Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 5279E200C69 for ; Fri, 21 Apr 2017 16:55:30 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 50F03160BA2; Fri, 21 Apr 2017 14:55:30 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 9AF2C160BAF for ; Fri, 21 Apr 2017 16:55:27 +0200 (CEST) Received: (qmail 61945 invoked by uid 500); 21 Apr 2017 14:54:43 -0000 Mailing-List: contact commits-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ambari-dev@ambari.apache.org Delivered-To: mailing list commits@ambari.apache.org Received: (qmail 61089 invoked by uid 99); 21 Apr 2017 14:54:42 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 21 Apr 2017 14:54:42 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id E3D36F49F1; Fri, 21 Apr 2017 14:54:41 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: echekanskiy@apache.org To: commits@ambari.apache.org Date: Fri, 21 Apr 2017 14:54:43 -0000 Message-Id: In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [3/5] ambari git commit: AMBARI-20733. /var/log/krb5kdc.log is growing rapidly on the KDC server (echekanskiy) archived-at: Fri, 21 Apr 2017 14:55:30 -0000 http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py index b871b68..81b99e6 100644 --- a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py +++ b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py @@ -132,66 +132,6 @@ class ResourcemanagerDefault(Resourcemanager): check_process_status(status_params.resourcemanager_pid_file) pass - def security_status(self, env): - import status_params - env.set_params(status_params) - if status_params.security_enabled: - props_value_check = {"yarn.timeline-service.http-authentication.type": "kerberos", - "yarn.acl.enable": "true"} - props_empty_check = ["yarn.resourcemanager.principal", - "yarn.resourcemanager.keytab", - "yarn.resourcemanager.webapp.spnego-principal", - "yarn.resourcemanager.webapp.spnego-keytab-file"] - - props_read_check = ["yarn.resourcemanager.keytab", - "yarn.resourcemanager.webapp.spnego-keytab-file"] - yarn_site_props = build_expectations('yarn-site', props_value_check, props_empty_check, - props_read_check) - - yarn_expectations ={} - yarn_expectations.update(yarn_site_props) - - security_params = get_params_from_filesystem(status_params.hadoop_conf_dir, - {'yarn-site.xml': FILE_TYPE_XML}) - result_issues = validate_security_config_properties(security_params, yarn_site_props) - if not result_issues: # If all validations passed successfully - try: - # Double check the dict before calling execute - if ( 'yarn-site' not in security_params - or 'yarn.resourcemanager.keytab' not in security_params['yarn-site'] - or 'yarn.resourcemanager.principal' not in security_params['yarn-site']) \ - or 'yarn.resourcemanager.webapp.spnego-keytab-file' not in security_params['yarn-site'] \ - or 'yarn.resourcemanager.webapp.spnego-principal' not in security_params['yarn-site']: - self.put_structured_out({"securityState": "UNSECURED"}) - self.put_structured_out( - {"securityIssuesFound": "Keytab file or principal are not set property."}) - return - - cached_kinit_executor(status_params.kinit_path_local, - status_params.yarn_user, - security_params['yarn-site']['yarn.resourcemanager.keytab'], - security_params['yarn-site']['yarn.resourcemanager.principal'], - status_params.hostname, - status_params.tmp_dir) - cached_kinit_executor(status_params.kinit_path_local, - status_params.yarn_user, - security_params['yarn-site']['yarn.resourcemanager.webapp.spnego-keytab-file'], - security_params['yarn-site']['yarn.resourcemanager.webapp.spnego-principal'], - status_params.hostname, - status_params.tmp_dir) - self.put_structured_out({"securityState": "SECURED_KERBEROS"}) - except Exception as e: - self.put_structured_out({"securityState": "ERROR"}) - self.put_structured_out({"securityStateErrorInfo": str(e)}) - else: - issues = [] - for cf in result_issues: - issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf])) - self.put_structured_out({"securityIssuesFound": ". ".join(issues)}) - self.put_structured_out({"securityState": "UNSECURED"}) - else: - self.put_structured_out({"securityState": "UNSECURED"}) - def refreshqueues(self, env): import params http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/application_timeline_server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/application_timeline_server.py b/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/application_timeline_server.py index 03fff21..b1e0c16 100644 --- a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/application_timeline_server.py +++ b/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/application_timeline_server.py @@ -83,67 +83,6 @@ class ApplicationTimelineServerDefault(ApplicationTimelineServer): env.set_params(status_params) check_process_status(status_params.yarn_historyserver_pid_file) - def security_status(self, env): - import status_params - env.set_params(status_params) - if status_params.security_enabled: - props_value_check = {"yarn.timeline-service.enabled": "true", - "yarn.timeline-service.http-authentication.type": "kerberos", - "yarn.acl.enable": "true"} - props_empty_check = ["yarn.timeline-service.principal", - "yarn.timeline-service.keytab", - "yarn.timeline-service.http-authentication.kerberos.principal", - "yarn.timeline-service.http-authentication.kerberos.keytab"] - - props_read_check = ["yarn.timeline-service.keytab", - "yarn.timeline-service.http-authentication.kerberos.keytab"] - yarn_site_props = build_expectations('yarn-site', props_value_check, props_empty_check, - props_read_check) - - yarn_expectations ={} - yarn_expectations.update(yarn_site_props) - - security_params = get_params_from_filesystem(status_params.hadoop_conf_dir, - {'yarn-site.xml': FILE_TYPE_XML}) - result_issues = validate_security_config_properties(security_params, yarn_expectations) - if not result_issues: # If all validations passed successfully - try: - # Double check the dict before calling execute - if ( 'yarn-site' not in security_params - or 'yarn.timeline-service.keytab' not in security_params['yarn-site'] - or 'yarn.timeline-service.principal' not in security_params['yarn-site']) \ - or 'yarn.timeline-service.http-authentication.kerberos.keytab' not in security_params['yarn-site'] \ - or 'yarn.timeline-service.http-authentication.kerberos.principal' not in security_params['yarn-site']: - self.put_structured_out({"securityState": "UNSECURED"}) - self.put_structured_out( - {"securityIssuesFound": "Keytab file or principal are not set property."}) - return - - cached_kinit_executor(status_params.kinit_path_local, - status_params.yarn_user, - security_params['yarn-site']['yarn.timeline-service.keytab'], - security_params['yarn-site']['yarn.timeline-service.principal'], - status_params.hostname, - status_params.tmp_dir) - cached_kinit_executor(status_params.kinit_path_local, - status_params.yarn_user, - security_params['yarn-site']['yarn.timeline-service.http-authentication.kerberos.keytab'], - security_params['yarn-site']['yarn.timeline-service.http-authentication.kerberos.principal'], - status_params.hostname, - status_params.tmp_dir) - self.put_structured_out({"securityState": "SECURED_KERBEROS"}) - except Exception as e: - self.put_structured_out({"securityState": "ERROR"}) - self.put_structured_out({"securityStateErrorInfo": str(e)}) - else: - issues = [] - for cf in result_issues: - issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf])) - self.put_structured_out({"securityIssuesFound": ". ".join(issues)}) - self.put_structured_out({"securityState": "UNSECURED"}) - else: - self.put_structured_out({"securityState": "UNSECURED"}) - def get_log_folder(self): import params return params.yarn_log_dir http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/historyserver.