AMBARI-22325 SecurityConfigurationTest, small refactors (benyoka)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/017bfc8d Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/017bfc8d Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/017bfc8d Branch: refs/heads/branch-feature-AMBARI-14714-blueprintv2 Commit: 017bfc8dd3f202cc8343cb1a8c5466d6fe57d8a8 Parents: 6d15156 Author: Balazs Bence Sari <beny...@apache.org> Authored: Thu Nov 23 18:08:38 2017 +0100 Committer: Doroszlai, Attila <adorosz...@hortonworks.com> Committed: Fri Dec 8 20:24:25 2017 +0100 ---------------------------------------------------------------------- .../server/topology/SecurityConfiguration.java | 24 +++++++ .../server/topology/ConfigurableTest.java | 17 +++++ .../topology/SecurityConfigurationTest.java | 71 ++++++++++++++++++++ .../server/topology/TopologyManagerTest.java | 1 - .../topology/TopologyTemplateFactoryTest.java | 20 +++--- .../ambari/server/utils/ResourceUtils.java | 34 ++++++++++ .../blueprintv2/cluster_template_v2.json | 58 +++++++++++++++- .../resources/blueprintv2/security_config.json | 58 ++++++++++++++++ 8 files changed, 270 insertions(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/017bfc8d/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java b/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java index 7a8b8a9..864e802 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfiguration.java @@ -19,10 +19,15 @@ package org.apache.ambari.server.topology; +import java.io.IOException; +import java.util.Map; + +import com.fasterxml.jackson.annotation.JsonIgnore; import org.apache.ambari.server.state.SecurityType; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonProperty; +import org.codehaus.jackson.map.ObjectMapper; /** * Holds security related properties, the securityType and security descriptor (in case of KERBEROS @@ -36,16 +41,19 @@ public class SecurityConfiguration { /** * Security Type */ + @JsonProperty("type") private SecurityType type; /** * Holds a reference to a kerberos_descriptor resource. */ + @JsonProperty("kerberos_descriptor_reference") private String descriptorReference; /** * Content of a kerberos_descriptor as String. */ + @JsonProperty("kerberos_descriptor") private String descriptor; @@ -64,6 +72,7 @@ public class SecurityConfiguration { return type; } + @JsonIgnore public String getDescriptor() { return descriptor; } @@ -71,4 +80,19 @@ public class SecurityConfiguration { public String getDescriptorReference() { return descriptorReference; } + + public void setDescriptorReference(String descriptorReference) { + this.descriptorReference = descriptorReference; + } + + @JsonIgnore + public void setDescriptor(String descriptor) { + this.descriptor = descriptor; + } + + @JsonProperty("kerberos_descriptor") + public void setKerberosDescriptorFromJson(Map<String, ?> kerberosDescriptor) throws IOException { + setDescriptor(new ObjectMapper().writeValueAsString(kerberosDescriptor)); + } + } http://git-wip-us.apache.org/repos/asf/ambari/blob/017bfc8d/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java index 2c74dc5..080438d 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/ConfigurableTest.java @@ -1,3 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.apache.ambari.server.topology; import static org.junit.Assert.assertEquals; http://git-wip-us.apache.org/repos/asf/ambari/blob/017bfc8d/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationTest.java new file mode 100644 index 0000000..4af0806 --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationTest.java @@ -0,0 +1,71 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.ambari.server.topology; + +import static org.junit.Assert.assertEquals; + +import java.util.Map; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableMap; +import org.apache.ambari.server.utils.ResourceUtils; +import org.junit.Test; + +public class SecurityConfigurationTest { + + public static final String SECURITY_CONFIG_JSON = ResourceUtils.getResource("blueprintv2/security_config.json"); + public static final Map<String, ?> EXPECTED_KERBEROS_DESCRIPTOR = ImmutableMap.of( + "identities", ImmutableList.of(identity("smokeuser","${cluster-env/smokeuser}@${realm}")), + "services", ImmutableList.of( + ImmutableMap.of( + "name", "AMBARI", + "identities", ImmutableList.of(), + "components", ImmutableList.of(ImmutableMap.of( + "name", "AMBARI_SERVER", + "identities", ImmutableList.of(identity("ambari-server", "ambari-server@${realm}")) + )) + ), + ImmutableMap.of( + "name", "HDFS", + "identities", ImmutableList.of(), + "components", ImmutableList.of(ImmutableMap.of( + "name", "NAMENODE", + "identities", ImmutableList.of(identity("hdfs", "${hadoop-env/hdfs_user}@${realm}")) + )) + ) + ), + "properties", ImmutableMap.of("principal_suffix", "") + ); + + + @Test + public void getDescriptor() throws Exception { + SecurityConfiguration securityConfig = new ObjectMapper().readValue(SECURITY_CONFIG_JSON, SecurityConfiguration.class); + assertEquals(EXPECTED_KERBEROS_DESCRIPTOR, new ObjectMapper().readValue(securityConfig.getDescriptor(), Map.class)); + } + + private static final Map<String, ?