Hello Tidy Bot, Kudu Jenkins, Andrew Wong, Adar Dembo, Hao Hao, I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/12833 to look at the new patch set (#7). Change subject: WIP [master] introduced SentryPrivilegesFetcher ...................................................................... WIP [master] introduced SentryPrivilegesFetcher This patch incorporates a TTL-based cache into the data paths of SentryAuthzProvider. As of now, the cache stores raw responses received from Sentry. It's possible to enable or disable caching upon creation of SentryAuthzProvider instance: set the newly introduced `--sentry_authz_cache_capacity_mb` command-line flag to 0 to disable caching of authz privilege information returned from Sentry. In addition, it's possible to force the cache to fetch and cache information from broader levels of Sentry's authz hierarchy: use the `--sentry_authz_cache_finest_scope` flag for that. WIP * clarify on --sentry_authz_cache_finest_scope: do we need it or we are going to use some other approach * proper sanitization of Sentry responses (comes from other patch?) * cache processed and sanitized info, not raw Sentry responses * to add tests specific to SentryPrivilegesFetcher Change-Id: Idaefacd50736f1f152dae34e76778e17b2e84cbe --- M src/kudu/integration-tests/master_sentry-itest.cc M src/kudu/master/CMakeLists.txt M src/kudu/master/catalog_manager.cc M src/kudu/master/default_authz_provider.h M src/kudu/master/sentry_authz_provider-test.cc M src/kudu/master/sentry_authz_provider.cc M src/kudu/master/sentry_authz_provider.h A src/kudu/master/sentry_privileges_cache_metrics.cc A src/kudu/master/sentry_privileges_cache_metrics.h A src/kudu/master/sentry_privileges_fetcher.cc A src/kudu/master/sentry_privileges_fetcher.h M src/kudu/sentry/sentry_authorizable_scope.cc 12 files changed, 1,112 insertions(+), 287 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/33/12833/7 -- To view, visit http://gerrit.cloudera.org:8080/12833 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newpatchset Gerrit-Change-Id: Idaefacd50736f1f152dae34e76778e17b2e84cbe Gerrit-Change-Number: 12833 Gerrit-PatchSet: 7 Gerrit-Owner: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Adar Dembo <a...@cloudera.com> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com> Gerrit-Reviewer: Hao Hao <hao....@cloudera.com> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241)