AMBARI-26536: Support hadoop credential provider for AMS

ambari-metrics-host-aggregator/src/main/java/org/apache/hadoop/metrics2/host/aggregator/AggregatorApplication.java

@@ -24,6 +24,7 @@
 
 import javax.net.ssl.SSLContext;
 import javax.ws.rs.core.UriBuilder;
+import java.io.IOException;
 import java.net.InetAddress;
 import java.net.URI;
 import java.net.URL;
@@ -155,10 +156,10 @@ protected HttpServer createHttpServer() throws Exception {
       HttpsServer httpsServer = (HttpsServer) server;
       SslContextFactory sslContextFactory = new SslContextFactory();
       String keyStorePath = configuration.get("ssl.server.keystore.location");
-      String keyStorePassword = configuration.get("ssl.server.keystore.password");
-      String keyManagerPassword = configuration.get("ssl.server.keystore.keypassword");
+      String keyStorePassword = getPasswordFromConf(configuration,"ssl.server.keystore.password", configuration.get("ssl.server.keystore.password"));
+      String keyManagerPassword = getPasswordFromConf(configuration,"ssl.server.keystore.keypassword", configuration.get("ssl.server.keystore.keypassword"));
       String trustStorePath = configuration.get("ssl.server.truststore.location");
-      String trustStorePassword = configuration.get("ssl.server.truststore.password");
+      String trustStorePassword = getPasswordFromConf(configuration,"ssl.server.truststore.password", configuration.get("ssl.server.truststore.password"));
 
       sslContextFactory.setKeyStorePath(keyStorePath);
       sslContextFactory.setKeyStorePassword(keyStorePassword);
@@ -176,6 +177,16 @@ protected HttpServer createHttpServer() throws Exception {
     return server;
   }
 
+  protected String getPasswordFromConf(Configuration conf, String key, String defaultValue){
+    try {
+      char[] pass = conf.getPassword(key);
+      return pass == null ? defaultValue : new String(pass);
+    } catch (IOException e) {
+      LOG.error("Could not load password from file", e);
+    }
+    return defaultValue;
+  }
+
   private void startWebServer() {
     LOG.info("Starting web server.");
     this.httpServer.start();

ambari-metrics-host-aggregator/src/main/java/org/apache/hadoop/metrics2/sink/timeline/AbstractMetricPublisher.java

@@ -22,6 +22,7 @@
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.metrics2.host.aggregator.TimelineMetricsHolder;
 
+import java.io.IOException;
 import java.util.Collection;
 import java.util.Map;
 
@@ -70,12 +71,22 @@ protected void configure() {
             if (collectorProtocol.contains("https")) {
                 String trustStorePath = configuration.get(AMS_SITE_SSL_TRUSTSTORE_PATH_PROPERTY).trim();
                 String trustStoreType = configuration.get(AMS_SITE_SSL_TRUSTSTORE_TYPE_PROPERTY).trim();
-                String trustStorePwd = configuration.get(AMS_SITE_SSL_TRUSTSTORE_PASSWORD_PROPERTY).trim();
+                String trustStorePwd = getPasswordFromConf(configuration, AMS_SITE_SSL_TRUSTSTORE_PASSWORD_PROPERTY, configuration.get(AMS_SITE_SSL_TRUSTSTORE_PASSWORD_PROPERTY));
                 loadTruststore(trustStorePath, trustStoreType, trustStorePwd);
             }
         }
     }
 
+    public String getPasswordFromConf(Configuration conf, String key, String defaultValue){
+        try {
+            char[] pass = conf.getPassword(key);
+            return pass == null ? defaultValue : new String(pass);
+        } catch (IOException e) {
+            LOG.error("Could not load password from file", e);
+        }
+        return defaultValue;
+    }
+
     /**
      * Publishes metrics to collector in specified intervals while not interrupted.
      */

ambari-metrics-timelineservice/src/main/java/org/apache/ambari/metrics/core/timeline/TimelineMetricsIgniteCache.java

@@ -47,6 +47,7 @@
 import javax.cache.Cache;
 import javax.cache.expiry.CreatedExpiryPolicy;
 import javax.cache.expiry.Duration;
+import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URISyntaxException;
 import java.util.ArrayList;
@@ -98,9 +99,9 @@ public TimelineMetricsIgniteCache(TimelineMetricMetadataManager metricMetadataMa
     if (metricConf.get(TIMELINE_SERVICE_HTTP_POLICY) != null && metricConf.get(TIMELINE_SERVICE_HTTP_POLICY).equalsIgnoreCase("HTTPS_ONLY")) {
       SslContextFactory sslContextFactory = new SslContextFactory();
       String keyStorePath = sslConf.get("ssl.server.keystore.location");
-      String keyStorePassword = sslConf.get("ssl.server.keystore.password");
+      String keyStorePassword = getPasswordFromConf(sslConf,"ssl.server.keystore.password", sslConf.get("ssl.server.keystore.password"));
       String trustStorePath = sslConf.get("ssl.server.truststore.location");
-      String trustStorePassword = sslConf.get("ssl.server.truststore.password");
+      String trustStorePassword = getPasswordFromConf(sslConf,"ssl.server.truststore.password", sslConf.get("ssl.server.truststore.password"));
 
       sslContextFactory.setKeyStoreFilePath(keyStorePath);
       sslContextFactory.setKeyStorePassword(keyStorePassword.toCharArray());
@@ -172,6 +173,16 @@ public TimelineMetricsIgniteCache(TimelineMetricMetadataManager metricMetadataMa
     igniteCache = igniteNode.getOrCreateCache(cacheConfiguration);
   }
 
+  public String getPasswordFromConf(Configuration conf, String key, String defaultValue){
+    try {
+      char[] pass = conf.getPassword(key);
+      return pass == null ? defaultValue : new String(pass);
+    } catch (IOException e) {
+      LOG.error("Could not load password from file", e);
+    }
+    return defaultValue;
+  }
+
   /**
    * Looks through the cache and evicts all elements within (startTime; endTime] half-interval
    * All elements satisfying the half-interval will be removed from the cache.