src/kudu/ranger-kms/mini_ranger_kms.h - kudu - Git at Google

 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.

 #pragma once

 #include <cstdint>
 #include <memory>
 #include <string>
 #include <utility>

 #include <glog/logging.h>

 #include "kudu/gutil/port.h"
 #include "kudu/gutil/strings/substitute.h"
 #include "kudu/util/curl_util.h"
 #include "kudu/util/env.h"
 #include "kudu/util/path_util.h"
 #include "kudu/util/status.h"
 #include "kudu/util/subprocess.h" // IWYU pragma: keep
 #include "kudu/util/test_util.h"

 namespace kudu {
 namespace postgres {
 class MiniPostgres;
 }  // namespace postgres
 namespace ranger {
 class MiniRanger;
 }  // namespace ranger

 namespace rangerkms {

 class MiniRangerKMS {
  public:
   MiniRangerKMS(std::string host,
                 std::shared_ptr<postgres::MiniPostgres> mini_pg,
                 std::shared_ptr<ranger::MiniRanger> mini_ranger)
       : MiniRangerKMS(GetTestDataDirectory(),
                       std::move(host),
                       std::move(mini_pg),
                       std::move(mini_ranger)) {}

   ~MiniRangerKMS();

   MiniRangerKMS(std::string data_root, std::string host,
                 std::shared_ptr<postgres::MiniPostgres> mini_pg,
                 std::shared_ptr<ranger::MiniRanger> mini_ranger)
         : data_root_(std::move(data_root)),
           host_(std::move(host)),
           mini_pg_(std::move(mini_pg)),
           mini_ranger_(std::move(mini_ranger)),
           env_(Env::Default()) {
             curl_.set_auth(CurlAuthType::BASIC, "admin", "admin");
   }

   // Starts Ranger and its dependencies.
   Status Start() WARN_UNUSED_RESULT;

   // Stops Ranger and its dependencies.
   Status Stop() WARN_UNUSED_RESULT;

   Status CreateKMSService();

   Status GetKeys() const;

   Status CreateClusterKey(const std::string& name, std::string* version) WARN_UNUSED_RESULT;


   void EnableKerberos(std::string krb5_config,
                       std::string ktpath,
                       std::string spnego_ktpath) {
     kerberos_ = true;
     krb5_config_ = std::move(krb5_config);
     ktpath_ = std::move(ktpath);
     spnego_ktpath_ = std::move(spnego_ktpath);
   }

   std::string url() const {
     return strings::Substitute("$0:$1/kms", host_, port_);
   }

  private:
   // Starts RangerKMS Service
   Status StartRangerKMS() WARN_UNUSED_RESULT;

   // Initializes Ranger KMS within 'kms_home' (home directory of the Ranger KMS
   // admin). Sets 'fresh_install' to true if 'kms_home' didn't exist before
   // calling InitRangerKMS().
   Status InitRangerKMS(const std::string& kms_home, bool* fresh_install) WARN_UNUSED_RESULT;

   // Creates configuration files.
   // ref:
   // https://docs.cloudera.com/HDPDocuments/HDP2/HDP-2.6.5/bk_security/content/ranger_kms_properties.html
   Status CreateConfigs(const std::string& conf_dir) WARN_UNUSED_RESULT;

   // Initializes Ranger KMS' database.
   Status DbSetup(const std::string& kms_home, const std::string& ews_dir,
                  const std::string& web_app_dir) WARN_UNUSED_RESULT;

   // Returns RangerKMS' home directory.
   std::string ranger_kms_home() const {
     return JoinPathSegments(data_root_, "ranger-kms");
   }

   std::string bin_dir() const {
     std::string exe;
     CHECK_OK(env_->GetExecutablePath(&exe));
     return DirName(exe);
   }

   // Returns classpath for Ranger KMS.
   std::string ranger_kms_classpath() const {
     std::string kms_home = ranger_kms_home();
     // ${RANGER_KMS_CONF_DIR}:
     // ${SQL_CONNECTOR_JAR}:
     // ${RANGER_KMS_HOME}/ews/webapp/WEB-INF/classes/lib/:
     // ${RANGER_KMS_HOME}/ews/webapp/lib/:
     // ${JAVA_HOME}/lib/:
     // ${RANGER_KMS_HADOOP_CONF_DIR}/"
     return strings::Substitute("$0:$1:$2:$3:$4",
                                kms_home,
                                JoinPathSegments(bin_dir(), "postgresql.jar"),
                                JoinPathSegments(ranger_kms_home_,
                                                 "ews/webapp/WEB-INF/classes/lib/*"),
                                JoinPathSegments(ranger_kms_home_, "ews/webapp/lib/*"),
                                JoinPathSegments(java_home_, "lib/*"),
                                JoinPathSegments(hadoop_home_, "conf"));
   }
   // Directory in which to put all our stuff.
   const std::string data_root_;
   // Host url for RangerKMS.
   const std::string host_;

   std::shared_ptr<postgres::MiniPostgres> mini_pg_;
   std::shared_ptr<ranger::MiniRanger> mini_ranger_;
   std::unique_ptr<Subprocess> process_;

   // URL of the Ranger KMS REST API.
   std::string ranger_kms_url_;

   // Locations in which to find Hadoop, Ranger, and Java.
   // These may be in the thirdparty build, or may be shared across tests. As
   // such, their contents should be treated as read-only.
   std::string hadoop_home_;
   std::string ranger_kms_home_;
   std::string java_home_;

   bool kerberos_;
   std::string krb5_config_;
   std::string ktpath_;
   std::string spnego_ktpath_;

   Env* env_;
   EasyCurl curl_;

   uint16_t port_ = 0;
 };


 } // namespace rangerkms
 } // namespace kudu
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.

