[jira] [Commented] (OOZIE-2771) Allow retrieving keystore and truststore passwords from Hadoop Credential Provider
[ https://issues.apache.org/jira/browse/OOZIE-2771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15837295#comment-15837295 ] Abhishek Bafna commented on OOZIE-2771: --- Thanks [~asasvari] for the patch and [~gezapeti] [~andras.piros] for the review. Committed to master. > Allow retrieving keystore and truststore passwords from Hadoop Credential > Provider > -- > > Key: OOZIE-2771 > URL: https://issues.apache.org/jira/browse/OOZIE-2771 > Project: Oozie > Issue Type: Improvement >Reporter: Attila Sasvari >Assignee: Attila Sasvari > Fix For: 5.0.0 > > Attachments: OOZIE-2771-01.patch > > > Right now passwords for keystore and truststore > ({{oozie.https.keystore.pass}}, {{oozie.https.truststore.pass}}) are stored > in {{oozie-site.xml}} as cleartext. > However, Oozie could take advantage of the Hadoop Credential Provider for > storing and retrieving that passwords similarly how the JDBC password > ({{oozie.service.JPAService.jdbc.password}}) is handled today (see > https://issues.apache.org/jira/browse/OOZIE-2272). > This way keystore and truststore passwords could be masked in oozie-site. > Note: {{ConfigurationService.getPassword}} is worth to look at. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OOZIE-2771) Allow retrieving keystore and truststore passwords from Hadoop Credential Provider
[ https://issues.apache.org/jira/browse/OOZIE-2771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15837293#comment-15837293 ] Abhishek Bafna commented on OOZIE-2771: --- +1. > Allow retrieving keystore and truststore passwords from Hadoop Credential > Provider > -- > > Key: OOZIE-2771 > URL: https://issues.apache.org/jira/browse/OOZIE-2771 > Project: Oozie > Issue Type: Improvement >Reporter: Attila Sasvari >Assignee: Attila Sasvari > Attachments: OOZIE-2771-01.patch > > > Right now passwords for keystore and truststore > ({{oozie.https.keystore.pass}}, {{oozie.https.truststore.pass}}) are stored > in {{oozie-site.xml}} as cleartext. > However, Oozie could take advantage of the Hadoop Credential Provider for > storing and retrieving that passwords similarly how the JDBC password > ({{oozie.service.JPAService.jdbc.password}}) is handled today (see > https://issues.apache.org/jira/browse/OOZIE-2272). > This way keystore and truststore passwords could be masked in oozie-site. > Note: {{ConfigurationService.getPassword}} is worth to look at. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OOZIE-2771) Allow retrieving keystore and truststore passwords from Hadoop Credential Provider
[ https://issues.apache.org/jira/browse/OOZIE-2771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15832627#comment-15832627 ] Hadoop QA commented on OOZIE-2771: -- Testing JIRA OOZIE-2771 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any line longer than 132 .{color:red}-1{color} the patch does not add/modify any testcase {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:green}+1 JAVADOC{color} .{color:green}+1{color} the patch does not seem to introduce new Javadoc warnings {color:green}+1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:green}+1{color} patch compiles .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:green}+1{color} There are no new bugs found in total. .{color:green}+1{color} There are no new bugs found in [core]. .{color:green}+1{color} There are no new bugs found in [client]. .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [examples]. .{color:green}+1{color} There are no new bugs found in [hadooplibs/hadoop-utils-2]. .{color:green}+1{color} There are no new bugs found in [tools]. .