[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16468188#comment-16468188 ] Robert Kanter commented on YARN-8198: - Thanks for the patch [~kanwaljeets]. Some comments: # I think we should move this to a HADOOP JIRA and retitle accordingly because it's really changing Common code ({{HttpServer2}}), and not YARN specifically. # In {{#addHeaders}} we're currently compiling the regex each time this is called. We can move that {{Pattern}} to a static class variable as [~snemeth] said. # Another point [~snemeth] mentioned is that the regex has two capturing groups, but we only ever use the second one. We can get rid of the first one. # I think we should use {{matches(...)}} instead of {{find(...)}} on the regex in {{#addHeaders}}. {{find}} is meant for searching through a String multiple times, while {{matches}} is looking at the whole String. I'm not sure of the implementation details, but I imagine {{matches}} might be faster because of that. With {{find}}, we're only calling it once per String so this isn't really a problem, but if we were to somehow call it multiple times, it would actually pass on a String like {{"hadoop.http.header.foo.hadoop.http.header.bar"}} and group 2 would be {{"foo"}} and then {{"bar"}}. # In {{initializeWebServer}}, we have: {code:java} Map xFrameParams = new HashMap<>(); xFrameParams.put(X_FRAME_ENABLED, String.valueOf(this.xFrameOptionIsEnabled)); xFrameParams.put(X_FRAME_VALUE, this.xFrameOption.toString()); setHeaders(conf, xFrameParams); {code} {{setHeaders}} adds in "default headers" and then all the "{{hadoop.http.headers.*}}" headers. This means that we're doing this order: (1) XFrame, (2) default, (3) user-specified. Shouldn't we move the XFrame headers into {{setHeaders}} and have the default ones go first? Really, shouldn't the XFrame headers be part of the default headers? ## Similarly, in {{doFilter}}, the XFrame headers are handled separately from the rest of them (which use {{addHeaders(...)}}. It would be cleaner if we were to make all headers behave the same way with the same code. ## Further on that point, in {{initializeWebServer}} we set that {{X_FRAME_ENABLED}} to a boolean String, and then in {{doFilter}}, we add the {{X_FRAME}} header if it's {{"true"}}. Using your new code, we should be able to just check this once in {{initializeWebServer}} and simply add or omit the {{X_FRAME}} header itself accordingly. # The {{testHttpResponseCustomtHeaders}} test has a typo, it should be {{testHttpResponseCustomHeaders}}. > Add Security-Related HTTP Response Header in Yarn WEBUIs. > - > > Key: YARN-8198 > URL: https://issues.apache.org/jira/browse/YARN-8198 > Project: Hadoop YARN > Issue Type: Improvement > Components: yarn >Reporter: Kanwaljeet Sachdev >Assignee: Kanwaljeet Sachdev >Priority: Major > Labels: security > Attachments: YARN-8198.001.patch, YARN-8198.002.patch, > YARN-8198.003.patch, YARN-8198.004.patch, YARN-8198.005.patch > > > As of today, YARN web-ui lacks certain security related http response > headers. We are planning to add few default ones and also add support for > headers to be able to get added via xml config. Planning to make the below > two as default. > * X-XSS-Protection: 1; mode=block > * X-Content-Type-Options: nosniff > > Support for headers via config properties in core-site.xml will be along the > below lines > {code:java} > > hadoop.http.header.Strict_Transport_Security > valHSTSFromXML > {code} > > A regex matcher will lift these properties and add into the response header > when Jetty prepares the response. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16461113#comment-16461113 ] Szilard Nemeth commented on YARN-8198: -- Thanks [~kanwaljeets] for the updated patch, LGTM +1 (non-binding) > Add Security-Related HTTP Response Header in Yarn WEBUIs. > - > > Key: YARN-8198 > URL: https://issues.apache.org/jira/browse/YARN-8198 > Project: Hadoop YARN > Issue Type: Improvement > Components: yarn >Reporter: Kanwaljeet Sachdev >Assignee: Kanwaljeet Sachdev >Priority: Major > Labels: security > Attachments: YARN-8198.001.patch, YARN-8198.002.patch, > YARN-8198.003.patch, YARN-8198.004.patch, YARN-8198.005.patch > > > As of today, YARN web-ui lacks certain security related http response > headers. We are planning to add few default ones and also add support for > headers to be able to get added via xml config. Planning to make the below > two as default. > * X-XSS-Protection: 1; mode=block > * X-Content-Type-Options: nosniff > > Support for headers via config properties in core-site.xml will be along the > below lines > {code:java} > > hadoop.http.header.Strict_Transport_Security > valHSTSFromXML > {code} > > A regex matcher will lift these properties and add into the response header > when Jetty prepares the response. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16460625#comment-16460625 ] genericqa commented on YARN-8198: - | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 28s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 1 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 23m 1s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 26m 25s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 8s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 10m 51s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 28s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 42s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 26m 15s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 26m 15s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 43s{color} | {color:orange} hadoop-common-project/hadoop-common: The patch generated 36 new + 87 unchanged - 7 fixed = 123 total (was 94) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 0m 56s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 8m 52s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 32s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 49s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} unit {color} | {color:red} 7m 58s{color} | {color:red} hadoop-common in the patch failed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 29s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}112m 42s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | Failed junit tests | hadoop.fs.TestTrash | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:abb62dd | | JIRA Issue | YARN-8198 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12921533/YARN-8198.005.patch | | Optional Tests | asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle | | uname | Linux 7773552d566a 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux | | Build tool | maven | | Personality | /testptch/patchprocess/precommit/personality/provided.sh | | git revision | trunk / 8f42daf | | maven | version: Apache Maven 3.3.9 | | Default Java | 1.8.0_162 | | findbugs | v3.1.0-RC1 | | checkstyle | https://builds.apache.org/job/PreCommit-YARN-Build/20564/artifact/out/diff-checkstyle-hadoop-common-project_hadoop-common.txt | | unit | https://builds.apache.org/job/PreCommit-YARN-Build/20564/artifact/out/patch-unit-hadoop-common-project_hadoop-common.txt | | Test Results | https://builds.apache.org/job/PreCommit-YARN-Build/20564/testReport/ | | Max. process+thread count | 1436 (vs. ulimit of 1) | | modules | C: hadoo
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16460541#comment-16460541 ] Kanwaljeet Sachdev commented on YARN-8198: -- Thanks [~snemeth] for the comments. I have uploaded the new patch with following changes/responses {quote}1. HttpServer2 in general about regex usage: You use {{HTTP_HEADER_REGEX}} in 3 places: - addHeaders - setHeaders (2 occurences) A.) In {{addHeaders()}}, you could simply use {{String.startsWith()}} because AFAIK you don't validate with the regex, you just check whether the String starts with a prefix. B.) In {{setHeaders()}}, you call {{conf.getValByRegex()}}, I think if you just leverage the startsWith capability of your regex, you could just call {{conf.getPropsWithPrefix()}} because it's more lightweight than a regex matching. If you still decide to keep regex-matching instead of simple String operations, I think you should fix these: {quote} Planning to use regex. {quote}A.) {{setHeaders()}}: you call {{conf.getValByRegex()}}, this method returns every config matching for a regex. Then you forEach on the {{headerConfigMap}} and do the same regex-matching that the {{getValByRegex}} did, which is not needed. Then, you could just simply call {{xFrameParams.putAll(headerConfigMap);}} as the last step of this method. {quote} Good point. I took care of it. {quote}C.) You should call {{Pattern.compile(HTTP_HEADER_REGEX)}} only once and save it to a static final field of {{HttpServer2}}. You have 2 occurrences of this pattern call, both in a loop, which is costly and unnecessarry to perform every time. {quote} Agreed. {quote}D.) In your {{HTTP_HEADER_REGEX}}, I think the first regex group is not relevant as you are only interested in what follows "hadoop.http.header." I guess. {quote} - {quote}{{HttpServer2.addHeaders()}}:You have: {{String value = config.getInitParameter(key);]] You don't use the value local variable, I guess you wanted to use it on the next line.– {{HttpServer2.getDefaultHeaders()}}: You used split twice on both headers, you could store the split results in arrays and access the elements from 0th and 1st index.{quote} Yes, changed it. {quote}2. HttpServer2 (minor thing): As you only use {{getDefaultHeaders}} from {{setHeaders}}, I would put the {{getDefaultHeaders}} method under the {{setHeaders}} method. {quote} I moved it below {quote}3. HttpServer2: introduced constant Strings could be package private. {quote} Made it 'default' as the Test class needs it too. > Add Security-Related HTTP Response Header in Yarn WEBUIs. > - > > Key: YARN-8198 > URL: https://issues.apache.org/jira/browse/YARN-8198 > Project: Hadoop YARN > Issue Type: Improvement > Components: yarn >Reporter: Kanwaljeet Sachdev >Assignee: Kanwaljeet Sachdev >Priority: Major > Labels: security > Attachments: YARN-8198.001.patch, YARN-8198.002.patch, > YARN-8198.003.patch, YARN-8198.004.patch, YARN-8198.005.patch > > > As of today, YARN web-ui lacks certain security related http response > headers. We are planning to add few default ones and also add support for > headers to be able to get added via xml config. Planning to make the below > two as default. > * X-XSS-Protection: 1; mode=block > * X-Content-Type-Options: nosniff > > Support for headers via config properties in core-site.xml will be along the > below lines > {code:java} > > hadoop.http.header.Strict_Transport_Security > valHSTSFromXML > {code} > > A regex matcher will lift these properties and add into the response header > when Jetty prepares the response. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16459505#comment-16459505 ] genericqa commented on YARN-8198: - | (/) *{color:green}+1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 21s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 1 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 22m 51s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 26m 30s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 8s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 11m 24s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 27s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 57s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 43s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 26m 12s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 26m 12s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 42s{color} | {color:orange} hadoop-common-project/hadoop-common: The patch generated 36 new + 87 unchanged - 7 fixed = 123 total (was 94) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 5s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 8m 55s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 32s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 1m 0s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} unit {color} | {color:green} 8m 11s{color} | {color:green} hadoop-common in the patch passed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 37s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}114m 4s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:abb62dd | | JIRA Issue | YARN-8198 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12921378/YARN-8198.004.patch | | Optional Tests | asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle | | uname | Linux ec5f06cf51d9 4.4.0-64-generic #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux | | Build tool | maven | | Personality | /testptch/patchprocess/precommit/personality/provided.sh | | git revision | trunk / 2d319e3 | | maven | version: Apache Maven 3.3.9 | | Default Java | 1.8.0_162 | | findbugs | v3.1.0-RC1 | | checkstyle | https://builds.apache.org/job/PreCommit-YARN-Build/20547/artifact/out/diff-checkstyle-hadoop-common-project_hadoop-common.txt | | Test Results | https://builds.apache.org/job/PreCommit-YARN-Build/20547/testReport/ | | Max. process+thread count | 1438 (vs. ulimit of 1) | | modules | C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common | | Console output | https://builds.apache.org/job/PreCommit-YARN-Build/20547/console | | Powered by | Apache Yetus 0.8.0-SNA
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16456334#comment-16456334 ] Szilard Nemeth commented on YARN-8198: -- - HttpServer2 (minor thing): As you only use {{getDefaultHeaders}} from {{setHeaders}}, I would put the {{getDefaultHeaders}} method under the {{setHeaders}} method. - HttpServer2: introduced constant Strings could be package private. - *HttpServer2 in general about regex usage: You use {{HTTP_HEADER_REGEX}} in 3 places: * - addHeaders - setHeaders (2 occurences) In {{addHeaders()}}, you could simply use {{String.startsWith()}} because AFAIK you don't validate with the regex, you just check whether the String starts with a prefix. In {{setHeaders()}}, you call {{conf.getValByRegex()}}, I think if you just leverage the startsWith capability of your regex, you could just call {{conf.getPropsWithPrefix()}} because it's more lightweight than a regex matching. If you still decide to keep regex-matching instead of simple String operations, I think you should fix these: - {{setHeaders()}}: you call {{conf.getValByRegex()}}, this method returns every config matching for a regex. Then you forEach on the {{headerConfigMap}} and do the same regex-matching that the {{getValByRegex}} did, which is not needed. You could just simply call {{xFrameParams.putAll(headerConfigMap);}} as the last step of this method. - {{setHeaders()}}: if you want to ensure that no config is present with name "hadoop.http.header.X", where X does not match for your regex ([a-zA-Z\-_]+), I think you should indicate the unmatched values with a log message (warning?). - You should call {{Pattern.compile(HTTP_HEADER_REGEX)}} only once and save it to a static final field of {{HttpServer2}}. You have 2 occurences of this pattern call, both in a loop, which is costly and unnecessarry to perform every time. - In your {{HTTP_HEADER_REGEX}}, I think the first regex group is not relevant as you are only interested in what follows "hadoop.http.header." I guess. - {{HttpServer2.addHeaders()}}: You have: {{String value = config.getInitParameter(key);]] You don't use the value local variable, I guess you wanted to use it on the next line. - {{HttpServer2.getDefaultHeaders()}}: You