOozieServiceDescriptor() throws IOException { + KerberosDescriptor descriptor; - return false; - } + descriptor = getKerberosDescriptor(commonServicesDirectory, "OOZIE", "4.0.0.2.0"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("OOZIE")); + } - return true; - } else { - return true; - } - } + @Test + public void testCommonStormServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "STORM", "0.9.1"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("STORM")); + } - return previousResult; + @Test + public void testCommonZookeepeerServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "ZOOKEEPER", "3.4.5"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("ZOOKEEPER")); } - private JsonNode getJsonNodeFromUrl(String url) throws Exception { - ObjectMapper mapper = new ObjectMapper(); - return mapper.readTree(new URL(url)); + @Test + public void testCommonSparkServiceDescriptor() throws IOException { + KerberosDescriptor descriptor = getKerberosDescriptor(commonServicesDirectory, "SPARK", "1.2.1"); + Assert.notNull(descriptor); + Assert.notNull(descriptor.getServices()); + Assert.notNull(descriptor.getService("SPARK")); } - private JsonSchema getJsonSchemaFromPath(String name) throws Exception { - JsonSchemaFactory factory = new JsonSchemaFactory(); - InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(name); - return factory.getSchema(is); + private KerberosDescriptor getKerberosDescriptor(File baseDirectory, String service, String version) throws IOException { + File serviceDirectory = new File(baseDirectory, service); + File serviceVersionDirectory = new File(serviceDirectory, version); + return KERBEROS_DESCRIPTOR_FACTORY.createInstance(new File(serviceVersionDirectory, "kerberos.json")); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java index a33d842..09699c6 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosComponentDescriptorTest.java @@ -35,9 +35,9 @@ import com.google.gson.reflect.TypeToken; import junit.framework.Assert; -@Category({category.KerberosTest.class}) +@Category({ category.KerberosTest.class}) public class KerberosComponentDescriptorTest { - static final String JSON_VALUE = + public static final String JSON_VALUE = " {" + " \"name\": \"COMPONENT_NAME\"," + " \"identities\": [" + @@ -60,9 +60,9 @@ public class KerberosComponentDescriptorTest { static { Map<String, Object> identitiesMap = new TreeMap<>(); - identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE); - identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_ALT.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE_ALT); - identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE.get(KerberosIdentityDescriptor.KEY_NAME), KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE); + identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE); + identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_ALT.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE_ALT); + identitiesMap.put((String) KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE.get("name"), KerberosIdentityDescriptorTest.MAP_VALUE_REFERENCE); Map<String, Object> serviceSiteProperties = new TreeMap<>(); serviceSiteProperties.put("service.component.property1", "red"); @@ -78,10 +78,10 @@ public class KerberosComponentDescriptorTest { authToLocalRules.add("component.name.rules2"); MAP_VALUE = new TreeMap<>(); - MAP_VALUE.put(KerberosIdentityDescriptor.KEY_NAME, "A_DIFFERENT_COMPONENT_NAME"); - MAP_VALUE.put(KerberosComponentDescriptor.KEY_IDENTITIES, new ArrayList<>(identitiesMap.values())); - MAP_VALUE.put(KerberosComponentDescriptor.KEY_CONFIGURATIONS, configurationsMap.values()); - MAP_VALUE.put(KerberosComponentDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules); + MAP_VALUE.put("name", "A_DIFFERENT_COMPONENT_NAME"); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), new ArrayList<>(identitiesMap.values())); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values()); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules); } static void validateFromJSON(KerberosComponentDescriptor componentDescriptor) { http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java index 3a461aa..e891fde 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosConfigurationDescriptorTest.java @@ -32,7 +32,7 @@ import com.google.gson.reflect.TypeToken; import junit.framework.Assert; -@Category({category.KerberosTest.class}) +@Category({ category.KerberosTest.class}) public class KerberosConfigurationDescriptorTest { private static final String JSON_SINGLE_VALUE = "{ \"configuration-type\": {" + http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java index d0d57d5..7fb5624 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorTest.java @@ -40,12 +40,12 @@ import com.google.gson.Gson; import junit.framework.Assert; -@Category({category.KerberosTest.class}) +@Category({ category.KerberosTest.class}) public class KerberosDescriptorTest { private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory(); private static final KerberosServiceDescriptorFactory KERBEROS_SERVICE_DESCRIPTOR_FACTORY = new KerberosServiceDescriptorFactory(); - private static final String JSON_VALUE = + public static final String JSON_VALUE = "{" + " \"properties\": {" + " \"realm\": \"${cluster-env/kerberos_domain}\"," + @@ -59,30 +59,30 @@ public class KerberosDescriptorTest { " ]" + "}"; - private static final Map<String, Object> MAP_VALUE; + public static final Map<String, Object> MAP_VALUE; static { Map<String, Object> keytabOwnerMap = new TreeMap<>(); - keytabOwnerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "root"); - keytabOwnerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw"); + keytabOwnerMap.put("name", "root"); + keytabOwnerMap.put("access", "rw"); Map<String, Object> keytabGroupMap = new TreeMap<>(); - keytabGroupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "hadoop"); - keytabGroupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "r"); + keytabGroupMap.put("name", "hadoop"); + keytabGroupMap.put("access", "r"); Map<String, Object> keytabMap = new TreeMap<>(); - keytabMap.put(KerberosKeytabDescriptor.KEY_FILE, "/etc/security/keytabs/subject.service.keytab"); - keytabMap.put(KerberosKeytabDescriptor.KEY_OWNER, keytabOwnerMap); - keytabMap.put(KerberosKeytabDescriptor.KEY_GROUP, keytabGroupMap); - keytabMap.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/service2.component.keytab.file"); + keytabMap.put("file", "/etc/security/keytabs/subject.service.keytab"); + keytabMap.put("owner", keytabOwnerMap); + keytabMap.put("group", keytabGroupMap); + keytabMap.put("configuration", "service-site/service2.component.keytab.file"); Map<String, Object> sharedIdentityMap = new TreeMap<>(); - sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_NAME, "shared"); - sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE); - sharedIdentityMap.put(KerberosIdentityDescriptor.KEY_KEYTAB, keytabMap); + sharedIdentityMap.put("name", "shared"); + sharedIdentityMap.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE); + sharedIdentityMap.put("keytab", keytabMap); Map<String, Object> servicesMap = new TreeMap<>(); - servicesMap.put((String) KerberosServiceDescriptorTest.MAP_VALUE.get(KerberosServiceDescriptor.KEY_NAME), KerberosServiceDescriptorTest.MAP_VALUE); + servicesMap.put((String) KerberosServiceDescriptorTest.MAP_VALUE.get("name"), KerberosServiceDescriptorTest.MAP_VALUE); Map<String, Object> identitiesMap = new TreeMap<>(); identitiesMap.put("shared", sharedIdentityMap); @@ -104,14 +104,14 @@ public class KerberosDescriptorTest { properties.put("some.property", "Hello World"); MAP_VALUE = new TreeMap<>(); - MAP_VALUE.put(KerberosDescriptor.KEY_PROPERTIES, properties); - MAP_VALUE.put(KerberosDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules); - MAP_VALUE.put(KerberosDescriptor.KEY_SERVICES, servicesMap.values()); - MAP_VALUE.put(KerberosDescriptor.KEY_CONFIGURATIONS, configurationsMap.values()); - MAP_VALUE.put(KerberosDescriptor.KEY_IDENTITIES, identitiesMap.values()); + MAP_VALUE.put("properties", properties); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.SERVICE.getDescriptorPluralName(), servicesMap.values()); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values()); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), identitiesMap.values()); } - private static void validateFromJSON(KerberosDescriptor descriptor) { + public static void validateFromJSON(KerberosDescriptor