[
https://issues.apache.org/jira/browse/OOZIE-2803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15882821#comment-15882821
]
Hadoop QA commented on OOZIE-2803:
----------------------------------
Testing JIRA OOZIE-2803
Cleaning local git workspace
----------------------------
{color:green}+1 PATCH_APPLIES{color}
{color:green}+1 CLEAN{color}
{color:red}-1 RAW_PATCH_ANALYSIS{color}
. {color:green}+1{color} the patch does not introduce any @author tags
. {color:green}+1{color} the patch does not introduce any tabs
. {color:green}+1{color} the patch does not introduce any trailing spaces
. {color:red}-1{color} the patch contains 11 line(s) longer than 132
characters
. {color:green}+1{color} the patch does adds/modifies 3 testcase(s)
{color:green}+1 RAT{color}
. {color:green}+1{color} the patch does not seem to introduce new RAT
warnings
{color:green}+1 JAVADOC{color}
. {color:green}+1{color} the patch does not seem to introduce new Javadoc
warnings
{color:green}+1 COMPILE{color}
. {color:green}+1{color} HEAD compiles
. {color:green}+1{color} patch compiles
. {color:green}+1{color} the patch does not seem to introduce new javac
warnings
{color:orange}0{color} There are [1] new bugs found in total that would be nice
to have fixed.
. {color:green}+1{color} There are no new bugs found in [server].
. {color:green}+1{color} There are no new bugs found in [client].
. {color:green}+1{color} There are no new bugs found in [docs].
. {color:green}+1{color} There are no new bugs found in [sharelib/hive].
. {color:green}+1{color} There are no new bugs found in [sharelib/spark].
. {color:green}+1{color} There are no new bugs found in [sharelib/hcatalog].
. {color:green}+1{color} There are no new bugs found in [sharelib/hive2].
. {color:green}+1{color} There are no new bugs found in [sharelib/streaming].
. {color:green}+1{color} There are no new bugs found in [sharelib/pig].
. {color:green}+1{color} There are no new bugs found in [sharelib/sqoop].
. {color:green}+1{color} There are no new bugs found in [sharelib/distcp].
. {color:orange}0{color} There are [1] new bugs found in [sharelib/oozie]
that would be nice to have fixed.
. You can find the FindBugs diff here: sharelib/oozie/findbugs-new.html
. {color:green}+1{color} There are no new bugs found in
[hadooplibs/hadoop-utils-2].
. {color:green}+1{color} There are no new bugs found in [core].
. {color:green}+1{color} There are no new bugs found in [tools].
. {color:green}+1{color} There are no new bugs found in [examples].
{color:green}+1 BACKWARDS_COMPATIBILITY{color}
. {color:green}+1{color} the patch does not change any JPA
Entity/Colum/Basic/Lob/Transient annotations
. {color:green}+1{color} the patch does not modify JPA files
{color:green}+1 TESTS{color}
. Tests run: 1886
{color:green}+1 DISTRO{color}
. {color:green}+1{color} distro tarball builds with the patch
----------------------------
{color:red}*-1 Overall result, please check the reported -1(s)*{color}
The full output of the test-patch run is available at
. https://builds.apache.org/job/oozie-trunk-precommit-build/3658/
> Mask passwords when printing out configs/args in MapReduceMain and SparkMain
> ----------------------------------------------------------------------------
>
> Key: OOZIE-2803
> URL: https://issues.apache.org/jira/browse/OOZIE-2803
> Project: Oozie
> Issue Type: Bug
> Components: action
> Reporter: Peter Bacsko
> Assignee: Peter Bacsko
> Priority: Critical
> Attachments: OOZIE-2803-001.patch, OOZIE-2803-002.patch,
> OOZIE-2803-003.patch, OOZIE-2803-004.patch, OOZIE-2803-005.patch
>
>
> Sometimes passwords are displayed in both MapReduce and Spark action.
> *MapReduce*: when using {{HADOOP_CREDSTORE_PASSWORD}}, it must be passed to
> some Hadoop-specific config values, like {{mapred.child.env}}. This is easy
> to fix because we already have a method {{logMasking()}} where you can define
> a {{maskSet}} which contains a list of property keys to be masked.
> Note that this is not necessarily the perfect solution, since you can pass
> multiple env. vars separated by a colon, and only the password specific parts
> should be masked. But we need a working solution relatively quickly - later
> we can enhance this, eg. we can re-use {{PasswordMasker}} in some way (right
> now it only works with {{Map<String, String>}}).
> *Spark*: for Spark, we have to pass passwords like this:
> {{--conf spark.executorEnv.HADOOP_CREDSTORE_PASSWORD=<custom keystore
> password>}}
> The Spark arguments are printed in {{SparkMain.run()}}. There is already a
> code in {{LauncherMapper.printArgs()}} which deals with situations like this,
> but it's not perfect because it only works if the args look something like
> {{--password pwd123}}. So if a single arg contains a password, it doesn't
> work, therefore we need a different approach here.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
