You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ranger.apache.org by Ramesh Mani <rm...@apache.org> on 2022/04/27 06:48:45 UTC
Planning for Apache Ranger 2.3.0 release
Dear Ranger Community members,
There are various features and critical bug fixes done in the Apache Ranger
project since the release of Apache Ranger 2.2.0.
Around 55 improvements, 45 bug fixes and a total of 527 commits were made
from the last release.
Now with that Ranger community is expecting a release to adapt those
changes and hence planning this release.
Please review and provide your opinion.
Thanks,
Ramesh
*Improvements:*
RANGER-3687 Password Policy Best Practices for Strong Security
RANGER-3667 Improve feedback in policy creation UI when resource does
not exist
RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
existing group mappings from ranger DB
RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
RANGER-3551 Analyze & optimize module permissions related API
RANGER-3539 Add jacoco-maven-plugin for code coverage
RANGER-3562 Redesign post commit tasks for updating ref-tables when
policy/role is updated
RANGER-3540 Add support to read audit logs from Amazon CloudWatch
RANGER-3030 Replace Findbugs with Spotbugs maven plugin
RANGER-3538 Reduce the granularity of locking when building/retrieving
a policy-engine within Ranger admin service
RANGER-3518 Limit the query size stored in Audit logs
RANGER-3276 Remove duplicate code from buildks.java
RANGER-3515 Enhance Ranger Java client SSL config to be configured
using serviceType and AppId
RANGER-3504 Create framework to execute DB patch dependent on Java
patch.
RANGER-3023 Permission tab takes longer time to load with large number
of users and group_users data
RANGER-3487 Update underscore js with latest version.
RANGER-3548 Update performance engine test scripts
RANGER-3556 Ranger tagsync logs unnecessary messages
RANGER-3573 Add vim in docker base image
RANGER-3578 Simplify code for policy label creation
RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
RANGER-3686 Docker setup to run Ranger with MySQL database
RANGER-3628 Support fine grain authorization for different solr objects
RANGER-3629 RANGER - Handle solr permissions during upgrade
RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
RANGER-3662 There should be pause button for error popup
RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
user experience
RANGER-3649 Represent the Solr admin object types on the Ranger UI
RANGER-3658 Docker: Ranger containers to run as user=ranger
RANGER-3603 HDFS audit files rollover improvement to trigger rollover
in monitoring thread
RANGER-3651 Remove jersey 1.x version dependency for knox plugin
RANGER-3621 Optimise Tag/Policy iterator
RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC
6797
RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
to knox logout page
RANGER-3630 Support wildcards, group short names, and list of memberof
attribute DNs for computing user search filter
RANGER-3597 User role should not be able to modify the Policy
RANGER-3512 Create Java patch to update policy guid to unique value.
RANGER-3511 Create Java patch to update policy resource-signature to
unique value.
RANGER-3493 Add unique index on service and resource_signature column
of x_policy table
RANGER-3435 Add unique index on guid, service and zone_id column of
x_policy table
RANGER-3439 Add rest api to get or delete ranger policy based on guid
RANGER-3498 RANGER : Remove log4j1 dependencies.
RANGER-3475 Promote TagRest endpoints to /public/v2
RANGER-3698 Ranger - Upgrade kylin to 3.1.3
RANGER-3699 Ranger - Upgrade poi to 5.2.1+
RANGER-3533 Provide sorting on columns throughout the audits result set
and policy listing page.
RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
RANGER-3689 Ranger : ranger-2.3 Port missing commits.
RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
RANGER-3577 RANGER : Upgrade POI version to 5.1.0
RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
RANGER-3653 Replace aws java sdk bom dependencies with bundled
dependencies
RANGER-3561 Upgrade Storm version to 1.2.4
RANGER-3704 remove semicolon from c3P0 preferredTestQuery
*Bug Fixes:*
RANGER-3544 Security zones listing will be in alphabetical order.
RANGER-3638 Solr Ranger document level security breaks solr if
collection is reloaded
RANGER-3591 Upgrade protobuf-java to 3.19.3
RANGER-3403 Ranger usersync role based rules not working as expected
RANGER-3285 expose user source details in ranger UI
RANGER-3592 Upgrade Spring framework to 5.3.15
RANGER-3568 Services of one zone are seen in other zone from UI
RANGER-3589 Ranger java patches failing due to admin privilege checks.
RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
RANGER-3554 [Intermittent] API call to fetch the list of policies for a
particular service repo returns a deleted policy in the response
RANGER-3546 Update Spotbugs plugin Executions cycle
RANGER-3427 Null Dereference in PublicApis.java
RANGER-3502 Make GET zone APIs accessible to authorized users only
RANGER-3535 A delegate admin user should be able to add another user
with all or subset of permissions they have
RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not
redirecting to Knox Logout page
RANGER-3528 Ranger Group creation audit is not shown during service
creation
RANGER-3490 Make policy resource signature is unique in a service
RANGER-3507 Handle trailing slash in the ranger Hive URL policy
authorization
RANGER-3519 Provide an option to optimize space needed by Trie objects
RANGER-3516 Java patch 'J10045' taking more time during upgrade.
RANGER-3505 Ranger usersync fails to sync users when a duplicate user
exists in ranger
RANGER-3509 update role fails for role admins
RANGER-3433 Null Dereference in ServiceREST getPolicyByName method
RANGER-2704 Support browser login using kerberized authentication
RANGER-3584 ServiceTags are not computed correctly by applying
incremental changes to existing ServiceTags
RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if
user-session is not available
RANGER-3709 Fix NullPointerException in
getSecureServicePoliciesIfUpdated call of ServiceRest
RANGER-3702 RANGER - Export policy in excel is failing.
RANGER-3677 Update Password Policy validation at WEB-UI
RANGER-3690 Fix NullPointerException in java patch 054
RANGER-2362 [security] Admin webui - Lack of account lockout
RANGER-3678 Update password validation criteria
RANGER-3674 Fix PMD issue
RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
RANGER-3559 RANGER KMS - Metric details for kms are not getting
collected
RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer
RANGER-3610 Docker: Skip service creation for ranger components during
ranger container restart
RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
RANGER-3593 the hive table owner who create the table can not have the
full privilege
RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we are
using supported version of log4j
RANGER-3576 service creation is failing intermittently due to DB unique
key constraint violation
RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we are
using supported version of log4j
Re: Planning for Apache Ranger 2.3.0 release
Posted by Ramesh Mani <rm...@apache.org>.
Hello Aakash,
RANGER-3182 <https://issues.apache.org/jira/browse/RANGER-3182> We shall
include in Apache 2.3.0 release. Let's complete the review and mark it for
2.3 and it should be there.
Thanks,
Ramesh
On Wed, Apr 27, 2022 at 12:22 AM Aakash Nand <aa...@gmail.com> wrote:
> Hello Ramesh,
>
> Thank you for the summary of pre-release notes for Ranger-2.3.0.
>
> However, In the previous email, I found out that
>
> RANGER-3182: Prestosql is renamed to Trino
> <https://issues.apache.org/jira/browse/RANGER-3182>
>
> is not included in improvements. Although we are in the process of
> reviewing that issue, will we include it in this release?
>
> Thanks
> Aakash
>
> On Wed, Apr 27, 2022 at 3:49 PM Ramesh Mani <rm...@apache.org> wrote:
>
>> Dear Ranger Community members,
>>
>> There are various features and critical bug fixes done in the Apache
>> Ranger project since the release of Apache Ranger 2.2.0.
>> Around 55 improvements, 45 bug fixes and a total of 527 commits were made
>> from the last release.
