You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Ramesh Mani <rm...@apache.org> on 2022/06/16 06:23:39 UTC
[VOTE] Release Apache Ranger version 2.3.0 - rc2
Dear Rangers,
Apache Ranger 2.3.0 release candidate #2 is now available for a vote within
the dev community. Links to the release artifacts are given below. Please
review and vote.
The vote will be open for at least 72 hours or until necessary votes are
reached.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Thanks,
Ramesh
List of all issues / improvements addressed in this release:
https://issues.apache.org/jira/issues/?jql=project=RANGER AND
status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
Git tag for the release:
https://github.com/apache/ranger/tree/release-2.3.0-rc2
Sources for the release:
https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz
Source release verification:
PGP Signature:
https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.asc
SHA256 Hash:
https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha256
SHA512 Hash:
https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha512
Keys to verify the signature of the release artifacts are available at:
https://dist.apache.org/repos/dist/release/ranger/KEYS
New features/enhancements:
RANGER-2846 Add support for resource[volume, bucket, key] look up in ozone
plugin
RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
RANGER-3023 Permission tab takes longer time to load with large number of
users and group_users data
RANGER-3030 Replace Findbugs with Spotbugs maven plugin
RANGER-3182 Prestosql is renamed to Trino
RANGER-3221 Improve logging in Presto plugin
RANGER-3276 Remove duplicate code from buildks.java
RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
RANGER-3298 Add coarse URI check for Hive Agent
RANGER-3389 Swagger UI Support for Ranger REST API
RANGER-3435 Add unique index on guid, service and zone_id column of
x_policy table
RANGER-3439 Add rest api to get or delete ranger policy based on guid
RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect to
knox logout page
RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
RANGER-3475 Promote TagRest endpoints to /public/v2
RANGER-3487 Update underscore js with latest version.
RANGER-3493 Add unique index on service and resource_signature column of
x_policy table
RANGER-3498 RANGER : Remove log4j1 dependencies.
RANGER-3504 Create framework to execute DB patch dependent on Java patch.
RANGER-3510 Ranger upgrade spring framework version to 5.3.12
RANGER-3511 Create Java patch to update policy resource-signature to unique
value.
RANGER-3512 Create Java patch to update policy guid to unique value.
RANGER-3515 Enhance Ranger Java client SSL config to be configured using
serviceType and AppId
RANGER-3518 Limit the query size stored in Audit logs
RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC 6797
RANGER-3526 policy evaluation ordering to use name as secondary sorting key
RANGER-3533 Provide sorting on columns throughout the audits result set and
policy listing page.
RANGER-3538 Reduce the granularity of locking when building/retrieving a
policy-engine within Ranger admin service
RANGER-3539 Add jacoco-maven-plugin for code coverage
RANGER-3540 Add support to read audit logs from Amazon CloudWatch
RANGER-3545 Remove Logger Checks for Info Enabled
RANGER-3548 Update performance engine test scripts
RANGER-3550 support for using user/tag attributes in row-filter expressions
and conditions
RANGER-3551 Analyze & optimize module permissions related API
RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
RANGER-3556 Ranger tagsync logs unnecessary messages
RANGER-3561 Upgrade Storm version to 1.2.4
RANGER-3562 Redesign post commit tasks for updating ref-tables when
policy/role is updated
RANGER-3565 RangerRESTClient to support retry
RANGER-3567 support for use of user attributes in policy resources
RANGER-3569 Support Ranger KMS integration with Google cloud HSM
RANGER-3573 Add vim in docker base image
RANGER-3577 RANGER : Upgrade POI version to 5.1.0
RANGER-3578 Simplify code for policy label creation
RANGER-3580 Support Ranger KMS integration with TencentKMS
RANGER-3585 Docker setup to run Ranger usersync and tagsync
RANGER-3586 Script condition expression to support csv of group/tag
