Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 23, 2016, 11:39 a.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Fixed comments in tests.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs (updated)
-

  src/slave/http.cpp 0117827d73bd1b4c96ef261d4573abf70f52c6b3 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
f6fce7df82417e029fadf805d6e0b793f396aa69 
  src/tests/containerizer/isolator_tests.cpp 
6a2e25b967742c034364d19372f06aa9f9cdf828 
  src/tests/fault_tolerance_tests.cpp f99413f56e96a796d3d45decad1f049e6a238789 
  src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
  src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 23, 2016, 11:23 a.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Fixed NetClsIsolatorTest.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs (updated)
-

  src/slave/http.cpp 0117827d73bd1b4c96ef261d4573abf70f52c6b3 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
f6fce7df82417e029fadf805d6e0b793f396aa69 
  src/tests/containerizer/isolator_tests.cpp 
6a2e25b967742c034364d19372f06aa9f9cdf828 
  src/tests/fault_tolerance_tests.cpp f99413f56e96a796d3d45decad1f049e6a238789 
  src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
  src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 20, 2016, 5:32 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
f6fce7df82417e029fadf805d6e0b793f396aa69 
  src/tests/fault_tolerance_tests.cpp f99413f56e96a796d3d45decad1f049e6a238789 
  src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
  src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Joerg Schad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review124207
---




src/slave/slave.cpp (line 677)


Where is this coming from? I would expect this in slave/constants.hpp 
similar as for the master

I am probably missing something here... :-)


- Joerg Schad


On March 17, 2016, 10:56 p.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 17, 2016, 10:56 p.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and a new test was added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> f6fce7df82417e029fadf805d6e0b793f396aa69 
>   src/tests/fault_tolerance_tests.cpp 
> f99413f56e96a796d3d45decad1f049e6a238789 
>   src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
>   src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
> was run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Joerg Schad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review124397
---




src/tests/slave_tests.cpp (line 1504)


could just be my taste, but I would group the two invalid (and respectively 
the two non-authenticated ones below) into one scope.
This also matches the comment much better.


- Joerg Schad


On March 18, 2016, 7:16 p.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 18, 2016, 7:16 p.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and a new test was added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> f6fce7df82417e029fadf805d6e0b793f396aa69 
>   src/tests/fault_tolerance_tests.cpp 
> f99413f56e96a796d3d45decad1f049e6a238789 
>   src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
>   src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
> was run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Joerg Schad]

> On March 18, 2016, 3:47 p.m., Joerg Schad wrote:
> > src/slave/slave.cpp, line 677
> > 
> >
> > Where is this coming from? I would expect this in slave/constants.hpp 
> > similar as for the master
> > 
> > 
> > I am probably missing something here... :-)

Thx for fixing the dependencies!


- Joerg


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review124207
---


On March 17, 2016, 10:56 p.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 17, 2016, 10:56 p.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and a new test was added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> f6fce7df82417e029fadf805d6e0b793f396aa69 
>   src/tests/fault_tolerance_tests.cpp 
> f99413f56e96a796d3d45decad1f049e6a238789 
>   src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
>   src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
> was run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 17, 2016, 7:43 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Rebase.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
f6fce7df82417e029fadf805d6e0b793f396aa69 
  src/tests/fault_tolerance_tests.cpp f99413f56e96a796d3d45decad1f049e6a238789 
  src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
  src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Adam B]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review124161
---


Fix it, then Ship it!




