flink-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mxm <...@git.apache.org>
Subject [GitHub] flink issue #2275: FLINK-3929 Support for Kerberos Authentication with Keyta...
Date Tue, 02 Aug 2016 13:11:13 GMT
Github user mxm commented on the issue:

    https://github.com/apache/flink/pull/2275
  
    > Yes, it is not essential to run the secure test case all the time as it consumes
more cycles. Do you have any suggestion on controlling this through some mvn/surefire plugin
configuration?
    
    I would suggest that we keep three integration test classes for testing security:
    1. Kafka (with Zookeeper)
    2. HDFS
    3. Yarn
    
    In addition, we need a unit test to verify that the security context is correctly set
up. I think we're covered then and don't need any more tests. After all, tests that are disabled
by default and we almost never run are not very useful.
    
    >It is little overhead but works out well with minimal changes to the code. We could
revisit and make any changes if it creates any issues.
    
    I would really like to move all security testing code to a utility class and call this
code through `@AfterClass` and `@BeforeClass` methods. If that is fine with you. This is simpler
and easier to understand than the custom runner implementation.
    
    >I believe you are referring to the https://ci.apache.org/projects/flink/flink-docs-master/setup/config.html.
If so, yes it certainly helps and I will be happy to add the details but I don't have access
to edit the page.
    
    You can actually change this page in the repository at [/docs/setup/config.md](/apache/flink/blob/master/docs/setup/config.md).
    
    Concerning `SASL_PLAINTEXT`: I suppose we're making an effort to encrypt the authentication
channel in the changes according to the security document? For now this seems fine.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message