Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HDDS-1265. ozone sh s3 getsecret throws Null Pointer Exception for unsecured clusters. 

Closes #611
This commit is contained in:
Vivek Ratnavel Subramanian 2019-03-14 17:21:06 -07:00 committed by Bharat Viswanadham
parent 091a664977
commit 2627dad333
2 changed files with 24 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/ozShell/TestOzoneShell.java
View File

@ -81,13 +81,14 @@ import static org.apache.hadoop.ozone.om.exceptions.OMException.ResultCodes.VOLU
import org.junit.After; import org.junit.After;
import org.junit.AfterClass; import org.junit.AfterClass;
import org.junit.Assert; import org.junit.Assert;
import static org.apache.hadoop.ozone.web.ozShell.s3.GetS3SecretHandler.OZONE_GETS3SECRET_ERROR;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail; import static org.junit.Assert.fail;
import org.junit.Before; import org.junit.Before;
import org.junit.BeforeClass; import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Rule; import org.junit.Rule;
import org.junit.Test; import org.junit.Test;
import org.junit.rules.Timeout; import org.junit.rules.Timeout;
@ -1214,36 +1215,18 @@ public class TestOzoneShell {
} }
@Test @Test
@Ignore("Can't run without secure cluster.")
public void testS3Secret() throws Exception { public void testS3Secret() throws Exception {
String setOmAddress = String setOmAddress =
"--set=" + OZONE_OM_ADDRESS_KEY + "=" + getOmAddress(); "--set=" + OZONE_OM_ADDRESS_KEY + "=" + getOmAddress();
err.reset(); String output;
String outputFirstAttempt;
String outputSecondAttempt;
//First attempt: If secrets are not found in database, they will be created
String[] args = new String[] {setOmAddress, "s3", "getsecret"}; String[] args = new String[] {setOmAddress, "s3", "getsecret"};
execute(shell, args); execute(shell, args);
outputFirstAttempt = out.toString(); // Get the first line of output
//Extracting awsAccessKey & awsSecret value from output output = out.toString().split("\n")[0];
String[] output = outputFirstAttempt.split("\n");
String awsAccessKey = output[0].split("=")[1];
String awsSecret = output[1].split("=")[1];
assertTrue((awsAccessKey != null && awsAccessKey.length() > 0) &&
(awsSecret != null && awsSecret.length() > 0));
out.reset(); assertTrue(output.equals(OZONE_GETS3SECRET_ERROR));
//Second attempt: Since secrets were created in previous attempt, it
// should return the same value
args = new String[] {setOmAddress, "s3", "getsecret"};
execute(shell, args);
outputSecondAttempt = out.toString();
//verifying if secrets from both attempts are same
assertTrue(outputFirstAttempt.equals(outputSecondAttempt));
} }
private void createS3Bucket(String userName, String s3Bucket) { private void createS3Bucket(String userName, String s3Bucket) {

24
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/s3/GetS3SecretHandler.java
View File

@ -17,12 +17,15 @@
*/ */
package org.apache.hadoop.ozone.web.ozShell.s3; package org.apache.hadoop.ozone.web.ozShell.s3;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.ozone.client.OzoneClient; import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.web.ozShell.Handler; import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress; import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.security.UserGroupInformation; import org.apache.hadoop.security.UserGroupInformation;
import picocli.CommandLine.Command; import picocli.CommandLine.Command;
import static org.apache.hadoop.ozone.OzoneConfigKeys.OZONE_SECURITY_ENABLED_KEY;
/** /**
* Executes getsecret calls. * Executes getsecret calls.
*/ */
@ -30,19 +33,28 @@ import picocli.CommandLine.Command;
description = "returns s3 secret for current user") description = "returns s3 secret for current user")
public class GetS3SecretHandler extends Handler { public class GetS3SecretHandler extends Handler {
public static final String OZONE_GETS3SECRET_ERROR = "This command is not" +
" supported in unsecure clusters.";
/** /**
* Executes getS3Secret. * Executes getS3Secret.
*/ */
@Override @Override
public Void call() throws Exception { public Void call() throws Exception {
OzoneConfiguration ozoneConfiguration = createOzoneConfiguration();
OzoneClient client = OzoneClient client =
new OzoneAddress().createClient(createOzoneConfiguration()); new OzoneAddress().createClient(ozoneConfiguration);
System.out.println( // getS3Secret works only with secured clusters
client.getObjectStore().getS3Secret( if (ozoneConfiguration.getBoolean(OZONE_SECURITY_ENABLED_KEY, false)) {
UserGroupInformation.getCurrentUser().getUserName() System.out.println(
).toString() client.getObjectStore().getS3Secret(
); UserGroupInformation.getCurrentUser().getUserName()
).toString()
);
} else {
// log a warning message for unsecured cluster
System.out.println(OZONE_GETS3SECRET_ERROR);
}
return null; return null;
} }