[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17633270#comment-17633270 ]
Hadoop QA commented on OOZIE-3674: ---------------------------------- Testing JIRA OOZIE-3674 Cleaning local git workspace ---------------------------- {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} . {color:green}+1{color} the patch does not introduce any @author tags . {color:green}+1{color} the patch does not introduce any tabs . {color:green}+1{color} the patch does not introduce any trailing spaces . {color:green}+1{color} the patch does not introduce any star imports . {color:red}-1{color} the patch contains 2 line(s) longer than 132 characters . {color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} . {color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:red}-1 JAVADOC{color} . {color:red}-1{color} build with Javadoc generation fails with the patch {color:red}-1 COMPILE{color} . {color:green}+1{color} HEAD compiles . {color:red}-1{color} patch does not compile . {color:green}+1{color} the patch does not seem to introduce new javac warnings {color:red}-1{color} There are [4] new bugs found below threshold in total that must be fixed. . {color:red}-1{color} There are [4] new bugs found below threshold in [client] that must be fixed. . You can find the SpotBugs diff here (look for the red and orange ones): client/findbugs-new.html . The most important SpotBugs errors are: . At InsecureConnectionHelper.java:[line 64]: SSLContext needs to be compatible with TLS 1.2 . At InsecureConnectionHelper.java:[line 53]: TrustManager that accept any certificates makes communication vulnerable to a MITM attack . At InsecureConnectionHelper.java:[line 56]: TrustManager that accept any certificates makes communication vulnerable to a MITM attack . At InsecureConnectionHelper.java:[line 49]: TrustManager that accept any certificates makes communication vulnerable to a MITM attack . {color:green}+1{color} There are no new bugs found in [webapp]. . {color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. . {color:green}+1{color} There are no new bugs found in [server]. . {color:green}+1{color} There are no new bugs found in [core]. . {color:green}+1{color} There are no new bugs found in [sharelib/spark]. . {color:green}+1{color} There are no new bugs found in [sharelib/hive2]. . {color:green}+1{color} There are no new bugs found in [sharelib/distcp]. . {color:green}+1{color} There are no new bugs found in [sharelib/streaming]. . {color:green}+1{color} There are no new bugs found in [sharelib/hive]. . {color:green}+1{color} There are no new bugs found in [sharelib/git]. . {color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. . {color:green}+1{color} There are no new bugs found in [sharelib/pig]. . {color:green}+1{color} There are no new bugs found in [sharelib/oozie]. . {color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. . {color:green}+1{color} There are no new bugs found in [tools]. . {color:green}+1{color} There are no new bugs found in [docs]. . {color:green}+1{color} There are no new bugs found in [examples]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} . {color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations . {color:green}+1{color} the patch does not modify JPA files {color:red}-1 TESTS{color} - patch does not compile, cannot run test cases {color:red}-1 DISTRO{color} . {color:red}-1{color} distro tarball fails with the patch {color:green}+1 MODERNIZER{color} ---------------------------- {color:red}*-1 Overall result, please check the reported -1(s)*{color} The full output of the test-patch run is available at . https://ci-hadoop.apache.org/job/PreCommit-OOZIE-Build/104/ > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > ----------------------------------------------------------------------------------- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client > Affects Versions: 5.2.1 > Reporter: Janos Makai > Assignee: Janos Makai > Priority: Major > Attachments: OOZIE-3674-001.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)