[
https://issues.apache.org/jira/browse/OOZIE-2877?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16499919#comment-16499919
]
Andras Piros commented on OOZIE-2877:
-------------------------------------
[~gezapeti] answering some of your comments:
* credential files are stored on the HDFS path potentially only readable by the
executing user of the Git action. It's stored in a temporary subfolder of the
current working directory (YARN NodeManager container folder) also only
readable by that user, and will possibly be deleted by YARN NodeManager after
the action has been run. So I think we're clean here
* {{destination-uri}} is checked via calls to *{{FileSystem#get()}}* and
[*{{FileSystem#makeQualified()}}*|https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java#L587-L590]
* {{job-tracker}} appearances substituted by {{resource-manager}} in latest
patch
[~clayb] many thanks for your extended efforts on the feature! The only
remaining thingies I see at the moment are:
* addressing remaining pre-commit issues:
{noformat}
-1 RAW_PATCH_ANALYSIS
. -1 the patch contains 10 line(s) with tabs
. -1 the patch contains 10 line(s) with trailing spaces
-1 There are [4] new bugs found below threshold in total that must be fixed.
. -1 There are [4] new bugs found below threshold in [sharelib/git] that must
be fixed.
. You can find the FindBugs diff here (look for the red and orange ones):
sharelib/git/findbugs-new.html
. The most important FindBugs errors are:
. At GitMain.java:[line 151]: java/io/File.<init>(Ljava/lang/String;)V reads a
file whose location might be specified by user input
. At GitMain.java:[line 151]: At GitMain.java:[line 145]
. At GitMain.java:[line 134]: java/io/File.<init>(Ljava/lang/String;)V reads a
file whose location might be specified by user input
. Possible null pointer dereference in
org.apache.oozie.action.hadoop.GitOperations.cloneRepoToFS(Path) due to return
value of called method: At GitMain.java:[line 134]
. Known null at GitOperations.java:[line 151]: Dereferenced at
GitOperations.java:[line 151]
{noformat}
* substituting {{examples/src/main/apps/git/workflow.xml}}'s {{git-uri}} value
with {{https://github.com/apache/oozie}}
* substituting {{TestGitActionExecutor}}'s {{git-uri}} value with
{{https://github.com/klout/scoozie}} so that integration / JUnit test will not
timeout on a machine that has mediocre internet connection
Let me know whether you need my help while finishing.
> Oozie Git Action
> ----------------
>
> Key: OOZIE-2877
> URL: https://issues.apache.org/jira/browse/OOZIE-2877
> Project: Oozie
> Issue Type: Sub-task
> Components: action
> Reporter: Clay B.
> Assignee: Clay B.
> Priority: Major
> Labels: action
> Fix For: trunk
>
> Attachments: 0001-OOZIE-2877-Oozie-Git-Action.patch,
> 0002-OOZIE-2877-Oozie-Git-Action.patch,
> 0003-OOZIE-2877-Oozie-Git-Action.patch,
> 0004-OOZIE-2877-Oozie-Git-Action.patch,
> 0005-OOZIE-2877-Oozie-Git-Action.patch,
> 0006-OOZIE-2877-Oozie-Git-Action.patch,
> 0007-OOZIE-2877-Oozie-Git-Action.patch,
> 0008-OOZIE-2877-Oozie-Git-Action.patch,
> 0009-OOZIE-2877-Oozie-Git-Action.patch, OOZIE-2877.010.patch,
> OOZIE-2877.011.patch, OOZIE-2877.012.patch
>
>
> To aide in deploying ASCII artifacts to clusters, let's provide a tie-in for
> a source-code management system. Git would be my preferred choice.
> Ideally, this could handle a user's key material e.g. for an ssh key to pull
> down from a secured repository. This would free users from handling their own
> key staging and clean-up on YARN nodes and only require them to store the key
> secured in HDFS.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
