[GLUTEN-10113][VL] Pass hadoop fs related session level configurations to native#12367
[GLUTEN-10113][VL] Pass hadoop fs related session level configurations to native#12367zhouyuan wants to merge 7 commits into
Conversation
Signed-off-by: Yuan <yuanzhou@apache.org>
|
Run Gluten Clickhouse CI on x86 |
e37d128 to
1d6f087
Compare
There was a problem hiding this comment.
Pull request overview
This PR extends the Velox backend’s partition serialization so that Hadoop filesystem-related session configuration (notably fs.azure.*, fs.s3a.*, fs.gs.*) is captured on the driver and carried across the RDD partition boundary to executors, then forwarded into the native runtime via extraConf.
Changes:
- Added an
fsConf: Map[String, String]field toGlutenPartitionto carry selected Hadoop FS config across to executors. - Updated
VeloxIteratorApi.genPartitionsto collectfs.*keys from the driver-side Hadoop configuration and embed them into eachGlutenPartition. - Updated
VeloxIteratorApi.genFirstStageIteratorto mergeGlutenPartition.fsConfinto the nativeextraConf, and added a new Velox UT suite to validate propagation behavior.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
| gluten-substrait/src/main/scala/org/apache/gluten/execution/GlutenWholeStageColumnarRDD.scala | Adds GlutenPartition.fsConf to transport FS-related Hadoop config across partition boundaries. |
| backends-velox/src/main/scala/org/apache/gluten/backendsapi/velox/VeloxIteratorApi.scala | Captures driver-side FS Hadoop config into partitions and forwards it into native extraConf. |
| backends-velox/src/test/scala/org/apache/gluten/backendsapi/velox/VeloxIteratorApiFsConfSuite.scala | Adds unit tests verifying that selected fs.* keys are embedded into GlutenPartition.fsConf. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Run Gluten Clickhouse CI on x86 |
|
Run Gluten Clickhouse CI on x86 |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 7 comments.
Comments suppressed due to low confidence (1)
gluten-substrait/src/main/scala/org/apache/gluten/execution/GlutenWholeStageColumnarRDD.scala:51
GlutenPartitionnow containsfsConf, which can include filesystem credentials (e.g., S3/ABFS secrets). Because this is a case class, the defaulttoStringwill include the fullfsConfmap and may leak secrets into Spark logs / exception messages / UI when partitions are stringified. OverridetoStringto avoid printing values (e.g., print only keys).
override def preferredLocations(): Array[String] =
splitInfos.flatMap(_.preferredLocations().asScala)
}
|
Run Gluten Clickhouse CI on x86 |
2220efc to
9b41c7f
Compare
|
Run Gluten Clickhouse CI on x86 |
| val partitionFsConf = inputPartition.asInstanceOf[GlutenPartition].fsConf | ||
| val extraConf = (partitionFsConf + | ||
| (GlutenConfig.COLUMNAR_CUDF_ENABLED.key -> enableCudf.toString)).asJava | ||
| val transKernel = NativePlanEvaluator.create(BackendsApiManager.getBackendName, extraConf) |
| "fs.azure.account.auth.type.myaccount.dfs.core.windows.net" -> "OAuth", | ||
| "fs.azure.account.oauth.provider.type" -> "ClientCredentials" | ||
| ) { | ||
| val partitions = api.genPartitions(emptyWsCtx, Seq(Seq.empty), Seq.empty) |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
|
Run Gluten Clickhouse CI on x86 |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.
Comments suppressed due to low confidence (1)
gluten-substrait/src/main/scala/org/apache/gluten/execution/GlutenWholeStageColumnarRDD.scala:51
GlutenPartitionis a case class, so its generatedtoStringwill include the fullfsConfmap (including credential values). This can leak secrets via exceptions/logging (e.g.,$splitstring interpolation) or Spark UI/debug output. Consider overridingtoStringto avoid printing values (e.g., only print the keys).
override def preferredLocations(): Array[String] =
splitInfos.flatMap(_.preferredLocations().asScala)
}
| val fsPrefixes = Seq("fs.azure.", "fs.s3a.", "fs.gs.") | ||
| val hadoopConf = leaves.headOption | ||
| .map(_ => org.apache.spark.sql.SparkSession.active.sessionState.newHadoopConf()) | ||
| .getOrElse(org.apache.spark.SparkContext.getOrCreate().hadoopConfiguration) |
| val partitionFsConf = inputPartition.asInstanceOf[GlutenPartition].fsConf | ||
| val extraConf = (partitionFsConf + | ||
| (GlutenConfig.COLUMNAR_CUDF_ENABLED.key -> enableCudf.toString)).asJava | ||
| val transKernel = NativePlanEvaluator.create(BackendsApiManager.getBackendName, extraConf) | ||
|
|
There was a problem hiding this comment.
