Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 1F1A0200BFA for ; Wed, 7 Dec 2016 16:00:03 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 1D9A5160B2B; Wed, 7 Dec 2016 15:00:03 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 41B2A160B33 for ; Wed, 7 Dec 2016 16:00:01 +0100 (CET) Received: (qmail 10372 invoked by uid 500); 7 Dec 2016 14:59:59 -0000 Mailing-List: contact commits-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ambari-dev@ambari.apache.org Delivered-To: mailing list commits@ambari.apache.org Received: (qmail 9892 invoked by uid 99); 7 Dec 2016 14:59:59 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 07 Dec 2016 14:59:59 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 755FDF2142; Wed, 7 Dec 2016 14:59:59 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: ncole@apache.org To: commits@ambari.apache.org Date: Wed, 07 Dec 2016 15:00:14 -0000 Message-Id: In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [16/50] [abbrv] ambari git commit: AMBARI-18065. Change Ranger Admin start script to setup db for ranger (magyari_sandor) archived-at: Wed, 07 Dec 2016 15:00:03 -0000 AMBARI-18065. Change Ranger Admin start script to setup db for ranger (magyari_sandor) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f5051dcb Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f5051dcb Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f5051dcb Branch: refs/heads/branch-dev-patch-upgrade Commit: f5051dcb7f17f0e26fed9e70eef35a3758a35e60 Parents: 431d265 Author: Sandor Magyari Authored: Thu Dec 1 19:36:01 2016 +0100 Committer: Sandor Magyari Committed: Mon Dec 5 16:39:13 2016 +0100 ---------------------------------------------------------------------- .../libraries/functions/constants.py | 1 + .../RANGER/0.4.0/package/scripts/params.py | 1 + .../0.4.0/package/scripts/ranger_admin.py | 36 +- .../HDP/2.0.6/properties/stack_features.json | 5 + .../stacks/2.6/RANGER/test_ranger_admin.py | 504 ++++++++++++ .../2.6/configs/ranger-admin-default.json | 704 +++++++++++++++++ .../2.6/configs/ranger-admin-secured.json | 773 +++++++++++++++++++ 7 files changed, 2010 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-common/src/main/python/resource_management/libraries/functions/constants.py ---------------------------------------------------------------------- diff --git a/ambari-common/src/main/python/resource_management/libraries/functions/constants.py b/ambari-common/src/main/python/resource_management/libraries/functions/constants.py index 3431495..46562e0 100644 --- a/ambari-common/src/main/python/resource_management/libraries/functions/constants.py +++ b/ambari-common/src/main/python/resource_management/libraries/functions/constants.py @@ -97,6 +97,7 @@ class StackFeature: RANGER_PID_SUPPORT = "ranger_pid_support" RANGER_KMS_PID_SUPPORT = "ranger_kms_pid_support" RANGER_ADMIN_PASSWD_CHANGE = "ranger_admin_password_change" + RANGER_SETUP_DB_ON_START = "ranger_setup_db_on_start" STORM_METRICS_APACHE_CLASSES = "storm_metrics_apache_classes" SPARK_JAVA_OPTS_SUPPORT = "spark_java_opts_support" ATLAS_HBASE_SETUP = "atlas_hbase_setup" http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py index e27b363..f2cc940 100644 --- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py +++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py @@ -70,6 +70,7 @@ stack_supports_usersync_passwd = check_stack_feature(StackFeature.RANGER_USERSYN stack_supports_infra_client = check_stack_feature(StackFeature.RANGER_INSTALL_INFRA_CLIENT, version_for_stack_feature_checks) stack_supports_pid = check_stack_feature(StackFeature.RANGER_PID_SUPPORT, version_for_stack_feature_checks) stack_supports_ranger_admin_password_change = check_stack_feature(StackFeature.RANGER_ADMIN_PASSWD_CHANGE, version_for_stack_feature_checks) +stack_supports_ranger_setup_db_on_start = check_stack_feature(StackFeature.RANGER_SETUP_DB_ON_START, version_for_stack_feature_checks) downgrade_from_version = default("/commandParams/downgrade_from_version", None) upgrade_direction = default("/commandParams/upgrade_direction", None) http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py index a9656c7..b849d58 100644 --- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py +++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py @@ -45,18 +45,9 @@ class RangerAdmin(Script): self.install_packages(env) import params env.set_params(params) - if params.xml_configurations_supported: - from setup_ranger_xml import setup_ranger_db - setup_ranger_db() - - self.configure(env) - - if params.xml_configurations_supported: - from setup_ranger_xml import setup_java_patch - setup_java_patch() - - if params.stack_supports_ranger_admin_password_change: - setup_ranger_admin_passwd_change() + # call config and setup db only in case of HDP version < 2.6 + if not params.stack_supports_ranger_setup_db_on_start: + self.configure(env, setup_db=True) def stop(self, env, upgrade_type=None): import params @@ -93,7 +84,9 @@ class RangerAdmin(Script): def start(self, env, upgrade_type=None): import params env.set_params(params) - self.configure(env, upgrade_type=upgrade_type) + + # setup db only if in case HDP version is > 2.6 + self.configure(env, upgrade_type=upgrade_type, setup_db=params.stack_supports_ranger_setup_db_on_start) if params.stack_supports_infra_client and params.audit_solr_enabled and params.is_solrCloud_enabled: solr_cloud_util.setup_solr_client(params.config, custom_log4j = params.custom_log4j) @@ -122,7 +115,7 @@ class RangerAdmin(Script): raise ComponentIsNotRunning() pass - def configure(self, env, upgrade_type=None): + def configure(self, env, upgrade_type=None, setup_db=False): import params env.set_params(params) if params.xml_configurations_supported: @@ -130,8 +123,23 @@ class RangerAdmin(Script): else: from setup_ranger import ranger + # set up db if we are not upgrading and setup_db is true + if setup_db and upgrade_type is None: + if params.xml_configurations_supported: + from setup_ranger_xml import setup_ranger_db + setup_ranger_db() + ranger('ranger_admin', upgrade_type=upgrade_type) + # set up java patches if we are not upgrading and setup_db is true + if setup_db and upgrade_type is None: + if params.xml_configurations_supported: + from setup_ranger_xml import setup_java_patch + setup_java_patch() + + if params.stack_supports_ranger_admin_password_change: + setup_ranger_admin_passwd_change() + def set_ru_rangeradmin_in_progress(self, upgrade_marker_file): config_dir = os.path.dirname(upgrade_marker_file) try: http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json b/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json index dd87b72..27a755c 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json +++ b/ambari-server/src/main/resources/stacks/HDP/2.0.6/properties/stack_features.json @@ -289,6 +289,11 @@ "min_version": "2.5.0.0" }, { + "name": "ranger_setup_db_on_start", + "description": "Allows setup of ranger db and java patches to be called multiple times on each START", + "min_version": "2.6.0.0" + }, + { "name": "storm_metrics_apache_classes", "description": "Metrics sink for Storm that uses Apache class names", "min_version": "2.5.0.0" http://git-wip-us.apache.org/repos/asf/ambari/blob/f5051dcb/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py b/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py new file mode 100644 index 0000000..a3ce186 --- /dev/null +++ b/ambari-server/src/test/python/stacks/2.6/RANGER/test_ranger_admin.py @@ -0,0 +1,504 @@ +#!/usr/bin/env python + +''' +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +''' +import json +from mock.mock import MagicMock, patch +from stacks.utils.RMFTestCase import * +from only_for_platform import not_for_platform, PLATFORM_WINDOWS + +@not_for_platform(PLATFORM_WINDOWS) +class TestRangerAdmin(RMFTestCase): + COMMON_SERVICES_PACKAGE_DIR = "RANGER/0.4.0/package" + STACK_VERSION = "2.6" + + @patch("os.path.isfile") + def test_start_default(self, isfile_mock): + self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/ranger_admin.py", + classname = "RangerAdmin", + command = "start", + config_file="ranger-admin-default.json", + stack_version = self.STACK_VERSION, + target = RMFTestCase.TARGET_COMMON_SERVICES + ) + self.assert_configure_default() + + self.assertResourceCalled('Directory', '/var/log/ambari-infra-solr-client', + create_parents = True, + mode = 0755, + cd_access = 