[
https://issues.apache.org/jira/browse/YARN-11726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18055939#comment-18055939
]
ASF GitHub Bot commented on YARN-11726:
---------------------------------------
Hean-Chhinling opened a new pull request, #8224:
URL: https://github.com/apache/hadoop/pull/8224
<!--
Thanks for sending a pull request!
1. If this is your first time, please read our contributor guidelines:
https://cwiki.apache.org/confluence/display/HADOOP/How+To+Contribute
2. Make sure your PR title starts with JIRA issue id, e.g.,
'HADOOP-17799. Your PR title ...'.
-->
### Description of PR
Improve `getPassword` method in WebAppUtils class by adding logging for
password retrieval operations. Previously, if the password retrieval failed due
to a misconfiguration or other issues, it failed silently, without any
indication of the error. This update adds:
* **DEBUG Logging**: Logs successful password retrieval attempts, showing
which alias was retrieved.
* **WARN Logging**: Logs when there is not password for the alias.
* **ERROR Logging**: Logs failures when unable to passwords along with the
alias and error details.
### How was this patch tested?
Tested manually and added a unit-test for the exception
### For code changes:
- [ ] Does the title or this PR starts with the corresponding JIRA issue id
(e.g. 'HADOOP-17799. Your PR title ...')?
- [ ] Object storage: have the integration tests been executed and the
endpoint declared according to the connector-specific documentation?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the `LICENSE`, `LICENSE-binary`,
`NOTICE-binary` files?
### AI Tooling
If an AI tool was used:
- [ ] The PR includes the phrase "Contains content generated by <tool>"
where <tool> is the name of the AI tool used.
- [ ] My use of AI contributions follows the ASF legal policy
https://www.apache.org/legal/generative-tooling.html
> Exposing Password Retrieval Process for Web Application Utilities in method
> `getPassword`
> -----------------------------------------------------------------------------------------
>
> Key: YARN-11726
> URL: https://issues.apache.org/jira/browse/YARN-11726
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: yarn
> Affects Versions: 3.3.6
> Environment: Version: {{3.3.6}}
> Location:
> {{{}hadoop/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/util/WebAppUtils.java{}}},
> in the {{getPassword}} method, lines 486-500.
> Reporter: LoggingResearch
> Assignee: chhinlinghean
> Priority: Major
> Labels: pull-request-available
> Attachments: TestWebAppUtils.java, original-vs-log-enhanced.md
>
>
> The method {{getPassword}} in {{WebAppUtils}} is responsible for securely
> retrieving passwords from the configuration based on the provided alias. If
> the alias is not set or if there's an issue during the retrieval, the system
> currently fails silently. Enhancing the logging within this method will
> provide more transparency and help diagnose configuration issues, such as
> missing or incorrect password aliases.
>
> *Expected Behavior:*
> The system should log the success or failure of password retrieval attempts,
> including any issues encountered during the process. This will improve
> traceability and allow administrators to more easily identify and correct
> misconfigurations or errors related to password management.
>
> *How-to-Fix:*
> We propose adding log statements to expose the success or failure of password
> retrieval operations. This will enhance the visibility of
> configuration-related issues, allowing administrators to better manage
> security credentials within YARN.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
