[jira] [Commented] (NIFI-4942) NiFi Toolkit - Allow migration of master key without previous password

Mon, 07 May 2018 05:42:17 -0700 

    [ 
https://issues.apache.org/jira/browse/NIFI-4942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16465861#comment-16465861
 ] 

Joseph Witt commented on NIFI-4942:
-----------------------------------

[~kdoran] [~alopresto] still seeing test failures on linux.

-------------------------------------------------------------------------------
Test set: org.apache.nifi.properties.ConfigEncryptionToolTest
-------------------------------------------------------------------------------
Tests run: 137, Failures: 2, Errors: 0, Skipped: 8, Time elapsed: 13.131 s <<< 
FAILURE! - in org.apache.nifi.properties.ConfigEncryptionToolTest
testTranslateCliWithEncryptedInputShouldNotIntersperseVerboseOutput(org.apache.nifi.properties.ConfigEncryptionToolTest)
  Time elapsed: 0.015 s  <<< FAILURE!
java.lang.AssertionError: Wrong exit status expected:<0> but was:<4>

testShouldTranslateCliWithEncryptedInput(org.apache.nifi.properties.ConfigEncryptionToolTest)
  Time elapsed: 0.011 s  <<< FAILURE!
java.lang.AssertionError: Wrong exit status expected:<0> but was:<4>


I've attached a file of running the build with verbose/stacks.  The root issue 
appears to be that the key is not believed to be in valid hex format.  Also, 
for what it is worth i'm running these without JCE full strength.

> NiFi Toolkit - Allow migration of master key without previous password
> ----------------------------------------------------------------------
>
>                 Key: NIFI-4942
>                 URL: https://issues.apache.org/jira/browse/NIFI-4942
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Tools and Build
>    Affects Versions: 1.5.0
>            Reporter: Yolanda M. Davis
>            Assignee: Andy LoPresto
>            Priority: Major
>             Fix For: 1.7.0
>
>         Attachments: 
> TEST-org.apache.nifi.properties.ConfigEncryptionToolTest.xml
>
>
> Currently the encryption cli in nifi toolkit requires that, in order to 
> migrate from one master key to the next, the previous master key or password 
> should be provided. In cases where the provisioning tool doesn't have the 
> previous value available this becomes challenging to provide and may be prone 
> to error. In speaking with [~alopresto] we can allow toolkit to support a 
> mode of execution such that the master key can be updated without requiring 
> the previous password. Also documentation around it's usage should be updated 
> to be clear in describing the purpose and the type of environment where this 
> command should be used (admin only access etc).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to