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/historyserver.py b/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/historyserver.py index 8f5d380..d886244 100644 --- a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/historyserver.py +++ b/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/historyserver.py @@ -120,62 +120,6 @@ class HistoryServerDefault(HistoryServer): env.set_params(status_params) check_process_status(status_params.mapred_historyserver_pid_file) - def security_status(self, env): - import status_params - env.set_params(status_params) - if status_params.security_enabled: - expectations = {} - expectations.update(build_expectations('mapred-site', - None, - [ - 'mapreduce.jobhistory.keytab', - 'mapreduce.jobhistory.principal', - 'mapreduce.jobhistory.webapp.spnego-keytab-file', - 'mapreduce.jobhistory.webapp.spnego-principal' - ], - None)) - - security_params = get_params_from_filesystem(status_params.hadoop_conf_dir, - {'mapred-site.xml': FILE_TYPE_XML}) - result_issues = validate_security_config_properties(security_params, expectations) - if not result_issues: # If all validations passed successfully - try: - # Double check the dict before calling execute - if ( 'mapred-site' not in security_params or - 'mapreduce.jobhistory.keytab' not in security_params['mapred-site'] or - 'mapreduce.jobhistory.principal' not in security_params['mapred-site'] or - 'mapreduce.jobhistory.webapp.spnego-keytab-file' not in security_params['mapred-site'] or - 'mapreduce.jobhistory.webapp.spnego-principal' not in security_params['mapred-site']): - self.put_structured_out({"securityState": "UNSECURED"}) - self.put_structured_out( - {"securityIssuesFound": "Keytab file or principal not set."}) - return - - cached_kinit_executor(status_params.kinit_path_local, - status_params.mapred_user, - security_params['mapred-site']['mapreduce.jobhistory.keytab'], - security_params['mapred-site']['mapreduce.jobhistory.principal'], - status_params.hostname, - status_params.tmp_dir) - cached_kinit_executor(status_params.kinit_path_local, - status_params.mapred_user, - security_params['mapred-site']['mapreduce.jobhistory.webapp.spnego-keytab-file'], - security_params['mapred-site']['mapreduce.jobhistory.webapp.spnego-principal'], - status_params.hostname, - status_params.tmp_dir) - self.put_structured_out({"securityState": "SECURED_KERBEROS"}) - except Exception as e: - self.put_structured_out({"securityState": "ERROR"}) - self.put_structured_out({"securityStateErrorInfo": str(e)}) - else: - issues = [] - for cf in result_issues: - issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf])) - self.put_structured_out({"securityIssuesFound": ". ".join(issues)}) - self.put_structured_out({"securityState": "UNSECURED"}) - else: - self.put_structured_out({"securityState": "UNSECURED"}) - def get_log_folder(self): import params return params.mapred_log_dir http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/nodemanager.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/nodemanager.py b/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/nodemanager.py index 133d2e1..5acb20b 100644 --- a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/nodemanager.py +++ b/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/nodemanager.py @@ -90,66 +90,6 @@ class NodemanagerDefault(Nodemanager): env.set_params(status_params) check_process_status(status_params.nodemanager_pid_file) - def security_status(self, env): - import status_params - env.set_params(status_params) - if status_params.security_enabled: - props_value_check = {"yarn.timeline-service.http-authentication.type": "kerberos", - "yarn.acl.enable": "true"} - props_empty_check = ["yarn.nodemanager.principal", - "yarn.nodemanager.keytab", - "yarn.nodemanager.webapp.spnego-principal", - "yarn.nodemanager.webapp.spnego-keytab-file"] - - props_read_check = ["yarn.nodemanager.keytab", - "yarn.nodemanager.webapp.spnego-keytab-file"] - yarn_site_props = build_expectations('yarn-site', props_value_check, props_empty_check, - props_read_check) - - yarn_expectations ={} - yarn_expectations.update(yarn_site_props) - - security_params = get_params_from_filesystem(status_params.hadoop_conf_dir, - {'yarn-site.xml': FILE_TYPE_XML}) - result_issues = validate_security_config_properties(security_params, yarn_site_props) - if not result_issues: # If all validations passed successfully - try: - # Double check the dict before calling execute - if ( 'yarn-site' not in security_params - or 'yarn.nodemanager.keytab' not in security_params['yarn-site'] - or 'yarn.nodemanager.principal' not in security_params['yarn-site']) \ - or 'yarn.nodemanager.webapp.spnego-keytab-file' not in security_params['yarn-site'] \ - or 'yarn.nodemanager.webapp.spnego-principal' not in security_params['yarn-site']: - self.put_structured_out({"securityState": "UNSECURED"}) - self.put_structured_out( - {"securityIssuesFound": "Keytab file or principal are not set property."}) - return - - cached_kinit_executor(status_params.kinit_path_local, - status_params.yarn_user, - security_params['yarn-site']['yarn.nodemanager.keytab'], - security_params['yarn-site']['yarn.nodemanager.principal'], - status_params.hostname, - status_params.tmp_dir) - cached_kinit_executor(status_params.kinit_path_local, - status_params.yarn_user, - security_params['yarn-site']['yarn.nodemanager.webapp.spnego-keytab-file'], - security_params['yarn-site']['yarn.nodemanager.webapp.spnego-principal'], - status_params.hostname, - status_params.tmp_dir) - self.put_structured_out({"securityState": "SECURED_KERBEROS"}) - except Exception as e: - self.put_structured_out({"securityState": "ERROR"}) - self.put_structured_out({"securityStateErrorInfo": str(e)}) - else: - issues = [] - for cf in result_issues: - issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf])) - self.put_structured_out({"securityIssuesFound": ". ".join(issues)}) - self.put_structured_out({"securityState": "UNSECURED"}) - else: - self.put_structured_out({"securityState": "UNSECURED"}) - def get_log_folder(self): import params return params.yarn_log_dir http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/resourcemanager.