>> Now with that Ranger community is expecting a release to adapt those
>> changes and hence planning this release.
>>
>> Please review and provide your opinion.
>>
>> Thanks,
>> Ramesh
>>
>> *Improvements:*
>>
>> RANGER-3687 Password Policy Best Practices for Strong Security
>> RANGER-3667 Improve feedback in policy creation UI when resource does
>> not exist
>> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to
>> delete existing group mappings from ranger DB
>> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
>> RANGER-3551 Analyze & optimize module permissions related API
>> RANGER-3539 Add jacoco-maven-plugin for code coverage
>> RANGER-3562 Redesign post commit tasks for updating ref-tables when
>> policy/role is updated
>> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
>> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
>> RANGER-3538 Reduce the granularity of locking when
>> building/retrieving a policy-engine within Ranger admin service
>> RANGER-3518 Limit the query size stored in Audit logs
>> RANGER-3276 Remove duplicate code from buildks.java
>> RANGER-3515 Enhance Ranger Java client SSL config to be configured
>> using serviceType and AppId
>> RANGER-3504 Create framework to execute DB patch dependent on Java
>> patch.
>> RANGER-3023 Permission tab takes longer time to load with large
>> number of users and group_users data
>> RANGER-3487 Update underscore js with latest version.
>> RANGER-3548 Update performance engine test scripts
>> RANGER-3556 Ranger tagsync logs unnecessary messages
>> RANGER-3573 Add vim in docker base image
>> RANGER-3578 Simplify code for policy label creation
>> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
>> RANGER-3686 Docker setup to run Ranger with MySQL database
>> RANGER-3628 Support fine grain authorization for different solr
>> objects
>> RANGER-3629 RANGER - Handle solr permissions during upgrade
>> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
>> RANGER-3662 There should be pause button for error popup
>> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for
>> better user experience
>> RANGER-3649 Represent the Solr admin object types on the Ranger UI
>> RANGER-3658 Docker: Ranger containers to run as user=ranger
>> RANGER-3603 HDFS audit files rollover improvement to trigger rollover
>> in monitoring thread
>> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
>> RANGER-3621 Optimise Tag/Policy iterator
>> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY
>> RFC 6797
>> RANGER-3455 [Logout-Ranger] Should either be disabled/ should
>> redirect to knox logout page
>> RANGER-3630 Support wildcards, group short names, and list of
>> memberof attribute DNs for computing user search filter
>> RANGER-3597 User role should not be able to modify the Policy
>> RANGER-3512 Create Java patch to update policy guid to unique value.
>> RANGER-3511 Create Java patch to update policy resource-signature to
>> unique value.
>> RANGER-3493 Add unique index on service and resource_signature column
>> of x_policy table
>> RANGER-3435 Add unique index on guid, service and zone_id column of
>> x_policy table
>> RANGER-3439 Add rest api to get or delete ranger policy based on guid
>> RANGER-3498 RANGER : Remove log4j1 dependencies.
>> RANGER-3475 Promote TagRest endpoints to /public/v2
>> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
>> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
>> RANGER-3533 Provide sorting on columns throughout the audits result
>> set and policy listing page.
>> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
>> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
>> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
>> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
>> RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
>> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
>> RANGER-3653 Replace aws java sdk bom dependencies with bundled
>> dependencies
>> RANGER-3561 Upgrade Storm version to 1.2.4
>> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
>>
>> *Bug Fixes:*
>>
>> RANGER-3544 Security zones listing will be in alphabetical order.
>> RANGER-3638 Solr Ranger document level security breaks solr if
>> collection is reloaded
>> RANGER-3591 Upgrade protobuf-java to 3.19.3
>> RANGER-3403 Ranger usersync role based rules not working as expected
>> RANGER-3285 expose user source details in ranger UI
>> RANGER-3592 Upgrade Spring framework to 5.3.15
>> RANGER-3568 Services of one zone are seen in other zone from UI
>> RANGER-3589 Ranger java patches failing due to admin privilege checks.
>> RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
>> RANGER-3554 [Intermittent] API call to fetch the list of policies for
>> a particular service repo returns a deleted policy in the response
>> RANGER-3546 Update Spotbugs plugin Executions cycle
>> RANGER-3427 Null Dereference in PublicApis.java
>> RANGER-3502 Make GET zone APIs accessible to authorized users only
>> RANGER-3535 A delegate admin user should be able to add another user
>> with all or subset of permissions they have
>> RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not
>> redirecting to Knox Logout page
>> RANGER-3528 Ranger Group creation audit is not shown during service
>> creation
>> RANGER-3490 Make policy resource signature is unique in a service
>> RANGER-3507 Handle trailing slash in the ranger Hive URL policy
>> authorization
>> RANGER-3519 Provide an option to optimize space needed by Trie objects
>> RANGER-3516 Java patch 'J10045' taking more time during upgrade.
>> RANGER-3505 Ranger usersync fails to sync users when a duplicate user
>> exists in ranger
>> RANGER-3509 update role fails for role admins
>> RANGER-3433 Null Dereference in ServiceREST getPolicyByName method
>> RANGER-2704 Support browser login using kerberized authentication
>> RANGER-3584 ServiceTags are not computed correctly by applying
>> incremental changes to existing ServiceTags
>> RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if
>> user-session is not available
>> RANGER-3709 Fix NullPointerException in
>> getSecureServicePoliciesIfUpdated call of ServiceRest
>> RANGER-3702 RANGER - Export policy in excel is failing.
>> RANGER-3677 Update Password Policy validation at WEB-UI
>> RANGER-3690 Fix NullPointerException in java patch 054
>> RANGER-2362 [security] Admin webui - Lack of account lockout
>> RANGER-3678 Update password validation criteria
>> RANGER-3674 Fix PMD issue
>> RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
>> RANGER-3559 RANGER KMS - Metric details for kms are not getting
>> collected
>> RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer
>> RANGER-3610 Docker: Skip service creation for ranger components
>> during ranger container restart
>> RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
>> RANGER-3593 the hive table owner who create the table can not have
>> the full privilege
>> RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
>> RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we
>> are using supported version of log4j
>> RANGER-3576 service creation is failing intermittently due to DB
>> unique key constraint violation
>> RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we
>> are using supported version of log4j
>>
>
Re: Planning for Apache Ranger 2.3.0 release
Posted by Aakash Nand <aa...@gmail.com>.
Hello Ramesh,
Thank you for the summary of pre-release notes for Ranger-2.3.0.
However, In the previous email, I found out that
RANGER-3182: Prestosql is renamed to Trino
<https://issues.apache.org/jira/browse/RANGER-3182>
is not included in improvements. Although we are in the process of
reviewing that issue, will we include it in this release?
Thanks
Aakash
On Wed, Apr 27, 2022 at 3:49 PM Ramesh Mani <rm...@apache.org> wrote:
> Dear Ranger Community members,
>
> There are various features and critical bug fixes done in the Apache
> Ranger project since the release of Apache Ranger 2.2.0.
> Around 55 improvements, 45 bug fixes and a total of 527 commits were made
> from the last release.
> Now with that Ranger community is expecting a release to adapt those
> changes and hence planning this release.
>
> Please review and provide your opinion.
>
> Thanks,
> Ramesh
>
> *Improvements:*
>
> RANGER-3687 Password Policy Best Practices for Strong Security
> RANGER-3667 Improve feedback in policy creation UI when resource does
> not exist
> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
> existing group mappings from ranger DB
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3538 Reduce the granularity of locking when building/retrieving
> a policy-engine within Ranger admin service
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3515 Enhance Ranger Java client SSL config to be configured
> using serviceType and AppId
> RANGER-3504 Create framework to execute DB patch dependent on Java
> patch.