Minor suggestions


src/tests/slave_tests.cpp (lines 1480 - 1482)


In fact, you don't even need to call `CreateSlaveFlags` explicitly, since 
`StartSlave(detector.get())` will call it under the hood for you.



src/tests/slave_tests.cpp (line 1487)


`s/__recover/recover/` (for the variable name)


- Adam B


On March 17, 2016, 3:56 p.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 17, 2016, 3:56 p.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and a new test was added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> f6fce7df82417e029fadf805d6e0b793f396aa69 
>   src/tests/fault_tolerance_tests.cpp 
> f99413f56e96a796d3d45decad1f049e6a238789 
>   src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
>   src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
> was run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 17, 2016, 10:56 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Changed dependency.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
f6fce7df82417e029fadf805d6e0b793f396aa69 
  src/tests/fault_tolerance_tests.cpp f99413f56e96a796d3d45decad1f049e6a238789 
  src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
  src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 18, 2016, 7:12 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Addressed comments.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
f6fce7df82417e029fadf805d6e0b793f396aa69 
  src/tests/fault_tolerance_tests.cpp f99413f56e96a796d3d45decad1f049e6a238789 
  src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
  src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 18, 2016, 7:16 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Added a comment.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
f6fce7df82417e029fadf805d6e0b793f396aa69 
  src/tests/fault_tolerance_tests.cpp f99413f56e96a796d3d45decad1f049e6a238789 
  src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
  src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Joerg Schad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review124194
---




src/slave/http.cpp (line 54)


FYI: Noticed this incorrect blank line while reviewing, removed it with 
https://reviews.apache.org/r/45034/.


- Joerg Schad


On March 17, 2016, 10:56 p.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 17, 2016, 10:56 p.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and a new test was added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> f6fce7df82417e029fadf805d6e0b793f396aa69 
>   src/tests/fault_tolerance_tests.cpp 
> f99413f56e96a796d3d45decad1f049e6a238789 
>   src/tests/health_check_tests.cpp d32164aeb1eb439bd062afa28614dd919e24f06b 
>   src/tests/slave_tests.cpp ea1d776077bf638885db8421194aa4427c772169 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
> was run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 14, 2016, 4:18 a.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Rebase.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
8afaa4dab3984e9866b7b223e8e2e70ef83a39dc 
  src/tests/fault_tolerance_tests.cpp 2d1bac2aa788a2f6c8b647c43d8b731ea02d4a24 
  src/tests/health_check_tests.cpp 9605859b665645654bbdb2688455cae2d692a057 
  src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 11, 2016, 6:56 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
6aecd912fc84b72d2b64f7a842891fddcbc469ac 
  src/tests/fault_tolerance_tests.cpp d193897e636efd0e3ef67bf67fcd6255a3de0341 
  src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
  src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 

Diff: https://reviews.apache.org/r/44553/diff/


Testing (updated)
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new test 
was run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 11, 2016, 6:54 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Simplified added tests.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description (updated)
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and a new test was added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.HTTPEndpointsBadAuthentication`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
6aecd912fc84b72d2b64f7a842891fddcbc469ac 
  src/tests/fault_tolerance_tests.cpp d193897e636efd0e3ef67bf67fcd6255a3de0341 
  src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
  src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new tests 
were run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 11, 2016, 4:06 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Addressed comments.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and new tests were added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.StateEndpointBadCredential` and 
`SlaveTest.FlagsEndpointBadCredential`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
6aecd912fc84b72d2b64f7a842891fddcbc469ac 
  src/tests/fault_tolerance_tests.cpp d193897e636efd0e3ef67bf67fcd6255a3de0341 
  src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
  src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new tests 
were run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Joerg Schad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review123142
---




src/tests/health_check_tests.cpp (line 642)


http::get()


- Joerg Schad


On March 11, 2016, 9:52 a.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 11, 2016, 9:52 a.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and new tests were added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.StateEndpointBadCredential` and 
> `SlaveTest.FlagsEndpointBadCredential`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> 6aecd912fc84b72d2b64f7a842891fddcbc469ac 
>   src/tests/fault_tolerance_tests.cpp 
> d193897e636efd0e3ef67bf67fcd6255a3de0341 
>   src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
>   src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new 
> tests were run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Joerg Schad]

> On March 11, 2016, 2:29 p.m., Joerg Schad wrote:
> > src/tests/slave_tests.cpp, line 1435
> > 
> >
> > Should we add a comment that authn is required by default?

required -> enabled by default in testcases.