attributes
RANGER-3595 Tar of KMS contains rubbish files
RANGER-3597 User role should not be able to modify the Policy
RANGER-3600 Ranger service tags import request failure
RANGER-3603 HDFS audit files rollover improvement to trigger rollover in
monitoring thread
RANGER-3605 Support macros in row-filter/condition expressions
RANGER-3606 remove unnecessary static members from plugin class loaders
RANGER-3609 option to add user group enricher automatically based on
references in policies
RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
RANGER-3621 Optimise Tag/Policy iterator
RANGER-3624 Update Ranger services Password Policy
RANGER-3628 Support fine grain authorization for different solr objects
RANGER-3629 RANGER - Handle solr permissions during upgrade
RANGER-3630 Support wildcards, group short names, and list of memberof
attribute DNs for computing user search filter
RANGER-3632 Improve ranger logs, RENAME_ON_ROTATE and others
RANGER-3634 Remove duplicate entries from usersync distribution file
RANGER-3646 LOG.debug print content error
RANGER-3647 Connection to DB fails for MySQL version above 8.0
RANGER-3649 Represent the Solr admin object types on the Ranger UI
RANGER-3651 Remove jersey 1.x version dependency for knox plugin
RANGER-3653 Replace aws java sdk bom dependencies with bundled dependencies
RANGER-3658 Docker: Ranger containers to run as user=ranger
RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
existing group mappings from ranger DB
RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better user
experience
RANGER-3662 There should be a pause button for error popup
RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
RANGER-3666 Ranger UI improvement - Add warning popup if auto-complete for
resource lookup is failing in Edit policy page
RANGER-3667 Improve feedback in policy creation UI when resource does not
exist
RANGER-3669 Connection to DB fails for MySQL version above 8.0
RANGER-3672 Show better error messages during failed logins
RANGER-3673 Need to enable cipher configuration for Usersync
RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
RANGER-3686 Docker setup to run Ranger with MySQL database
RANGER-3687 Password Policy Best Practices for Strong Security
RANGER-3689 Ranger : ranger-2.3 Port missing commits.
RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
RANGER-3698 Ranger - Upgrade kylin to 3.1.3
RANGER-3699 Ranger - Upgrade poi to 5.2.1+
RANGER-3704 remove semicolon from c3P0 preferredTestQuery
RANGER-3725 Update atlas default audit filter to filter Atlas entity-read
events by Nifi user.
RANGER-3736 Update RangerChainedPlugin to support masking and row-filtering
RANGER-3738 Restructure ranger Dockerfile to use multi-stage builds
RANGER-3743 Add isDenyAllElse mapping to addCustomRangerDefaultPolicies
method
RANGER-3744 Produces annotation ordering should be consistent: json, xml
RANGER-3764:conditions to support macros IS_IN_GROUP, IS_IN_ROLE, HAS_TAG
RANGER-3768 RangerBasePlugin configuration to optionally disable userstore
refresher
RANGER-3779:Conditions enhancement to support macros IS_IN_ANY_GROUP,
IS_IN_ANY_ROLE, HAS_TAGS
Re: [VOTE] Release Apache Ranger version 2.3.0 - rc2
Posted by Madhan Neethiraj <ma...@apache.org>.
+1 for Apache Ranger 2.3.0-rc2
- verified signature
- verified 2.3.0-rc2 builds successfully
- installed Ranger with Postgres database; verified startup of admin/usersync/tagsync services
- created services, policies, security zones
- sanity testing of HDFS/Hive/HBase/Kafka/YARN plugins
- verified tag-based policies and {OWNER} macro in Hive
- verified audit logs from plugins, audit-filters
Thank you, Ramesh for putting this release together.
Go Rangers!
Madhan
On 6/19/22, 11:22 PM, "Ramesh Mani" <rm...@apache.org> wrote:
Dear Rangers,
Apache Ranger 2.3.0 release candidate #2 is available for verification and
voting.
Please vote.
Thank you,
Ramesh
On Wed, Jun 15, 2022 at 11:23 PM Ramesh Mani <rm...@apache.org> wrote:
> Dear Rangers,
>
> Apache Ranger 2.3.0 release candidate #2 is now available for
> a vote within the dev community. Links to the release artifacts are given
> below. Please review and vote.
>
> The vote will be open for at least 72 hours or until necessary votes are
> reached.
