-
Notifications
You must be signed in to change notification settings - Fork 28.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SPARK-45374][CORE] Add test keys for SSL functionality #43163
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+CC @srowen as well ... these are meant to be for tests, want to make sure there are no concerns with potential 'security audit' related user reports, etc.
Where are these used though? |
OK, hm, I don't really see the value in splitting this part out, but it doesn't hurt. @mridulm has the ball. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these are meant to be for tests, want to make sure there are no concerns with potential 'security audit' related user reports, etc.
I think this will be okay because:
- These are only in test JARs
- Some of the test JARs already contain other forms of test key files, such as https://github.com/apache/spark/blob/master/sql/hive/src/test/resources/data/files/keystore.jks
Merged to master. |
Just noticed that we are using the same jira for all of the PR's. We can manually relink the merged PR's in the jira for now. |
happy to do so, I'll update the inflight PRs that haven't merged yet and let you know if I need help re-linking. EDIT: Updated the other PRs that have not been merged, and I will file more tasks for the upcoming PRs once I get to putting them up. Not sure how to relink the PRs in jira unfortunately. |
What changes were proposed in this pull request?
This PR introduces test keys for SSL functionality. They keys were generated using something like the following:
And then copied to all the relevant folders. I also copied over the keystore and trustore files (did not regenerate those).
Why are the changes needed?
We need these test files to run tests using PEM keys for SSL connections.
Does this PR introduce any user-facing change?
No
How was this patch tested?
These test files will be used by follow up PRs. This was tested as part of #42685, whic is being split.
Was this patch authored or co-authored using generative AI tooling?
No