This is an automated email from the ASF dual-hosted git repository. abhi pushed a commit to branch ranger_5455 in repository https://gitbox.apache.org/repos/asf/ranger-tools.git
commit 544e0db4e4caa06ce25a6ca97e8b7bc03c1b4f80 Author: Abhishek Kumar <[email protected]> AuthorDate: Thu Jan 22 16:04:34 2026 -0800 RANGER-5455: Move Kerberos related scripts to base image --- docker/Dockerfile | 9 ++++++++ docker/krb/wait_for_keytab.sh | 41 +++++++++++++++++++++++++++++++++ docker/krb/wait_for_testusers_keytab.sh | 21 +++++++++++++++++ 3 files changed, 71 insertions(+) diff --git a/docker/Dockerfile b/docker/Dockerfile index eea0aa7..1819550 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -56,6 +56,15 @@ COPY docker/create_users_and_groups.sh ${RANGER_SCRIPTS} RUN chmod +x /home/ranger/scripts/create_users_and_groups.sh && \ ./home/ranger/scripts/create_users_and_groups.sh +# Create opensearch user and group +RUN groupadd -g 3002 opensearch && \ + useradd -u 3002 -g opensearch -G hadoop -s /bin/bash opensearch + +# copy kerberos utility scripts +COPY docker/krb/* ${RANGER_SCRIPTS} +RUN chmod 755 ${RANGER_SCRIPTS}/wait_for_keytab.sh && \ + chmod 755 ${RANGER_SCRIPTS}/wait_for_testusers_keytab.sh + # change ownerships RUN chown -R ranger:ranger /home/ranger /opt/ranger diff --git a/docker/krb/wait_for_keytab.sh b/docker/krb/wait_for_keytab.sh new file mode 100644 index 0000000..77d0f17 --- /dev/null +++ b/docker/krb/wait_for_keytab.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +RETRY_COUNT="${KEYTAB_RETRY_COUNT:-5}" +KEYTABS_DIR=/etc/keytabs + +KEYTAB=${KEYTABS_DIR}/$1 + +for i in {1..RETRY_COUNT}; do + if [ -f ${KEYTAB} ] + then + break + else + echo [INFO] "Waiting for keytab ${KEYTAB}.." + sleep 5 + fi +done + +if [ -f ${KEYTAB} ] +then + echo "[INFO] Found keytab ${KEYTAB}" + exit 0 +else + echo "[ERROR] Keytab not found: ${KEYTAB}" + exit 1 +fi diff --git a/docker/krb/wait_for_testusers_keytab.sh b/docker/krb/wait_for_testusers_keytab.sh new file mode 100644 index 0000000..81808c5 --- /dev/null +++ b/docker/krb/wait_for_testusers_keytab.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +/opt/ranger/krb/wait_for_keytab.sh testuser1.keytab +/opt/ranger/krb/wait_for_keytab.sh testuser2.keytab +/opt/ranger/krb/wait_for_keytab.sh testuser3.keytab
