[jira] [Work logged] (HIVE-26464) New credential provider for replicating to the cloud

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/HIVE-26464?focusedWorklogId=801431&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-801431
 ]

ASF GitHub Bot logged work on HIVE-26464:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 17/Aug/22 16:19
            Start Date: 17/Aug/22 16:19
    Worklog Time Spent: 10m 
      Work Description: pfelker opened a new pull request, #3526:
URL: https://github.com/apache/hive/pull/3526

   ### What changes were proposed in this pull request?
   HIVE-26464
   
   
   ### Why are the changes needed?
   It is needed for on-prem to cloud replication
   
   
   ### Does this PR introduce _any_ user-facing change?
   No
   
   
   ### How was this patch tested?
   * I've tested it on a real cloud environment, replicated a test database 
from on-prem to AWS
   * Added new JUnit tests




Issue Time Tracking
-------------------

            Worklog Id:     (was: 801431)
    Remaining Estimate: 0h
            Time Spent: 10m

> New credential provider for replicating to the cloud
> ----------------------------------------------------
>
>                 Key: HIVE-26464
>                 URL: https://issues.apache.org/jira/browse/HIVE-26464
>             Project: Hive
>          Issue Type: Task
>          Components: HiveServer2, repl
>            Reporter: Peter Felker
>            Assignee: Peter Felker
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> In {{ReplDumpTask}}, if the following *new* config is provided in 
> {{HiveConf}}:
> * {{hive.repl.cloud.credential.provider.path}}
> then the HS2 credstore URI scheme, contained by {{HiveConf}} with key 
> {{hadoop.security.credential.provider.path}}, should be updated so that it 
> will start with new scheme: {{hiverepljceks}}. For instance:
> {code}jceks://file/path/to/credstore/creds.localjceks{code}
> will become:
> {code}hiverepljceks://file/path/to/credstore/creds.localjceks{code}
> This new scheme, {{hiverepljceks}}, will make Hadoop to use a *new* 
> credential provider, which will do the following:
> # Load the HS2 keystore file, defined by key 
> {{hadoop.security.credential.provider.path}}
> # Gets a password from the HS2 keystore file, with key: 
> {{hive.repl.cloud.credential.provider.password}}
> # This password will be used to load another keystore file, located on HDFS 
> and specified by the new config mentioned before: 
> {{hive.repl.cloud.credential.provider.path}}. This contains the cloud 
> credentials for the Hive cloud replication.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)