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/resourcemanager.py b/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/resourcemanager.py index ba748f1..78675bf 100644 --- a/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/resourcemanager.py +++ b/ambari-server/src/main/resources/common-services/YARN/3.0.0.3.0/package/scripts/resourcemanager.py @@ -147,66 +147,6 @@ class ResourcemanagerDefault(Resourcemanager): check_process_status(status_params.resourcemanager_pid_file) pass - def security_status(self, env): - import status_params - env.set_params(status_params) - if status_params.security_enabled: - props_value_check = {"yarn.timeline-service.http-authentication.type": "kerberos", - "yarn.acl.enable": "true"} - props_empty_check = ["yarn.resourcemanager.principal", - "yarn.resourcemanager.keytab", - "yarn.resourcemanager.webapp.spnego-principal", - "yarn.resourcemanager.webapp.spnego-keytab-file"] - - props_read_check = ["yarn.resourcemanager.keytab", - "yarn.resourcemanager.webapp.spnego-keytab-file"] - yarn_site_props = build_expectations('yarn-site', props_value_check, props_empty_check, - props_read_check) - - yarn_expectations ={} - yarn_expectations.update(yarn_site_props) - - security_params = get_params_from_filesystem(status_params.hadoop_conf_dir, - {'yarn-site.xml': FILE_TYPE_XML}) - result_issues = validate_security_config_properties(security_params, yarn_site_props) - if not result_issues: # If all validations passed successfully - try: - # Double check the dict before calling execute - if ( 'yarn-site' not in security_params - or 'yarn.resourcemanager.keytab' not in security_params['yarn-site'] - or 'yarn.resourcemanager.principal' not in security_params['yarn-site']) \ - or 'yarn.resourcemanager.webapp.spnego-keytab-file' not in security_params['yarn-site'] \ - or 'yarn.resourcemanager.webapp.spnego-principal' not in security_params['yarn-site']: - self.put_structured_out({"securityState": "UNSECURED"}) - self.put_structured_out( - {"securityIssuesFound": "Keytab file or principal are not set property."}) - return - - cached_kinit_executor(status_params.kinit_path_local, - status_params.yarn_user, - security_params['yarn-site']['yarn.resourcemanager.keytab'], - security_params['yarn-site']['yarn.resourcemanager.principal'], - status_params.hostname, - status_params.tmp_dir) - cached_kinit_executor(status_params.kinit_path_local, - status_params.yarn_user, - security_params['yarn-site']['yarn.resourcemanager.webapp.spnego-keytab-file'], - security_params['yarn-site']['yarn.resourcemanager.webapp.spnego-principal'], - status_params.hostname, - status_params.tmp_dir) - self.put_structured_out({"securityState": "SECURED_KERBEROS"}) - except Exception as e: - self.put_structured_out({"securityState": "ERROR"}) - self.put_structured_out({"securityStateErrorInfo": str(e)}) - else: - issues = [] - for cf in result_issues: - issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf])) - self.put_structured_out({"securityIssuesFound": ". ".join(issues)}) - self.put_structured_out({"securityState": "UNSECURED"}) - else: - self.put_structured_out({"securityState": "UNSECURED"}) - def refreshqueues(self, env): import params http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py b/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py index c2d76be..8d9de9e 100644 --- a/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py +++ b/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py @@ -111,57 +111,6 @@ class ZookeeperServerLinux(ZookeeperServer): import status_params env.set_params(status_params) check_process_status(status_params.zk_pid_file) - - def security_status(self, env): - import status_params - env.set_params(status_params) - - if status_params.security_enabled: - # Expect the following files to be available in params.config_dir: - # zookeeper_jaas.conf - # zookeeper_client_jaas.conf - try: - props_value_check = None - props_empty_check = ['Server/keyTab', 'Server/principal'] - props_read_check = ['Server/keyTab'] - zk_env_expectations = build_expectations('zookeeper_jaas', props_value_check, props_empty_check, - props_read_check) - - zk_expectations = {} - zk_expectations.update(zk_env_expectations) - - security_params = get_params_from_filesystem(status_params.config_dir, - {'zookeeper_jaas.conf': FILE_TYPE_JAAS_CONF}) - - result_issues = validate_security_config_properties(security_params, zk_expectations) - if not result_issues: # If all validations passed successfully - # Double check the dict before calling execute - if ( 'zookeeper_jaas' not in security_params - or 'Server' not in security_params['zookeeper_jaas'] - or 'keyTab' not in security_params['zookeeper_jaas']['Server'] - or 'principal' not in security_params['zookeeper_jaas']['Server']): - self.put_structured_out({"securityState": "ERROR"}) - self.put_structured_out({"securityIssuesFound": "Keytab file or principal are not set property."}) - return - - cached_kinit_executor(status_params.kinit_path_local, - status_params.zk_user, - security_params['zookeeper_jaas']['Server']['keyTab'], - security_params['zookeeper_jaas']['Server']['principal'], - status_params.hostname, - status_params.tmp_dir) - self.put_structured_out({"securityState": "SECURED_KERBEROS"}) - else: - issues = [] - for cf in result_issues: - issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf])) - self.put_structured_out({"securityIssuesFound": ". ".join(issues)}) - self.put_structured_out({"securityState": "UNSECURED"}) - except Exception as e: - self.put_structured_out({"securityState": "ERROR"}) - self.put_structured_out({"securityStateErrorInfo": str(e)}) - else: - self.put_structured_out({"securityState": "UNSECURED"}) def get_log_folder(self): import params http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py b/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py index 1298f1e..b2cdaa6 100644 --- a/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py +++ b/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py @@ -43,27 +43,6 @@ class KerberosClient(KerberosScript): def status(self, env): raise ClientComponentHasNoStatus() - def security_status(self, env): - import status_params - if status_params.security_enabled: - if status_params.smoke_user and status_params.smoke_user_keytab: - try: - cached_kinit_executor(status_params.kinit_path_local, - status_params.smoke_user, - status_params.smoke_user_keytab, - status_params.smoke_user_principal, - status_params.hostname, - status_params.tmp_dir) - self.put_structured_out({"securityState": "SECURED_KERBEROS"}) - except Exception as e: - self.put_structured_out({"securityState": "ERROR"}) - self.put_structured_out({"securityStateErrorInfo": str(e)}) - else: - self.put_structured_out({"securityState": "UNKNOWN"}) - self.put_structured_out({"securityStateErrorInfo": "Missing smoke user credentials"}) - else: - self.put_structured_out({"securityState": "UNSECURED"}) - def set_keytab(self, env): self.write_keytab_file() http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java index cff0e34..2dd91c0 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java @@ -495,7 +495,6 @@ public class HeartbeatProcessorTest { componentStatus1.setServiceName(HDFS); componentStatus1.setMessage(DummyHostStatus); componentStatus1.setStatus(State.STARTED.name()); - componentStatus1.setSecurityState(SecurityState.SECURED_KERBEROS.name()); componentStatus1.setComponentName(DATANODE); componentStatuses.add(componentStatus1); ComponentStatus componentStatus2 = new ComponentStatus(); @@ -503,7 +502,6 @@ public class HeartbeatProcessorTest { componentStatus2.setServiceName(HDFS); componentStatus2.setMessage(DummyHostStatus); componentStatus2.setStatus(State.STARTED.name()); - componentStatus2.setSecurityState(SecurityState.UNSECURED.name()); componentStatus2.setComponentName(SECONDARY_NAMENODE); componentStatuses.add(componentStatus2); hb.setComponentStatus(componentStatuses); @@ -526,7 +524,6 @@ public class HeartbeatProcessorTest { State