> RANGER-3023 Permission tab takes longer time to load with large number
> of users and group_users data
> RANGER-3487 Update underscore js with latest version.
> RANGER-3548 Update performance engine test scripts
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3573 Add vim in docker base image
> RANGER-3578 Simplify code for policy label creation
> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> RANGER-3686 Docker setup to run Ranger with MySQL database
> RANGER-3628 Support fine grain authorization for different solr objects
> RANGER-3629 RANGER - Handle solr permissions during upgrade
> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
> RANGER-3662 There should be pause button for error popup
> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
> user experience
> RANGER-3649 Represent the Solr admin object types on the Ranger UI
> RANGER-3658 Docker: Ranger containers to run as user=ranger
> RANGER-3603 HDFS audit files rollover improvement to trigger rollover
> in monitoring thread
> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> RANGER-3621 Optimise Tag/Policy iterator
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY
> RFC 6797
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
> to knox logout page
> RANGER-3630 Support wildcards, group short names, and list of memberof
> attribute DNs for computing user search filter
> RANGER-3597 User role should not be able to modify the Policy
> RANGER-3512 Create Java patch to update policy guid to unique value.
> RANGER-3511 Create Java patch to update policy resource-signature to
> unique value.
> RANGER-3493 Add unique index on service and resource_signature column
> of x_policy table
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on guid
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> RANGER-3533 Provide sorting on columns throughout the audits result
> set and policy listing page.
> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3653 Replace aws java sdk bom dependencies with bundled
> dependencies
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
>
> *Bug Fixes:*
>
> RANGER-3544 Security zones listing will be in alphabetical order.
> RANGER-3638 Solr Ranger document level security breaks solr if
> collection is reloaded
> RANGER-3591 Upgrade protobuf-java to 3.19.3
> RANGER-3403 Ranger usersync role based rules not working as expected
> RANGER-3285 expose user source details in ranger UI
> RANGER-3592 Upgrade Spring framework to 5.3.15
> RANGER-3568 Services of one zone are seen in other zone from UI
> RANGER-3589 Ranger java patches failing due to admin privilege checks.
> RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
> RANGER-3554 [Intermittent] API call to fetch the list of policies for
> a particular service repo returns a deleted policy in the response
> RANGER-3546 Update Spotbugs plugin Executions cycle
> RANGER-3427 Null Dereference in PublicApis.java
> RANGER-3502 Make GET zone APIs accessible to authorized users only
> RANGER-3535 A delegate admin user should be able to add another user
> with all or subset of permissions they have
> RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not
> redirecting to Knox Logout page
> RANGER-3528 Ranger Group creation audit is not shown during service
> creation
> RANGER-3490 Make policy resource signature is unique in a service
> RANGER-3507 Handle trailing slash in the ranger Hive URL policy
> authorization
> RANGER-3519 Provide an option to optimize space needed by Trie objects
> RANGER-3516 Java patch 'J10045' taking more time during upgrade.
> RANGER-3505 Ranger usersync fails to sync users when a duplicate user
> exists in ranger
> RANGER-3509 update role fails for role admins
> RANGER-3433 Null Dereference in ServiceREST getPolicyByName method
> RANGER-2704 Support browser login using kerberized authentication
> RANGER-3584 ServiceTags are not computed correctly by applying
> incremental changes to existing ServiceTags
> RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if
> user-session is not available
> RANGER-3709 Fix NullPointerException in
> getSecureServicePoliciesIfUpdated call of ServiceRest
> RANGER-3702 RANGER - Export policy in excel is failing.
> RANGER-3677 Update Password Policy validation at WEB-UI
> RANGER-3690 Fix NullPointerException in java patch 054
> RANGER-2362 [security] Admin webui - Lack of account lockout
> RANGER-3678 Update password validation criteria
> RANGER-3674 Fix PMD issue
> RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
> RANGER-3559 RANGER KMS - Metric details for kms are not getting
> collected
> RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer
> RANGER-3610 Docker: Skip service creation for ranger components during
> ranger container restart
> RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
> RANGER-3593 the hive table owner who create the table can not have
> the full privilege
> RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we are
> using supported version of log4j
> RANGER-3576 service creation is failing intermittently due to DB
> unique key constraint violation
> RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we are
> using supported version of log4j
>
Re: Planning for Apache Ranger 2.3.0 release
Posted by Madhan Neethiraj <ma...@apache.org>.
+1 for Ranger 2.3 release. It has been ~6 months since 2.2 release, and a number of good enhancements were added since then.
Ramesh - thanks for the initiative.
Madhan
On 4/26/22, 11:49 PM, "Ramesh Mani" <rm...@apache.org> wrote:
Dear Ranger Community members,
There are various features and critical bug fixes done in the Apache Ranger
project since the release of Apache Ranger 2.2.0.
Around 55 improvements, 45 bug fixes and a total of 527 commits were made
from the last release.
Now with that Ranger community is expecting a release to adapt those
changes and hence planning this release.
Please review and provide your opinion.
Thanks,
Ramesh
*Improvements:*
RANGER-3687 Password Policy Best Practices for Strong Security
RANGER-3667 Improve feedback in policy creation UI when resource does
not exist
RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
existing group mappings from ranger DB
RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
RANGER-3551 Analyze & optimize module permissions related API
RANGER-3539 Add jacoco-maven-plugin for code coverage
RANGER-3562 Redesign post commit tasks for updating ref-tables when
policy/role is updated
RANGER-3540 Add support to read audit logs from Amazon CloudWatch
RANGER-3030 Replace Findbugs with Spotbugs maven plugin
RANGER-3538 Reduce the granularity of locking when building/retrieving
a policy-engine within Ranger admin service
RANGER-3518 Limit the query size stored in Audit logs
RANGER-3276 Remove duplicate code from buildks.java
RANGER-3515 Enhance Ranger Java client SSL config to be configured
using serviceType and AppId
RANGER-3504 Create framework to execute DB patch dependent on Java
patch.
RANGER-3023 Permission tab takes longer time to load with large number
of users and group_users data
RANGER-3487 Update underscore js with latest version.
RANGER-3548 Update performance engine test scripts
RANGER-3556 Ranger tagsync logs unnecessary messages
RANGER-3573 Add vim in docker base image
RANGER-3578 Simplify code for policy label creation
RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
RANGER-3686 Docker setup to run Ranger with MySQL database
RANGER-3628 Support fine grain authorization for different solr objects
RANGER-3629 RANGER - Handle solr permissions during upgrade
RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
RANGER-3662 There should be pause button for error popup
RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
user experience
RANGER-3649 Represent the Solr admin object types on the Ranger UI
RANGER-3658 Docker: Ranger containers to run as user=ranger
RANGER-3603 HDFS audit files rollover improvement to trigger rollover
in monitoring thread
RANGER-3651 Remove jersey 1.x version dependency for knox plugin
RANGER-3621 Optimise Tag/Policy iterator
RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC
6797
RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
to knox logout page
RANGER-3630 Support wildcards, group short names, and list of memberof
attribute DNs for computing user search filter
RANGER-3597 User role should not be able to modify the Policy
RANGER-3512 Create Java patch to update policy guid to unique value.
RANGER-3511 Create Java patch to update policy resource-signature to
unique value.
RANGER-3493 Add unique index on service and resource_signature column
of x_policy table
RANGER-3435 Add unique index on guid, service and zone_id column of
x_policy table
RANGER-3439 Add rest api to get or delete ranger policy based on guid
RANGER-3498 RANGER : Remove log4j1 dependencies.