used split twice on both headers, you could store the split results in arrays and access the elements from 0th and 1st index. > Add Security-Related HTTP Response Header in Yarn WEBUIs. > - > > Key: YARN-8198 > URL: https://issues.apache.org/jira/browse/YARN-8198 > Project: Hadoop YARN > Issue Type: Improvement > Components: yarn >Reporter: Kanwaljeet Sachdev >Assignee: Kanwaljeet Sachdev >Priority: Major > Labels: security > Attachments: YARN-8198.001.patch, YARN-8198.002.patch, > YARN-8198.003.patch > > > As of today, YARN web-ui lacks certain security related http response > headers. We are planning to add few default ones and also add support for > headers to be able to get added via xml config. Planning to make the below > two as default. > * X-XSS-Protection: 1; mode=block > * X-Content-Type-Options: nosniff > > Support for headers via config properties in core-site.xml will be along the > below lines > {code:java} > > hadoop.http.header.Strict_Transport_Security > valHSTSFromXML > {code} > > A regex matcher will lift these properties and add into the response header > when Jetty prepares the response. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16452389#comment-16452389 ] Kanwaljeet Sachdev commented on YARN-8198: -- [~rkanter], let me know your thoughts on the patch > Add Security-Related HTTP Response Header in Yarn WEBUIs. > - > > Key: YARN-8198 > URL: https://issues.apache.org/jira/browse/YARN-8198 > Project: Hadoop YARN > Issue Type: Improvement > Components: yarn >Reporter: Kanwaljeet Sachdev >Assignee: Kanwaljeet Sachdev >Priority: Major > Labels: security > Attachments: YARN-8198.001.patch, YARN-8198.002.patch, > YARN-8198.003.patch > > > As of today, YARN web-ui lacks certain security related http response > headers. We are planning to add few default ones and also add support for > headers to be able to get added via xml config. Planning to make the below > two as default. > * X-XSS-Protection: 1; mode=block > * X-Content-Type-Options: nosniff > > Support for headers via config properties in core-site.xml will be along the > below lines > {code:java} > > hadoop.http.header.Strict_Transport_Security > valHSTSFromXML > {code} > > A regex matcher will lift these properties and add into the response header > when Jetty prepares the response. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16451812#comment-16451812 ] genericqa commented on YARN-8198: - | (/) *{color:green}+1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 33s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 1 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 25m 20s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 28m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 52s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 10s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 12m 29s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 36s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 59s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 49s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 27m 52s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 27m 52s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 49s{color} | {color:orange} hadoop-common-project/hadoop-common: The patch generated 3 new + 94 unchanged - 0 fixed = 97 total (was 94) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 9s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 9m 57s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 47s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 55s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} unit {color} | {color:green} 9m 15s{color} | {color:green} hadoop-common in the patch passed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 33s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}124m 40s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:b78c94f | | JIRA Issue | YARN-8198 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12920581/YARN-8198.003.patch | | Optional Tests | asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle | | uname | Linux 3fe2390ee93d 3.13.0-139-generic #188-Ubuntu SMP Tue Jan 9 14:43:09 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux | | Build tool | maven | | Personality | /testptch/patchprocess/precommit/personality/provided.sh | | git revision | trunk / bb3c504 | | maven | version: Apache Maven 3.3.9 | | Default Java | 1.8.0_162 | | findbugs | v3.1.0-RC1 | | checkstyle | https://builds.apache.org/job/PreCommit-YARN-Build/20464/artifact/out/diff-checkstyle-hadoop-common-project_hadoop-common.txt | | Test Results | https://builds.apache.org/job/PreCommit-YARN-Build/20464/testReport/ | | Max. process+thread count | 1570 (vs. ulimit of 1) | | modules | C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common | | Console output | https://builds.apache.org/job/PreCommit-YARN-Build/20464/console | | Powered by | Apache Yetus 0.8.0-SNA