componentState2 = serviceComponentHost2.getState(); State componentState3 = serviceComponentHost3.getState(); assertEquals(State.STARTED, componentState1); - assertEquals(SecurityState.SECURED_KERBEROS, serviceComponentHost1.getSecurityState()); assertEquals(State.INSTALLED, componentState2); assertEquals(SecurityState.SECURING, serviceComponentHost2.getSecurityState()); //starting state will not be overridden by status command @@ -837,7 +834,6 @@ public class HeartbeatProcessorTest { componentStatus1.setServiceName(HDFS); componentStatus1.setMessage(DummyHostStatus); componentStatus1.setStatus(State.STARTED.name()); - componentStatus1.setSecurityState(SecurityState.UNSECURED.name()); componentStatus1.setComponentName(DATANODE); componentStatus1.setExtra(extra); @@ -873,7 +869,6 @@ public class HeartbeatProcessorTest { componentStatus1.setServiceName(HDFS); componentStatus1.setMessage(DummyHostStatus); componentStatus1.setStatus(State.STARTED.name()); - componentStatus1.setSecurityState(SecurityState.UNSECURED.name()); componentStatus1.setComponentName(DATANODE); hb.setComponentStatus(Collections.singletonList(componentStatus1)); @@ -1328,7 +1323,6 @@ public class HeartbeatProcessorTest { componentStatus1.setServiceName(HDFS); componentStatus1.setMessage(DummyHostStatus); componentStatus1.setStatus(State.INSTALLED.name()); - componentStatus1.setSecurityState(SecurityState.UNSECURED.name()); componentStatus1.setComponentName(DATANODE); componentStatuses.add(componentStatus1); @@ -1337,7 +1331,6 @@ public class HeartbeatProcessorTest { componentStatus2.setServiceName(HDFS); componentStatus2.setMessage(DummyHostStatus); componentStatus2.setStatus(State.INSTALLED.name()); - componentStatus2.setSecurityState(SecurityState.UNSECURED.name()); componentStatus2.setComponentName(NAMENODE); componentStatuses.add(componentStatus2); http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java b/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java index 80775c3..909bf69 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java @@ -316,7 +316,6 @@ public class TestHeartbeatHandler { componentStatus1.setServiceName(HDFS); componentStatus1.setMessage(DummyHostStatus); componentStatus1.setStatus(State.STARTED.name()); - componentStatus1.setSecurityState(SecurityState.UNSECURED.name()); componentStatus1.setComponentName(DATANODE); componentStatuses.add(componentStatus1); @@ -325,7 +324,6 @@ public class TestHeartbeatHandler { componentStatus2.setServiceName(HDFS); componentStatus2.setMessage(DummyHostStatus); componentStatus2.setStatus(State.INSTALLED.name()); - componentStatus2.setSecurityState(SecurityState.UNSECURED.name()); componentStatus2.setComponentName(NAMENODE); componentStatuses.add(componentStatus2); @@ -1128,14 +1126,12 @@ public class TestHeartbeatHandler { dataNodeStatus.setServiceName(HDFS); dataNodeStatus.setComponentName(DATANODE); dataNodeStatus.setStatus("STARTED"); - dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(dataNodeStatus); ComponentStatus nameNodeStatus = new ComponentStatus(); nameNodeStatus.setClusterName(cluster.getClusterName()); nameNodeStatus.setServiceName(HDFS); nameNodeStatus.setComponentName(NAMENODE); nameNodeStatus.setStatus("STARTED"); - nameNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(nameNodeStatus); hb1.setComponentStatus(componentStatus); handler.handleHeartBeat(hb1); @@ -1153,14 +1149,12 @@ public class TestHeartbeatHandler { dataNodeStatus.setServiceName(HDFS); dataNodeStatus.setComponentName(DATANODE); dataNodeStatus.setStatus("INSTALLED"); - dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(dataNodeStatus); nameNodeStatus = new ComponentStatus(); nameNodeStatus.setClusterName(cluster.getClusterName()); nameNodeStatus.setServiceName(HDFS); nameNodeStatus.setComponentName(NAMENODE); nameNodeStatus.setStatus("STARTED"); - nameNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(nameNodeStatus); hb2.setComponentStatus(componentStatus); handler.handleHeartBeat(hb2); @@ -1180,14 +1174,12 @@ public class TestHeartbeatHandler { dataNodeStatus.setServiceName(HDFS); dataNodeStatus.setComponentName(DATANODE); dataNodeStatus.setStatus("INSTALLED"); - dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(dataNodeStatus); nameNodeStatus = new ComponentStatus(); nameNodeStatus.setClusterName(cluster.getClusterName()); nameNodeStatus.setServiceName(HDFS); nameNodeStatus.setComponentName(NAMENODE); nameNodeStatus.setStatus("STARTED"); - nameNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(nameNodeStatus); hb2a.setComponentStatus(componentStatus); handler.handleHeartBeat(hb2a); @@ -1208,14 +1200,12 @@ public class TestHeartbeatHandler { dataNodeStatus.setServiceName(HDFS); dataNodeStatus.setComponentName(DATANODE); dataNodeStatus.setStatus("INSTALLED"); - dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(dataNodeStatus); nameNodeStatus = new ComponentStatus(); nameNodeStatus.setClusterName(cluster.getClusterName()); nameNodeStatus.setServiceName(HDFS); nameNodeStatus.setComponentName(NAMENODE); nameNodeStatus.setStatus("INSTALLED"); - nameNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(nameNodeStatus); hb3.setComponentStatus(componentStatus); handler.handleHeartBeat(hb3); @@ -1247,7 +1237,6 @@ public class TestHeartbeatHandler { dataNodeStatus.setServiceName(HDFS); dataNodeStatus.setComponentName(DATANODE); dataNodeStatus.setStatus("STARTED"); - dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name()); componentStatus.add(dataNodeStatus); hb4.setComponentStatus(componentStatus); handler.handleHeartBeat(hb4); @@ -1405,7 +1394,6 @@ public class TestHeartbeatHandler { componentStatus1.setServiceName(serviceName); componentStatus1.setMessage(message); componentStatus1.setStatus(state.name()); - componentStatus1.setSecurityState(securityState.name()); componentStatus1.setComponentName(componentName); componentStatus1.setStackVersion(stackVersion); return componentStatus1; @@ -1434,7 +1422,6 @@ public class TestHeartbeatHandler { componentStatus1.setServiceName(HDFS); componentStatus1.setMessage(DummyHostStatus); componentStatus1.setStatus(State.STARTED.name()); - componentStatus1.setSecurityState(SecurityState.UNSECURED.name()); componentStatus1.setComponentName(DATANODE); componentStatuses.add(componentStatus1); http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py b/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py index 42bc989..fda63e0 100644 --- a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py +++ b/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py @@ -712,108 +712,6 @@ class TestHBaseMaster(RMFTestCase): self.assertNoMoreResources() - @patch("resource_management.libraries.functions.security_commons.build_expectations") - @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem") - @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties") - @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor") - @patch("resource_management.libraries.script.Script.put_structured_out") - def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock): - # Test that function works when is called with correct parameters - - security_params = { - 'hbase-site': { - 'hbase.master.kerberos.principal': '/path/to/hbase_keytab', - 'hbase.master.keytab.file': 'hbase_principal' - } - } - - result_issues = [] - props_value_check = {"hbase.security.authentication": "kerberos", - "hbase.security.authorization": "true"} - props_empty_check = ["hbase.master.keytab.file", - "hbase.master.kerberos.principal"] - - props_read_check = ["hbase.master.keytab.file"] - - get_params_mock.return_value = security_params - validate_security_config_mock.return_value = result_issues - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py", - classname = "HbaseMaster", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - build_exp_mock.assert_called_with('hbase-site', props_value_check, props_empty_check, props_read_check) - put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"}) - cached_kinit_executor_mock.called_with('/usr/bin/kinit', - self.config_dict['configurations']['hbase-env']['hbase_user'], - security_params['hbase-site']['hbase.master.keytab.file'], - security_params['hbase-site']['hbase.master.kerberos.principal'], - self.config_dict['hostname'], - '/tmp') - - # Testing that the exception throw by cached_executor is caught - cached_kinit_executor_mock.reset_mock() - cached_kinit_executor_mock.side_effect = Exception("Invalid command") - - try: - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py", - classname = "HbaseMaster", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - except: - self.assertTrue(True) - - # Testing with a security_params which doesn't contains hbase-site - empty_security_params = {} - cached_kinit_executor_mock.reset_mock() - get_params_mock.reset_mock() - put_structured_out_mock.reset_mock() - get_params_mock.return_value = empty_security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py", - classname = "HbaseMaster", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."}) - - # Testing with not empty result_issues - result_issues_with_params = {} - result_issues_with_params['hbase-site']="Something bad happened" - - validate_security_config_mock.reset_mock() - get_params_mock.reset_mock() - validate_security_config_mock.return_value = result_issues_with_params - get_params_mock.return_value = security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py", - classname = "HbaseMaster", - command = "security_status", - config_file="default.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - - # Testing with security_enable = false - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py", - classname = "HbaseMaster", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - def test_upgrade_backup(self): self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_upgrade.py", classname = "HbaseMasterUpgrade", http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py b/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py index 9bb0dd7..93f5d19 100644 --- a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py +++ b/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py @@ -530,110 +530,6 @@ class TestHbaseRegionServer(RMFTestCase): self.assertNoMoreResources() - - @patch("resource_management.libraries.functions.security_commons.build_expectations") - @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem") - @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties") - @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor") - @patch("resource_management.libraries.script.Script.put_structured_out") - def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock): - # Test that function works when is called with correct parameters - - security_params = { - 'hbase-site': { - 'hbase.regionserver.keytab.file': '/path/to/hbase_keytab', - 'hbase.regionserver.kerberos.principal': 'hbase_principal' - } - } - - result_issues = [] - props_value_check = {"hbase.security.authentication": "kerberos", - "hbase.security.authorization": "true"} - props_empty_check = ["hbase.regionserver.keytab.file", - "hbase.regionserver.kerberos.principal"] - - props_read_check = ["hbase.regionserver.keytab.file"] - - get_params_mock.return_value = security_params - validate_security_config_mock.return_value = result_issues - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py", - classname = "HbaseRegionServer", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - build_exp_mock.assert_called_with('hbase-site', props_value_check, props_empty_check, props_read_check) - put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"}) - cached_kinit_executor_mock.called_with('/usr/bin/kinit', - self.config_dict['configurations']['hbase-env']['hbase_user'], - security_params['hbase-site']['hbase.regionserver.keytab.file'], - security_params['hbase-site']['hbase.regionserver.kerberos.principal'], - self.config_dict['hostname'], - '/tmp') - - # Testing that the exception throw by cached_executor is caught - cached_kinit_executor_mock.reset_mock() - cached_kinit_executor_mock.side_effect = Exception("Invalid command") - - try: - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py", - classname = "HbaseRegionServer", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - except: - self.assertTrue(True) - - # Testing with a security_params which doesn't contains hbase-site - empty_security_params = {} - cached_kinit_executor_mock.reset_mock() - get_params_mock.reset_mock() - put_structured_out_mock.reset_mock() - get_params_mock.return_value = empty_security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py", - classname = "HbaseRegionServer", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."}) - - # Testing with not empty result_issues - result_issues_with_params = { - 'hbase-site' : "Something bad happened" - } - - validate_security_config_mock.reset_mock() - get_params_mock.reset_mock() - validate_security_config_mock.return_value = result_issues_with_params - get_params_mock.return_value = security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py", - classname = "HbaseRegionServer", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - - # Testing with security_enable = false - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py", - classname = "HbaseRegionServer", - command = "security_status", - config_file="default.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - def test_pre_upgrade_restart(self): config_file = self.get_src_folder()+"/test/python/stacks/2.0.6/configs/default.json" with open(config_file, "r") as f: http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py index 2cd35ab..5702b57 100644 --- a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py +++ b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py @@ -661,114 +661,3 @@ class TestDatanode(RMFTestCase): self.assertEquals( ('hdfs dfsadmin -fs hdfs://ns1 -D ipc.client.connect.max.retries=5 -D ipc.client.connect.retry.interval=1000 -getDatanodeInfo 0.0.0.0:8010'), mocks_dict['checked_call'].call_args_list[0][0][0]) - - @patch("resource_management.libraries.functions.security_commons.build_expectations") - @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem") - @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties") - @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor") - @patch("resource_management.libraries.script.Script.put_structured_out") - def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock): - # Test that function works when is called with correct parameters - - security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - }, - 'hdfs-site': { - 'dfs.datanode.keytab.file': 