Github user ArtRand commented on a diff in the pull request:
https://github.com/apache/spark/pull/19631#discussion_r153510604
--- Diff: core/src/main/scala/org/apache/spark/SecurityManager.scala ---
@@ -542,7 +496,54 @@ private[spark] class SecurityManager(
* Gets the secret key.
* @return the secret key as a String if authentication is enabled,
otherwise returns null
*/
- def getSecretKey(): String = secretKey
+ def getSecretKey(): String = {
+ if (isAuthenticationEnabled) {
+ Option(sparkConf.getenv(ENV_AUTH_SECRET))
--- End diff --
FWIW, in Mesos, we are planning on using the [Secrets
primitives](https://github.com/apache/spark/blob/b3f9dbf48ec0938ff5c98833bb6b6855c620ef57/resource-managers/mesos/src/main/scala/org/apache/spark/deploy/mesos/config.scala#L26)
to distribute `ENV_AUTH_SECRET`. This way Mesos and YARN can both use the same
secret-generation code and only differ in the distribution of the secret.
`SPARK_AUTH_SECRET_CONF` is already somewhat awkward because it has to be in
the config.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