{color:green}+1{color} There are no new bugs found in [server]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:red}-1 TESTS{color} .Tests run: 1838 .Tests failed: 2 .Tests errors: 5 .The patch failed the following testcases: . testMemoryUsageAndSpeed(org.apache.oozie.service.TestPartitionDependencyManagerEhcache) . testMemoryUsageAndSpeed(org.apache.oozie.service.TestPartitionDependencyManagerService) .Tests failing with errors: . testSqoopEval(org.apache.oozie.action.hadoop.TestSqoopActionExecutor) . testSqoopAction(org.apache.oozie.action.hadoop.TestSqoopActionExecutor) . testSqoopActionFreeFormQuery(org.apache.oozie.action.hadoop.TestSqoopActionExecutor) . testPyspark(org.apache.oozie.action.hadoop.TestPyspark) . testSparkAction(org.apache.oozie.action.hadoop.TestSparkActionExecutor) {color:green}+1 DISTRO{color} .{color:green}+1{color} distro tarball builds with the patch {color:red}*-1 Overall result, please check the reported -1(s)*{color} The full output of the test-patch run is available at . https://builds.apache.org/job/oozie-trunk-precommit-build/3558/ > Allow retrieving keystore and truststore passwords from Hadoop Credential > Provider > -- > > Key: OOZIE-2771 > URL: https://issues.apache.org/jira/browse/OOZIE-2771 > Project: Oozie > Issue Type: Improvement >Reporter: Attila Sasvari >Assignee: Attila Sasvari > Attachments: OOZIE-2771-01.patch > > > Right now passwords for keystore and truststore > ({{oozie.https.keystore.pass}}, {{oozie.https.truststore.pass}}) are stored > in {{oozie-site.xml}} as cleartext. > However, Oozie could take advantage of the Hadoop Credential Provider for > storing and retrieving that passwords similarly how the JDBC password > ({{oozie.service.JPAService.jdbc.password}}) is handled today (see > https://issues.apache.org/jira/browse/OOZIE-2272). > This way keystore and truststore passwords could be masked in oozie-site. > Note: {{ConfigurationService.getPassword}} is worth to look at. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OOZIE-2771) Allow retrieving keystore and truststore passwords from Hadoop Credential Provider
[ https://issues.apache.org/jira/browse/OOZIE-2771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15820890#comment-15820890 ] Andras Piros commented on OOZIE-2771: - +1 (non-binding) > Allow retrieving keystore and truststore passwords from Hadoop Credential > Provider > -- > > Key: OOZIE-2771 > URL: https://issues.apache.org/jira/browse/OOZIE-2771 > Project: Oozie > Issue Type: Improvement >Reporter: Attila Sasvari >Assignee: Attila Sasvari > Attachments: OOZIE-2771-01.patch > > > Right now passwords for keystore and truststore > ({{oozie.https.keystore.pass}}, {{oozie.https.truststore.pass}}) are stored > in {{oozie-site.xml}} as cleartext. > However, Oozie could take advantage of the Hadoop Credential Provider for > storing and retrieving that passwords similarly how the JDBC password > ({{oozie.service.JPAService.jdbc.password}}) is handled today (see > https://issues.apache.org/jira/browse/OOZIE-2272). > This way keystore and truststore passwords could be masked in oozie-site. > Note: {{ConfigurationService.getPassword}} is worth to look at. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OOZIE-2771) Allow retrieving keystore and truststore passwords from Hadoop Credential Provider
[ https://issues.apache.org/jira/browse/OOZIE-2771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15820868#comment-15820868 ] Peter Cseh commented on OOZIE-2771: --- +1 (non-binding) > Allow retrieving keystore and truststore passwords from Hadoop Credential > Provider > -- > > Key: OOZIE-2771 > URL: https://issues.apache.org/jira/browse/OOZIE-2771 > Project: Oozie > Issue Type: Improvement >Reporter: Attila Sasvari >Assignee: Attila Sasvari > Attachments: OOZIE-2771-01.patch > > > Right now passwords for keystore and truststore > ({{oozie.https.keystore.pass}}, {{oozie.https.truststore.pass}}) are stored > in {{oozie-site.xml}} as cleartext. > However, Oozie could take advantage of the Hadoop Credential Provider for > storing and retrieving that passwords similarly how the JDBC password > ({{oozie.service.JPAService.jdbc.password}}) is handled today (see > https://issues.apache.org/jira/browse/OOZIE-2272). > This way keystore and truststore passwords could be masked in oozie-site. > Note: {{ConfigurationService.getPassword}} is worth to look at. -- This message was sent by Atlassian JIRA (v6.3.4#6332)