waggle-dance
waggle-dance copied to clipboard
ExpediaGroup
Use different tokens instead of forcing WD and all HMS to use the same delegatetoken in the kerberos environment
:pencil: Description
1.Use WD's own token. 2. Support HMS to use different tokens separately. 3. Refactored the delegatetoken section, greatly simplifying the code logic. 4. After extensive testing in our environment, it is OK.
:link: Related Issues
https://github.com/ExpediaGroup/waggle-dance/issues/309
@patduin Could you review this or have someone else review it as well. We have been making this change for several months, and tested many times. I think it can really help many people.
The failed reason seems to have nothing to do with my pr
Error: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.8:deploy (injected-nexus-deploy) on project waggle-dance-rpm: Failed to deploy artifacts: Could not transfer artifact com.hotels:waggle-dance-api:jar:javadoc:4.0.0-20240412.083012-2 from/to sonatype-nexus-snapshots (https://oss.sonatype.org/content/repositories/snapshots): authentication failed for https://oss.sonatype.org/content/repositories/snapshots/com/hotels/waggle-dance-api/4.0.0-SNAPSHOT/waggle-dance-api-4.0.0-20240412.083012-2-javadoc.jar, status: 401 Unauthorized -> [Help 1]
Yup I'll try to get some eyes on this next week, thank you!!!
On Fri, 12 Apr 2024, 10:40 tian bao, @.***> wrote:
@patduin https://github.com/patduin Could you review this or have someone else review it as well. We have been making this change for several months, and tested many times. I think it can really help many people.
— Reply to this email directly, view it on GitHub https://github.com/ExpediaGroup/waggle-dance/pull/313#issuecomment-2051300260, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAP6JGEGIGMZCBXYCC2JUVLY46MY3AVCNFSM6AAAAABGDSXUJSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANJRGMYDAMRWGA . You are receiving this because you were mentioned.Message ID: @.***>
I cannot accept this PR as it is now. This needs some refactoring to separate kerberos code from the non kerberos paths and remove all the static class dependencies introduced.
Wait for me for a while, I will make some changes and submit it again.
@patduin @jmnunezizu I have completed the modifications, please help me take a look
- The static part of the code has been replaced.
- Strategy model for SaslThriftMetastoreClientManager.
At the same time, I changed the code to not require manual kinit and can automatically renew tickets.
I think the failed test case getTableMeta and Could not transfer artifact are not related to me.
@patduin @jmnunezizu Could you help review it? This feature is really useful for users in the kerberos environment.
Hi @flaming-archer – we'll get to it as soon as we can. Sorry for the delay and thanks for the additional changes and contribution.
Hi @flaming-archer – we'll get to it as soon as we can. Sorry for the delay and thanks for the additional changes and contribution.
It's been a week now....
@patduin @jmnunezizu This feature is really great. Could you help me take a look.
I've merged the other hive3 PR please have a look at the conflicts, thank you.
I've merged the other hive3 PR please have a look at the conflicts, thank you.
Sorry, I only saw it now. I saw that PR, it was submitted by my colleague, and I know her changes. I will modify it together based on this. Wait for me for a moment.