-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74147/
-----------------------------------------------------------
(Updated Oct. 12, 2022, 7:49 a.m.)
Review request for ranger, Dhaval Shah and Sailaja Polavarapu.
Bugs: RANGER-3927
https://issues.apache.org/jira/browse/RANGER-3927
Repository: ranger
Description
-------
Issue: Master Key(MK) was being first generated and then it was checking into
DB that if MK actually exists on each restart of the KMS process. If exists, it
simply returns. The same check could have been added before regenerating the MK
to avoid this unnecessary execution.
FIX: Added the same check before calling the method
RangerMasterKey.saveEncryptedMK(). Also removed the check from
saveEncryptedMK().
New logs: If MK doesn't exist, then
logger.info("Master Key doesn't exist in DB, Generating the Master Key");
if MK already exists, then
logger.debug("Ranger Master Key already exists in the DB, returning.");
Diffs (updated)
-----
kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java c37e98ee5
Diff: https://reviews.apache.org/r/74147/diff/3/
Changes: https://reviews.apache.org/r/74147/diff/2-3/
Testing
-------
verified through logs on restart of the KMS service. And I got "Ranger Master
Key already exists in the DB, returning." It was not going to generate and save
the MK into DB.
Thanks,
Vikas Kumar
