Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HDDS-11820. Remove hard-coded principals from ozone-testkrb5 #10

Merged
merged 1 commit into from
Nov 29, 2024
Merged

HDDS-11820. Remove hard-coded principals from ozone-testkrb5 #10

merged 1 commit into from
Nov 29, 2024

Conversation

adoroszlai
Copy link
Contributor

What changes were proposed in this pull request?

Test user principals are currently defined in the apache/ozone-docker-testkrb5 repository. Whenever a new principal is needed for tests, we need to:

  • commit updated init.sh in apache/ozone-docker-testkrb5
  • bump ozone-testkrb5 image version in apache/ozone
  • update keytabs in apache/ozone (this steps is removed in HDDS-11810)

This can be improved by creating principals just-in-time, right before exporting keytabs.

Benefits:

  • simplifies the process of adding new principals
  • avoid mismatch in list of principals added and exported

This PR removes hard-coded principals from the ozone-testkrb5 image.

https://issues.apache.org/jira/browse/HDDS-11820

How was this patch tested?

Ran secure acceptance tests with this image and corresponding Ozone change:
https://github.com/adoroszlai/ozone/actions/runs/12067118583

@adoroszlai adoroszlai self-assigned this Nov 28, 2024
dombizita
dombizita approved these changes Nov 28, 2024
View reviewed changes
Copy link
Contributor

@dombizita dombizita left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this improvement @adoroszlai! It'll be way easier this way. If others check this later, the corresponding Ozone side change is apache/ozone#7498, right?

@adoroszlai
Copy link
Contributor Author

adoroszlai commented Nov 29, 2024
edited
Loading

Thanks @dombizita for the review.

the corresponding Ozone side change is apache/ozone#7498, right?

That one is a pre-requisite for this, but another PR will follow after this image is available. In addition to updating the image, the only Ozone-side change will be: adoroszlai/ozone@bc23d0c

@adoroszlai adoroszlai merged commit 38a28fe into apache:master Nov 29, 2024
1 check passed
@adoroszlai adoroszlai deleted the HDDS-11820 branch November 29, 2024 04:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dombizita dombizita dombizita approved these changes

Assignees

@adoroszlai adoroszlai

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@adoroszlai @dombizita