	#pragma once

	#include <cstdint>
	#include <memory>
	#include <string>
	#include <utility>

	#include <glog/logging.h>

	#include "kudu/gutil/port.h"
	#include "kudu/gutil/strings/substitute.h"
	#include "kudu/util/curl_util.h"
	#include "kudu/util/env.h"
	#include "kudu/util/path_util.h"
	#include "kudu/util/status.h"
	#include "kudu/util/subprocess.h" // IWYU pragma: keep
	#include "kudu/util/test_util.h"

	namespace kudu {
	namespace postgres {
	class MiniPostgres;
	} // namespace postgres
	namespace ranger {
	class MiniRanger;
	} // namespace ranger

	namespace rangerkms {

	class MiniRangerKMS {
	public:
	MiniRangerKMS(std::string host,
	std::shared_ptr<postgres::MiniPostgres> mini_pg,
	std::shared_ptr<ranger::MiniRanger> mini_ranger)
	: MiniRangerKMS(GetTestDataDirectory(),
	std::move(host),
	std::move(mini_pg),
	std::move(mini_ranger)) {}

	~MiniRangerKMS();

	MiniRangerKMS(std::string data_root, std::string host,
	std::shared_ptr<postgres::MiniPostgres> mini_pg,
	std::shared_ptr<ranger::MiniRanger> mini_ranger)
	: data_root_(std::move(data_root)),
	host_(std::move(host)),
	mini_pg_(std::move(mini_pg)),
	mini_ranger_(std::move(mini_ranger)),
	env_(Env::Default()) {
	curl_.set_auth(CurlAuthType::BASIC, "admin", "admin");
	}

	// Starts Ranger and its dependencies.
	Status Start() WARN_UNUSED_RESULT;

	// Stops Ranger and its dependencies.
	Status Stop() WARN_UNUSED_RESULT;

	Status CreateKMSService();

	Status GetKeys() const;

	Status CreateClusterKey(const std::string& name, std::string* version) WARN_UNUSED_RESULT;


	void EnableKerberos(std::string krb5_config,
	std::string ktpath,
	std::string spnego_ktpath) {
	kerberos_ = true;
	krb5_config_ = std::move(krb5_config);
	ktpath_ = std::move(ktpath);
	spnego_ktpath_ = std::move(spnego_ktpath);
	}

	std::string url() const {
	return strings::Substitute("$0:$1/kms", host_, port_);
	}

	private:
	// Starts RangerKMS Service
	Status StartRangerKMS() WARN_UNUSED_RESULT;

	// Initializes Ranger KMS within 'kms_home' (home directory of the Ranger KMS
	// admin). Sets 'fresh_install' to true if 'kms_home' didn't exist before
	// calling InitRangerKMS().
	Status InitRangerKMS(const std::string& kms_home, bool* fresh_install) WARN_UNUSED_RESULT;

	// Creates configuration files.
	// ref:
	// https://docs.cloudera.com/HDPDocuments/HDP2/HDP-2.6.5/bk_security/content/ranger_kms_properties.html
	Status CreateConfigs(const std::string& conf_dir) WARN_UNUSED_RESULT;

	// Initializes Ranger KMS' database.
	Status DbSetup(const std::string& kms_home, const std::string& ews_dir,
	const std::string& web_app_dir) WARN_UNUSED_RESULT;

	// Returns RangerKMS' home directory.
	std::string ranger_kms_home() const {
	return JoinPathSegments(data_root_, "ranger-kms");
	}

	std::string bin_dir() const {
	std::string exe;
	CHECK_OK(env_->GetExecutablePath(&exe));
	return DirName(exe);
	}

	// Returns classpath for Ranger KMS.
	std::string ranger_kms_classpath() const {
	std::string kms_home = ranger_kms_home();
	// ${RANGER_KMS_CONF_DIR}:
	// ${SQL_CONNECTOR_JAR}:
	// ${RANGER_KMS_HOME}/ews/webapp/WEB-INF/classes/lib/:
	// ${RANGER_KMS_HOME}/ews/webapp/lib/:
	// ${JAVA_HOME}/lib/:
	// ${RANGER_KMS_HADOOP_CONF_DIR}/"
	return strings::Substitute("$0:$1:$2:$3:$4",
	kms_home,
	JoinPathSegments(bin_dir(), "postgresql.jar"),
	JoinPathSegments(ranger_kms_home_,
	"ews/webapp/WEB-INF/classes/lib/*"),
	JoinPathSegments(ranger_kms_home_, "ews/webapp/lib/*"),
	JoinPathSegments(java_home_, "lib/*"),
	JoinPathSegments(hadoop_home_, "conf"));
	}
	// Directory in which to put all our stuff.
	const std::string data_root_;
	// Host url for RangerKMS.
	const std::string host_;

	std::shared_ptr<postgres::MiniPostgres> mini_pg_;
	std::shared_ptr<ranger::MiniRanger> mini_ranger_;
	std::unique_ptr<Subprocess> process_;

	// URL of the Ranger KMS REST API.
	std::string ranger_kms_url_;

	// Locations in which to find Hadoop, Ranger, and Java.
	// These may be in the thirdparty build, or may be shared across tests. As
	// such, their contents should be treated as read-only.
	std::string hadoop_home_;
	std::string ranger_kms_home_;
	std::string java_home_;

	bool kerberos_;
	std::string krb5_config_;
	std::string ktpath_;
	std::string spnego_ktpath_;

	Env* env_;
	EasyCurl curl_;

	uint16_t port_ = 0;
	};


	} // namespace rangerkms
	} // namespace kudu