> identity(String name, String value) { + return ImmutableMap.of( + "name", name, + "principal", ImmutableMap.of( + "value", value, + "type", "user" + )); + } +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/017bfc8d/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java index 4eb29b7..289874f 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyManagerTest.java @@ -290,7 +290,6 @@ public class TopologyManagerTest { expect(request.getConfigRecommendationStrategy()).andReturn(ConfigRecommendationStrategy.NEVER_APPLY).anyTimes(); expect(request.getSecurityConfiguration()).andReturn(null).anyTimes(); - expect(group1.getBlueprintName()).andReturn(BLUEPRINT_NAME).anyTimes(); expect(group1.getCardinality()).andReturn("test cardinality").anyTimes(); expect(group1.containsMasterComponent()).andReturn(true).anyTimes(); http://git-wip-us.apache.org/repos/asf/ambari/blob/017bfc8d/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java index 17f443b..7efbbd6 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/TopologyTemplateFactoryTest.java @@ -21,10 +21,13 @@ package org.apache.ambari.server.topology; import static java.util.stream.Collectors.toSet; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; import java.io.IOException; import java.util.Map; +import org.apache.ambari.server.state.SecurityType; +import org.apache.ambari.server.utils.ResourceUtils; import org.junit.Test; import com.google.common.base.Charsets; @@ -35,9 +38,9 @@ import com.google.common.io.Resources; public class TopologyTemplateFactoryTest { public static final String CLUSTER_TEMPLATE = - getResource("blueprintv2/cluster_template_v2.json"); + ResourceUtils.getResource("blueprintv2/cluster_template_v2.json"); public static final String CLUSTER_TEMPLATE_INVALID = - getResource("blueprintv2/cluster_template_v2_invalid_hostgroup.json"); + ResourceUtils.getResource("blueprintv2/cluster_template_v2_invalid_hostgroup.json"); @Test @@ -80,15 +83,10 @@ public class TopologyTemplateFactoryTest { assertEquals(0, hostGroup2.getHosts().size()); assertEquals(2, hostGroup2.getHostCount()); assertEquals("Hosts/os_type=centos6&Hosts/cpu_count=2", hostGroup2.getHostPredicate()); - } - - private static String getResource(String fileName) { - try { - return Resources.toString(Resources.getResource(fileName), Charsets.UTF_8); - } - catch (IOException ex) { - throw new RuntimeException(ex); - } + SecurityConfiguration securityConfig = template.getSecurityConfiguration(); + assertEquals(SecurityType.KERBEROS, securityConfig.getType()); + assertNotNull(securityConfig.getDescriptor()); + assertNull(securityConfig.getDescriptorReference()); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/017bfc8d/ambari-server/src/test/java/org/apache/ambari/server/utils/ResourceUtils.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/utils/ResourceUtils.java b/ambari-server/src/test/java/org/apache/ambari/server/utils/ResourceUtils.java new file mode 100644 index 0000000..f00bc8b --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/utils/ResourceUtils.java @@ -0,0 +1,34 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.ambari.server.utils; + +import java.io.IOException; + +import com.google.common.base.Charsets; +import com.google.common.io.Resources; + +public class ResourceUtils { + public static String getResource(String fileName) { + try { + return Resources.toString(Resources.getResource(fileName), Charsets.UTF_8); + } + catch (IOException ex) { + throw new RuntimeException(ex); + } + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/017bfc8d/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json b/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json index d80f2f5..26ee307 100644 --- a/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json +++ b/ambari-server/src/test/resources/blueprintv2/cluster_template_v2.json @@ -1,5 +1,6 @@ { "blueprint": "blueprint-name", + "config_recommendation_strategy": "ALWAYS_APPLY_DONT_OVERRIDE_CUSTOM_VALUES", "default_password": "super-secret-password", "services": [ { @@ -70,6 +71,61 @@ } ], "security": { - "type": "NONE" + "type": "KERBEROS", + "kerberos_descriptor": { + "identities": [ + { + "name": "smokeuser", + "principal": { + "value": "${cluster-env/smokeuser}@${realm}", + "type": "user" + } + } + ], + "services": [ + { + "components": [ + { + "name": "AMBARI_SERVER", + "identities": [ + { + "name": "ambari-server", + "principal": { + "value": "ambari-server@${realm}", + "type": "user" + } + } + ] + } + ], + "name": "AMBARI", + "identities": [ + + ] + }, + { + "components": [ + { + "name": "NAMENODE", + "identities": [ + { + "name": "hdfs", + "principal": { + "value": "${hadoop-env/hdfs_user}@${realm}", + "type": "user" + } + } + ] + } + ], + "name": "HDFS", + "identities": [ + ] + } + ], + "properties": { + "principal_suffix": "" + } + } } } http://git-wip-us.apache.org/repos/asf/ambari/blob/017bfc8d/ambari-server/src/test/resources/blueprintv2/security_config.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/resources/blueprintv2/security_config.json b/ambari-server/src/test/resources/blueprintv2/security_config.json new file mode 100644 index 0000000..5478d1f --- /dev/null +++ b/ambari-server/src/test/resources/blueprintv2/security_config.json @@ -0,0 +1,58 @@ +{ + "type": "KERBEROS", + "kerberos_descriptor": { + "identities": [ + { + "name": "smokeuser", + "principal": { + "value": "${cluster-env/smokeuser}@${realm}", + "type": "user" + } + } + ], + "services": [ + { + "components": [ + { + "name": "AMBARI_SERVER", + "identities": [ + { + "name": "ambari-server", + "principal": { + "value": "ambari-server@${realm}", + "type": "user" + } + } + ] + } + ], + "name": "AMBARI", + "identities": [ + + ] + }, + { + "components": [ + { + "name": "NAMENODE", + "identities": [ + { + "name": "hdfs", + "principal": { + "value": "${hadoop-env/hdfs_user}@${realm}", + "type": "user" + } + } + ] + } + ], + "name": "HDFS", + "identities": [ + ] + } + ], + "properties": { + "principal_suffix": "" + } + } +} \ No newline at end of file