descriptor) { Assert.assertNotNull(descriptor); Assert.assertTrue(descriptor.isContainer()); @@ -146,7 +146,7 @@ public class KerberosDescriptorTest { Assert.assertNull(configurations); } - private static void validateFromMap(KerberosDescriptor descriptor) throws AmbariException { + public static void validateFromMap(KerberosDescriptor descriptor) throws AmbariException { Assert.assertNotNull(descriptor); Assert.assertTrue(descriptor.isContainer()); @@ -219,7 +219,7 @@ public class KerberosDescriptorTest { Assert.assertEquals("red", configProperties.get("property1")); } - private void validateUpdatedData(KerberosDescriptor descriptor) { + public void validateUpdatedData(KerberosDescriptor descriptor) { Assert.assertNotNull(descriptor); Map<String, String> properties = descriptor.getProperties(); @@ -420,7 +420,7 @@ public class KerberosDescriptorTest { @Test public void testGetReferencedIdentityDescriptor_Recursive() throws IOException { - boolean identityFound; + boolean identityFound = false; List<KerberosIdentityDescriptor> identities; URL systemResourceURL = ClassLoader.getSystemResource("kerberos/test_get_referenced_identity_descriptor.json"); @@ -482,8 +482,8 @@ public class KerberosDescriptorTest { public void testFiltersOutIdentitiesBasedonInstalledServices() throws IOException { URL systemResourceURL = ClassLoader.getSystemResource("kerberos/test_filtering_identity_descriptor.json"); KerberosComponentDescriptor componentDescriptor = KERBEROS_DESCRIPTOR_FACTORY.createInstance(new File(systemResourceURL.getFile())) - .getService("SERVICE1") - .getComponent("SERVICE1_COMPONENT1"); + .getService("SERVICE1") + .getComponent("SERVICE1_COMPONENT1"); List<KerberosIdentityDescriptor> identities = componentDescriptor.getIdentities(true, new HashedMap() {{ put("services", Collections.emptySet()); }}); http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java index 293e050..44812de 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosDescriptorUpdateHelperTest.java @@ -50,7 +50,7 @@ import com.google.inject.assistedinject.FactoryModuleBuilder; import junit.framework.Assert; -@Category({category.KerberosTest.class}) +@Category({ category.KerberosTest.class}) public class KerberosDescriptorUpdateHelperTest extends EasyMockSupport { private static final KerberosDescriptorFactory KERBEROS_DESCRIPTOR_FACTORY = new KerberosDescriptorFactory(); private static final Gson GSON = new Gson(); http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java index 21e87a6..d11962b 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosIdentityDescriptorTest.java @@ -31,9 +31,9 @@ import com.google.gson.reflect.TypeToken; import junit.framework.Assert; -@Category({category.KerberosTest.class}) +@Category({ category.KerberosTest.class}) public class KerberosIdentityDescriptorTest { - static final String JSON_VALUE = + public static final String JSON_VALUE = "{" + " \"name\": \"identity_1\"" + "," + @@ -50,58 +50,63 @@ public class KerberosIdentityDescriptorTest { static { MAP_VALUE = new TreeMap<>(); - MAP_VALUE.put(KerberosIdentityDescriptor.KEY_NAME, "identity_1"); - MAP_VALUE.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE); - MAP_VALUE.put(KerberosIdentityDescriptor.KEY_KEYTAB, KerberosKeytabDescriptorTest.MAP_VALUE); + MAP_VALUE.put("name", "identity_1"); + MAP_VALUE.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE); + MAP_VALUE.put("keytab", KerberosKeytabDescriptorTest.MAP_VALUE); + MAP_VALUE.put("password", "secret"); MAP_VALUE_ALT = new TreeMap<>(); - MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_NAME, "identity_2"); - MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_PRINCIPAL, KerberosPrincipalDescriptorTest.MAP_VALUE); - MAP_VALUE_ALT.put(KerberosIdentityDescriptor.KEY_KEYTAB, KerberosKeytabDescriptorTest.MAP_VALUE); + MAP_VALUE_ALT.put("name", "identity_2"); + MAP_VALUE_ALT.put("principal", KerberosPrincipalDescriptorTest.MAP_VALUE); + MAP_VALUE_ALT.put("keytab", KerberosKeytabDescriptorTest.MAP_VALUE); + MAP_VALUE_ALT.put("password", "secret2"); TreeMap<String, Object> ownerMap = new TreeMap<>(); - ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "me"); - ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw"); + ownerMap.put("name", "me"); + ownerMap.put("access", "rw"); TreeMap<String, Object> groupMap = new TreeMap<>(); - groupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "nobody"); - groupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, ""); + groupMap.put("name", "nobody"); + groupMap.put("access", ""); TreeMap<String, Object> keytabMap = new TreeMap<>(); - keytabMap.put(KerberosKeytabDescriptor.KEY_FILE, "/home/user/me/subject.service.keytab"); - keytabMap.put(KerberosKeytabDescriptor.KEY_OWNER, ownerMap); - keytabMap.put(KerberosKeytabDescriptor.KEY_GROUP, groupMap); - keytabMap.