[
https://issues.apache.org/jira/browse/YARN-11726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17895634#comment-17895634
]
ASF GitHub Bot commented on YARN-11726:
---------------------------------------
Hean-Chhinling opened a new pull request, #7148:
URL: https://github.com/apache/hadoop/pull/7148
### Description of PR
This pull request enhances the `getPassword` method in the WebAppUtils class
within Hadoop YARN by adding logging for password retrieval operations.
Previously, if the password retrieval failed due to a misconfiguration or other
issues, it failed silently, providing no indication of the error. This update
adds:
* **Debug Logging**: Logs successful password retrieval attempts, showing
which alias was retrieved.
* **Error Logging**: Logs failures in retrieving passwords along with the
alias and error details.
These changes improve transparency and traceability, making it easier for
administrators to identify misconfigurations or other issues in YARN's password
management.
### How was this patch tested?
The changes were tested using the existing unit tests for the `getPassword`
method, and the method performed successfully with the added logging
functionality. No additional integration tests were required since this change
only affects logging behavior.
### For code changes:
- [x] Does the title or this PR starts with the corresponding JIRA issue id
(e.g. 'HADOOP-17799. Your PR title ...')?
- [ ] Object storage: have the integration tests been executed and the
endpoint declared according to the connector-specific documentation?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the `LICENSE`, `LICENSE-binary`,
`NOTICE-binary` files?
> Exposing Password Retrieval Process for Web Application Utilities in method
> `getPassword`
> -----------------------------------------------------------------------------------------
>
> Key: YARN-11726
> URL: https://issues.apache.org/jira/browse/YARN-11726
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: yarn
> Affects Versions: 3.3.6
> Environment: Version: {{3.3.6}}
> Location:
> {{{}hadoop/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/util/WebAppUtils.java{}}},
> in the {{getPassword}} method, lines 486-500.
> Reporter: LoggingResearch
> Priority: Major
> Attachments: TestWebAppUtils.java, original-vs-log-enhanced.md
>
>
> The method {{getPassword}} in {{WebAppUtils}} is responsible for securely
> retrieving passwords from the configuration based on the provided alias. If
> the alias is not set or if there's an issue during the retrieval, the system
> currently fails silently. Enhancing the logging within this method will
> provide more transparency and help diagnose configuration issues, such as
> missing or incorrect password aliases.
>
> *Expected Behavior:*
> The system should log the success or failure of password retrieval attempts,
> including any issues encountered during the process. This will improve
> traceability and allow administrators to more easily identify and correct
> misconfigurations or errors related to password management.
>
> *How-to-Fix:*
> We propose adding log statements to expose the success or failure of password
> retrieval operations. This will enhance the visibility of
> configuration-related issues, allowing administrators to better manage
> security credentials within YARN.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