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Thanks,
> Ramesh
>
> List of all issues / improvements addressed in this release:
> https://issues.apache.org/jira/issues/?jql=project=RANGER AND
> status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
>
> Git tag for the release:
> https://github.com/apache/ranger/tree/release-2.3.0-rc2
>
> Sources for the release:
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz
>
> Source release verification:
> PGP Signature:
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.asc
> SHA256 Hash:
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha256
> SHA512 Hash:
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha512
>
> Keys to verify the signature of the release artifacts are available at:
> https://dist.apache.org/repos/dist/release/ranger/KEYS
>
> New features/enhancements:
>
> RANGER-2846 Add support for resource[volume, bucket, key] look up in ozone
> plugin
> RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
> RANGER-3023 Permission tab takes longer time to load with large number of
> users and group_users data
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3182 Prestosql is renamed to Trino
> RANGER-3221 Improve logging in Presto plugin
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
> RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
> RANGER-3298 Add coarse URI check for Hive Agent
> RANGER-3389 Swagger UI Support for Ranger REST API
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on guid
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect to
> knox logout page
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3487 Update underscore js with latest version.
> RANGER-3493 Add unique index on service and resource_signature column of
> x_policy table
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3504 Create framework to execute DB patch dependent on Java patch.
> RANGER-3510 Ranger upgrade spring framework version to 5.3.12
> RANGER-3511 Create Java patch to update policy resource-signature to
> unique value.
> RANGER-3512 Create Java patch to update policy guid to unique value.
> RANGER-3515 Enhance Ranger Java client SSL config to be configured using
> serviceType and AppId
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC
> 6797
> RANGER-3526 policy evaluation ordering to use name as secondary sorting key
> RANGER-3533 Provide sorting on columns throughout the audits result set
> and policy listing page.
> RANGER-3538 Reduce the granularity of locking when building/retrieving a
> policy-engine within Ranger admin service
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3545 Remove Logger Checks for Info Enabled
> RANGER-3548 Update performance engine test scripts
> RANGER-3550 support for using user/tag attributes in row-filter
> expressions and conditions
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3565 RangerRESTClient to support retry
> RANGER-3567 support for use of user attributes in policy resources
> RANGER-3569 Support Ranger KMS integration with Google cloud HSM
> RANGER-3573 Add vim in docker base image
> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> RANGER-3578 Simplify code for policy label creation
> RANGER-3580 Support Ranger KMS integration with TencentKMS
> RANGER-3585 Docker setup to run Ranger usersync and tagsync
> RANGER-3586 Script condition expression to support csv of group/tag
> attributes
> RANGER-3595 Tar of KMS contains rubbish files
> RANGER-3597 User role should not be able to modify the Policy
> RANGER-3600 Ranger service tags import request failure
> RANGER-3603 HDFS audit files rollover improvement to trigger rollover in
> monitoring thread
> RANGER-3605 Support macros in row-filter/condition expressions
> RANGER-3606 remove unnecessary static members from plugin class loaders
> RANGER-3609 option to add user group enricher automatically based on
> references in policies
> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> RANGER-3621 Optimise Tag/Policy iterator
> RANGER-3624 Update Ranger services Password Policy
> RANGER-3628 Support fine grain authorization for different solr objects
> RANGER-3629 RANGER - Handle solr permissions during upgrade
> RANGER-3630 Support wildcards, group short names, and list of memberof
> attribute DNs for computing user search filter
> RANGER-3632 Improve ranger logs, RENAME_ON_ROTATE and others
> RANGER-3634 Remove duplicate entries from usersync distribution file
> RANGER-3646 LOG.debug print content error
> RANGER-3647 Connection to DB fails for MySQL version above 8.0
> RANGER-3649 Represent the Solr admin object types on the Ranger UI
> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> RANGER-3653 Replace aws java sdk bom dependencies with bundled dependencies
> RANGER-3658 Docker: Ranger containers to run as user=ranger
> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
> existing group mappings from ranger DB
> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
> user experience
> RANGER-3662 There should be a pause button for error popup
> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
> RANGER-3666 Ranger UI improvement - Add warning popup if auto-complete for
> resource lookup is failing in Edit policy page
> RANGER-3667 Improve feedback in policy creation UI when resource does not
> exist
> RANGER-3669 Connection to DB fails for MySQL version above 8.0
> RANGER-3672 Show better error messages during failed logins
> RANGER-3673 Need to enable cipher configuration for Usersync
> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> RANGER-3686 Docker setup to run Ranger with MySQL database
> RANGER-3687 Password Policy Best Practices for Strong Security
> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
> RANGER-3725 Update atlas default audit filter to filter Atlas entity-read
> events by Nifi user.