- Joerg


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review123139
---


On March 11, 2016, 9:52 a.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 11, 2016, 9:52 a.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and new tests were added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.StateEndpointBadCredential` and 
> `SlaveTest.FlagsEndpointBadCredential`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> 6aecd912fc84b72d2b64f7a842891fddcbc469ac 
>   src/tests/fault_tolerance_tests.cpp 
> d193897e636efd0e3ef67bf67fcd6255a3de0341 
>   src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
>   src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new 
> tests were run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Joerg Schad]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review123139
---


Fix it, then Ship it!





src/tests/containerizer/docker_containerizer_tests.cpp (line 529)


Add blank line.



src/tests/health_check_tests.cpp (line 273)


http::get() should be sufficient here (namespace http = process::http;)



src/tests/health_check_tests.cpp (line 566)


http::get() see above.



src/tests/health_check_tests.cpp (line 604)


http::get() see above.



src/tests/slave_tests.cpp (line 1433)


I would test querying the endpoint without credentials as well.



src/tests/slave_tests.cpp (line 1435)


Should we add a comment that authn is required by default?



src/tests/slave_tests.cpp (line 1469)


I would combine both test cases into a single one, saves code and setup 
time. Feel free to drop with good reason to keep them seperate.


- Joerg Schad


On March 11, 2016, 9:52 a.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 11, 2016, 9:52 a.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and new tests were added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.StateEndpointBadCredential` and 
> `SlaveTest.FlagsEndpointBadCredential`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> 6aecd912fc84b72d2b64f7a842891fddcbc469ac 
>   src/tests/fault_tolerance_tests.cpp 
> d193897e636efd0e3ef67bf67fcd6255a3de0341 
>   src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
>   src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new 
> tests were run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Alexander Rojas]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review123137
---


Ship it!




Ship It!

- Alexander Rojas


On March 11, 2016, 10:52 a.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 11, 2016, 10:52 a.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and new tests were added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.StateEndpointBadCredential` and 
> `SlaveTest.FlagsEndpointBadCredential`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> 6aecd912fc84b72d2b64f7a842891fddcbc469ac 
>   src/tests/fault_tolerance_tests.cpp 
> d193897e636efd0e3ef67bf67fcd6255a3de0341 
>   src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
>   src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new 
> tests were run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 11, 2016, 9:52 a.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and new tests were added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.StateEndpointBadCredential` and 
`SlaveTest.FlagsEndpointBadCredential`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
6aecd912fc84b72d2b64f7a842891fddcbc469ac 
  src/tests/fault_tolerance_tests.cpp d193897e636efd0e3ef67bf67fcd6255a3de0341 
  src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
  src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new tests 
were run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

> On March 10, 2016, 8:57 a.m., Adam B wrote:
> > Can you add some tests for these endpoints that show that hitting them with 
> > a bad credential will fail with status Unauthorized? See 
> > `TeardownTest.TeardownEndpointBadCredentials` or 
> > `PersistentVolumeEndpointsTest.BadCredentials`.

Good idea, done!


- Greg


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review122901
---


On March 10, 2016, 7:45 p.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 10, 2016, 7:45 p.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints, and new tests were added to probe these endpoints' behavior 
> when bad credentials are supplied: `SlaveTest.StateEndpointBadCredential` and 
> `SlaveTest.FlagsEndpointBadCredential`.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> 6aecd912fc84b72d2b64f7a842891fddcbc469ac 
>   src/tests/fault_tolerance_tests.cpp 
> d193897e636efd0e3ef67bf67fcd6255a3de0341 
>   src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
>   src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and new tests were added to probe the endpoint behavior when 
> invalid credentials are supplied.
> 
> `sudo make check` was used to test on both OSX and Ubuntu 14.04. The new 
> tests were run 1000 times to look for flakiness.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

(Updated March 10, 2016, 7:45 p.m.)


Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
Toenshoff.


Changes
---

Added more tests.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description (updated)
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints, and new tests were added to probe these endpoints' behavior 
when bad credentials are supplied: `SlaveTest.StateEndpointBadCredential` and 
`SlaveTest.FlagsEndpointBadCredential`.


