HBASE-29789: Backport 'HBASE-29761: The HBase UI's Debug Dump is not redacting sensitive information' to branch-2

[kgeisz]

https://issues.apache.org/jira/browse/HBASE-29789

This pull request back-ports HBASE-29761: The HBase UI's Debug Dump is not redacting sensitive information into branch-2. HBASE-29761 fixes an issue where sensitive information, such as passwords, were not being redacted when looking at a server's Debug Dump in the HBase UI. Some small modifications needed to be made in the Java code in order to get this commit to build. The changes included:

MasterDumpServlet.java and RSDumpServlet.java

• Using StandardCharsets.UTF_8.toString() instead of StandardCharsets.UTF_8

MasterDumpServlet.java

• Changed if (isShowQueueDump(conf)) to if (isShowQueueDump(master.getConfiguration())) since the conf variable no longer exists in the code (the master branch does not have this if block at all).

TestDebugDumpRedaction.java

• Using HBaseTestingUtility instead of HBaseTestingUtil
• Initializing REDACTED_PROPS using Arrays.asList() instead of List.of() and using .collect(Collectors.toList()) instead of .toList().

TestServerHttpUtils.java

• Using static final String PLAIN_TEXT = "text/plain" instead of static final String PLAIN_TEXT_UTF8 = "text/plain;charset=utf-8".

[Apache-HBase]

🎊 +1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 56s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
+1 💚	hbaseanti	0m 0s		Patch does not have any anti-patterns.
			_ branch-2 Compile Tests _
+1 💚	mvninstall	4m 35s		branch-2 passed
+1 💚	compile	3m 51s		branch-2 passed
+1 💚	checkstyle	0m 53s		branch-2 passed
+1 💚	spotbugs	2m 12s		branch-2 passed
+1 💚	spotless	0m 55s		branch has no errors when running spotless:check.
			_ Patch Compile Tests _
+1 💚	mvninstall	3m 56s		the patch passed
+1 💚	compile	3m 59s		the patch passed
+1 💚	javac	3m 59s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
-0 ⚠️	checkstyle	0m 51s	/results-checkstyle-hbase-server.txt	hbase-server: The patch generated 1 new + 0 unchanged - 0 fixed = 1 total (was 0)
+1 💚	spotbugs	2m 16s		the patch passed
+1 💚	hadoopcheck	20m 6s		Patch does not cause any errors with Hadoop 2.10.2 or 3.3.6 3.4.1.
+1 💚	spotless	0m 57s		patch has no errors when running spotless:check.
			_ Other Tests _
+1 💚	asflicense	0m 12s		The patch does not generate ASF License warnings.
		48m 5s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/artifact/yetus-general-check/output/Dockerfile
GITHUB PR	#7568
JIRA Issue	HBASE-29789
Optional Tests	dupname asflicense javac spotbugs checkstyle codespell detsecrets compile hadoopcheck hbaseanti spotless
uname	Linux 39534841318f 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	branch-2 / 23b2817
Default Java	Eclipse Adoptium-11.0.23+9
Max. process+thread count	78 (vs. ulimit of 30000)
modules	C: hbase-server U: hbase-server
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/console
versions	git=2.34.1 maven=3.9.8 spotbugs=4.7.3
Powered by	Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

[Apache-HBase]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 46s		Docker mode activated.
-0 ⚠️	yetus	0m 6s		Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --author-ignore-list --blanks-eol-ignore-file --blanks-tabs-ignore-file --quick-hadoopcheck
			_ Prechecks _
			_ branch-2 Compile Tests _
+1 💚	mvninstall	2m 53s		branch-2 passed
+1 💚	compile	0m 44s		branch-2 passed
+1 💚	javadoc	0m 27s		branch-2 passed
+1 💚	shadedjars	5m 38s		branch has no errors when building our shaded downstream artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	2m 31s		the patch passed
+1 💚	compile	0m 42s		the patch passed
+1 💚	javac	0m 42s		the patch passed
+1 💚	javadoc	0m 25s		the patch passed
+1 💚	shadedjars	5m 32s		patch has no errors when building our shaded downstream artifacts.
			_ Other Tests _
-1 ❌	unit	216m 33s	/patch-unit-hbase-server.txt	hbase-server in the patch failed.
		241m 9s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/artifact/yetus-jdk8-hadoop2-check/output/Dockerfile
GITHUB PR	#7568
JIRA Issue	HBASE-29789
Optional Tests	javac javadoc unit compile shadedjars
uname	Linux 3f9125724d19 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	branch-2 / 23b2817
Default Java	Temurin-1.8.0_412-b08
Test Results	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/testReport/
Max. process+thread count	3085 (vs. ulimit of 30000)
modules	C: hbase-server U: hbase-server
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/console
versions	git=2.34.1 maven=3.9.8
Powered by	Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

