[jira] [Work logged] (HIVE-25829) Tez exec mode support for credential provider for jobs

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/HIVE-25829?focusedWorklogId=706072&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-706072
 ]

ASF GitHub Bot logged work on HIVE-25829:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 10/Jan/22 12:55
            Start Date: 10/Jan/22 12:55
    Worklog Time Spent: 10m 
      Work Description: deniskuzZ commented on a change in pull request #2911:
URL: https://github.com/apache/hive/pull/2911#discussion_r781167272



##########
File path: ql/src/java/org/apache/hadoop/hive/ql/exec/tez/TezSessionState.java
##########
@@ -350,6 +351,16 @@ protected void openInternal(String[] 
additionalFilesNotFromConf,
 
     setupSessionAcls(tezConfig, conf);
 
+    /*
+     * Update HADOOP_CREDSTORE_PASSWORD for the TezAM.
+     * If there is a job specific credential store, it will be set.
+     * HiveConfUtil.updateJobCredentialProviders should not be used here,
+     * as it changes the credential store path too, which causes the dag 
submission fail,
+     * as this config has an effect in HS2 (on TezClient codepath), and the 
original hadoop
+     * credential store should be used.
+     */
+    HiveConfUtil.updateCredentialProviderPasswordForJobs(tezConfig);

Review comment:
       Do you know if that information won't be localized by Tez in plain text?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 706072)
    Time Spent: 1h  (was: 50m)

> Tez exec mode support for credential provider for jobs
> ------------------------------------------------------
>
>                 Key: HIVE-25829
>                 URL: https://issues.apache.org/jira/browse/HIVE-25829
>             Project: Hive
>          Issue Type: Improvement
>          Components: HiveServer2
>            Reporter: Ádám Szita
>            Assignee: László Bodor
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> HIVE-14822 introduced support to securely forward a job specific java 
> credential store path, and a corresponding password to the backend executors. 
> This is currently implemented for only MR2 and Spark execution engines. I 
> propose we extend this feature by adding Tez mode to said list.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)