RANGER-3475 Promote TagRest endpoints to /public/v2
RANGER-3698 Ranger - Upgrade kylin to 3.1.3
RANGER-3699 Ranger - Upgrade poi to 5.2.1+
RANGER-3533 Provide sorting on columns throughout the audits result set
and policy listing page.
RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
RANGER-3689 Ranger : ranger-2.3 Port missing commits.
RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
RANGER-3577 RANGER : Upgrade POI version to 5.1.0
RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
RANGER-3653 Replace aws java sdk bom dependencies with bundled
dependencies
RANGER-3561 Upgrade Storm version to 1.2.4
RANGER-3704 remove semicolon from c3P0 preferredTestQuery
*Bug Fixes:*
RANGER-3544 Security zones listing will be in alphabetical order.
RANGER-3638 Solr Ranger document level security breaks solr if
collection is reloaded
RANGER-3591 Upgrade protobuf-java to 3.19.3
RANGER-3403 Ranger usersync role based rules not working as expected
RANGER-3285 expose user source details in ranger UI
RANGER-3592 Upgrade Spring framework to 5.3.15
RANGER-3568 Services of one zone are seen in other zone from UI
RANGER-3589 Ranger java patches failing due to admin privilege checks.
RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
RANGER-3554 [Intermittent] API call to fetch the list of policies for a
particular service repo returns a deleted policy in the response
RANGER-3546 Update Spotbugs plugin Executions cycle
RANGER-3427 Null Dereference in PublicApis.java
RANGER-3502 Make GET zone APIs accessible to authorized users only
RANGER-3535 A delegate admin user should be able to add another user
with all or subset of permissions they have
RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not
redirecting to Knox Logout page
RANGER-3528 Ranger Group creation audit is not shown during service
creation
RANGER-3490 Make policy resource signature is unique in a service
RANGER-3507 Handle trailing slash in the ranger Hive URL policy
authorization
RANGER-3519 Provide an option to optimize space needed by Trie objects
RANGER-3516 Java patch 'J10045' taking more time during upgrade.
RANGER-3505 Ranger usersync fails to sync users when a duplicate user
exists in ranger
RANGER-3509 update role fails for role admins
RANGER-3433 Null Dereference in ServiceREST getPolicyByName method
RANGER-2704 Support browser login using kerberized authentication
RANGER-3584 ServiceTags are not computed correctly by applying
incremental changes to existing ServiceTags
RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if
user-session is not available
RANGER-3709 Fix NullPointerException in
getSecureServicePoliciesIfUpdated call of ServiceRest
RANGER-3702 RANGER - Export policy in excel is failing.
RANGER-3677 Update Password Policy validation at WEB-UI
RANGER-3690 Fix NullPointerException in java patch 054
RANGER-2362 [security] Admin webui - Lack of account lockout
RANGER-3678 Update password validation criteria
RANGER-3674 Fix PMD issue
RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
RANGER-3559 RANGER KMS - Metric details for kms are not getting
collected
RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer
RANGER-3610 Docker: Skip service creation for ranger components during
ranger container restart
RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
RANGER-3593 the hive table owner who create the table can not have the
full privilege
RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we are
using supported version of log4j
RANGER-3576 service creation is failing intermittently due to DB unique
key constraint violation
RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we are
using supported version of log4j
Re: Planning for Apache Ranger 2.3.0 release
Posted by Madhan Neethiraj <ma...@apache.org>.
+1 for Ranger 2.3 release. It has been ~6 months since 2.2 release, and a number of good enhancements were added since then.
Ramesh - thanks for the initiative.
Madhan
On 4/26/22, 11:49 PM, "Ramesh Mani" <rm...@apache.org> wrote:
Dear Ranger Community members,
There are various features and critical bug fixes done in the Apache Ranger
project since the release of Apache Ranger 2.2.0.
Around 55 improvements, 45 bug fixes and a total of 527 commits were made
from the last release.
Now with that Ranger community is expecting a release to adapt those
changes and hence planning this release.
Please review and provide your opinion.
Thanks,
Ramesh
*Improvements:*
RANGER-3687 Password Policy Best Practices for Strong Security
RANGER-3667 Improve feedback in policy creation UI when resource does
not exist
RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
existing group mappings from ranger DB
RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
RANGER-3551 Analyze & optimize module permissions related API
RANGER-3539 Add jacoco-maven-plugin for code coverage
RANGER-3562 Redesign post commit tasks for updating ref-tables when
policy/role is updated
RANGER-3540 Add support to read audit logs from Amazon CloudWatch
RANGER-3030 Replace Findbugs with Spotbugs maven plugin
RANGER-3538 Reduce the granularity of locking when building/retrieving
a policy-engine within Ranger admin service
RANGER-3518 Limit the query size stored in Audit logs
RANGER-3276 Remove duplicate code from buildks.java
RANGER-3515 Enhance Ranger Java client SSL config to be configured
using serviceType and AppId
RANGER-3504 Create framework to execute DB patch dependent on Java
patch.
RANGER-3023 Permission tab takes longer time to load with large number
of users and group_users data
RANGER-3487 Update underscore js with latest version.
RANGER-3548 Update performance engine test scripts
RANGER-3556 Ranger tagsync logs unnecessary messages
RANGER-3573 Add vim in docker base image
RANGER-3578 Simplify code for policy label creation
RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
RANGER-3686 Docker setup to run Ranger with MySQL database
RANGER-3628 Support fine grain authorization for different solr objects
RANGER-3629 RANGER - Handle solr permissions during upgrade
RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
RANGER-3662 There should be pause button for error popup
RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
user experience
RANGER-3649 Represent the Solr admin object types on the Ranger UI
RANGER-3658 Docker: Ranger containers to run as user=ranger
RANGER-3603 HDFS audit files rollover improvement to trigger rollover
in monitoring thread
RANGER-3651 Remove jersey 1.x version dependency for knox plugin
RANGER-3621 Optimise Tag/Policy iterator
RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC
6797
RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
to knox logout page
RANGER-3630 Support wildcards, group short names, and list of memberof
attribute DNs for computing user search filter
RANGER-3597 User role should not be able to modify the Policy
RANGER-3512 Create Java patch to update policy guid to unique value.
RANGER-3511 Create Java patch to update policy resource-signature to
unique value.
RANGER-3493 Add unique index on service and resource_signature column
of x_policy table
RANGER-3435 Add unique index on guid, service and zone_id column of
x_policy table
RANGER-3439 Add rest api to get or delete ranger policy based on guid
RANGER-3498 RANGER : Remove log4j1 dependencies.
RANGER-3475 Promote TagRest endpoints to /public/v2
RANGER-3698 Ranger - Upgrade kylin to 3.1.3
RANGER-3699 Ranger - Upgrade poi to 5.2.1+
RANGER-3533 Provide sorting on columns throughout the audits result set
and policy listing page.
RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
RANGER-3689 Ranger : ranger-2.3 Port missing commits.
RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
RANGER-3577 RANGER : Upgrade POI version to 5.1.0
RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
RANGER-3653 Replace aws java sdk bom dependencies with bundled
dependencies
RANGER-3561 Upgrade Storm version to 1.2.4
RANGER-3704 remove semicolon from c3P0 preferredTestQuery
*Bug Fixes:*
RANGER-3544 Security zones listing will be in alphabetical order.