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/me.component.keytab.file"); + keytabMap.put("file", "/home/user/me/subject.service.keytab"); + keytabMap.put("owner", ownerMap); + keytabMap.put("group", groupMap); + keytabMap.put("configuration", "service-site/me.component.keytab.file"); MAP_VALUE_REFERENCE = new TreeMap<>(); - MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_NAME, "shared_identity"); - MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_REFERENCE, "/shared"); - MAP_VALUE_REFERENCE.put(KerberosIdentityDescriptor.KEY_KEYTAB, keytabMap); + MAP_VALUE_REFERENCE.put("name", "shared_identity"); + MAP_VALUE_REFERENCE.put("reference", "/shared"); + MAP_VALUE_REFERENCE.put("keytab", keytabMap); } - static void validateFromJSON(KerberosIdentityDescriptor identityDescriptor) { + public static void validateFromJSON(KerberosIdentityDescriptor identityDescriptor) { Assert.assertNotNull(identityDescriptor); Assert.assertFalse(identityDescriptor.isContainer()); KerberosPrincipalDescriptorTest.validateFromJSON(identityDescriptor.getPrincipalDescriptor()); KerberosKeytabDescriptorTest.validateFromJSON(identityDescriptor.getKeytabDescriptor()); + Assert.assertNull(identityDescriptor.getPassword()); } - static void validateFromMap(KerberosIdentityDescriptor identityDescriptor) { + public static void validateFromMap(KerberosIdentityDescriptor identityDescriptor) { Assert.assertNotNull(identityDescriptor); Assert.assertFalse(identityDescriptor.isContainer()); KerberosPrincipalDescriptorTest.validateFromMap(identityDescriptor.getPrincipalDescriptor()); KerberosKeytabDescriptorTest.validateFromMap(identityDescriptor.getKeytabDescriptor()); + Assert.assertEquals("secret", identityDescriptor.getPassword()); } - static void validateUpdatedData(KerberosIdentityDescriptor identityDescriptor) { + public static void validateUpdatedData(KerberosIdentityDescriptor identityDescriptor) { Assert.assertNotNull(identityDescriptor); KerberosPrincipalDescriptorTest.validateUpdatedData(identityDescriptor.getPrincipalDescriptor()); KerberosKeytabDescriptorTest.validateUpdatedData(identityDescriptor.getKeytabDescriptor()); + Assert.assertEquals("secret", identityDescriptor.getPassword()); } private static KerberosIdentityDescriptor createFromJSON() { http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java index bc41912..8cdb39e 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosKeytabDescriptorTest.java @@ -29,9 +29,9 @@ import com.google.gson.reflect.TypeToken; import junit.framework.Assert; -@Category({category.KerberosTest.class}) +@Category({ category.KerberosTest.class}) public class KerberosKeytabDescriptorTest { - static final String JSON_VALUE = + public static final String JSON_VALUE = "{" + " \"file\": \"/etc/security/keytabs/${host}/subject.service.keytab\"," + " \"owner\": {" + @@ -45,25 +45,25 @@ public class KerberosKeytabDescriptorTest { " \"configuration\": \"service-site/service.component.keytab.file\"" + "}"; - static final Map<String, Object> MAP_VALUE; + public static final Map<String, Object> MAP_VALUE; static { TreeMap<String, Object> ownerMap = new TreeMap<>(); - ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "root"); - ownerMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "rw"); + ownerMap.put("name", "root"); + ownerMap.put("access", "rw"); TreeMap<String, Object> groupMap = new TreeMap<>(); - groupMap.put(KerberosKeytabDescriptor.KEY_ACL_NAME, "hadoop"); - groupMap.put(KerberosKeytabDescriptor.KEY_ACL_ACCESS, "r"); + groupMap.put("name", "hadoop"); + groupMap.put("access", "r"); MAP_VALUE = new