Github user mccheah commented on a diff in the pull request:
https://github.com/apache/spark/pull/23252#discussion_r239701821
--- Diff: core/src/main/scala/org/apache/spark/SecurityManager.scala ---
@@ -367,11 +372,26 @@ private[spark] class SecurityManager(
case _ =>
require(sparkConf.contains(SPARK_AUTH_SECRET_CONF),
- s"A secret key must be specified via the $SPARK_AUTH_SECRET_CONF
config.")
+ s"A secret key must be specified via the $SPARK_AUTH_SECRET_CONF
config")
return
}
- secretKey = Utils.createSecret(sparkConf)
+ if (sparkConf.get(AUTH_SECRET_FILE_DRIVER).isDefined
--- End diff --
Also considered adding a validation that file-based auth can only be used
for Kubernetes. Omitted it for simplicity, but file-based auth seems dubious
for non-K8s contexts.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