Diffs (updated)
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
6aecd912fc84b72d2b64f7a842891fddcbc469ac 
  src/tests/fault_tolerance_tests.cpp d193897e636efd0e3ef67bf67fcd6255a3de0341 
  src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
  src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 

Diff: https://reviews.apache.org/r/44553/diff/


Testing (updated)
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and new tests were added to probe the endpoint behavior when invalid 
credentials are supplied.

`sudo make check` was used to test on both OSX and Ubuntu 14.04. The new tests 
were run 1000 times to look for flakiness.


Thanks,

Greg Mann

Re: Review Request 44553: Added authentication to agent HTTP endpoints.

[Adam B]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/#review122901
---



Can you add some tests for these endpoints that show that hitting them with a 
bad credential will fail with status Unauthorized? See 
`TeardownTest.TeardownEndpointBadCredentials` or 
`PersistentVolumeEndpointsTest.BadCredentials`.

- Adam B


On March 9, 2016, 9:59 p.m., Greg Mann wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44553/
> ---
> 
> (Updated March 9, 2016, 9:59 p.m.)
> 
> 
> Review request for mesos, Adam B, Alexander Rojas, Joerg Schad, and Till 
> Toenshoff.
> 
> 
> Bugs: MESOS-4850
> https://issues.apache.org/jira/browse/MESOS-4850
> 
> 
> Repository: mesos
> 
> 
> Description
> ---
> 
> Added authentication to agent HTTP endpoints.
> 
> This patch adds HTTP authentication to the `/state`, `/state.json`, and 
> `/flags` endpoints. Tests are also updated to use authentication when hitting 
> these endpoints.
> 
> 
> Diffs
> -
> 
>   src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
>   src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
>   src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
>   src/tests/containerizer/docker_containerizer_tests.cpp 
> 6aecd912fc84b72d2b64f7a842891fddcbc469ac 
>   src/tests/fault_tolerance_tests.cpp 
> d193897e636efd0e3ef67bf67fcd6255a3de0341 
>   src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
>   src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 
> 
> Diff: https://reviews.apache.org/r/44553/diff/
> 
> 
> Testing
> ---
> 
> Tests were updated to use authentication when hitting the affected agent 
> endpoints, and `sudo make check` was used to test on both OSX and Ubuntu 
> 14.04.
> 
> 
> Thanks,
> 
> Greg Mann
> 
>

Review Request 44553: Added authentication to agent HTTP endpoints.

[Greg Mann]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44553/
---

Review request for mesos, Adam B, Alexander Rojas, and Till Toenshoff.


Bugs: MESOS-4850
https://issues.apache.org/jira/browse/MESOS-4850


Repository: mesos


Description
---

Added authentication to agent HTTP endpoints.

This patch adds HTTP authentication to the `/state`, `/state.json`, and 
`/flags` endpoints. Tests are also updated to use authentication when hitting 
these endpoints.


Diffs
-

  src/slave/http.cpp 4eb1fafdfa72094511b0b2684a3c2705bd8c7c5e 
  src/slave/slave.hpp 7520cc356e2b1b7f5fff15f33071a46a7b05e762 
  src/slave/slave.cpp 840534ff0687e82ed063c386e36bbabada230697 
  src/tests/containerizer/docker_containerizer_tests.cpp 
6aecd912fc84b72d2b64f7a842891fddcbc469ac 
  src/tests/fault_tolerance_tests.cpp d193897e636efd0e3ef67bf67fcd6255a3de0341 
  src/tests/health_check_tests.cpp d0fd27fd8a6b48511ef8cafab5dff59f65729d9f 
  src/tests/slave_tests.cpp 124e9587180f2a55e659d966d1c9060234c19457 

Diff: https://reviews.apache.org/r/44553/diff/


Testing
---

Tests were updated to use authentication when hitting the affected agent 
endpoints, and `sudo make check` was used to test on both OSX and Ubuntu 14.04.


Thanks,

Greg Mann