Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add HDFS OPA authorizer #2

Merged
merged 22 commits into from
Feb 16, 2024
Merged

Add HDFS OPA authorizer #2

merged 22 commits into from
Feb 16, 2024

Conversation

sbernauer
Copy link
Member

@sbernauer sbernauer commented Feb 16, 2024
edited by adwk67
Loading

Description

Part of stackabletech/hdfs-operator#400

Definition of Done Checklist

  • Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
  • Please make sure all these things are done and tick the boxes

Reviewer
Beta Give feedback

Acceptance
Beta Give feedback

@sbernauer sbernauer self-assigned this Feb 16, 2024
@sbernauer sbernauer mentioned this pull request Feb 16, 2024
Merged
adwk67
adwk67 reviewed Feb 16, 2024
View reviewed changes
README.md Outdated Show resolved Hide resolved
adwk67
adwk67 approved these changes Feb 16, 2024
View reviewed changes
Copy link
Member

@adwk67 adwk67 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! As discussed, I haven't looked at the rego rules in depth as they will be tested elsewhere anyway. The mapping stuff looks good. Approving so it doesn't block further work.

@sbernauer
Copy link
Member Author

Just for reference, the Issue to create "production-ready" rego rules is stackabletech/issues#523

NickLarsenNZ
NickLarsenNZ approved these changes Feb 16, 2024
View reviewed changes
Copy link
Member

@NickLarsenNZ NickLarsenNZ left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just added suggestions for the things the linter picked up.

Docs: https://github.com/reviewdog/action-detect-secrets?tab=readme-ov-file#false-positives (Thanks @Techassi)

test/stack/20-hdfs.yaml Outdated Show resolved Hide resolved
test/stack/20-hdfs.yaml Outdated Show resolved Hide resolved
test/stack/30-test-hdfs-permissions.yaml Show resolved Hide resolved
adwk67
adwk67 approved these changes Feb 16, 2024
View reviewed changes
Copy link
Member

@adwk67 adwk67 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm. Left a comment about logging the non-pp query, but I leave that up to you.

src/main/java/tech/stackable/hadoop/StackableAccessControlEnforcer.java Show resolved Hide resolved
@sbernauer sbernauer merged commit 274f8e7 into main Feb 16, 2024
12 of 13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adwk67 adwk67 adwk67 approved these changes

@NickLarsenNZ NickLarsenNZ NickLarsenNZ approved these changes

Assignees

@sbernauer sbernauer

Labels
None yet
Projects
Stackable Engineering
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sbernauer @adwk67 @NickLarsenNZ