----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/61998/#review184319 -----------------------------------------------------------
ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/service_check.py Lines 80 (patched) <https://reviews.apache.org/r/61998/#comment260449> I would recommend to avoid conditional formatting using input that came from user. This could trigger security hole, see: http://lucumr.pocoo.org/2016/12/29/careful-with-str-format/ ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/service_check.py Lines 105 (patched) <https://reviews.apache.org/r/61998/#comment260450> I would recommend to avoid conditional formatting using input that came from user. This could trigger security hole, see: http://lucumr.pocoo.org/2016/12/29/careful-with-str-format/ - Eric Yang On Aug. 30, 2017, 7:07 p.m., Qin Liu wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/61998/ > ----------------------------------------------------------- > > (Updated Aug. 30, 2017, 7:07 p.m.) > > > Review request for Ambari, Aravindan Vijayan, Dmytro Sen, Eric Yang, Robert > Levas, and Sid Wagle. > > > Bugs: AMBARI-21821 > https://issues.apache.org/jira/browse/AMBARI-21821 > > > Repository: ambari > > > Description > ------- > > This is a subtask of AMBARI-14384 "Ambari Metrics doesn't use SPNEGO to > authenticate". > In a Kerberos enabled cluster with SPNEGO enabled on Hadoop APIs, Ambari > Metrics Collector web-console will be Kerberos HTTP SPNEGO enabled too. But > Ambari Metrics service check currently does not support Kerberos HTTP SPNEGO > authentication. > > 2017-08-24 16:13:44,078 - Ambari Metrics service check was started. > 2017-08-24 16:13:44,109 - Generated metrics for host amshost.example.com : > { > "metrics": [ > { > "metricname": "AMBARI_METRICS.SmokeTest.FakeMetric", > "appid": "amssmoketestfake", > "hostname": "host.example.com", > "timestamp": 1503616424000, > "starttime": 1503616424000, > "metrics": > { "1503616424000": 0.164134766408, "1503616425000": 1503616424000 } > > } > ] > } > 2017-08-24 16:13:44,114 - Connecting (POST) to > amshost.example.com:6188/ws/v1/timeline/metrics/ > 2017-08-24 16:13:44,117 - Http response for host amshost.example.com: 401 > Authentication required > > > Diffs > ----- > > > ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/params.py > 6975bec > > ambari-server/src/main/resources/common-services/AMBARI_METRICS/0.1.0/package/scripts/service_check.py > 2b3dfa9 > > > Diff: https://reviews.apache.org/r/61998/diff/1/ > > > Testing > ------- > > 1. run the Hadoop QA testing twice and the testcase failures has nothing to > do with the patch > > 2. manually tested AMS service check on HDP/trunk cluster with combination of > HTTP SPNEGO/Non-HTTP SPNEGO, SSL/Non-SSL, AMS distributed/embedded. > > > Thanks, > > Qin Liu > >