fixed by adding a digest on the key/password
| test("genPartitions embeds fs.s3a.* keys from Hadoop conf into GlutenPartition.fsConf") { | ||
| withHadoopConf( | ||
| "fs.s3a.access.key" -> "AKIAIOSFODNN7EXAMPLE", | ||
| "fs.s3a.secret.key" -> "wJalrXUtnFEMI" | ||
| ) { | ||
| val partitions = api.genPartitions(emptyWsCtx, Seq(Seq.empty), Seq.empty) | ||
| assert(partitions.size == 1) | ||
| val fsConf = partitions.head.asInstanceOf[GlutenPartition].fsConf | ||
| assert( | ||
| fsConf.contains("fs.s3a.access.key"), | ||
| s"Expected fs.s3a.access.key not found; got: ${fsConf.keys.mkString(", ")}") | ||
| assert(fsConf("fs.s3a.access.key") == "AKIAIOSFODNN7EXAMPLE") | ||
| assert(fsConf.contains("fs.s3a.secret.key")) | ||
| assert(fsConf("fs.s3a.secret.key") == "wJalrXUtnFEMI") | ||
| } | ||
| } |
| test("genPartitions embeds fs.azure.* keys from Hadoop conf into GlutenPartition.fsConf") { | ||
| withHadoopConf( | ||
| "fs.azure.account.auth.type.myaccount.dfs.core.windows.net" -> "OAuth", | ||
| "fs.azure.account.oauth.provider.type" -> "ClientCredentials" | ||
| ) { | ||
| val partitions = api.genPartitions(emptyWsCtx, Seq(Seq.empty), Seq.empty) |
|
Run Gluten Clickhouse CI on x86 |
Signed-off-by: Yuan <yuanzhou@apache.org>
195d39b to
05661be
Compare
|
Run Gluten Clickhouse CI on x86 |
| private def stableKey( | ||
| backendName: String, | ||
| name: String, | ||
| extraConf: util.Map[String, String]): String = { | ||
| val digest = MessageDigest.getInstance("SHA-256") | ||
| digest.update(backendName.getBytes("UTF-8")) | ||
| digest.update(0.toByte) // field separator | ||
| digest.update(name.getBytes("UTF-8")) | ||
| digest.update(0.toByte) | ||
| // Sort keys for determinism; hash only keys, not values, to avoid leaking secrets. | ||
| val sortedKeys = new java.util.ArrayList(extraConf.keySet) | ||
| java.util.Collections.sort(sortedKeys) | ||
| sortedKeys.forEach { | ||
| k => | ||
| digest.update(k.getBytes("UTF-8")) | ||
| digest.update(0.toByte) | ||
| } | ||
| digest.digest().map("%02x".format(_)).mkString | ||
| } |
| // fs.azure.* / fs.s3a.* / fs.gs.* keys captured on the driver from | ||
| // sessionState.newHadoopConf() and serialised here so they survive the | ||
| // RDD partition boundary. Spark's withSQLConfPropagated only propagates | ||
| // keys that start with "spark", so these keys are otherwise invisible on | ||
| // the executor side (the executor's SQLConf never sees them). |
| val hadoopConf = leaves.headOption | ||
| .map(_ => org.apache.spark.sql.SparkSession.active.sessionState.newHadoopConf()) | ||
| .getOrElse(org.apache.spark.SparkContext.getOrCreate().hadoopConfiguration) |
| // Hadoop configuration NOW, while we are still on the driver, and embed | ||
| // them in every GlutenPartition. These keys are set by the user via | ||
| // spark.conf.set("fs.azure.account.auth.type", ...) or | ||
| // sparkContext.hadoopConfiguration.set(...) |
| withHadoopConf( | ||
| "fs.s3a.access.key" -> "AKIAIOSFODNN7EXAMPLE", | ||
| "fs.s3a.secret.key" -> "wJalrXUtnFEMI" | ||
| ) { |
| .map(_ => org.apache.spark.sql.SparkSession.active.sessionState.newHadoopConf()) | ||
| .getOrElse(org.apache.spark.SparkContext.getOrCreate().hadoopConfiguration) | ||
| val fsConf = { | ||
| hadoopConf.iterator().asScala |
There was a problem hiding this comment.
