[jira] [Commented] (HADOOP-14448) Play nice with ITestS3AEncryptionSSEC

Mon, 22 May 2017 19:34:24 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-14448?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16020581#comment-16020581
 ] 

Sean Mackrory commented on HADOOP-14448:
----------------------------------------

The 5 tests that have this problem (fail with Exception, "Exception should be 
thrown.") are: testCreateSubdirWithDifferentKey, 
testDeleteEncryptedObjectWithDifferentKey, testListEncryptedDir, 
testListStatusEncryptedDir, testListStatusEncryptedFile

Weirdly, they fail when DynamoDB is used, but not when the Local implementation 
is used. I've started tracing through and there are indeed times when the 
DynamoDB implementation returns a FileStatus and eliminates the need for a 
direct S3 lookup when the Local implementation doesn't. I immediately wondered 
if it's because the Local implementation is a clean state with every new JVM, 
but even after deleting the DynamoDB table and executing only one of these 
tests at a time, I see this behavior. Seems like something else is going awry 
too.

> Play nice with ITestS3AEncryptionSSEC
> -------------------------------------
>
>                 Key: HADOOP-14448
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14448
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>    Affects Versions: HADOOP-13345
>            Reporter: Sean Mackrory
>
> HADOOP-14035 hasn't yet been merged with HADOOP-13345, but it adds tests that 
> will break when run with S3Guard enabled. It expects that certain filesystem 
> actions will throw exceptions when the client-provided encryption key is not 
> configured properly, but those actions may sometimes bypass S3 entirely 
> thanks to S3Guard (for example, getFileStatus may not actually need to invoke 
> s3GetFileStatus). If the exception is never thrown, the test fails.
> At a minimum we should tweak the tests so they definitely invoke S3 directly, 
> or just skip the offending tests when anything but the Null implementation is 
> in use. This also opens the larger question of whether or not S3Guard should 
> be serving up metadata that is otherwise only accessible when an encryption 
> key is provided.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to