RANGER-3638 Solr Ranger document level security breaks solr if
collection is reloaded
RANGER-3591 Upgrade protobuf-java to 3.19.3
RANGER-3403 Ranger usersync role based rules not working as expected
RANGER-3285 expose user source details in ranger UI
RANGER-3592 Upgrade Spring framework to 5.3.15
RANGER-3568 Services of one zone are seen in other zone from UI
RANGER-3589 Ranger java patches failing due to admin privilege checks.
RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
RANGER-3554 [Intermittent] API call to fetch the list of policies for a
particular service repo returns a deleted policy in the response
RANGER-3546 Update Spotbugs plugin Executions cycle
RANGER-3427 Null Dereference in PublicApis.java
RANGER-3502 Make GET zone APIs accessible to authorized users only
RANGER-3535 A delegate admin user should be able to add another user
with all or subset of permissions they have
RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not
redirecting to Knox Logout page
RANGER-3528 Ranger Group creation audit is not shown during service
creation
RANGER-3490 Make policy resource signature is unique in a service
RANGER-3507 Handle trailing slash in the ranger Hive URL policy
authorization
RANGER-3519 Provide an option to optimize space needed by Trie objects
RANGER-3516 Java patch 'J10045' taking more time during upgrade.
RANGER-3505 Ranger usersync fails to sync users when a duplicate user
exists in ranger
RANGER-3509 update role fails for role admins
RANGER-3433 Null Dereference in ServiceREST getPolicyByName method
RANGER-2704 Support browser login using kerberized authentication
RANGER-3584 ServiceTags are not computed correctly by applying
incremental changes to existing ServiceTags
RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if
user-session is not available
RANGER-3709 Fix NullPointerException in
getSecureServicePoliciesIfUpdated call of ServiceRest
RANGER-3702 RANGER - Export policy in excel is failing.
RANGER-3677 Update Password Policy validation at WEB-UI
RANGER-3690 Fix NullPointerException in java patch 054
RANGER-2362 [security] Admin webui - Lack of account lockout
RANGER-3678 Update password validation criteria
RANGER-3674 Fix PMD issue
RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
RANGER-3559 RANGER KMS - Metric details for kms are not getting
collected
RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer
RANGER-3610 Docker: Skip service creation for ranger components during
ranger container restart
RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
RANGER-3593 the hive table owner who create the table can not have the
full privilege
RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we are
using supported version of log4j
RANGER-3576 service creation is failing intermittently due to DB unique
key constraint violation
RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we are
using supported version of log4j
Re: Planning for Apache Ranger 2.3.0 release
Posted by KirbY ZhoU <zh...@sensorsdata.cn>.
Missed some commit
For example:
RANGER-3299
RANGER-3580
RANGER-3600
RANGER-3619
RANGER-3669
在 2022/4/27 14:49,“Ramesh Mani”<rm...@apache.org> 写入:
Dear Ranger Community members,
There are various features and critical bug fixes done in the Apache Ranger
project since the release of Apache Ranger 2.2.0.
Around 55 improvements, 45 bug fixes and a total of 527 commits were made
from the last release.
Now with that Ranger community is expecting a release to adapt those
changes and hence planning this release.
Please review and provide your opinion.
Thanks,
Ramesh
*Improvements:*
RANGER-3687 Password Policy Best Practices for Strong Security
RANGER-3667 Improve feedback in policy creation UI when resource does
not exist
RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
existing group mappings from ranger DB
RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
RANGER-3551 Analyze & optimize module permissions related API
RANGER-3539 Add jacoco-maven-plugin for code coverage
RANGER-3562 Redesign post commit tasks for updating ref-tables when
policy/role is updated
RANGER-3540 Add support to read audit logs from Amazon CloudWatch
RANGER-3030 Replace Findbugs with Spotbugs maven plugin
RANGER-3538 Reduce the granularity of locking when building/retrieving
a policy-engine within Ranger admin service
RANGER-3518 Limit the query size stored in Audit logs
RANGER-3276 Remove duplicate code from buildks.java
RANGER-3515 Enhance Ranger Java client SSL config to be configured
using serviceType and AppId
RANGER-3504 Create framework to execute DB patch dependent on Java
patch.
RANGER-3023 Permission tab takes longer time to load with large number
of users and group_users data
RANGER-3487 Update underscore js with latest version.
RANGER-3548 Update performance engine test scripts
RANGER-3556 Ranger tagsync logs unnecessary messages
RANGER-3573 Add vim in docker base image
RANGER-3578 Simplify code for policy label creation
RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
RANGER-3686 Docker setup to run Ranger with MySQL database
RANGER-3628 Support fine grain authorization for different solr objects
RANGER-3629 RANGER - Handle solr permissions during upgrade
RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
RANGER-3662 There should be pause button for error popup
RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
user experience
RANGER-3649 Represent the Solr admin object types on the Ranger UI
RANGER-3658 Docker: Ranger containers to run as user=ranger
RANGER-3603 HDFS audit files rollover improvement to trigger rollover
in monitoring thread
RANGER-3651 Remove jersey 1.x version dependency for knox plugin
RANGER-3621 Optimise Tag/Policy iterator
RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC
6797
RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
to knox logout page
RANGER-3630 Support wildcards, group short names, and list of memberof
attribute DNs for computing user search filter
RANGER-3597 User role should not be able to modify the Policy
RANGER-3512 Create Java patch to update policy guid to unique value.
RANGER-3511 Create Java patch to update policy resource-signature to
unique value.
RANGER-3493 Add unique index on service and resource_signature column
of x_policy table
RANGER-3435 Add unique index on guid, service and zone_id column of
x_policy table
RANGER-3439 Add rest api to get or delete ranger policy based on guid
RANGER-3498 RANGER : Remove log4j1 dependencies.
RANGER-3475 Promote TagRest endpoints to /public/v2
RANGER-3698 Ranger - Upgrade kylin to 3.1.3
RANGER-3699 Ranger - Upgrade poi to 5.2.1+
RANGER-3533 Provide sorting on columns throughout the audits result set
and policy listing page.
RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
RANGER-3689 Ranger : ranger-2.3 Port missing commits.
RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
RANGER-3577 RANGER : Upgrade POI version to 5.1.0
RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
RANGER-3653 Replace aws java sdk bom dependencies with bundled
dependencies
RANGER-3561 Upgrade Storm version to 1.2.4
RANGER-3704 remove semicolon from c3P0 preferredTestQuery
*Bug Fixes:*
RANGER-3544 Security zones listing will be in alphabetical order.
RANGER-3638 Solr Ranger document level security breaks solr if
collection is reloaded
RANGER-3591 Upgrade protobuf-java to 3.19.3
RANGER-3403 Ranger usersync role based rules not working as expected
RANGER-3285 expose user source details in ranger UI
RANGER-3592 Upgrade Spring framework to 5.3.15
RANGER-3568 Services of one zone are seen in other zone from UI
RANGER-3589 Ranger java patches failing due to admin privilege checks.
RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
RANGER-3554 [Intermittent] API call to fetch the list of policies for a
particular service repo returns a deleted policy in the response
RANGER-3546 Update Spotbugs plugin Executions cycle
RANGER-3427 Null Dereference in PublicApis.java
RANGER-3502 Make GET zone APIs accessible to authorized users only
RANGER-3535 A delegate admin user should be able to add another user
with all or subset of permissions they have
RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not
redirecting to Knox Logout page
RANGER-3528 Ranger Group creation audit is not shown during service
creation
RANGER-3490 Make policy resource signature is unique in a service
RANGER-3507 Handle trailing slash in the ranger Hive URL policy
authorization
RANGER-3519 Provide an option to optimize space needed by Trie objects
RANGER-3516 Java patch 'J10045' taking more time during upgrade.
