Return-Path: 
 <common-issues-return-98138-apmail-hadoop-common-issues-archive=hadoop.apache.org@hadoop.apache.org>
X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org
Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id CBE4018082
	for <apmail-hadoop-common-issues-archive@minotaur.apache.org>;
 Tue, 27 Oct 2015 21:59:34 +0000 (UTC)
Received: (qmail 57848 invoked by uid 500); 27 Oct 2015 21:59:28 -0000
Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org
Received: (qmail 57651 invoked by uid 500); 27 Oct 2015 21:59:28 -0000
Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-issues-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-issues-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-issues@hadoop.apache.org>
List-Id: <common-issues.hadoop.apache.org>
Reply-To: common-issues@hadoop.apache.org
Delivered-To: mailing list common-issues@hadoop.apache.org
Received: (qmail 57587 invoked by uid 99); 27 Oct 2015 21:59:28 -0000
Received: from arcas.apache.org (HELO arcas) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Oct 2015 21:59:28 +0000
Received: from arcas.apache.org (localhost [127.0.0.1])
	by arcas (Postfix) with ESMTP id EEE032C1F58
	for <common-issues@hadoop.apache.org>; Tue, 27 Oct 2015 21:59:27 +0000 (UTC)
Date: Tue, 27 Oct 2015 21:59:27 +0000 (UTC)
From: "Chris Nauroth (JIRA)" <jira@apache.org>
To: common-issues@hadoop.apache.org
Message-ID: <JIRA.12908382.1445983148000.76951.1445983167974@Atlassian.JIRA>
In-Reply-To: <JIRA.12908382.1445983148000@Atlassian.JIRA>
References: <JIRA.12908382.1445983148000@Atlassian.JIRA>
 <JIRA.12908382.1445983148312@arcas>
Subject: [jira] [Created] (HADOOP-12520) Use XInclude in hadoop-azure test
 configuration to isolate Azure Storage account keys for service integration
 tests.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394

Chris Nauroth created HADOOP-12520:
--------------------------------------

             Summary: Use XInclude in hadoop-azure test configuration to isolate Azure Storage account keys for service integration tests.
                 Key: HADOOP-12520
                 URL: https://issues.apache.org/jira/browse/HADOOP-12520
             Project: Hadoop Common
          Issue Type: Improvement
          Components: azure, test
            Reporter: Chris Nauroth
            Assignee: Chris Nauroth


The hadoop-azure tests support execution against the live Azure Storage service if the developer specifies the key to an Azure Storage account.  The configuration works by overwriting the src/test/resources/azure-test.xml file.  This can be an error-prone process.  The azure-test.xml file is checked into revision control to show an example.  There is a risk that the tester could overwrite azure-test.xml containing the keys and then accidentally commit the keys to revision control.  This would leak the keys to the world for potential use by an attacker.  This issue proposes to use XInclude to isolate the keys into a separate file, ignored by git, which will never be committed to revision control.  This is very similar to the setup already used by hadoop-aws for integration testing.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)