[
https://issues.apache.org/jira/browse/MESOS-6999?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15968404#comment-15968404
]
Greg Mann commented on MESOS-6999:
----------------------------------
{code}
commit 0b7a40102a33ab46c2794963d9a0133b9e76b880
Author: Greg Mann <[email protected]>
Date: Thu Apr 13 15:44:19 2017 -0700
Changed '--executor_secret_key' agent flag to accept a path.
This patch changes the agent flag '--executor_secret_key' to accept
a path, so that the secret will not be leaked in logs.
Review: https://reviews.apache.org/r/58327/
{code}
commit 8bbe700411298b7b17219f9521820b9dcc7ef2c8
Author: Greg Mann <[email protected]>
Date: Thu Apr 13 15:44:28 2017 -0700
Updated tests to set '--executor_secret_key' as a path.
This patch updates the test code to generate a secret key file
and set the agent '--executor_secret_key' flag with its path.
Review: https://reviews.apache.org/r/58328/
{code}
> Add agent support for generating and passing executor secrets
> -------------------------------------------------------------
>
> Key: MESOS-6999
> URL: https://issues.apache.org/jira/browse/MESOS-6999
> Project: Mesos
> Issue Type: Task
> Components: agent, security
> Reporter: Greg Mann
> Assignee: Greg Mann
> Labels: agent, executor, flags, mesosphere, security
> Fix For: 1.3.0
>
>
> The agent must generate and pass executor secrets to all executors using the
> V1 API. For MVP, the agent will have this behavior by default when compiled
> with SSL support. To accomplish this, the agent must:
> * load the default {{SecretGenerator}} module
> * call the secret generator when launching an executor
> * pass the generated secret into the executor's environment
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