RANGER-3505 Ranger usersync fails to sync users when a duplicate user
exists in ranger
RANGER-3509 update role fails for role admins
RANGER-3433 Null Dereference in ServiceREST getPolicyByName method
RANGER-2704 Support browser login using kerberized authentication
RANGER-3584 ServiceTags are not computed correctly by applying
incremental changes to existing ServiceTags
RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if
user-session is not available
RANGER-3709 Fix NullPointerException in
getSecureServicePoliciesIfUpdated call of ServiceRest
RANGER-3702 RANGER - Export policy in excel is failing.
RANGER-3677 Update Password Policy validation at WEB-UI
RANGER-3690 Fix NullPointerException in java patch 054
RANGER-2362 [security] Admin webui - Lack of account lockout
RANGER-3678 Update password validation criteria
RANGER-3674 Fix PMD issue
RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
RANGER-3559 RANGER KMS - Metric details for kms are not getting
collected
RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer
RANGER-3610 Docker: Skip service creation for ranger components during
ranger container restart
RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
RANGER-3593 the hive table owner who create the table can not have the
full privilege
RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we are
using supported version of log4j
RANGER-3576 service creation is failing intermittently due to DB unique
key constraint violation
RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we are
using supported version of log4j
Re: Planning for Apache Ranger 2.3.0 release
Posted by Nixon Rodrigues <ni...@atlan.com>.
Thanks Ramesh for volunteering for release.
+1 for Ranger 2.3 release. Thanks for the initiative.
On Fri, 29 Apr 2022 at 22:25, Sailaja Polavarapu
<sp...@cloudera.com.invalid> wrote:
> Hi Ramesh,
> +1 for Ranger 2.3 release. Thanks for the initiative.
> - Sailaja
>
> On Thu, Apr 28, 2022 at 7:21 AM Ramesh Mani <rm...@apache.org> wrote:
>
> > zhoutianling,
> >
> > Thanks for the review. These Jiras are part of the Apache Ranger 2.3
> apache
> > release, it's not pulled in this published list as this may not have
> > correct fixed version maintained or it is part of KMS as a component. I
> > shall add it to the list in the release note.
> >
> > Thanks,
> > Ramesh
> >
> > On Thu, Apr 28, 2022 at 2:19 AM KirbY ZhoU <zh...@sensorsdata.cn>
> > wrote:
> >
> > > Missed some commit
> > > For example:
> > >
> > > RANGER-3299
> > > RANGER-3580
> > > RANGER-3600
> > > RANGER-3619
> > > RANGER-3669
> > >
> > > 在 2022/4/27 14:49,“Ramesh Mani”<rm...@apache.org> 写入:
> > >
> > > Dear Ranger Community members,
> > >
> > > There are various features and critical bug fixes done in the
> Apache
> > > Ranger
> > > project since the release of Apache Ranger 2.2.0.
> > > Around 55 improvements, 45 bug fixes and a total of 527 commits
> were
> > > made
> > > from the last release.
> > > Now with that Ranger community is expecting a release to adapt
> those
> > > changes and hence planning this release.
> > >
> > > Please review and provide your opinion.
> > >
> > > Thanks,
> > > Ramesh
> > >
> > > *Improvements:*
> > >
> > > RANGER-3687 Password Policy Best Practices for Strong Security
> > > RANGER-3667 Improve feedback in policy creation UI when
> resource
> > > does
> > > not exist
> > > RANGER-3659 Ranger Admin goes to OOM when usersync is trying to
> > > delete
> > > existing group mappings from ranger DB
> > > RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> > > RANGER-3551 Analyze & optimize module permissions related API
> > > RANGER-3539 Add jacoco-maven-plugin for code coverage
> > > RANGER-3562 Redesign post commit tasks for updating ref-tables
> > when
> > > policy/role is updated
> > > RANGER-3540 Add support to read audit logs from Amazon
> CloudWatch
> > > RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> > > RANGER-3538 Reduce the granularity of locking when
> > > building/retrieving
> > > a policy-engine within Ranger admin service
> > > RANGER-3518 Limit the query size stored in Audit logs
> > > RANGER-3276 Remove duplicate code from buildks.java
> > > RANGER-3515 Enhance Ranger Java client SSL config to be
> > configured
> > > using serviceType and AppId
> > > RANGER-3504 Create framework to execute DB patch dependent on
> > Java
> > > patch.
> > > RANGER-3023 Permission tab takes longer time to load with large
> > > number
> > > of users and group_users data
> > > RANGER-3487 Update underscore js with latest version.
> > > RANGER-3548 Update performance engine test scripts
> > > RANGER-3556 Ranger tagsync logs unnecessary messages
> > > RANGER-3573 Add vim in docker base image
> > > RANGER-3578 Simplify code for policy label creation
> > > RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> > > RANGER-3686 Docker setup to run Ranger with MySQL database
> > > RANGER-3628 Support fine grain authorization for different solr
> > > objects
> > > RANGER-3629 RANGER - Handle solr permissions during upgrade
> > > RANGER-3665 "No Data Found !!" messages in Ranger admin UI
> alarm
> > > users
> > > RANGER-3662 There should be pause button for error popup
> > > RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for
> > > better
> > > user experience
> > > RANGER-3649 Represent the Solr admin object types on the Ranger
> > UI
> > > RANGER-3658 Docker: Ranger containers to run as user=ranger
> > > RANGER-3603 HDFS audit files rollover improvement to trigger
> > > rollover
> > > in monitoring thread
> > > RANGER-3651 Remove jersey 1.x version dependency for knox
> plugin
> > > RANGER-3621 Optimise Tag/Policy iterator
> > > RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT
> DEFINED
> > > BY RFC
> > > 6797
> > > RANGER-3455 [Logout-Ranger] Should either be disabled/ should
> > > redirect
> > > to knox logout page
> > > RANGER-3630 Support wildcards, group short names, and list of
> > > memberof
> > > attribute DNs for computing user search filter
> > > RANGER-3597 User role should not be able to modify the Policy
> > > RANGER-3512 Create Java patch to update policy guid to unique
> > > value.
> > > RANGER-3511 Create Java patch to update policy
> resource-signature
> > > to
> > > unique value.
> > > RANGER-3493 Add unique index on service and resource_signature
> > > column
> > > of x_policy table
> > > RANGER-3435 Add unique index on guid, service and zone_id
> column
> > of
> > > x_policy table
> > > RANGER-3439 Add rest api to get or delete ranger policy based
> on
> > > guid
> > > RANGER-3498 RANGER : Remove log4j1 dependencies.
> > > RANGER-3475 Promote TagRest endpoints to /public/v2
> > > RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> > > RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> > > RANGER-3533 Provide sorting on columns throughout the audits
> > > result set
> > > and policy listing page.
> > > RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> > > RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> > > RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> > > RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> > > RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
> > > RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> > > RANGER-3653 Replace aws java sdk bom dependencies with bundled
> > > dependencies
> > > RANGER-3561 Upgrade Storm version to 1.2.4
> > > RANGER-3704 remove semicolon from c3P0 preferredTestQuery
> > >
> > > *Bug Fixes:*
> > >
> > > RANGER-3544 Security zones listing will be in alphabetical
> order.