'a', + ) + self.assertResourceCalled('Directory', '/usr/lib/ambari-infra-solr-client', + cd_access = 'a', + create_parents = True, + mode = 0755, + recursive_ownership = True, + ) + self.assertResourceCalled('File', '/usr/lib/ambari-infra-solr-client/solrCloudCli.sh', + content = StaticFile('/usr/lib/ambari-infra-solr-client/solrCloudCli.sh'), + mode = 0755, + ) + self.assertResourceCalled('File', '/usr/lib/ambari-infra-solr-client/log4j.properties', + content = InlineTemplate(self.getConfig()['configurations']['infra-solr-client-log4j']['content']), + mode = 0644, + ) + self.assertResourceCalled('File', '/var/log/ambari-infra-solr-client/solr-client.log', + content = '', + mode = 0664, + ) + self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /infra-solr --check-znode --retry 5 --interval 10') + self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --download-config --config-dir /tmp/solr_config_ranger_audits_0.[0-9]* --config-set ranger_audits --retry 30 --interval 5') + self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --upload-config --config-dir /usr/hdp/current/ranger-admin/contrib/solr_for_audit_setup/conf --config-set ranger_audits --retry 30 --interval 5') + self.assertResourceCalledRegexp('^Directory$', '^/tmp/solr_config_ranger_audits_0.[0-9]*', + action=['delete'], + create_parents=True) + self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/infra-solr --create-collection --collection ranger_audits --config-set ranger_audits --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10') + + self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start', + environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, + not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep', + user = 'ranger', + ) + + self.assertTrue(isfile_mock.called) + self.assertNoMoreResources() + + @patch("os.path.isfile") + def test_start_secured(self, isfile_mock): + self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/ranger_admin.py", + classname = "RangerAdmin", + command = "start", + config_file="ranger-admin-secured.json", + stack_version = self.STACK_VERSION, + target = RMFTestCase.TARGET_COMMON_SERVICES + ) + self.assert_configure_secured() + + self.assertResourceCalled('Directory', '/var/log/ambari-infra-solr-client', + create_parents = True, + mode = 0755, + cd_access = 'a', + ) + self.assertResourceCalled('Directory', '/usr/lib/ambari-infra-solr-client', + cd_access = 'a', + create_parents = True, + mode = 0755, + recursive_ownership = True, + ) + self.assertResourceCalled('File', '/usr/lib/ambari-infra-solr-client/solrCloudCli.sh', + content = StaticFile('/usr/lib/ambari-infra-solr-client/solrCloudCli.sh'), + mode = 0755, + ) + self.assertResourceCalled('File', '/usr/lib/ambari-infra-solr-client/log4j.properties', + content = InlineTemplate(self.getConfig()['configurations']['infra-solr-client-log4j']['content']), + mode = 0644, + ) + self.assertResourceCalled('File', '/var/log/ambari-infra-solr-client/solr-client.log', + content = '', + mode = 0664, + ) + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger_solr_jaas.conf', + content = Template('ranger_solr_jaas_conf.j2'), + owner = 'ranger', + ) + self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181 --znode /ambari-solr --check-znode --retry 5 --interval 10') + self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/ambari-solr --download-config --config-dir /tmp/solr_config_ranger_audits_0.[0-9]* --config-set ranger_audits --retry 30 --interval 5') + self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/ambari-solr --upload-config --config-dir /usr/hdp/current/ranger-admin/contrib/solr_for_audit_setup/conf --config-set ranger_audits --retry 30 --interval 5') + self.assertResourceCalledRegexp('^Directory$', '^/tmp/solr_config_ranger_audits_0.