This is an automated email from the ASF dual-hosted git repository.
adoroszlai pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git
The following commit(s) were added to refs/heads/master by this push:
new 0066526dce HDDS-11869. Enable OM Ratis in
TestOzoneDelegationTokenSecretManager (#7594)
0066526dce is described below
commit 0066526dcefca4043aff1ebf73d03dd554ec4e62
Author: Chung En Lee <[email protected]>
AuthorDate: Thu Dec 19 22:02:43 2024 +0800
HDDS-11869. Enable OM Ratis in TestOzoneDelegationTokenSecretManager (#7594)
---
.../TestOzoneDelegationTokenSecretManager.java | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git
a/hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/security/TestOzoneDelegationTokenSecretManager.java
b/hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/security/TestOzoneDelegationTokenSecretManager.java
index c0fdb7a8c2..a9239b5639 100644
---
a/hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/security/TestOzoneDelegationTokenSecretManager.java
+++
b/hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/security/TestOzoneDelegationTokenSecretManager.java
@@ -59,7 +59,6 @@ import org.apache.hadoop.security.token.SecretManager;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.util.Time;
-import static
org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_RATIS_ENABLE_KEY;
import static
org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.OMTokenProto.Type.S3AUTHINFO;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertEquals;
@@ -132,14 +131,6 @@ public class TestOzoneDelegationTokenSecretManager {
private OzoneConfiguration createNewTestPath() throws IOException {
OzoneConfiguration config = new OzoneConfiguration();
- // When ratis is enabled, tokens are not updated to the store directly by
- // OzoneDelegationTokenSecretManager. Tokens are updated via Ratis
- // through the DoubleBuffer. Hence, to test
- // OzoneDelegationTokenSecretManager, we should disable OM Ratis.
- // TODO: Once HA and non-HA code paths are merged in
- // OzoneDelegationTokenSecretManager, this test should be updated to
- // test both ratis enabled and disabled case.
- config.setBoolean(OZONE_OM_RATIS_ENABLE_KEY, false);
File newFolder = folder.toFile();
if (!newFolder.exists()) {
assertTrue(newFolder.mkdirs());
@@ -257,6 +248,7 @@ public class TestOzoneDelegationTokenSecretManager {
Token<OzoneTokenIdentifier> token = secretManager.createToken(TEST_USER,
TEST_USER,
TEST_USER);
+ addToTokenStore(token);
Thread.sleep(10 * 5);
if (restartSecretManager) {
@@ -264,6 +256,7 @@ public class TestOzoneDelegationTokenSecretManager {
}
long renewalTime = secretManager.renewToken(token, TEST_USER.toString());
+ addToTokenStore(token);
assertThat(renewalTime).isGreaterThan(0);
}
@@ -287,6 +280,7 @@ public class TestOzoneDelegationTokenSecretManager {
secretManager.start(certificateClient);
Token<OzoneTokenIdentifier> token = secretManager.createToken(TEST_USER,
TEST_USER, TEST_USER);
+ addToTokenStore(token);
AccessControlException exception =
assertThrows(AccessControlException.class,
() -> secretManager.renewToken(token, "rougeUser"));
@@ -354,6 +348,7 @@ public class TestOzoneDelegationTokenSecretManager {
secretManager.start(certificateClient);
Token<OzoneTokenIdentifier> token = secretManager.createToken(TEST_USER,
TEST_USER, TEST_USER);
+ addToTokenStore(token);
secretManager.cancelToken(token, TEST_USER.toString());
}
@@ -512,4 +507,11 @@ public class TestOzoneDelegationTokenSecretManager {
.setSecretKeyClient(secretKeyClient)
.build();
}
+
+ private void addToTokenStore(Token<OzoneTokenIdentifier> token) throws
IOException {
+ OzoneTokenIdentifier ozoneTokenIdentifier = OzoneTokenIdentifier.
+ readProtoBuf(token.getIdentifier());
+ long renewDate = secretManager.updateToken(token, ozoneTokenIdentifier,
expiryTime);
+
om.getMetadataManager().getDelegationTokenTable().put(ozoneTokenIdentifier,
renewDate);
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