> > > RANGER-3638 Solr Ranger document level security breaks solr if
> > > collection is reloaded
> > > RANGER-3591 Upgrade protobuf-java to 3.19.3
> > > RANGER-3403 Ranger usersync role based rules not working as
> > > expected
> > > RANGER-3285 expose user source details in ranger UI
> > > RANGER-3592 Upgrade Spring framework to 5.3.15
> > > RANGER-3568 Services of one zone are seen in other zone from UI
> > > RANGER-3589 Ranger java patches failing due to admin privilege
> > > checks.
> > > RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
> > > RANGER-3554 [Intermittent] API call to fetch the list of
> policies
> > > for a
> > > particular service repo returns a deleted policy in the response
> > > RANGER-3546 Update Spotbugs plugin Executions cycle
> > > RANGER-3427 Null Dereference in PublicApis.java
> > > RANGER-3502 Make GET zone APIs accessible to authorized users
> > only
> > > RANGER-3535 A delegate admin user should be able to add another
> > > user
> > > with all or subset of permissions they have
> > > RANGER-3468 When multiple Ranger tabs are opened, Some tabs are
> > not
> > > redirecting to Knox Logout page
> > > RANGER-3528 Ranger Group creation audit is not shown during
> > service
> > > creation
> > > RANGER-3490 Make policy resource signature is unique in a
> service
> > > RANGER-3507 Handle trailing slash in the ranger Hive URL policy
> > > authorization
> > > RANGER-3519 Provide an option to optimize space needed by Trie
> > > objects
> > > RANGER-3516 Java patch 'J10045' taking more time during
> upgrade.
> > > RANGER-3505 Ranger usersync fails to sync users when a
> duplicate
> > > user
> > > exists in ranger
> > > RANGER-3509 update role fails for role admins
> > > RANGER-3433 Null Dereference in ServiceREST getPolicyByName
> > method
> > > RANGER-2704 Support browser login using kerberized
> authentication
> > > RANGER-3584 ServiceTags are not computed correctly by applying
> > > incremental changes to existing ServiceTags
> > > RANGER-3663 RangerBizUtil.checkAdminAccess() should return
> false
> > if
> > > user-session is not available
> > > RANGER-3709 Fix NullPointerException in
> > > getSecureServicePoliciesIfUpdated call of ServiceRest
> > > RANGER-3702 RANGER - Export policy in excel is failing.
> > > RANGER-3677 Update Password Policy validation at WEB-UI
> > > RANGER-3690 Fix NullPointerException in java patch 054
> > > RANGER-2362 [security] Admin webui - Lack of account lockout
> > > RANGER-3678 Update password validation criteria
> > > RANGER-3674 Fix PMD issue
> > > RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
> > > RANGER-3559 RANGER KMS - Metric details for kms are not getting
> > > collected
> > > RANGER-3625 Update isDebugEnable condition in
> > RangerHiveAuthorizer
> > > RANGER-3610 Docker: Skip service creation for ranger components
> > > during
> > > ranger container restart
> > > RANGER-3594 mysql setup scripts failed with binlog-enabled
> mysql
> > > RANGER-3593 the hive table owner who create the table can not
> > > have the
> > > full privilege
> > > RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> > > RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that
> > we
> > > are
> > > using supported version of log4j
> > > RANGER-3576 service creation is failing intermittently due to
> DB
> > > unique
> > > key constraint violation
> > > RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that
> > we
> > > are
> > > using supported version of log4j
> > >
> > >
> > >
> > >
> > >
> >
>
Re: Planning for Apache Ranger 2.3.0 release
Posted by Nixon Rodrigues <ni...@atlan.com>.
Thanks Ramesh for volunteering for release.
+1 for Ranger 2.3 release. Thanks for the initiative.
On Fri, 29 Apr 2022 at 22:25, Sailaja Polavarapu
<sp...@cloudera.com.invalid> wrote:
> Hi Ramesh,
> +1 for Ranger 2.3 release. Thanks for the initiative.
> - Sailaja
>
> On Thu, Apr 28, 2022 at 7:21 AM Ramesh Mani <rm...@apache.org> wrote:
>
> > zhoutianling,
> >
> > Thanks for the review. These Jiras are part of the Apache Ranger 2.3
> apache
> > release, it's not pulled in this published list as this may not have
> > correct fixed version maintained or it is part of KMS as a component. I
> > shall add it to the list in the release note.
> >
> > Thanks,
> > Ramesh
> >
> > On Thu, Apr 28, 2022 at 2:19 AM KirbY ZhoU <zh...@sensorsdata.cn>
> > wrote:
> >
> > > Missed some commit
> > > For example:
> > >
> > > RANGER-3299
> > > RANGER-3580
> > > RANGER-3600
> > > RANGER-3619
> > > RANGER-3669
> > >
> > > 在 2022/4/27 14:49,“Ramesh Mani”<rm...@apache.org> 写入:
> > >
> > > Dear Ranger Community members,
> > >
> > > There are various features and critical bug fixes done in the
> Apache
> > > Ranger
> > > project since the release of Apache Ranger 2.2.0.
> > > Around 55 improvements, 45 bug fixes and a total of 527 commits
> were
> > > made
> > > from the last release.
> > > Now with that Ranger community is expecting a release to adapt
> those
> > > changes and hence planning this release.
> > >
> > > Please review and provide your opinion.
> > >
> > > Thanks,
> > > Ramesh
> > >
> > > *Improvements:*
> > >
> > > RANGER-3687 Password Policy Best Practices for Strong Security
> > > RANGER-3667 Improve feedback in policy creation UI when
> resource
> > > does
> > > not exist
> > > RANGER-3659 Ranger Admin goes to OOM when usersync is trying to
> > > delete
> > > existing group mappings from ranger DB
> > > RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> > > RANGER-3551 Analyze & optimize module permissions related API
> > > RANGER-3539 Add jacoco-maven-plugin for code coverage
> > > RANGER-3562 Redesign post commit tasks for updating ref-tables
> > when
> > > policy/role is updated
> > > RANGER-3540 Add support to read audit logs from Amazon
> CloudWatch
> > > RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> > > RANGER-3538 Reduce the granularity of locking when
> > > building/retrieving
> > > a policy-engine within Ranger admin service
> > > RANGER-3518 Limit the query size stored in Audit logs
> > > RANGER-3276 Remove duplicate code from buildks.java
> > > RANGER-3515 Enhance Ranger Java client SSL config to be
> > configured
> > > using serviceType and AppId
> > > RANGER-3504 Create framework to execute DB patch dependent on
> > Java
> > > patch.
> > > RANGER-3023 Permission tab takes longer time to load with large
> > > number
> > > of users and group_users data
> > > RANGER-3487 Update underscore js with latest version.
> > > RANGER-3548 Update performance engine test scripts
> > > RANGER-3556 Ranger tagsync logs unnecessary messages
> > > RANGER-3573 Add vim in docker base image
> > > RANGER-3578 Simplify code for policy label creation
> > > RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> > > RANGER-3686 Docker setup to run Ranger with MySQL database
> > > RANGER-3628 Support fine grain authorization for different solr
> > > objects
> > > RANGER-3629 RANGER - Handle solr permissions during upgrade
> > > RANGER-3665 "No Data Found !!" messages in Ranger admin UI
> alarm
> > > users
> > > RANGER-3662 There should be pause button for error popup
> > > RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for
> > > better
> > > user experience
> > > RANGER-3649 Represent the Solr admin object types on the Ranger
> > UI
> > > RANGER-3658 Docker: Ranger containers to run as user=ranger
> > > RANGER-3603 HDFS audit files rollover improvement to trigger
> > > rollover
> > > in monitoring thread
> > > RANGER-3651 Remove jersey 1.x version dependency for knox
> plugin
> > > RANGER-3621 Optimise Tag/Policy iterator
> > > RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT
> DEFINED
> > > BY RFC
> > > 6797
> > > RANGER-3455 [Logout-Ranger] Should either be disabled/ should
> > > redirect
> > > to knox logout page
> > > RANGER-3630 Support wildcards, group short names, and list of
> > > memberof
> > > attribute DNs for computing user search filter
> > > RANGER-3597 User role should not be able to modify the Policy
> > > RANGER-3512 Create Java patch to update policy guid to unique
> > > value.
