hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-12520) Use XInclude in hadoop-azure test configuration to isolate Azure Storage account keys for service integration tests.
Date Wed, 28 Oct 2015 10:18:28 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-12520?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14978145#comment-14978145
] 

Hudson commented on HADOOP-12520:
---------------------------------

FAILURE: Integrated in Hadoop-Yarn-trunk #1329 (See [https://builds.apache.org/job/Hadoop-Yarn-trunk/1329/])
HADOOP-12520. Use XInclude in hadoop-azure test configuration to isolate (cnauroth: rev 73822de7c38e189f7654444ff48d15cbe0df7404)
* hadoop-tools/hadoop-azure/src/site/markdown/index.md
* .gitignore
* hadoop-tools/hadoop-azure/src/test/resources/azure-test.xml
* hadoop-common-project/hadoop-common/CHANGES.txt


> Use XInclude in hadoop-azure test configuration to isolate Azure Storage account keys
for service integration tests.
> --------------------------------------------------------------------------------------------------------------------
>
>                 Key: HADOOP-12520
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12520
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: azure, test
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>             Fix For: 2.8.0
>
>         Attachments: HADOOP-12520.001.patch
>
>
> The hadoop-azure tests support execution against the live Azure Storage service if the
developer specifies the key to an Azure Storage account.  The configuration works by overwriting
the src/test/resources/azure-test.xml file.  This can be an error-prone process.  The azure-test.xml
file is checked into revision control to show an example.  There is a risk that the tester
could overwrite azure-test.xml containing the keys and then accidentally commit the keys to
revision control.  This would leak the keys to the world for potential use by an attacker.
 This issue proposes to use XInclude to isolate the keys into a separate file, ignored by
git, which will never be committed to revision control.  This is very similar to the setup
already used by hadoop-aws for integration testing.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message