[
https://issues.apache.org/jira/browse/OOZIE-2877?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16501891#comment-16501891
]
Andras Piros commented on OOZIE-2877:
-------------------------------------
[~clayb] I see. It's a good idea to stick to the original request / solution
and not use YARN's {{ApplicationSubmissionContext}}.
I'd choose {{GitActionExecutor}} to perform the private SSH key permission
check, and in case permission is too vague, {{LOG.error()}} and not event start
the Git action. The user can then restrict the permission and re-run the
workflow containing the SSH action.
> Oozie Git Action
> ----------------
>
> Key: OOZIE-2877
> URL: https://issues.apache.org/jira/browse/OOZIE-2877
> Project: Oozie
> Issue Type: Sub-task
> Components: action
> Reporter: Clay B.
> Assignee: Clay B.
> Priority: Major
> Labels: action
> Fix For: trunk
>
> Attachments: 0001-OOZIE-2877-Oozie-Git-Action.patch,
> 0002-OOZIE-2877-Oozie-Git-Action.patch,
> 0003-OOZIE-2877-Oozie-Git-Action.patch,
> 0004-OOZIE-2877-Oozie-Git-Action.patch,
> 0005-OOZIE-2877-Oozie-Git-Action.patch,
> 0006-OOZIE-2877-Oozie-Git-Action.patch,
> 0007-OOZIE-2877-Oozie-Git-Action.patch,
> 0008-OOZIE-2877-Oozie-Git-Action.patch,
> 0009-OOZIE-2877-Oozie-Git-Action.patch, OOZIE-2877.010.patch,
> OOZIE-2877.011.patch, OOZIE-2877.012.patch
>
>
> To aide in deploying ASCII artifacts to clusters, let's provide a tie-in for
> a source-code management system. Git would be my preferred choice.
> Ideally, this could handle a user's key material e.g. for an ssh key to pull
> down from a secured repository. This would free users from handling their own
> key staging and clean-up on YARN nodes and only require them to store the key
> secured in HDFS.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