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16451432#comment-16451432 ] genericqa commented on YARN-8198: - | (/) *{color:green}+1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 43s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 1 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 26m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 30m 32s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 52s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 15s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 12m 59s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 36s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 57s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 57s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 28m 41s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 28m 41s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 55s{color} | {color:orange} hadoop-common-project/hadoop-common: The patch generated 21 new + 94 unchanged - 0 fixed = 115 total (was 94) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 13s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 10m 16s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 44s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 59s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} unit {color} | {color:green} 8m 27s{color} | {color:green} hadoop-common in the patch passed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 39s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}129m 7s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:b78c94f | | JIRA Issue | YARN-8198 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12920514/YARN-8198.002.patch | | Optional Tests | asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle | | uname | Linux 2c22d8831fae 3.13.0-139-generic #188-Ubuntu SMP Tue Jan 9 14:43:09 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux | | Build tool | maven | | Personality | /testptch/patchprocess/precommit/personality/provided.sh | | git revision | trunk / 9d6befb | | maven | version: Apache Maven 3.3.9 | | Default Java | 1.8.0_162 | | findbugs | v3.1.0-RC1 | | checkstyle | https://builds.apache.org/job/PreCommit-YARN-Build/20454/artifact/out/diff-checkstyle-hadoop-common-project_hadoop-common.txt | | Test Results | https://builds.apache.org/job/PreCommit-YARN-Build/20454/testReport/ | | Max. process+thread count | 1409 (vs. ulimit of 1) | | modules | C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common | | Console output | https://builds.apache.org/job/PreCommit-YARN-Build/20454/console | | Powered by | Apache Yetus 0.8.0-S
[jira] [Commented] (YARN-8198) Add Security-Related HTTP Response Header in Yarn WEBUIs.
[ https://issues.apache.org/jira/browse/YARN-8198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16450435#comment-16450435 ] genericqa commented on YARN-8198: - | (/) *{color:green}+1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 37s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 1 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 25m 57s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 28m 17s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 51s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 11s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 4m 2s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 32s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 56s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 46s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 27m 29s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 27m 29s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 57s{color} | {color:orange} hadoop-common-project/hadoop-common: The patch generated 20 new + 94 unchanged - 0 fixed = 114 total (was 94) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 10s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 10m 23s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 39s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 56s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} unit {color} | {color:green} 8m 16s{color} | {color:green} hadoop-common in the patch passed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 37s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}115m 18s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:8620d2b | | JIRA Issue | YARN-8198 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12920397/YARN-8198.001.patch | | Optional Tests | asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle | | uname | Linux 244a81919262 3.13.0-139-generic #188-Ubuntu SMP Tue Jan 9 14:43:09 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux | | Build tool | maven | | Personality | /testptch/patchprocess/precommit/personality/provided.sh | | git revision | trunk / 56788d7 | | maven | version: Apache Maven 3.3.9 | | Default Java | 1.8.0_162 | | findbugs | v3.1.0-RC1 | | checkstyle | https://builds.apache.org/job/PreCommit-YARN-Build/20452/artifact/out/diff-checkstyle-hadoop-common-project_hadoop-common.txt | | Test Results | https://builds.apache.org/job/PreCommit-YARN-Build/20452/testReport/ | | Max. process+thread count | 1365 (vs. ulimit of 1) | | modules | C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common | | Console output | https://builds.apache.org/job/PreCommit-YARN-Build/20452/console | | Powered by | Apache Yetus 0.8.0-S