'path/to/datanode/keytab/file', - 'dfs.datanode.kerberos.principal': 'datanode_principal' - } - } - - props_value_check = None - props_empty_check = ['dfs.datanode.keytab.file', - 'dfs.datanode.kerberos.principal'] - props_read_check = ['dfs.datanode.keytab.file'] - - result_issues = [] - - get_params_mock.return_value = security_params - validate_security_config_mock.return_value = result_issues - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py", - classname = "DataNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - build_exp_mock.assert_called_with('hdfs-site', props_value_check, props_empty_check, props_read_check) - put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"}) - cached_kinit_executor_mock.called_with('/usr/bin/kinit', - self.config_dict['configurations']['hadoop-env']['hdfs_user'], - security_params['hdfs-site']['dfs.datanode.keytab.file'], - security_params['hdfs-site']['dfs.datanode.kerberos.principal'], - self.config_dict['hostname'], - '/tmp') - - # Testing when hadoop.security.authentication is simple - security_params['core-site']['hadoop.security.authentication'] = 'simple' - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py", - classname = "DataNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - security_params['core-site']['hadoop.security.authentication'] = 'kerberos' - - # Testing that the exception throw by cached_executor is caught - cached_kinit_executor_mock.reset_mock() - cached_kinit_executor_mock.side_effect = Exception("Invalid command") - - try: - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py", - classname = "DataNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - except: - self.assertTrue(True) - - # Testing with a security_params which doesn't contains hdfs-site - empty_security_params = {} - empty_security_params['core-site'] = {} - empty_security_params['core-site']['hadoop.security.authentication'] = 'kerberos' - cached_kinit_executor_mock.reset_mock() - get_params_mock.reset_mock() - put_structured_out_mock.reset_mock() - get_params_mock.return_value = empty_security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py", - classname = "DataNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."}) - - # Testing with not empty result_issues - result_issues_with_params = {} - result_issues_with_params['hdfs-site']="Something bad happened" - - validate_security_config_mock.reset_mock() - get_params_mock.reset_mock() - validate_security_config_mock.return_value = result_issues_with_params - get_params_mock.return_value = security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py", - classname = "DataNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py index 85098fa..fc80849 100644 --- a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py +++ b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py @@ -88,106 +88,6 @@ class Test(RMFTestCase): # for now, it's enough that is confirmed - @patch("resource_management.libraries.functions.security_commons.build_expectations") - @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem") - @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties") - @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor") - @patch("resource_management.libraries.script.Script.put_structured_out") - def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock): - # Test that function works when is called with correct parameters - - security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - } - } - - props_value_check = {"hadoop.security.authentication": "kerberos", - "hadoop.security.authorization": "true"} - props_empty_check = ["hadoop.security.auth_to_local"] - props_read_check = None - - result_issues = [] - - get_params_mock.return_value = security_params - validate_security_config_mock.return_value = result_issues - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py", - classname = "HdfsClient", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - build_exp_mock.assert_called_with('core-site', props_value_check, props_empty_check, props_read_check) - put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"}) - cached_kinit_executor_mock.called_with('/usr/bin/kinit', - self.config_dict['configurations']['hadoop-env']['hdfs_user'], - self.config_dict['configurations']['hadoop-env']['hdfs_user_keytab'], - self.config_dict['configurations']['hadoop-env']['hdfs_user_principal_name'], - self.config_dict['hostname'], - '/tmp') - - # Testing that the exception throw by cached_executor is caught - cached_kinit_executor_mock.reset_mock() - cached_kinit_executor_mock.side_effect = Exception("Invalid command") - - try: - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py", - classname = "HdfsClient", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - except: - self.assertTrue(True) - - # Testing when hadoop.security.authentication is simple - security_params['core-site']['hadoop.security.authentication'] = 'simple' - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py", - classname = "HdfsClient", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - security_params['core-site']['hadoop.security.authentication'] = 'kerberos' - - # Testing with not empty result_issues - result_issues_with_params = { - 'hdfs-site': "Something bad happened" - } - - validate_security_config_mock.reset_mock() - get_params_mock.reset_mock() - validate_security_config_mock.return_value = result_issues_with_params - get_params_mock.return_value = security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py", - classname = "HdfsClient", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - - # Testing with empty hdfs_user_principal and hdfs_user_keytab - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py", - classname = "HdfsClient", - command = "security_status", - config_file="default.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - - @patch("resource_management.core.shell.call") def test_pre_upgrade_restart_23(self, call_mock): config_file = self.get_src_folder()+"/test/python/stacks/2.0.6/configs/default.json" http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_journalnode.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_journalnode.py b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_journalnode.py index 4b63de4..2202661 100644 --- a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_journalnode.py +++ b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_journalnode.py @@ -369,120 +369,6 @@ class TestJournalnode(RMFTestCase): except: pass - @patch("resource_management.libraries.functions.security_commons.build_expectations") - @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem") - @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties") - @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor") - @patch("resource_management.libraries.script.Script.put_structured_out") - def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock): - # Test that function works when is called with correct parameters - security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - }, - 'hdfs-site': { - 'dfs.journalnode.kerberos.keytab.file': 'path/to/journalnode/keytab/file', - 'dfs.journalnode.kerberos.principal': 'journalnode_principal' - } - } - - props_value_check = None - props_empty_check = ['dfs.journalnode.keytab.file', - 