[jira] [Work logged] (KNOX-3084) Update CM service discovery with the enhanced role configs endpoint

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/KNOX-3084?focusedWorklogId=975121&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-975121
 ]

ASF GitHub Bot logged work on KNOX-3084:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 18/Jul/25 13:17
            Start Date: 18/Jul/25 13:17
    Worklog Time Spent: 10m 
      Work Description: bonampak commented on code in PR #1059:
URL: https://github.com/apache/knox/pull/1059#discussion_r2216025442


##########
gateway-discovery-cm/src/main/java/org/apache/knox/gateway/topology/discovery/cm/DiscoveryApiClient.java:
##########
@@ -126,55 +124,53 @@ private void configure(GatewayConfig gatewayConfig, 
AliasService aliasService, K
     setUsername(username);
     setPassword(password);
 
-    if (isKerberos) {
+    if (isKerberos()) {
       // If there is a Kerberos subject, then add the SPNEGO auth interceptor
       Subject subject = AuthUtils.getKerberosSubject();
       if (subject != null) {
-        SpnegoAuthInterceptor spnegoInterceptor = new 
SpnegoAuthInterceptor(subject);
-        getHttpClient().interceptors().add(spnegoInterceptor);
+        addInterceptor(new SpnegoAuthInterceptor(subject));
       }
+      addInterceptor(new DoAsQueryParameterInterceptor(username));

Review Comment:
   done, renamed. refactored isKerberos() and moved it to the branch where 
password was not set up. Added unit tests.





Issue Time Tracking
-------------------

    Worklog Id:     (was: 975121)
    Time Spent: 50m  (was: 40m)

> Update CM service discovery with the enhanced role configs endpoint
> -------------------------------------------------------------------
>
>                 Key: KNOX-3084
>                 URL: https://issues.apache.org/jira/browse/KNOX-3084
>             Project: Apache Knox
>          Issue Type: Task
>          Components: cm-discovery
>    Affects Versions: 2.1.0
>            Reporter: Tamás Marcinkovics
>            Assignee: Tamás Marcinkovics
>            Priority: Major
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> There is a new CM API endpoint to fetch all role configurations for a given 
> service ({{RolesResouce.readRolesConfig}}) if the supported API version is 
> greater than or equal to v57. This endpoint is available in the 
> cloudera-manager-api-swagger:7.13.1 artifact.
> [https://repository.cloudera.com/service/rest/repository/browse/cloudera-repos/com/cloudera/api/swagger/cloudera-manager-api-swagger/7.13.1/]
> On the Knox side, we need to change the existing {{readRoles}} and 
> {{readRoleConfig}} API calls to the new {{readRolesConfig}} call.
> The {{view}} parameter should still remain {{full}} as 
> {{full_with_no_health_check}} only returns role configuration parameters with 
> non-default values.
> As the new cloudera-manager-api-swagger artifact is using okhttp 4.10, we 
> also need to change {{DiscoveryApiClient}} setup and our Okhttp interceptors 
> from Okhttp 2.7.5 to Okhttp 4.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)