[
https://issues.apache.org/jira/browse/OOZIE-2338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16789726#comment-16789726
]
Hadoop QA commented on OOZIE-2338:
----------------------------------
Testing JIRA OOZIE-2338
Cleaning local git workspace
----------------------------
{color:green}+1 PATCH_APPLIES{color}
{color:green}+1 CLEAN{color}
{color:red}-1 RAW_PATCH_ANALYSIS{color}
. {color:green}+1{color} the patch does not introduce any @author tags
. {color:green}+1{color} the patch does not introduce any tabs
. {color:green}+1{color} the patch does not introduce any trailing spaces
. {color:green}+1{color} the patch does not introduce any star imports
. {color:green}+1{color} the patch does not introduce any line longer than
132
. {color:red}-1{color} the patch does not add/modify any testcase
{color:green}+1 RAT{color}
. {color:green}+1{color} the patch does not seem to introduce new RAT
warnings
{color:green}+1 JAVADOC{color}
. {color:green}+1{color} Javadoc generation succeeded with the patch
. {color:green}+1{color} the patch does not seem to introduce new Javadoc
warning(s)
{color:green}+1 COMPILE{color}
. {color:green}+1{color} HEAD compiles
. {color:green}+1{color} patch compiles
. {color:green}+1{color} the patch does not seem to introduce new javac
warnings
{color:red}-1{color} There are [20] new bugs found below threshold in total
that must be fixed.
. {color:green}+1{color} There are no new bugs found in [sharelib/hive2].
. {color:green}+1{color} There are no new bugs found in [sharelib/spark].
. {color:green}+1{color} There are no new bugs found in [sharelib/oozie].
. {color:green}+1{color} There are no new bugs found in [sharelib/pig].
. {color:green}+1{color} There are no new bugs found in [sharelib/streaming].
. {color:green}+1{color} There are no new bugs found in [sharelib/hive].
. {color:green}+1{color} There are no new bugs found in [sharelib/distcp].
. {color:green}+1{color} There are no new bugs found in [sharelib/hcatalog].
. {color:green}+1{color} There are no new bugs found in [sharelib/sqoop].
. {color:green}+1{color} There are no new bugs found in [sharelib/git].
. {color:green}+1{color} There are no new bugs found in [client].
. {color:green}+1{color} There are no new bugs found in [docs].
. {color:red}-1{color} There are [15] new bugs found below threshold in
[tools] that must be fixed, listing only the first [5] ones.
. You can find the SpotBugs diff here (look for the red and orange ones):
tools/findbugs-new.html
. The top [5] most important SpotBugs errors are:
. At OozieDBCLI.java:[line 578]: This use of
java/sql/Statement.executeUpdate(Ljava/lang/String;)I can be vulnerable to SQL
injection
. At OozieDBCLI.java:[line 568]: At OozieDBCLI.java:[line 567]
. At OozieDBCLI.java:[line 571]: At OozieDBCLI.java:[line 569]
. At OozieDBCLI.java:[line 573]: At OozieDBCLI.java:[line 572]
. At OozieDBCLI.java:[line 578]: At OozieDBCLI.java:[line 575]
. {color:green}+1{color} There are no new bugs found in
[fluent-job/fluent-job-api].
. {color:orange}0{color} There are [4] new bugs found in [server] that would
be nice to have fixed.
. You can find the SpotBugs diff here: server/findbugs-new.html
. {color:green}+1{color} There are no new bugs found in [webapp].
. {color:green}+1{color} There are no new bugs found in [examples].
. {color:red}-1{color} There are [5] new bugs found below threshold in
[core] that must be fixed.
. You can find the SpotBugs diff here (look for the red and orange ones):
core/findbugs-new.html
. The most important SpotBugs errors are:
. At BulkJPAExecutor.java:[line 207]: This use of
javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query;
can be vulnerable to SQL/JPQL injection
. At BulkJPAExecutor.java:[line 177]: At BulkJPAExecutor.java:[line 176]
. At BulkJPAExecutor.java:[line 206]: At BulkJPAExecutor.java:[line 200]
. This use of
javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query;
can be vulnerable to SQL/JPQL injection: At BulkJPAExecutor.java:[line 207]
. At BulkJPAExecutor.java:[line 112]: At BulkJPAExecutor.java:[line 128]
{color:green}+1 BACKWARDS_COMPATIBILITY{color}
. {color:green}+1{color} the patch does not change any JPA
Entity/Colum/Basic/Lob/Transient annotations
. {color:green}+1{color} the patch does not modify JPA files
{color:green}+1 TESTS{color}
. Tests run: 3169
{color:green}+1 DISTRO{color}
. {color:green}+1{color} distro tarball builds with the patch
----------------------------
{color:red}*-1 Overall result, please check the reported -1(s)*{color}
The full output of the test-patch run is available at
. https://builds.apache.org/job/PreCommit-OOZIE-Build/1046/
> Invalid configuration defined reported for some valid configs
> -------------------------------------------------------------
>
> Key: OOZIE-2338
> URL: https://issues.apache.org/jira/browse/OOZIE-2338
> Project: Oozie
> Issue Type: Bug
> Components: core
> Affects Versions: 4.2.0
> Reporter: Robert Kanter
> Assignee: duan xiong
> Priority: Major
> Attachments: OOZIE-2338.001.patch, OOZIE-2338.002.patch,
> oozie-2338-003.patch, oozie-2338-004.patch, oozie-2338-005.patch
>
>
> OOZIE-1890 moved all default config values from the code and oozie-site into
> oozie-default; it also added a WARN message on startup when a config is found
> in oozie-site that's not defined in oozie-default.
> However, this can produce some false positives. In particular, we observed
> these:
> {noformat}
> 2015-08-18 01:16:32,365 WARN org.apache.oozie.service.ConfigurationService:
> SERVER[<redacted>] Invalid configuration defined, [oozie.email.smtp.auth]
> 2015-08-18 01:16:32,365 WARN org.apache.oozie.service.ConfigurationService:
> SERVER[<redacted>] Invalid configuration defined, [oozie.email.smtp.host]
> 2015-08-18 01:16:32,365 WARN org.apache.oozie.service.ConfigurationService:
> SERVER[<redacted>] Invalid configuration defined,
> [oozie.service.HCatAccessorService.hcat.configuration]
> 2015-08-18 01:16:32,365 WARN org.apache.oozie.service.ConfigurationService:
> SERVER[<redacted>] Invalid configuration defined, [oozie.email.from.address]
> 2015-08-18 01:16:32,366 WARN org.apache.oozie.service.ConfigurationService:
> SERVER[<redacted>] Invalid configuration defined,
> [oozie.service.ProxyUserService.proxyuser.hue.hosts]
> 2015-08-18 01:16:32,366 WARN org.apache.oozie.service.ConfigurationService:
> SERVER[<redacted>] Invalid configuration defined,
> [oozie.service.GroupsService.hadoop.security.group.mapping]
> 2015-08-18 01:16:32,366 WARN org.apache.oozie.service.ConfigurationService:
> SERVER[<redacted>] Invalid configuration defined, [oozie.email.smtp.port]
> 2015-08-18 01:16:32,366 WARN org.apache.oozie.service.ConfigurationService:
> SERVER[<redacted>] Invalid configuration defined,
> [oozie.service.ProxyUserService.proxyuser.hue.groups]
> {noformat}
> While harmful, these messages may be concerning or confusing for users.
> Some of these are simply missing from oozie-default (because they have no
> default value?), while others such as the ProxyUserService configs, will
> require special handling because the property name can vary.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