> RANGER-3736 Update RangerChainedPlugin to support masking and row-filtering
> RANGER-3738 Restructure ranger Dockerfile to use multi-stage builds
> RANGER-3743 Add isDenyAllElse mapping to addCustomRangerDefaultPolicies
> method
> RANGER-3744 Produces annotation ordering should be consistent: json, xml
> RANGER-3764:conditions to support macros IS_IN_GROUP, IS_IN_ROLE, HAS_TAG
> RANGER-3768 RangerBasePlugin configuration to optionally disable userstore
> refresher
> RANGER-3779:Conditions enhancement to support macros IS_IN_ANY_GROUP,
> IS_IN_ANY_ROLE, HAS_TAGS
>
>
Re: [VOTE] Release Apache Ranger version 2.3.0 - rc2
Posted by Ramesh Mani <rm...@apache.org>.
Dear Rangers,
Apache Ranger 2.3.0 release candidate #2 is available for verification and
voting.
Please vote.
Thank you,
Ramesh
On Wed, Jun 15, 2022 at 11:23 PM Ramesh Mani <rm...@apache.org> wrote:
> Dear Rangers,
>
> Apache Ranger 2.3.0 release candidate #2 is now available for
> a vote within the dev community. Links to the release artifacts are given
> below. Please review and vote.
>
> The vote will be open for at least 72 hours or until necessary votes are
> reached.
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Thanks,
> Ramesh
>
> List of all issues / improvements addressed in this release:
> https://issues.apache.org/jira/issues/?jql=project=RANGER AND
> status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
>
> Git tag for the release:
> https://github.com/apache/ranger/tree/release-2.3.0-rc2
>
> Sources for the release:
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz
>
> Source release verification:
> PGP Signature:
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.asc
> SHA256 Hash:
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha256
> SHA512 Hash:
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha512
>
> Keys to verify the signature of the release artifacts are available at:
> https://dist.apache.org/repos/dist/release/ranger/KEYS
>
> New features/enhancements:
>
> RANGER-2846 Add support for resource[volume, bucket, key] look up in ozone
> plugin
> RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
> RANGER-3023 Permission tab takes longer time to load with large number of
> users and group_users data
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3182 Prestosql is renamed to Trino
> RANGER-3221 Improve logging in Presto plugin
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
> RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
> RANGER-3298 Add coarse URI check for Hive Agent
> RANGER-3389 Swagger UI Support for Ranger REST API
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on guid
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect to
> knox logout page
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3487 Update underscore js with latest version.
> RANGER-3493 Add unique index on service and resource_signature column of
> x_policy table
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3504 Create framework to execute DB patch dependent on Java patch.
> RANGER-3510 Ranger upgrade spring framework version to 5.3.12
> RANGER-3511 Create Java patch to update policy resource-signature to
> unique value.
> RANGER-3512 Create Java patch to update policy guid to unique value.
> RANGER-3515 Enhance Ranger Java client SSL config to be configured using
> serviceType and AppId
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC
> 6797
> RANGER-3526 policy evaluation ordering to use name as secondary sorting key
> RANGER-3533 Provide sorting on columns throughout the audits result set
> and policy listing page.