'dfs.journalnode.kerberos.principal'] - props_read_check = ['dfs.journalnode.keytab.file'] - - result_issues = [] - - get_params_mock.return_value = security_params - validate_security_config_mock.return_value = result_issues - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/journalnode.py", - classname = "JournalNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - build_exp_mock.assert_called_with('hdfs-site', props_value_check, props_empty_check, props_read_check) - put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"}) - cached_kinit_executor_mock.called_with('/usr/bin/kinit', - self.config_dict['configurations']['hadoop-env']['hdfs_user'], - security_params['hdfs-site']['dfs.journalnode.kerberos.keytab.file'], - security_params['hdfs-site']['dfs.journalnode.kerberos.principal'], - self.config_dict['hostname'], - '/tmp') - - # Testing when hadoop.security.authentication is simple - security_params['core-site']['hadoop.security.authentication'] = 'simple' - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/journalnode.py", - classname = "JournalNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - security_params['core-site']['hadoop.security.authentication'] = 'kerberos' - - # Testing that the exception throw by cached_executor is caught - cached_kinit_executor_mock.reset_mock() - cached_kinit_executor_mock.side_effect = Exception("Invalid command") - - try: - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/journalnode.py", - classname = "JournalNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - except: - self.assertTrue(True) - - # Testing with a security_params which doesn't contains hdfs-site - empty_security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - } - } - cached_kinit_executor_mock.reset_mock() - get_params_mock.reset_mock() - put_structured_out_mock.reset_mock() - get_params_mock.return_value = empty_security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/journalnode.py", - classname = "JournalNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."}) - - # Testing with not empty result_issues - result_issues_with_params = { - 'hdfs-site': "Something bad happened" - } - - validate_security_config_mock.reset_mock() - get_params_mock.reset_mock() - validate_security_config_mock.return_value = result_issues_with_params - get_params_mock.return_value = security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/journalnode.py", - classname = "JournalNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - - def test_pre_upgrade_restart(self): config_file = self.get_src_folder()+"/test/python/stacks/2.0.6/configs/default.json" with open(config_file, "r") as f: http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_namenode.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_namenode.py b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_namenode.py index a6a474a..01149fb 100644 --- a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_namenode.py +++ b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_namenode.py @@ -1277,120 +1277,6 @@ class TestNamenode(RMFTestCase): self.assertTrue(isfile_mock.called) - @patch("resource_management.libraries.functions.security_commons.build_expectations") - @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem") - @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties") - @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor") - @patch("resource_management.libraries.script.Script.put_structured_out") - def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock): - # Test that function works when is called with correct parameters - - security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - }, - 'hdfs-site': { - 'dfs.namenode.keytab.file': 'path/to/namenode/keytab/file', - 'dfs.namenode.kerberos.principal': 'namenode_principal' - } - } - props_value_check = None - props_empty_check = ['dfs.namenode.kerberos.internal.spnego.principal', - 'dfs.namenode.keytab.file', - 'dfs.namenode.kerberos.principal'] - props_read_check = ['dfs.namenode.keytab.file'] - - result_issues = [] - - get_params_mock.return_value = security_params - validate_security_config_mock.return_value = result_issues - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/namenode.py", - classname = "NameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - build_exp_mock.assert_called_with('hdfs-site', props_value_check, props_empty_check, props_read_check) - put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"}) - cached_kinit_executor_mock.called_with('/usr/bin/kinit', - self.config_dict['configurations']['hadoop-env']['hdfs_user'], - security_params['hdfs-site']['dfs.namenode.keytab.file'], - security_params['hdfs-site']['dfs.namenode.kerberos.principal'], - self.config_dict['hostname'], - '/tmp') - - # Testing when hadoop.security.authentication is simple - security_params['core-site']['hadoop.security.authentication'] = 'simple' - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/namenode.py", - classname = "NameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - security_params['core-site']['hadoop.security.authentication'] = 'kerberos' - - # Testing that the exception throw by cached_executor is caught - cached_kinit_executor_mock.reset_mock() - cached_kinit_executor_mock.side_effect = Exception("Invalid command") - - try: - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/namenode.py", - classname = "NameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - except: - self.assertTrue(True) - - # Testing with a security_params which doesn't contains hdfs-site - empty_security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - } - } - cached_kinit_executor_mock.reset_mock() - get_params_mock.reset_mock() - put_structured_out_mock.reset_mock() - get_params_mock.return_value = empty_security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/namenode.py", - classname = "NameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."}) - - # Testing with not empty result_issues - result_issues_with_params = { - 'hdfs-site': "Something bad happened" - } - - validate_security_config_mock.reset_mock() - get_params_mock.reset_mock() - validate_security_config_mock.return_value = result_issues_with_params - get_params_mock.return_value = security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/namenode.py", - classname = "NameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - @patch.object(time, "sleep") @patch("resource_management.libraries.functions.namenode_ha_utils.get_namenode_states") def test_upgrade_restart(self, get_namenode_states_mock, sleep_mock): http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_nfsgateway.