Thanks for the PR — this is a problem we've hit before. Internally we addressed it by injecting a known Hadoop key list at a specific injection point.
The hadoopConf.iterator() would return the full configuration set, which has a noticeable performance cost. Besides, some of the configu entries are also unresolved — values like .key=${...} aren't decoded, so the velox backend fails to parse them. I haven't come across a cleaner solution yet.
There was a problem hiding this comment.
Good point. Hadoop Configuration has getPropsWithPrefix in the Hadoop versions Gluten supports, so I’ll replace the full iterator() scan with prefix lookups for fs.azure., fs.s3a., and fs.gs.. This keeps the same propagation behavior but avoids iterating the entire configuration set.
Signed-off-by: Yuan <yuanzhou@apache.org>
|
Run Gluten Clickhouse CI on x86 |
| // Spark's withSQLConfPropagated (it only forwards keys starting with | ||
| // "spark"), so embedding them in the serialised GlutenPartition is the | ||
| // only reliable transport mechanism. | ||
| val fsPrefixes = Seq("fs.azure.", "fs.s3a.", "fs.gs.") |
There was a problem hiding this comment.
nit: We can define this part as a constant and allow users to extend it (via configuration or by adding a constant prefix), which would make the user experience more friendly.
| // RDD partition boundary. Spark's withSQLConfPropagated only propagates | ||
| // keys that start with "spark", so these keys are otherwise invisible on | ||
| // the executor side (the executor's SQLConf never sees them). | ||
| fsConf: Map[String, String] = Map.empty |
There was a problem hiding this comment.
CWE‑532 / CWE‑200:Case‑class auto‑toString prints every field, so any log line or exception that stringifies a partition (or the wrapping FirstZippedPartitionsPartition) will dump fs.s3a.secret.key=… verbatim. Please override toString to print fsConf keys only — or redact values on the driver side at capture time using SECRET_REDACTION_PATTERN (spark.redaction.regex). Note SQLConf.get.stringRedactionPattern is a different config (default None) and won't help here, and SQLConf.get itself isn't safe to call off‑task. Please also add a regression test that asserts toString does not contain a seeded secret value.
I notice Copilot already flagged this security‑related risk earlier. However, the latest commit still hasn’t addressed the issue.
| digest.update(k.getBytes("UTF-8")) | ||
| digest.update(0.toByte) | ||
| } | ||
| digest.digest().map("%02x".format(_)).mkString |
There was a problem hiding this comment.
CWE‑694:stableKey hashes only the keys. Two Runtimes.contextInstance calls inside the same task that share a keyset but differ in values (e.g. IcebergWrite#write with different icebergProperties) will collide on the same TaskResources registration, and the second caller silently gets the runtime built from the first. Please hash sorted (key, value) pairs — values are still hidden from logs because only the digest escapes, and the existing key‑sort already makes the digest deterministic.
| // Capture fs.azure.* / fs.s3a.* / fs.gs.* keys from the driver-side | ||
| // Hadoop configuration NOW, while we are still on the driver, and embed | ||
| // them in every GlutenPartition. These keys are set by the user via | ||
| // spark.conf.set("fs.azure.account.auth.type", ...) or |
There was a problem hiding this comment.
Two things:
- The comment block at lines 128–144 still advertises
spark.conf.set(...),DataFrameReader.option(...), andsessionState.newHadoopConf()as user surfaces — none of those reach the new code path, which only readsSparkContext.getOrCreate().hadoopConfiguration. The actual recipes that work are submit‑time--conf spark.hadoop.fs.*=…(which Spark copies intoSparkContext.hadoopConfigurationat boot) or runtimesparkContext.hadoopConfiguration.set("fs.*", ...).spark.conf.set("spark.hadoop.fs.*", ...)set at runtime writes to SQLConf only and is invisible to the new code. - The paragraph starting "Capture fs.azure.* …" is duplicated at line 137 — looks like a merge artefact. Please collapse into one paragraph and rewrite the recipe.
|
|
||
| test("genPartitions embeds fs.s3a.* keys from Hadoop conf into GlutenPartition.fsConf") { | ||
| withHadoopConf( | ||
| "fs.s3a.access.key" -> "AKIAIOSFODNN7EXAMPLE", |
There was a problem hiding this comment.