> RANGER-3538 Reduce the granularity of locking when building/retrieving a
> policy-engine within Ranger admin service
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3545 Remove Logger Checks for Info Enabled
> RANGER-3548 Update performance engine test scripts
> RANGER-3550 support for using user/tag attributes in row-filter
> expressions and conditions
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3565 RangerRESTClient to support retry
> RANGER-3567 support for use of user attributes in policy resources
> RANGER-3569 Support Ranger KMS integration with Google cloud HSM
> RANGER-3573 Add vim in docker base image
> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> RANGER-3578 Simplify code for policy label creation
> RANGER-3580 Support Ranger KMS integration with TencentKMS
> RANGER-3585 Docker setup to run Ranger usersync and tagsync
> RANGER-3586 Script condition expression to support csv of group/tag
> attributes
> RANGER-3595 Tar of KMS contains rubbish files
> RANGER-3597 User role should not be able to modify the Policy
> RANGER-3600 Ranger service tags import request failure
> RANGER-3603 HDFS audit files rollover improvement to trigger rollover in
> monitoring thread
> RANGER-3605 Support macros in row-filter/condition expressions
> RANGER-3606 remove unnecessary static members from plugin class loaders
> RANGER-3609 option to add user group enricher automatically based on
> references in policies
> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> RANGER-3621 Optimise Tag/Policy iterator
> RANGER-3624 Update Ranger services Password Policy
> RANGER-3628 Support fine grain authorization for different solr objects
> RANGER-3629 RANGER - Handle solr permissions during upgrade
> RANGER-3630 Support wildcards, group short names, and list of memberof
> attribute DNs for computing user search filter
> RANGER-3632 Improve ranger logs, RENAME_ON_ROTATE and others
> RANGER-3634 Remove duplicate entries from usersync distribution file
> RANGER-3646 LOG.debug print content error
> RANGER-3647 Connection to DB fails for MySQL version above 8.0
> RANGER-3649 Represent the Solr admin object types on the Ranger UI
> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> RANGER-3653 Replace aws java sdk bom dependencies with bundled dependencies
> RANGER-3658 Docker: Ranger containers to run as user=ranger
> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
> existing group mappings from ranger DB
> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
> user experience
> RANGER-3662 There should be a pause button for error popup
> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
> RANGER-3666 Ranger UI improvement - Add warning popup if auto-complete for
> resource lookup is failing in Edit policy page
> RANGER-3667 Improve feedback in policy creation UI when resource does not
> exist
> RANGER-3669 Connection to DB fails for MySQL version above 8.0
> RANGER-3672 Show better error messages during failed logins
> RANGER-3673 Need to enable cipher configuration for Usersync
> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> RANGER-3686 Docker setup to run Ranger with MySQL database
> RANGER-3687 Password Policy Best Practices for Strong Security
> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
> RANGER-3725 Update atlas default audit filter to filter Atlas entity-read
> events by Nifi user.
> RANGER-3736 Update RangerChainedPlugin to support masking and row-filtering
> RANGER-3738 Restructure ranger Dockerfile to use multi-stage builds
> RANGER-3743 Add isDenyAllElse mapping to addCustomRangerDefaultPolicies
> method
> RANGER-3744 Produces annotation ordering should be consistent: json, xml
> RANGER-3764:conditions to support macros IS_IN_GROUP, IS_IN_ROLE, HAS_TAG
> RANGER-3768 RangerBasePlugin configuration to optionally disable userstore
> refresher
> RANGER-3779:Conditions enhancement to support macros IS_IN_ANY_GROUP,
> IS_IN_ANY_ROLE, HAS_TAGS
>
>
Re: [VOTE] Release Apache Ranger version 2.3.0 - rc2
Posted by KirbY ZhoU <zh...@sensorsdata.cn>.
+1
But I suggest include RANGER-3730 to avoid log4j-1.2
在 2022/6/16 14:23,“Ramesh Mani”<rm...@apache.org> 写入:
Dear Rangers,
Apache Ranger 2.3.0 release candidate #2 is now available for a vote within
the dev community. Links to the release artifacts are given below. Please
review and vote.
The vote will be open for at least 72 hours or until necessary votes are
reached.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Thanks,
Ramesh
List of all issues / improvements addressed in this release:
https://issues.apache.org/jira/issues/?jql=project=RANGER AND
status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
Git tag for the release:
https://github.com/apache/ranger/tree/release-2.3.0-rc2
Sources for the release:
https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz
Source release verification:
PGP Signature:
https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.asc
SHA256 Hash:
https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha256
SHA512 Hash:
https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha512
Keys to verify the signature of the release artifacts are available at:
https://dist.apache.org/repos/dist/release/ranger/KEYS
New features/enhancements:
RANGER-2846 Add support for resource[volume, bucket, key] look up in ozone
plugin
RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
RANGER-3023 Permission tab takes longer time to load with large number of
users and group_users data
RANGER-3030 Replace Findbugs with Spotbugs maven plugin
RANGER-3182 Prestosql is renamed to Trino
RANGER-3221 Improve logging in Presto plugin
RANGER-3276 Remove duplicate code from buildks.java
RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
RANGER-3298 Add coarse URI check for Hive Agent
RANGER-3389 Swagger UI Support for Ranger REST API
RANGER-3435 Add unique index on guid, service and zone_id column of
x_policy table
RANGER-3439 Add rest api to get or delete ranger policy based on guid
RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect to
knox logout page
RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
RANGER-3475 Promote TagRest endpoints to /public/v2
RANGER-3487 Update underscore js with latest version.