TreeMap<>(); - MAP_VALUE.put(KerberosKeytabDescriptor.KEY_FILE, "/etc/security/keytabs/subject.service.keytab"); - MAP_VALUE.put(KerberosKeytabDescriptor.KEY_OWNER, ownerMap); - MAP_VALUE.put(KerberosKeytabDescriptor.KEY_GROUP, groupMap); - MAP_VALUE.put(KerberosKeytabDescriptor.KEY_CONFIGURATION, "service-site/service2.component.keytab.file"); + MAP_VALUE.put("file", "/etc/security/keytabs/subject.service.keytab"); + MAP_VALUE.put("owner", ownerMap); + MAP_VALUE.put("group", groupMap); + MAP_VALUE.put("configuration", "service-site/service2.component.keytab.file"); } - static void validateFromJSON(KerberosKeytabDescriptor keytabDescriptor) { + public static void validateFromJSON(KerberosKeytabDescriptor keytabDescriptor) { Assert.assertNotNull(keytabDescriptor); Assert.assertFalse(keytabDescriptor.isContainer()); @@ -75,7 +75,7 @@ public class KerberosKeytabDescriptorTest { Assert.assertEquals("service-site/service.component.keytab.file", keytabDescriptor.getConfiguration()); } - static void validateFromMap(KerberosKeytabDescriptor keytabDescriptor) { + public static void validateFromMap(KerberosKeytabDescriptor keytabDescriptor) { Assert.assertNotNull(keytabDescriptor); Assert.assertFalse(keytabDescriptor.isContainer()); @@ -87,7 +87,7 @@ public class KerberosKeytabDescriptorTest { Assert.assertEquals("service-site/service2.component.keytab.file", keytabDescriptor.getConfiguration()); } - static void validateUpdatedData(KerberosKeytabDescriptor keytabDescriptor) { + public static void validateUpdatedData(KerberosKeytabDescriptor keytabDescriptor) { Assert.assertNotNull(keytabDescriptor); Assert.assertEquals("/etc/security/keytabs/subject.service.keytab", keytabDescriptor.getFile()); http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java index 90a3f0f..b84223f 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java @@ -29,9 +29,9 @@ import com.google.gson.reflect.TypeToken; import junit.framework.Assert; -@Category({category.KerberosTest.class}) +@Category({ category.KerberosTest.class}) public class KerberosPrincipalDescriptorTest { - static final String JSON_VALUE = + public static final String JSON_VALUE = "{" + "\"value\": \"service/_HOST@_REALM\"," + "\"configuration\": \"service-site/service.component.kerberos.principal\"," + @@ -39,27 +39,27 @@ public class KerberosPrincipalDescriptorTest { "\"local_username\": \"localUser\"" + "}"; - private static final String JSON_VALUE_SPARSE = + public static final String JSON_VALUE_SPARSE = "{" + "\"value\": \"serviceOther/_HOST@_REALM\"" + "}"; public static final Map<String, Object> MAP_VALUE; - private static final Map<String, Object> MAP_VALUE_SPARSE; + public static final Map<String, Object> MAP_VALUE_SPARSE; static { MAP_VALUE = new TreeMap<>(); - MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_VALUE, "user@_REALM"); - MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_CONFIGURATION, "service-site/service.component.kerberos.https.principal"); - MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_TYPE, "user"); - MAP_VALUE.put(KerberosPrincipalDescriptor.KEY_LOCAL_USERNAME, null); + MAP_VALUE.put("value", "user@_REALM"); + MAP_VALUE.put("configuration", "service-site/service.component.kerberos.https.principal"); + MAP_VALUE.put("type", "user"); + MAP_VALUE.put("local_username", null); MAP_VALUE_SPARSE = new TreeMap<>(); - MAP_VALUE_SPARSE.put(KerberosPrincipalDescriptor.KEY_VALUE, "userOther@_REALM"); + MAP_VALUE_SPARSE.put("value", "userOther@_REALM"); } - static void validateFromJSON(KerberosPrincipalDescriptor principalDescriptor) { + public static void validateFromJSON(KerberosPrincipalDescriptor principalDescriptor) { Assert.assertNotNull(principalDescriptor); Assert.assertFalse(principalDescriptor.isContainer()); Assert.assertEquals("service/_HOST@_REALM", principalDescriptor.getValue()); @@ -68,7 +68,7 @@ public class KerberosPrincipalDescriptorTest { Assert.assertEquals("localUser", principalDescriptor.getLocalUsername()); } - static void validateFromMap(KerberosPrincipalDescriptor principalDescriptor) { + public static void validateFromMap(KerberosPrincipalDescriptor