[
https://issues.apache.org/jira/browse/SENTRY-1718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15986867#comment-15986867
]
Na Li commented on SENTRY-1718:
-------------------------------
The problem seems to be caused the following sequence
1) A test case calls TestSentryStore.setup(), which in turn creates the
UserProvider and "static UserGroupInformation loginUser". It is static and can
be shared among threads.
2) provider.createCredentialEntry is called to set the value of
"sentry.store.jdbc.password". And provider.flush() add credential to loginUser.
3) When the second test case calls TestSentryStore.setup(), the existing
loginUser is found, and its credential is passed to the UserProvider. So the
new provider has the credential of "sentry.store.jdbc.password"
4) When provider.createCredentialEntry is called to create the value of
"sentry.store.jdbc.password" for the new provider, exception is thrown.
The following code shows the details of the steps.
step 1) and 2)
public static void TestSentryStore.setup() throws Exception {
conf = new Configuration(false);
final String ourUrl = UserProvider.SCHEME_NAME + ":///";
conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl);
CredentialProvider provider =
CredentialProviderFactory.getProviders(conf).get(0);
provider.createCredentialEntry(ServerConfig.
SENTRY_STORE_JDBC_PASS, passwd);
provider.flush();
...
}
step 2)
public void UserProvider.flush() {
this.user.addCredentials(this.credentials);
}
step 3)
private UserProvider() throws IOException {
this.user = UserGroupInformation.getCurrentUser();
this.credentials = this.user.getCredentials();
}
step 4)
public CredentialEntry createCredentialEntry(String name, char[]
credential) throws IOException {
Text nameT = new Text(name);
if(this.credentials.getSecretKey(nameT) != null) {
throw new IOException("Credential " + name + " already exists in "
+ this); <-- existing credential in the new provider from static loginUser
} else {
this.credentials.addSecretKey(new Text(name), (new
String(credential)).getBytes("UTF-8"));
return new CredentialEntry(name, credential);
}
}
> TestSentryStore often fails in setup()
> --------------------------------------
>
> Key: SENTRY-1718
> URL: https://issues.apache.org/jira/browse/SENTRY-1718
> Project: Sentry
> Issue Type: Sub-task
> Components: Sentry
> Reporter: Alexander Kolbasov
> Assignee: Na Li
> Fix For: sentry-ha-redesign
>
>
> Recent builds of sentry ha often fail with failures similar to this:
> {code}
> Running org.apache.sentry.provider.db.service.persistent.TestSentryStore
> Tests run: 58, Failures: 1, Errors: 1, Skipped: 0, Time elapsed: 43.213 sec
> <<< FAILURE! - in
> org.apache.sentry.provider.db.service.persistent.TestSentryStore
> testPrivilegesWithPermUpdate(org.apache.sentry.provider.db.service.persistent.TestSentryStore)
> Time elapsed: 0.195 sec <<< FAILURE!
> java.lang.AssertionError: expected:<2012> but was:<2>
> at
> org.apache.sentry.provider.db.service.persistent.TestSentryStore.testPrivilegesWithPermUpdate(TestSentryStore.java:2707)
> org.apache.sentry.provider.db.service.persistent.TestSentryStore Time
> elapsed: 0.14 sec <<< ERROR!
> java.io.IOException: Credential sentry.store.jdbc.password already exists in
> user:///
> at
> org.apache.sentry.provider.db.service.persistent.TestSentryStore.setup(TestSentryStore.java:97)
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
