ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amruta Borkar <arbor...@us.ibm.com>
Subject Re: Review Request 43281: AMBARI-14885: After exporting blueprint from existing cluster knox_master_secret is exported.
Date Wed, 10 Feb 2016 19:23:47 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43281/
-----------------------------------------------------------

(Updated Feb. 10, 2016, 7:23 p.m.)


Review request for Ambari, Di Li and Robert Nettleton.


Bugs: AMBARI-14885
    https://issues.apache.org/jira/browse/AMBARI-14885


Repository: ambari


Description
-------

AMBARI-14885: After exporting blueprint from existing cluster knox_master_secret is exported.
This causes error while registering the blueprint. 
Following error occurs while using and exported blueprint if a password or secret property
is present in the blueprint:
{ "status" : 400, "message" : "Blueprint configuration validation failed: Secret references
are not allowed in blueprints, replace following properties with real passwords:\n Config:knox-env
Property:knox_master_secret\n" }


Diffs
-----

  ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessor.java
de31a0d 
  ambari-server/src/test/java/org/apache/ambari/server/controller/internal/BlueprintConfigurationProcessorTest.java
7a77a25 

Diff: https://reviews.apache.org/r/43281/diff/


Testing
-------

In this patch, isPropertyIncluded() method is modified to include the properties marked as
secret. Corresponding test cases are also added.
 The fix excludes properties marked as 'secret' while export blueprint. 
 Test cases are added to test various combination by which a property can be marked as 'secret'.
 Test cases verify that the properties that do not match the rule "*SECRET" are still included.


Thanks,

Amruta Borkar


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message