[0-9]*', + action=['delete'], + create_parents=True) + self.assertResourceCalledRegexp('^Execute$', '^ambari-sudo.sh JAVA_HOME=/usr/jdk64/jdk1.7.0_45 /usr/lib/ambari-infra-solr-client/solrCloudCli.sh --zookeeper-connect-string c6401.ambari.apache.org:2181/ambari-solr --create-collection --collection ranger_audits --config-set ranger_audits --shards 1 --replication 1 --max-shards 1 --retry 5 --interval 10') + + self.assertResourceCalled('Execute', '/usr/bin/ranger-admin-start', + environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, + not_if = 'ps -ef | grep proc_rangeradmin | grep -v grep', + user = 'ranger', + ) + + self.assertTrue(isfile_mock.called) + self.assertNoMoreResources() + + + def assert_setup_db(self): + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java-old.jar', + action = ['delete'], + ) + + self.assertResourceCalled('File', '/tmp/mysql-connector-java.jar', + content = DownloadSource('http://c6401.ambari.apache.org:8080/resources//mysql-connector-java.jar'), + mode = 0644 + ) + + self.assertResourceCalled('Execute', ('cp', '--remove-destination', '/tmp/mysql-connector-java.jar', + '/usr/hdp/2.6.0.0-801/ranger-admin/ews/lib'), + sudo = True, + path = ['/bin', '/usr/bin/'] + ) + + self.assertResourceCalled('File', '/usr/hdp/2.6.0.0-801/ranger-admin/ews/lib/mysql-connector-java.jar', + mode = 0644 + ) + + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/2.6.0.0-801/ranger-admin/install.properties', + properties = self.getConfig()['configurations']['admin-properties'], + owner = 'ranger' + ) + + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/2.6.0.0-801/ranger-admin/install.properties', + owner = 'ranger', + properties = {'SQL_CONNECTOR_JAR': + '/usr/hdp/2.6.0.0-801/ranger-admin/ews/lib/mysql-connector-java.jar'} + ) + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'audit_store': 'solr'} + ) + + self.assertResourceCalled('Execute', ('ambari-python-wrap /usr/hdp/current/ranger-admin/dba_script.py -q'), + user = 'ranger', + environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45', + 'RANGER_ADMIN_HOME': u'/usr/hdp/current/ranger-admin'}, + logoutput = True + ) + + self.assertResourceCalled('Execute', ('ambari-python-wrap /usr/hdp/current/ranger-admin/db_setup.py'), + user = 'ranger', + environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45', + 'RANGER_ADMIN_HOME': u'/usr/hdp/current/ranger-admin'}, + logoutput = True + ) + + def assert_configure_default(self): + + ### assert db setup + self.assert_setup_db() + + self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/conf', + owner = 'ranger', + group = 'ranger', + create_parents = True + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java-old.jar', + action = ['delete'], + ) + + self.assertResourceCalled('File', '/tmp/mysql-connector-java.jar', + content = DownloadSource('http://c6401.ambari.apache.org:8080/resources//mysql-connector-java.jar'), + mode = 0644 + ) + + self.assertResourceCalled('Execute', ('cp', '--remove-destination', '/tmp/mysql-connector-java.jar', '/usr/hdp/current/ranger-admin/ews/lib'), + sudo = True, + path = ['/bin', '/usr/bin/'] + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar', + mode = 0644 + ) + + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + properties = self.getConfig()['configurations']['admin-properties'], + owner = 'ranger' + ) + + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'SQL_CONNECTOR_JAR': '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar'} + ) + + self.assertResourceCalled('File', '/usr/lib/ambari-agent/DBConnectionVerification.jar', + content = DownloadSource('http://c6401.ambari.apache.org:8080/resources/DBConnectionVerification.jar'), + mode = 0644 + ) + + self.assertResourceCalled('Execute', + '/usr/jdk64/jdk1.7.0_45/bin/java -cp /usr/lib/ambari-agent/DBConnectionVerification.jar:/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/hdp/current/ranger-admin/ews/lib/* org.apache.ambari.server.DBConnectionVerification \'jdbc:mysql://c6401.ambari.apache.org:3306/ranger01\' rangeradmin01 rangeradmin01 com.mysql.jdbc.Driver', + path=['/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin'], + tries=5, + try_sleep=10, + environment = {} + ) + + self.assertResourceCalled('Execute', ('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf', '/usr/hdp/current/ranger-admin/conf'), + not_if = 'ls /usr/hdp/current/ranger-admin/conf', + only_if = 'ls /usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf', + sudo = True + ) + + self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/', + owner='ranger', + group='ranger', + recursive_ownership = True + ) + + self.assertResourceCalled('Directory', '/var/run/ranger', + mode=0755, + owner = 'ranger', + group = 'hadoop', + cd_access = "a", + create_parents=True + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-env-piddir.sh', + content = 'export RANGER_PID_DIR_PATH=/var/run/ranger\nexport RANGER_USER=ranger', + owner = 'ranger', + group = 'ranger', + mode = 0755 + ) + + self.assertResourceCalled('Directory', '/var/log/ranger/admin', + owner='ranger', + group='ranger', + create_parents = True, + cd_access = 'a', + mode = 0755 + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-env-logdir.sh', + content = 'export RANGER_ADMIN_LOG_DIR=/var/log/ranger/admin', + owner = 'ranger', + group = 'ranger', + mode = 0755 + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-default-site.xml', + owner = 'ranger', + group = 'ranger' + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/security-applicationContext.xml', + owner = 'ranger', + group = 'ranger' + ) + + self.assertResourceCalled('Execute', ('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh', '/usr/bin/ranger-admin'), + not_if = 'ls /usr/bin/ranger-admin', + only_if = 'ls /usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh', + sudo = True + ) + + self.assertResourceCalled('XmlConfig', 'ranger-admin-site.xml', + owner = 'ranger', + group = 'ranger', + conf_dir = '/usr/hdp/current/ranger-admin/conf', + configurations = self.getConfig()['configurations']['ranger-admin-site'], + configuration_attributes = self.getConfig()['configuration_attributes']['ranger-admin-site'], + mode = 0644 + ) + + self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/conf/ranger_jaas', + owner ='ranger', + group ='ranger', + mode = 0700 + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/log4j.properties', + owner = 'ranger', + group = 'ranger', + content = self.getConfig()['configurations']['admin-log4j']['content'], + mode = 0644 + ) + + self.assertResourceCalled('Execute', ('/usr/jdk64/jdk1.7.0_45/bin/java', '-cp', '/usr/hdp/current/ranger-admin/cred/lib/*', 'org.apache.ranger.credentialapi.buildks', 'create', 'rangeradmin', '-value', 'rangeradmin01', '-provider', 'jceks://file/etc/ranger/admin/rangeradmin.jceks'), + environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, + logoutput=True, + sudo = True + ) + + self.assertResourceCalled('File', '/etc/ranger/admin/rangeradmin.jceks', + owner = 'ranger', + group = 'ranger', + mode = 0640 + ) + + self.assertResourceCalled('XmlConfig', 'core-site.xml', + owner = 'ranger', + group = 'ranger', + conf_dir = '/usr/hdp/current/ranger-admin/conf', + configurations = self.getConfig()['configurations']['core-site'], + configuration_attributes = self.getConfig()['configuration_attributes']['core-site'], + mode = 0644 + ) + + self.assertResourceCalled('Execute', ('ambari-python-wrap /usr/hdp/current/ranger-admin/db_setup.py -javapatch'), + user = 'ranger', + environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45', + 'RANGER_ADMIN_HOME': u'/usr/hdp/current/ranger-admin'}, + logoutput = True + ) + + def assert_configure_secured(self): + + ### assert db setup + self.assert_setup_db() + + self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/conf', + owner = 'ranger', + group = 'ranger', + create_parents = True + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java-old.jar', + action = ['delete'], + ) + + self.assertResourceCalled('File', '/tmp/mysql-connector-java.jar', + content = DownloadSource('http://c6401.ambari.apache.org:8080/resources//mysql-connector-java.jar'), + mode = 0644 + ) + + self.assertResourceCalled('Execute', ('cp', '--remove-destination', '/tmp/mysql-connector-java.jar', '/usr/hdp/current/ranger-admin/ews/lib'), + sudo = True, + path = ['/bin', '/usr/bin/'] + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar', + mode = 0644 + ) + + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + properties = self.getConfig()['configurations']['admin-properties'], + owner = 'ranger' + ) + + self.assertResourceCalled('ModifyPropertiesFile', '/usr/hdp/current/ranger-admin/install.properties', + owner = 'ranger', + properties = {'SQL_CONNECTOR_JAR': '/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar'} + ) + + self.assertResourceCalled('File', '/usr/lib/ambari-agent/DBConnectionVerification.jar', + content = DownloadSource('http://c6401.ambari.apache.org:8080/resources/DBConnectionVerification.jar'), + mode = 0644 + ) + + self.assertResourceCalled('Execute', + '/usr/jdk64/jdk1.7.0_45/bin/java -cp /usr/lib/ambari-agent/DBConnectionVerification.jar:/usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/hdp/current/ranger-admin/ews/lib/* org.apache.ambari.server.DBConnectionVerification \'jdbc:mysql://c6401.ambari.apache.org:3306/ranger01\' rangeradmin01 rangeradmin01 com.mysql.jdbc.Driver', + path=['/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin'], + tries=5, + try_sleep=10, + environment = {} + ) + + self.assertResourceCalled('Execute', ('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf', '/usr/hdp/current/ranger-admin/conf'), + not_if = 'ls /usr/hdp/current/ranger-admin/conf', + only_if = 'ls /usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf', + sudo = True + ) + + self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/', + owner='ranger', + group='ranger', + recursive_ownership = True + ) + + self.assertResourceCalled('Directory', '/var/run/ranger', + mode=0755, + owner = 'ranger', + group = 'hadoop', + cd_access = "a", + create_parents=True + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-env-piddir.sh', + content = 'export RANGER_PID_DIR_PATH=/var/run/ranger\nexport RANGER_USER=ranger', + owner = 'ranger', + group = 'ranger', + mode = 0755 + ) + + self.assertResourceCalled('Directory', '/var/log/ranger/admin', + owner='ranger', + group='ranger', + create_parents = True, + cd_access = 'a', + mode = 0755 + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-env-logdir.sh', + content = 'export RANGER_ADMIN_LOG_DIR=/var/log/ranger/admin', + owner = 'ranger', + group = 'ranger', + mode = 0755 + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/ranger-admin-default-site.xml', + owner = 'ranger', + group = 'ranger' + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/conf/security-applicationContext.xml', + owner = 'ranger', + group = 'ranger' + ) + + self.assertResourceCalled('Execute', ('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh', '/usr/bin/ranger-admin'), + not_if = 'ls /usr/bin/ranger-admin', + only_if = 'ls /usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh', + sudo = True + ) + + self.assertResourceCalled('XmlConfig', 'ranger-admin-site.xml', + owner = 'ranger', + group = 'ranger', + conf_dir = '/usr/hdp/current/ranger-admin/conf', + configurations = self.getConfig()['configurations']['ranger-admin-site'], + configuration_attributes = self.getConfig()['configuration_attributes']['ranger-admin-site'], + mode = 0644 + ) + + self.assertResourceCalled('Directory', '/usr/hdp/current/ranger-admin/conf/ranger_jaas', + owner ='ranger', + group ='ranger', + mode = 0700 + ) + + self.assertResourceCalled('File', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/log4j.properties', + owner = 'ranger', + group = 'ranger', + content = self.getConfig()['configurations']['admin-log4j']['content'], + mode = 0644 + ) + + self.assertResourceCalled('Execute', ('/usr/jdk64/jdk1.7.0_45/bin/java', '-cp', '/usr/hdp/current/ranger-admin/cred/lib/*', 'org.apache.ranger.credentialapi.buildks', 'create', 'rangeradmin', '-value', 'rangeradmin01', '-provider', 'jceks://file/etc/ranger/admin/rangeradmin.jceks'), + environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45'}, + logoutput=True, + sudo = True + ) + + self.assertResourceCalled('File', '/etc/ranger/admin/rangeradmin.jceks', + owner = 'ranger', + group = 'ranger', + mode = 0640 + ) + + self.assertResourceCalled('XmlConfig', 'core-site.xml', + owner = 'ranger', + group = 'ranger', + conf_dir = '/usr/hdp/current/ranger-admin/conf', + configurations = self.getConfig()['configurations']['core-site'], + configuration_attributes = self.getConfig()['configuration_attributes']['core-site'], + mode = 0644 + ) + + self.assertResourceCalled('Execute', ('ambari-python-wrap /usr/hdp/current/ranger-admin/db_setup.py -javapatch'), + user = 'ranger', + environment = {'JAVA_HOME': u'/usr/jdk64/jdk1.7.0_45', + 'RANGER_ADMIN_HOME': u'/usr/hdp/current/ranger-admin'}, + logoutput = True + ) \ No newline at end of file