mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joerg Schad <jo...@mesosphere.io>
Subject Re: Review Request 48781: Marked some optional fields in acls.proto as required.
Date Fri, 17 Jun 2016 07:19:24 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/48781/#review138179
-----------------------------------------------------------




include/mesos/authorizer/acls.proto (line 32)
<https://reviews.apache.org/r/48781/#comment203399>

    Can we add here a comment that the Entities need to be required in the messages (See my
linked patch)



include/mesos/authorizer/acls.proto (line 178)
<https://reviews.apache.org/r/48781/#comment203401>

    When was this one introduced. Do we need to be careful of deprecation here?



include/mesos/authorizer/acls.proto (line 241)
<https://reviews.apache.org/r/48781/#comment203400>

    This one is still optional....


- Joerg Schad


On June 17, 2016, 6:05 a.m., Alexander Rojas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/48781/
> -----------------------------------------------------------
> 
> (Updated June 17, 2016, 6:05 a.m.)
> 
> 
> Review request for mesos, Joerg Schad and Till Toenshoff.
> 
> 
> Bugs: MESOS-5588
>     https://issues.apache.org/jira/browse/MESOS-5588
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> The messages `GetEndpoints`, `ViewFramework`, `ViewTask`, `ViewExecutor`
> and `AccessSandbox` all have optional authorization objects as a result
> of copy and pasting previous message, but their semantics were those
> of an required field, which led to some unexpected behavior when a user
> misstyped any entry there.
> 
> This patch sets the fields to their actual expected values.
> 
> 
> Diffs
> -----
> 
>   include/mesos/authorizer/acls.proto 2ffcaa29deaccba5e099a81706432035fe318d98 
> 
> Diff: https://reviews.apache.org/r/48781/diff/
> 
> 
> Testing
> -------
> 
> Ran variations of this script for both master and agent:
> 
> ```sh
> cat <<EOF > /tmp/credentials.txt
> foo bar
> baz bar
> EOF
> 
> cat <<EOF > /tmp/acls.json
> {
>   "permissive": false,
>   "access_mesos_logs" : [
>     {
>       "principals" : { "values" : ["foo"] },
>       "logs" : { "type" : "ANY" }
>     }
>   ],
>   "view_frameworks": [
>     {
>       "principals": { "type": "ANY" },
>       "user": { "type": "NONE" }
>     }
>   ]
> }
> EOF
> 
> ./bin/mesos-master.sh --work_dir=/tmp/mesos/master \
>                       --authenticate_http \
>                       --credentials=file:///tmp/credentials.txt \
>                       --acls=file:///tmp/acls.json \
>                       --log_dir=/tmp/mesos/logs/master 
> ```
> 
> with valid and invalid ACLs
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message