RANGER-3493 Add unique index on service and resource_signature column of
x_policy table
RANGER-3498 RANGER : Remove log4j1 dependencies.
RANGER-3504 Create framework to execute DB patch dependent on Java patch.
RANGER-3510 Ranger upgrade spring framework version to 5.3.12
RANGER-3511 Create Java patch to update policy resource-signature to unique
value.
RANGER-3512 Create Java patch to update policy guid to unique value.
RANGER-3515 Enhance Ranger Java client SSL config to be configured using
serviceType and AppId
RANGER-3518 Limit the query size stored in Audit logs
RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC 6797
RANGER-3526 policy evaluation ordering to use name as secondary sorting key
RANGER-3533 Provide sorting on columns throughout the audits result set and
policy listing page.
RANGER-3538 Reduce the granularity of locking when building/retrieving a
policy-engine within Ranger admin service
RANGER-3539 Add jacoco-maven-plugin for code coverage
RANGER-3540 Add support to read audit logs from Amazon CloudWatch
RANGER-3545 Remove Logger Checks for Info Enabled
RANGER-3548 Update performance engine test scripts
RANGER-3550 support for using user/tag attributes in row-filter expressions
and conditions
RANGER-3551 Analyze & optimize module permissions related API
RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
RANGER-3556 Ranger tagsync logs unnecessary messages
RANGER-3561 Upgrade Storm version to 1.2.4
RANGER-3562 Redesign post commit tasks for updating ref-tables when
policy/role is updated
RANGER-3565 RangerRESTClient to support retry
RANGER-3567 support for use of user attributes in policy resources
RANGER-3569 Support Ranger KMS integration with Google cloud HSM
RANGER-3573 Add vim in docker base image
RANGER-3577 RANGER : Upgrade POI version to 5.1.0
RANGER-3578 Simplify code for policy label creation
RANGER-3580 Support Ranger KMS integration with TencentKMS
RANGER-3585 Docker setup to run Ranger usersync and tagsync
RANGER-3586 Script condition expression to support csv of group/tag
attributes
RANGER-3595 Tar of KMS contains rubbish files
RANGER-3597 User role should not be able to modify the Policy
RANGER-3600 Ranger service tags import request failure
RANGER-3603 HDFS audit files rollover improvement to trigger rollover in
monitoring thread
RANGER-3605 Support macros in row-filter/condition expressions
RANGER-3606 remove unnecessary static members from plugin class loaders
RANGER-3609 option to add user group enricher automatically based on
references in policies
RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
RANGER-3621 Optimise Tag/Policy iterator
RANGER-3624 Update Ranger services Password Policy
RANGER-3628 Support fine grain authorization for different solr objects
RANGER-3629 RANGER - Handle solr permissions during upgrade
RANGER-3630 Support wildcards, group short names, and list of memberof
attribute DNs for computing user search filter
RANGER-3632 Improve ranger logs, RENAME_ON_ROTATE and others
RANGER-3634 Remove duplicate entries from usersync distribution file
RANGER-3646 LOG.debug print content error
RANGER-3647 Connection to DB fails for MySQL version above 8.0
RANGER-3649 Represent the Solr admin object types on the Ranger UI
RANGER-3651 Remove jersey 1.x version dependency for knox plugin
RANGER-3653 Replace aws java sdk bom dependencies with bundled dependencies
RANGER-3658 Docker: Ranger containers to run as user=ranger
RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
existing group mappings from ranger DB
RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better user
experience
RANGER-3662 There should be a pause button for error popup
RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
RANGER-3666 Ranger UI improvement - Add warning popup if auto-complete for
resource lookup is failing in Edit policy page
RANGER-3667 Improve feedback in policy creation UI when resource does not
exist
RANGER-3669 Connection to DB fails for MySQL version above 8.0
RANGER-3672 Show better error messages during failed logins
RANGER-3673 Need to enable cipher configuration for Usersync
RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
RANGER-3686 Docker setup to run Ranger with MySQL database
RANGER-3687 Password Policy Best Practices for Strong Security
RANGER-3689 Ranger : ranger-2.3 Port missing commits.
RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
RANGER-3698 Ranger - Upgrade kylin to 3.1.3
RANGER-3699 Ranger - Upgrade poi to 5.2.1+
RANGER-3704 remove semicolon from c3P0 preferredTestQuery
RANGER-3725 Update atlas default audit filter to filter Atlas entity-read
events by Nifi user.
RANGER-3736 Update RangerChainedPlugin to support masking and row-filtering
RANGER-3738 Restructure ranger Dockerfile to use multi-stage builds
RANGER-3743 Add isDenyAllElse mapping to addCustomRangerDefaultPolicies
method
RANGER-3744 Produces annotation ordering should be consistent: json, xml
RANGER-3764:conditions to support macros IS_IN_GROUP, IS_IN_ROLE, HAS_TAG
RANGER-3768 RangerBasePlugin configuration to optionally disable userstore
refresher
RANGER-3779:Conditions enhancement to support macros IS_IN_ANY_GROUP,
IS_IN_ANY_ROLE, HAS_TAGS
Re: [VOTE] Release Apache Ranger version 2.3.0 - rc2
Posted by Ramesh Mani <rm...@apache.org>.
Dear Rangers,
Ranger Community has reported a build issue with Apache Ranger 2.3.0 rc#2
Apache Ranger 2.3.0 rc#2 can be built only with maven 3.6.3 and this is
related to the Apache Solr version which is used.
Backported https://issues.apache.org/jira/browse/RANGER-3091 from Apache
Ranger 3.0.0 branch and verified the build.
Now the build went successful with different versions of maven. Audit to
Solr also looks good in docker.
To address this Apache Ranger 2.3.0 rc#3 artifacts have to be created.
Also there was an ask for including RANGER-3730 which can be considered for
rc#3 release after review.
Stay tuned and thank you for all your support.
Regards,
Ramesh
On Tue, Jun 21, 2022 at 8:38 PM KirbY ZhoU <zh...@sensorsdata.cn>
wrote:
> +1
>
> But I suggest include RANGER-3730 to avoid log4j-1.2
>
>
> 在 2022/6/16 14:23,“Ramesh Mani”<rm...@apache.org> 写入:
>
> Dear Rangers,
>
> Apache Ranger 2.3.0 release candidate #2 is now available for a vote
> within
> the dev community. Links to the release artifacts are given below.
> Please
> review and vote.
>
> The vote will be open for at least 72 hours or until necessary votes
> are
> reached.
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Thanks,
> Ramesh
>
> List of all issues / improvements addressed in this release:
> https://issues.apache.org/jira/issues/?jql=project=RANGER AND
> status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
>
> Git tag for the release:
> https://github.com/apache/ranger/tree/release-2.3.0-rc2
>
> Sources for the release:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz
>
> Source release verification:
> PGP Signature:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.asc
> SHA256 Hash:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha256
> SHA512 Hash:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc2/apache-ranger-2.3.0.tar.gz.sha512
>
> Keys to verify the signature of the release artifacts are available at:
> https://dist.apache.org/repos/dist/release/ranger/KEYS
>
> New features/enhancements:
>
> RANGER-2846 Add support for resource[volume, bucket, key] look up in
> ozone
> plugin
> RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
> RANGER-3023 Permission tab takes longer time to load with large number
> of
> users and group_users data
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3182 Prestosql is renamed to Trino
> RANGER-3221 Improve logging in Presto plugin
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
> RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
> RANGER-3298 Add coarse URI check for Hive Agent
> RANGER-3389 Swagger UI Support for Ranger REST API
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on guid
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
> to
> knox logout page
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3487 Update underscore js with latest version.
> RANGER-3493 Add unique index on service and resource_signature column
> of
> x_policy table
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3504 Create framework to execute DB patch dependent on Java
> patch.
