nevcohen commented on code in PR #40757:
URL: https://github.com/apache/airflow/pull/40757#discussion_r1741112895
##########
airflow/providers/apache/spark/hooks/spark_submit.py:
##########
@@ -282,10 +313,57 @@ def _resolve_connection(self) -> dict[str, Any]:
def get_conn(self) -> Any:
pass
+ def _create_keytab_path_from_base64_keytab(self, base64_keytab: str,
principal: str | None) -> str:
+ _uuid = uuid.uuid4()
+ temp_dir_path = Path(tempfile.gettempdir()).resolve()
+ temp_file_name = f"airflow_keytab-{principal or _uuid}"
+
+ keytab_path = temp_dir_path / temp_file_name
+ staging_path = temp_dir_path / f".{temp_file_name}.{_uuid}"
+
+ try:
+ keytab = base64.b64decode(base64_keytab)
+ except Exception as err:
+ self.log.error("Failed to decode base64 keytab: %s", err)
+ raise AirflowException("Failed to decode base64 keytab") from err
+
+ # If a keytab file with the same content exists, return its path for
the --keytab argument.
+ if keytab_path.exists():
+ with open(keytab_path, "rb") as f:
+ existing_keytab = f.read()
+ if existing_keytab == keytab:
+ self.log.info("Keytab file already exists and is the same as
the provided keytab")
+ return str(keytab_path)
+
+ # Generate a new keytab file from the base64 encoded keytab value to
use as a --keytab argument.
+ try:
+ with open(staging_path, "wb") as f:
+ self.log.info("Saving keytab to %s", staging_path)
+ f.write(keytab)
+
+ self.log.info("Moving keytab from %s to %s", staging_path,
keytab_path)
+ shutil.move(str(staging_path), str(keytab_path))
+ return str(keytab_path)
+ except Exception as err:
Review Comment:
Also what with add test to this exception? What if it fails to write to the
file or copy it with `shutil.move` we don't want test on this?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
