Github user felixcheung commented on a diff in the pull request:
https://github.com/apache/spark/pull/23252#discussion_r239705869
--- Diff: core/src/test/scala/org/apache/spark/SecurityManagerSuite.scala
---
@@ -440,12 +473,27 @@ class SecurityManagerSuite extends SparkFunSuite with
ResetSystemProperties {
intercept[IllegalArgumentException] {
mgr.getSecretKey()
}
+ case FILE =>
+ val secretFile = createTempSecretFile()
+ conf.set(AUTH_SECRET_FILE, secretFile.getAbsolutePath)
+ mgr.initializeAuth()
+ assert(encodeFileAsBase64(secretFile) ===
mgr.getSecretKey())
}
}
}
)
}
}
+ private def encodeFileAsBase64(secretFile: File) = {
+ Base64.getEncoder.encodeToString(Files.readAllBytes(secretFile.toPath))
+ }
+
+ private def createTempSecretFile(contents: String = "test-secret"): File
= {
+ val secretDir = Utils.createTempDir("temp-secrets")
+ val secretFile = new File(secretDir, "temp-secret.txt")
+ Files.write(secretFile.toPath,
contents.getBytes(StandardCharsets.UTF_8))
+ secretFile
--- End diff --
can this secret be recovered on disk or we trust tempDir ACL is sufficient?
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