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_nfsgateway.py b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_nfsgateway.py index 396778d..b8fee12 100644 --- a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_nfsgateway.py +++ b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_nfsgateway.py @@ -267,122 +267,6 @@ class TestNFSGateway(RMFTestCase): group = 'hadoop', ) - - - @patch("resource_management.libraries.functions.security_commons.build_expectations") - @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem") - @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties") - @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor") - @patch("resource_management.libraries.script.Script.put_structured_out") - def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock): - # Test that function works when is called with correct parameters - security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - }, - 'hdfs-site': { - 'nfs.keytab.file': 'path/to/nfsgateway/keytab/file', - 'nfs.kerberos.principal': 'nfs_principal' - } - } - - props_value_check = None - props_empty_check = ['nfs.keytab.file', - 'nfs.kerberos.principal'] - props_read_check = ['nfs.keytab.file'] - - result_issues = [] - - get_params_mock.return_value = security_params - validate_security_config_mock.return_value = result_issues - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/nfsgateway.py", - classname = "NFSGateway", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - build_exp_mock.assert_called_with('hdfs-site', props_value_check, props_empty_check, props_read_check) - put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"}) - cached_kinit_executor_mock.called_with('/usr/bin/kinit', - self.config_dict['configurations']['hadoop-env']['hdfs_user'], - security_params['hdfs-site']['nfs.keytab.file'], - security_params['hdfs-site']['nfs.kerberos.principal'], - self.config_dict['hostname'], - '/tmp') - - # Testing when hadoop.security.authentication is simple - security_params['core-site']['hadoop.security.authentication'] = 'simple' - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/nfsgateway.py", - classname = "NFSGateway", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - security_params['core-site']['hadoop.security.authentication'] = 'kerberos' - - # Testing that the exception throw by cached_executor is caught - cached_kinit_executor_mock.reset_mock() - cached_kinit_executor_mock.side_effect = Exception("Invalid command") - - try: - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/nfsgateway.py", - classname = "NFSGateway", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - except: - self.assertTrue(True) - - # Testing with a security_params which doesn't contains hdfs-site - empty_security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - } - } - cached_kinit_executor_mock.reset_mock() - get_params_mock.reset_mock() - put_structured_out_mock.reset_mock() - get_params_mock.return_value = empty_security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/nfsgateway.py", - classname = "NFSGateway", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."}) - - # Testing with not empty result_issues - result_issues_with_params = { - 'hdfs-site': "Something bad happened" - } - - validate_security_config_mock.reset_mock() - get_params_mock.reset_mock() - validate_security_config_mock.return_value = result_issues_with_params - get_params_mock.return_value = security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/nfsgateway.py", - classname = "NFSGateway", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - self.assertNoMoreResources() - @patch("resource_management.core.shell.call") def test_pre_upgrade_restart(self, call_mock): call_mock.side_effects = [(0, None), (0, None)] http://git-wip-us.apache.org/repos/asf/ambari/blob/b299641a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_snamenode.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_snamenode.py b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_snamenode.py index 7b9dcb4..9e9366d 100644 --- a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_snamenode.py +++ b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_snamenode.py @@ -274,119 +274,4 @@ class TestSNamenode(RMFTestCase): mode = 0755, create_parents = True, cd_access='a' - ) - - @patch("resource_management.libraries.functions.security_commons.build_expectations") - @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem") - @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties") - @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor") - @patch("resource_management.libraries.script.Script.put_structured_out") - def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock): - # Test that function works when is called with correct parameters - - security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - }, - 'hdfs-site': { - 'dfs.secondary.namenode.keytab.file': 'path/to/snamenode/keytab/file', - 'dfs.secondary.namenode.kerberos.principal': 'snamenode_principal' - } - } - - props_value_check = None - props_empty_check = ['dfs.secondary.namenode.kerberos.internal.spnego.principal', - 'dfs.secondary.namenode.keytab.file', - 'dfs.secondary.namenode.kerberos.principal'] - props_read_check = ['dfs.secondary.namenode.keytab.file'] - - result_issues = [] - - get_params_mock.return_value = security_params - validate_security_config_mock.return_value = result_issues - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/snamenode.py", - classname = "SNameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - build_exp_mock.assert_called_with('hdfs-site', props_value_check, props_empty_check, props_read_check) - put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"}) - cached_kinit_executor_mock.called_with('/usr/bin/kinit', - self.config_dict['configurations']['hadoop-env']['hdfs_user'], - security_params['hdfs-site']['dfs.secondary.namenode.keytab.file'], - security_params['hdfs-site']['dfs.secondary.namenode.kerberos.principal'], - self.config_dict['hostname'], - '/tmp') - - # Testing when hadoop.security.authentication is simple - security_params['core-site']['hadoop.security.authentication'] = 'simple' - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/snamenode.py", - classname = "SNameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) - security_params['core-site']['hadoop.security.authentication'] = 'kerberos' - - # Testing that the exception throw by cached_executor is caught - cached_kinit_executor_mock.reset_mock() - cached_kinit_executor_mock.side_effect = Exception("Invalid command") - - try: - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/snamenode.py", - classname = "SNameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - except: - self.assertTrue(True) - - # Testing with a security_params which doesn't contains hdfs-site - empty_security_params = { - 'core-site': { - 'hadoop.security.authentication': 'kerberos' - } - } - cached_kinit_executor_mock.reset_mock() - get_params_mock.reset_mock() - put_structured_out_mock.reset_mock() - get_params_mock.return_value = empty_security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/snamenode.py", - classname = "SNameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - - put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."}) - - # Testing with not empty result_issues - result_issues_with_params = { - 'hdfs-site': "Something bad happened" - } - - validate_security_config_mock.reset_mock() - get_params_mock.reset_mock() - validate_security_config_mock.return_value = result_issues_with_params - get_params_mock.return_value = security_params - - self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/snamenode.py", - classname = "SNameNode", - command = "security_status", - config_file="secured.json", - stack_version = self.STACK_VERSION, - target = RMFTestCase.TARGET_COMMON_SERVICES - ) - put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"}) \ No newline at end of file + ) \ No newline at end of file