[Apache-HBase]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 42s		Docker mode activated.
-0 ⚠️	yetus	0m 6s		Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --author-ignore-list --blanks-eol-ignore-file --blanks-tabs-ignore-file --quick-hadoopcheck
			_ Prechecks _
			_ branch-2 Compile Tests _
+1 💚	mvninstall	3m 42s		branch-2 passed
+1 💚	compile	1m 6s		branch-2 passed
+1 💚	javadoc	0m 31s		branch-2 passed
+1 💚	shadedjars	6m 28s		branch has no errors when building our shaded downstream artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	3m 4s		the patch passed
+1 💚	compile	0m 59s		the patch passed
+1 💚	javac	0m 59s		the patch passed
+1 💚	javadoc	0m 27s		the patch passed
+1 💚	shadedjars	6m 26s		patch has no errors when building our shaded downstream artifacts.
			_ Other Tests _
-1 ❌	unit	211m 56s	/patch-unit-hbase-server.txt	hbase-server in the patch failed.
		241m 9s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/artifact/yetus-jdk17-hadoop3-check/output/Dockerfile
GITHUB PR	#7568
JIRA Issue	HBASE-29789
Optional Tests	javac javadoc unit compile shadedjars
uname	Linux 66d7d261d48a 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	branch-2 / 23b2817
Default Java	Eclipse Adoptium-17.0.11+9
Test Results	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/testReport/
Max. process+thread count	3379 (vs. ulimit of 30000)
modules	C: hbase-server U: hbase-server
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/console
versions	git=2.34.1 maven=3.9.8
Powered by	Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

[Apache-HBase]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 45s		Docker mode activated.
-0 ⚠️	yetus	0m 6s		Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --author-ignore-list --blanks-eol-ignore-file --blanks-tabs-ignore-file --quick-hadoopcheck
			_ Prechecks _
			_ branch-2 Compile Tests _
+1 💚	mvninstall	3m 41s		branch-2 passed
+1 💚	compile	0m 51s		branch-2 passed
+1 💚	javadoc	0m 28s		branch-2 passed
+1 💚	shadedjars	6m 39s		branch has no errors when building our shaded downstream artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	3m 6s		the patch passed
+1 💚	compile	0m 51s		the patch passed
+1 💚	javac	0m 51s		the patch passed
+1 💚	javadoc	0m 26s		the patch passed
+1 💚	shadedjars	6m 40s		patch has no errors when building our shaded downstream artifacts.
			_ Other Tests _
-1 ❌	unit	326m 33s	/patch-unit-hbase-server.txt	hbase-server in the patch failed.
		380m 18s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/artifact/yetus-jdk11-hadoop3-check/output/Dockerfile
GITHUB PR	#7568
JIRA Issue	HBASE-29789
Optional Tests	javac javadoc unit compile shadedjars
uname	Linux 2788b604f0cc 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	branch-2 / 23b2817
Default Java	Eclipse Adoptium-11.0.23+9
Test Results	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/testReport/
Max. process+thread count	3498 (vs. ulimit of 30000)
modules	C: hbase-server U: hbase-server
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7568/1/console
versions	git=2.34.1 maven=3.9.8
Powered by	Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

[taklwu]

@kgeisz you may need to revisit the patch for branch-2 and branch-2.6

[taklwu]

the test failed

[ERROR] org.apache.hadoop.hbase.regionserver.http.TestRSStatusPage.testStatusPage -- Time elapsed: 1.225 s <<< FAILURE!
org.junit.ComparisonFailure: expected:<text/html[;charset=utf-8]> but was:<text/html[]>
	at org.junit.Assert.assertEquals(Assert.java:117)
	at org.junit.Assert.assertEquals(Assert.java:146)
	at org.apache.hadoop.hbase.util.TestServerHttpUtils.getPageContent(TestServerHttpUtils.java:44)
	at org.apache.hadoop.hbase.regionserver.http.TestRSStatusPage.testStatusPage(TestRSStatusPage.java:125)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.lang.Thread.run(Thread.java:829)