principalDescriptor) { Assert.assertNotNull(principalDescriptor); Assert.assertFalse(principalDescriptor.isContainer()); Assert.assertEquals("user@_REALM", principalDescriptor.getValue()); @@ -77,7 +77,7 @@ public class KerberosPrincipalDescriptorTest { Assert.assertNull(principalDescriptor.getLocalUsername()); } - static void validateUpdatedData(KerberosPrincipalDescriptor principalDescriptor) { + public static void validateUpdatedData(KerberosPrincipalDescriptor principalDescriptor) { Assert.assertNotNull(principalDescriptor); Assert.assertEquals("user@_REALM", principalDescriptor.getValue()); Assert.assertEquals("service-site/service.component.kerberos.https.principal", principalDescriptor.getConfiguration()); http://git-wip-us.apache.org/repos/asf/ambari/blob/3cdac5f9/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java index 400116d..e4d3c90 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosServiceDescriptorTest.java @@ -37,9 +37,9 @@ import com.google.gson.Gson; import junit.framework.Assert; -@Category({category.KerberosTest.class}) +@Category({ category.KerberosTest.class}) public class KerberosServiceDescriptorTest { - static final String JSON_VALUE = + public static final String JSON_VALUE = "{" + " \"name\": \"SERVICE_NAME\"," + " \"preconfigure\": \"true\"," + @@ -62,7 +62,7 @@ public class KerberosServiceDescriptorTest { " ]" + "}"; - private static final String JSON_VALUE_SERVICES = + public static final String JSON_VALUE_SERVICES = "{ " + "\"services\" : [" + "{" + @@ -130,22 +130,22 @@ public class KerberosServiceDescriptorTest { MAP_VALUE = new TreeMap<>(); MAP_VALUE.put("name", "A_DIFFERENT_SERVICE_NAME"); - MAP_VALUE.put(KerberosServiceDescriptor.KEY_IDENTITIES, identitiesMap.values()); - MAP_VALUE.put(KerberosServiceDescriptor.KEY_COMPONENTS, componentsMap.values()); - MAP_VALUE.put(KerberosServiceDescriptor.KEY_CONFIGURATIONS, configurationsMap.values()); - MAP_VALUE.put(KerberosServiceDescriptor.KEY_AUTH_TO_LOCAL_PROPERTIES, authToLocalRules); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.IDENTITY.getDescriptorPluralName(), identitiesMap.values()); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.COMPONENT.getDescriptorPluralName(), componentsMap.values()); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.CONFIGURATION.getDescriptorPluralName(), configurationsMap.values()); + MAP_VALUE.put(AbstractKerberosDescriptor.Type.AUTH_TO_LOCAL_PROPERTY.getDescriptorPluralName(), authToLocalRules); } private static final KerberosServiceDescriptorFactory KERBEROS_SERVICE_DESCRIPTOR_FACTORY = new KerberosServiceDescriptorFactory(); - private static void validateFromJSON(KerberosServiceDescriptor[] serviceDescriptors) { + public static void validateFromJSON(KerberosServiceDescriptor[] serviceDescriptors) { Assert.assertNotNull(serviceDescriptors); Assert.assertEquals(2, serviceDescriptors.length); validateFromJSON(serviceDescriptors[0]); } - static void validateFromJSON(KerberosServiceDescriptor serviceDescriptor) { + public static void validateFromJSON(KerberosServiceDescriptor serviceDescriptor) { Assert.assertNotNull(serviceDescriptor); Assert.assertTrue(serviceDescriptor.isContainer()); @@ -190,7 +190,7 @@ public class KerberosServiceDescriptorTest { Assert.assertEquals("service.name.rules1", authToLocalProperties.iterator().next()); } - static void validateFromMap(KerberosServiceDescriptor serviceDescriptor) { + public static void validateFromMap(KerberosServiceDescriptor serviceDescriptor) { Assert.assertNotNull(serviceDescriptor); Assert.assertTrue(serviceDescriptor.isContainer()); @@ -235,7 +235,7 @@ public class KerberosServiceDescriptorTest { Assert.assertEquals("service.name.rules2", authToLocalProperties.iterator().next()); } - private void validateUpdatedData(KerberosServiceDescriptor serviceDescriptor) { + public void validateUpdatedData(KerberosServiceDescriptor serviceDescriptor) { Assert.assertNotNull(serviceDescriptor); Assert.assertEquals("A_DIFFERENT_SERVICE_NAME", serviceDescriptor.getName()); @@ -387,6 +387,8 @@ public class KerberosServiceDescriptorTest { /** * Test a JSON object in which only only a Service and configs are defined, but no Components. + * + * @throws AmbariException */ @Test public void testJSONWithOnlyServiceNameAndConfigurations() throws AmbariException {