> RANGER-3510 Ranger upgrade spring framework version to 5.3.12
> RANGER-3511 Create Java patch to update policy resource-signature to
> unique
> value.
> RANGER-3512 Create Java patch to update policy guid to unique value.
> RANGER-3515 Enhance Ranger Java client SSL config to be configured
> using
> serviceType and AppId
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY
> RFC 6797
> RANGER-3526 policy evaluation ordering to use name as secondary
> sorting key
> RANGER-3533 Provide sorting on columns throughout the audits result
> set and
> policy listing page.
> RANGER-3538 Reduce the granularity of locking when building/retrieving
> a
> policy-engine within Ranger admin service
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3545 Remove Logger Checks for Info Enabled
> RANGER-3548 Update performance engine test scripts
> RANGER-3550 support for using user/tag attributes in row-filter
> expressions
> and conditions
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3565 RangerRESTClient to support retry
> RANGER-3567 support for use of user attributes in policy resources
> RANGER-3569 Support Ranger KMS integration with Google cloud HSM
> RANGER-3573 Add vim in docker base image
> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> RANGER-3578 Simplify code for policy label creation
> RANGER-3580 Support Ranger KMS integration with TencentKMS
> RANGER-3585 Docker setup to run Ranger usersync and tagsync
> RANGER-3586 Script condition expression to support csv of group/tag
> attributes
> RANGER-3595 Tar of KMS contains rubbish files
> RANGER-3597 User role should not be able to modify the Policy
> RANGER-3600 Ranger service tags import request failure
> RANGER-3603 HDFS audit files rollover improvement to trigger rollover
> in
> monitoring thread
> RANGER-3605 Support macros in row-filter/condition expressions
> RANGER-3606 remove unnecessary static members from plugin class loaders
> RANGER-3609 option to add user group enricher automatically based on
> references in policies
> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> RANGER-3621 Optimise Tag/Policy iterator
> RANGER-3624 Update Ranger services Password Policy
> RANGER-3628 Support fine grain authorization for different solr objects
> RANGER-3629 RANGER - Handle solr permissions during upgrade
> RANGER-3630 Support wildcards, group short names, and list of memberof
> attribute DNs for computing user search filter
> RANGER-3632 Improve ranger logs, RENAME_ON_ROTATE and others
> RANGER-3634 Remove duplicate entries from usersync distribution file
> RANGER-3646 LOG.debug print content error
> RANGER-3647 Connection to DB fails for MySQL version above 8.0
> RANGER-3649 Represent the Solr admin object types on the Ranger UI
> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> RANGER-3653 Replace aws java sdk bom dependencies with bundled
> dependencies
> RANGER-3658 Docker: Ranger containers to run as user=ranger
> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
> existing group mappings from ranger DB
> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
> user
> experience
> RANGER-3662 There should be a pause button for error popup
> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
> RANGER-3666 Ranger UI improvement - Add warning popup if auto-complete
> for
> resource lookup is failing in Edit policy page
> RANGER-3667 Improve feedback in policy creation UI when resource does
> not
> exist
> RANGER-3669 Connection to DB fails for MySQL version above 8.0
> RANGER-3672 Show better error messages during failed logins
> RANGER-3673 Need to enable cipher configuration for Usersync
> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> RANGER-3686 Docker setup to run Ranger with MySQL database
> RANGER-3687 Password Policy Best Practices for Strong Security
> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
> RANGER-3725 Update atlas default audit filter to filter Atlas
> entity-read
> events by Nifi user.
> RANGER-3736 Update RangerChainedPlugin to support masking and
> row-filtering
> RANGER-3738 Restructure ranger Dockerfile to use multi-stage builds
> RANGER-3743 Add isDenyAllElse mapping to addCustomRangerDefaultPolicies
> method
> RANGER-3744 Produces annotation ordering should be consistent: json,
> xml
> RANGER-3764:conditions to support macros IS_IN_GROUP, IS_IN_ROLE,
> HAS_TAG
> RANGER-3768 RangerBasePlugin configuration to optionally disable
> userstore
> refresher
> RANGER-3779:Conditions enhancement to support macros IS_IN_ANY_GROUP,
> IS_IN_ANY_ROLE, HAS_TAGS
>
>
>
>
>