AKIAIOSFODNN7EXAMPLE is AWS's documentation example and matches the AKIA/ASIA pattern used by GitHub secret scanning, gitleaks, and most fork‑level scanners. Even as a test fixture, this routinely fails CI in downstream forks and surfaces as false‑positive credential alerts. Use clearly synthetic placeholders, e.g. "dummy-access-key" / "dummy-secret-value".
| // only reliable transport mechanism. | ||
| val fsPrefixes = Seq("fs.azure.", "fs.s3a.", "fs.gs.") | ||
| // scalastyle:off hadoopconfiguration | ||
| val baseHadoopConf = org.apache.spark.SparkContext.getOrCreate().hadoopConfiguration |
There was a problem hiding this comment.
org.apache.spark.SparkContext.getOrCreate() is spelled out with full FQN; SparkContext is already imported and used by short name elsewhere in this file. Move the short name in and drop the inline FQN.
On the other hand, The simplified capture reads SparkContext.getOrCreate().hadoopConfiguration directly, which only contains keys present at SparkContext construction (from SparkConf spark.hadoop.*) plus anything mutated via sparkContext.hadoopConfiguration.set(...). It does not see per‑session overrides made via spark.conf.set("spark.hadoop.fs.*", ...) at runtime, nor session‑scoped DataFrameReader.option(...) keys — both of which live on SparkSession.sessionState.newHadoopConf(). If the original use case in issue #10113 includes runtime session‑level credential injection, the current code path won't satisfy it. Either document the supported recipes explicitly (boot‑time --conf spark.hadoop.fs.* or runtime sparkContext.hadoopConfiguration.set) or read from leaves.head.sqlContext.sessionState.newHadoopConf() when leaves are available, falling back to SparkContext.hadoopConfiguration only when they aren't.
| * purpose of this test. | ||
| */ | ||
| private def emptyWsCtx: WholeStageTransformContext = | ||
| WholeStageTransformContext(PlanBuilder.empty()) |
There was a problem hiding this comment.
emptyWsCtx only works because genPartitions happens to touch only wsCtx.root.toProtobuf.toByteArray, but WholeStageTransformContext has other fields — a future shape change silently breaks the helper. Either refactor genPartitions to take Array[Byte] directly (cleanest), or add a one‑line comment recording the implicit dependency. Non‑blocking.
| planByteArray, | ||
| splitInfos.toArray | ||
| splitInfos.toArray, | ||
| fsConf = fsConf |
There was a problem hiding this comment.
Assigning fsConf = fsConf puts an independent serialised copy of the map on every GlutenPartition — reference sharing is driver‑side only, the wire cost scales with partition count.
| // task local properties), this is the only path these credentials can take to | ||
| // reach the native session config and ultimately the Velox ABFS connector. | ||
| val partitionFsConf = inputPartition.asInstanceOf[GlutenPartition].fsConf | ||
| val extraConf = (partitionFsConf + |
There was a problem hiding this comment.
CWE‑532: This line is where fsConf reaches extraConf and ultimately flows into the native session config printed by printConfig (cpp side). printConfig redacts on key match against spark.redaction.regex, default (?i)secret|password|token|access[.]?key. That default misses fs.azure.account.key.* (the Azure storage account key — the primary credential), fs.s3a.encryption.key and the deprecated alias fs.s3a.server-side-encryption.key, fs.gs.auth.service.account.private.key, and fs.gs.auth.service.account.json.keyfile. With spark.gluten.sql.debug=true these reach executor stdout in cleartext. The fix is on the C++ side: please hard‑redact the credential‑bearing prefixes inside printConfig in addition to applying the operator regex — minimum list: fs.azure.account.key., fs.azure.sas., fs.azure.account.oauth2., fs.s3a.access.key, fs.s3a.secret.key, fs.s3a.session.token, fs.s3a.encryption.key, fs.s3a.server-side-encryption.key, fs.gs.auth.service.account.private.key, fs.gs.auth.service.account.json.keyfile. Consider also extending Gluten's default spark.redaction.regex to cover them.
There was a problem hiding this comment.
Thanks, it seems pass these configurations as a parameter will introduce the credential leakage. Let me try to use the other more secure approach
What changes are proposed in this pull request?
This patch adds the runtime hadoop related configurations to native.
How was this patch tested?
new UT
Was this patch authored or co-authored using generative AI tooling?
IBM BoB
Related issue: #10113