Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AMBARI-23775] Removed (or upgraded) unsecure libraries from ambari-agent due to security reasons #1193

Merged
merged 1 commit into from May 7, 2018
Merged

[AMBARI-23775] Removed (or upgraded) unsecure libraries from ambari-agent due to security reasons #1193

merged 1 commit into from May 7, 2018

Conversation

smolnar82
Copy link
Contributor

What changes were proposed in this pull request?

Excluded the following dependencies from ambari-agent build since they are nor needed:
com.jcraft:jsch
org.mortbay.jetty:jetty-util
commons-httpclient:commons-httpclient
commons-beanutils:commons-beanutils-core

Upgraded apache.zookeeper:zookeeper v3.4.9 to `apache.zookeeper:zookeeper v3.4.10'

How was this patch tested?

1.) Running unit tests in ambari-agent:

[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:29 min
[INFO] Finished at: 2018-05-07T14:41:57+02:00
[INFO] Final Memory: 37M/1522M
[INFO] ------------------------------------------------------------------------

2.) Checking Maven's dependency resolution:

HW15069:ambari-agent smolnar$ mvn dependency:tree -Dincludes=com.jcraft:jsch -Dverbose=true
[INFO] Scanning for projects...
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Building Ambari Agent 2.0.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ ambari-agent ---
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.844 s
[INFO] Finished at: 2018-05-07T14:43:14+02:00
[INFO] Final Memory: 19M/437M
[INFO] ------------------------------------------------------------------------

HW15069:ambari-agent smolnar$ mvn dependency:tree -Dincludes=org.mortbay.jetty:jetty-util -Dverbose=true
[INFO] Scanning for projects...
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Building Ambari Agent 2.0.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ ambari-agent ---
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.788 s
[INFO] Finished at: 2018-05-07T14:43:28+02:00
[INFO] Final Memory: 19M/437M
[INFO] ------------------------------------------------------------------------

HW15069:ambari-agent smolnar$ mvn dependency:tree -Dincludes=commons-httpclient:commons-httpclient -Dverbose=true
[INFO] Scanning for projects...
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Building Ambari Agent 2.0.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ ambari-agent ---
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.639 s
[INFO] Finished at: 2018-05-07T14:43:48+02:00
[INFO] Final Memory: 19M/437M
[INFO] ------------------------------------------------------------------------

HW15069:ambari-agent smolnar$ mvn dependency:tree -Dincludes=commons-beanutils:commons-beanutils-core -Dverbose=true
[INFO] Scanning for projects...
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Building Ambari Agent 2.0.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ ambari-agent ---
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.634 s
[INFO] Finished at: 2018-05-07T14:44:04+02:00
[INFO] Final Memory: 19M/437M
[INFO] ------------------------------------------------------------------------

HW15069:ambari-agent smolnar$ mvn dependency:tree -Dincludes=org.apache.zookeeper:zookeeper -Dverbose=true
[INFO] Scanning for projects...
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Building Ambari Agent 2.0.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ ambari-agent ---
[INFO] org.apache.ambari:ambari-agent:jar:2.0.0.0-SNAPSHOT
[INFO] \- org.apache.zookeeper:zookeeper:jar:3.4.10:compile
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.635 s
[INFO] Finished at: 2018-05-07T14:44:19+02:00
[INFO] Final Memory: 20M/437M
[INFO] ------------------------------------------------------------------------

@smolnar82 smolnar82 added security agent Ambari Agent labels May 7, 2018
@smolnar82 smolnar82 self-assigned this May 7, 2018
@asfgit
Copy link

asfgit commented May 7, 2018

Refer to this link for build results (access rights to CI server needed):
https://builds.apache.org/job/Ambari-Github-PullRequest-Builder/2157/
Test PASSed.

@smolnar82 smolnar82 merged commit d3399bd into apache:trunk May 7, 2018
@zeroflag
Copy link
Contributor

zeroflag commented May 7, 2018

Technically most of these are not needed because they don't go into the final distribution package. But removing them doesn't hurt.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zeroflag zeroflag zeroflag approved these changes

@adoroszlai adoroszlai adoroszlai approved these changes

@rlevas rlevas Awaiting requested review from rlevas

@echekanskiy echekanskiy Awaiting requested review from echekanskiy

Assignees

@smolnar82 smolnar82

Labels
agent Ambari Agent security
Projects
None yet
Milestone
No milestone
4 participants
@smolnar82 @asfgit @zeroflag @adoroszlai