mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Rojas <alexan...@mesosphere.io>
Subject Re: Review Request 48781: Marked some optional fields in acls.proto as required.
Date Fri, 17 Jun 2016 06:05:32 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/48781/
-----------------------------------------------------------

(Updated June 17, 2016, 8:05 a.m.)


Review request for mesos, Joerg Schad and Till Toenshoff.


Summary (updated)
-----------------

Marked some optional fields in acls.proto as required.


Bugs: MESOS-5588
    https://issues.apache.org/jira/browse/MESOS-5588


Repository: mesos


Description
-------

The messages `GetEndpoints`, `ViewFramework`, `ViewTask`, `ViewExecutor`
and `AccessSandbox` all have optional authorization objects as a result
of copy and pasting previous message, but their semantics were those
of an required field, which led to some unexpected behavior when a user
misstyped any entry there.

This patch sets the fields to their actual expected values.


Diffs
-----

  include/mesos/authorizer/acls.proto 2ffcaa29deaccba5e099a81706432035fe318d98 

Diff: https://reviews.apache.org/r/48781/diff/


Testing
-------

Ran variations of this script for both master and agent:

```sh
cat <<EOF > /tmp/credentials.txt
foo bar
baz bar
EOF

cat <<EOF > /tmp/acls.json
{
  "permissive": false,
  "access_mesos_logs" : [
    {
      "principals" : { "values" : ["foo"] },
      "logs" : { "type" : "ANY" }
    }
  ],
  "view_frameworks": [
    {
      "principals": { "type": "ANY" },
      "user": { "type": "NONE" }
    }
  ]
}
EOF

./bin/mesos-master.sh --work_dir=/tmp/mesos/master \
                      --authenticate_http \
                      --credentials=file:///tmp/credentials.txt \
                      --acls=file:///tmp/acls.json \
                      --log_dir=/tmp/mesos/logs/master 
```

with valid and invalid ACLs


Thanks,

Alexander Rojas


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message