> > > RANGER-3511 Create Java patch to update policy
> resource-signature
> > > to
> > > unique value.
> > > RANGER-3493 Add unique index on service and resource_signature
> > > column
> > > of x_policy table
> > > RANGER-3435 Add unique index on guid, service and zone_id
> column
> > of
> > > x_policy table
> > > RANGER-3439 Add rest api to get or delete ranger policy based
> on
> > > guid
> > > RANGER-3498 RANGER : Remove log4j1 dependencies.
> > > RANGER-3475 Promote TagRest endpoints to /public/v2
> > > RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> > > RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> > > RANGER-3533 Provide sorting on columns throughout the audits
> > > result set
> > > and policy listing page.
> > > RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> > > RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> > > RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> > > RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> > > RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
> > > RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> > > RANGER-3653 Replace aws java sdk bom dependencies with bundled
> > > dependencies
> > > RANGER-3561 Upgrade Storm version to 1.2.4
> > > RANGER-3704 remove semicolon from c3P0 preferredTestQuery
> > >
> > > *Bug Fixes:*
> > >
> > > RANGER-3544 Security zones listing will be in alphabetical
> order.
> > > RANGER-3638 Solr Ranger document level security breaks solr if
> > > collection is reloaded
> > > RANGER-3591 Upgrade protobuf-java to 3.19.3
> > > RANGER-3403 Ranger usersync role based rules not working as
> > > expected
> > > RANGER-3285 expose user source details in ranger UI
> > > RANGER-3592 Upgrade Spring framework to 5.3.15
> > > RANGER-3568 Services of one zone are seen in other zone from UI
> > > RANGER-3589 Ranger java patches failing due to admin privilege
> > > checks.
> > > RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
> > > RANGER-3554 [Intermittent] API call to fetch the list of
> policies
> > > for a
> > > particular service repo returns a deleted policy in the response
> > > RANGER-3546 Update Spotbugs plugin Executions cycle
> > > RANGER-3427 Null Dereference in PublicApis.java
> > > RANGER-3502 Make GET zone APIs accessible to authorized users
> > only
> > > RANGER-3535 A delegate admin user should be able to add another
> > > user
> > > with all or subset of permissions they have
> > > RANGER-3468 When multiple Ranger tabs are opened, Some tabs are
> > not
> > > redirecting to Knox Logout page
> > > RANGER-3528 Ranger Group creation audit is not shown during
> > service
> > > creation
> > > RANGER-3490 Make policy resource signature is unique in a
> service
> > > RANGER-3507 Handle trailing slash in the ranger Hive URL policy
> > > authorization
> > > RANGER-3519 Provide an option to optimize space needed by Trie
> > > objects
> > > RANGER-3516 Java patch 'J10045' taking more time during
> upgrade.
> > > RANGER-3505 Ranger usersync fails to sync users when a
> duplicate
> > > user
> > > exists in ranger
> > > RANGER-3509 update role fails for role admins
> > > RANGER-3433 Null Dereference in ServiceREST getPolicyByName
> > method
> > > RANGER-2704 Support browser login using kerberized
> authentication
> > > RANGER-3584 ServiceTags are not computed correctly by applying
> > > incremental changes to existing ServiceTags
> > > RANGER-3663 RangerBizUtil.checkAdminAccess() should return
> false
> > if
> > > user-session is not available
> > > RANGER-3709 Fix NullPointerException in
> > > getSecureServicePoliciesIfUpdated call of ServiceRest
> > > RANGER-3702 RANGER - Export policy in excel is failing.
> > > RANGER-3677 Update Password Policy validation at WEB-UI
> > > RANGER-3690 Fix NullPointerException in java patch 054
> > > RANGER-2362 [security] Admin webui - Lack of account lockout
> > > RANGER-3678 Update password validation criteria
> > > RANGER-3674 Fix PMD issue
> > > RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
> > > RANGER-3559 RANGER KMS - Metric details for kms are not getting
> > > collected
> > > RANGER-3625 Update isDebugEnable condition in
> > RangerHiveAuthorizer
> > > RANGER-3610 Docker: Skip service creation for ranger components
> > > during
> > > ranger container restart
> > > RANGER-3594 mysql setup scripts failed with binlog-enabled
> mysql
> > > RANGER-3593 the hive table owner who create the table can not
> > > have the
> > > full privilege
> > > RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> > > RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that
> > we
> > > are
> > > using supported version of log4j
> > > RANGER-3576 service creation is failing intermittently due to
> DB
> > > unique
> > > key constraint violation
> > > RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that
> > we
> > > are
> > > using supported version of log4j
> > >
> > >
> > >
> > >
> > >
> >
>
Re: Planning for Apache Ranger 2.3.0 release
Posted by Sailaja Polavarapu <sp...@cloudera.com>.
Hi Ramesh,
+1 for Ranger 2.3 release. Thanks for the initiative.
- Sailaja
On Thu, Apr 28, 2022 at 7:21 AM Ramesh Mani <rm...@apache.org> wrote:
> zhoutianling,
>
> Thanks for the review. These Jiras are part of the Apache Ranger 2.3 apache
> release, it's not pulled in this published list as this may not have
> correct fixed version maintained or it is part of KMS as a component. I
> shall add it to the list in the release note.
>
> Thanks,
> Ramesh
>
> On Thu, Apr 28, 2022 at 2:19 AM KirbY ZhoU <zh...@sensorsdata.cn>
> wrote:
>
> > Missed some commit
> > For example:
> >
> > RANGER-3299
> > RANGER-3580
> > RANGER-3600
> > RANGER-3619
> > RANGER-3669
> >
> > 在 2022/4/27 14:49,“Ramesh Mani”<rm...@apache.org> 写入:
> >
> > Dear Ranger Community members,
> >
> > There are various features and critical bug fixes done in the Apache
> > Ranger
> > project since the release of Apache Ranger 2.2.0.
> > Around 55 improvements, 45 bug fixes and a total of 527 commits were
> > made
> > from the last release.
> > Now with that Ranger community is expecting a release to adapt those
> > changes and hence planning this release.
> >
> > Please review and provide your opinion.
> >
> > Thanks,
> > Ramesh
> >
> > *Improvements:*
> >
> > RANGER-3687 Password Policy Best Practices for Strong Security
> > RANGER-3667 Improve feedback in policy creation UI when resource
> > does
> > not exist
> > RANGER-3659 Ranger Admin goes to OOM when usersync is trying to
> > delete
> > existing group mappings from ranger DB
> > RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> > RANGER-3551 Analyze & optimize module permissions related API
> > RANGER-3539 Add jacoco-maven-plugin for code coverage
> > RANGER-3562 Redesign post commit tasks for updating ref-tables
> when
> > policy/role is updated
> > RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> > RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> > RANGER-3538 Reduce the granularity of locking when
> > building/retrieving
> > a policy-engine within Ranger admin service
> > RANGER-3518 Limit the query size stored in Audit logs
> > RANGER-3276 Remove duplicate code from buildks.java
> > RANGER-3515 Enhance Ranger Java client SSL config to be
> configured
> > using serviceType and AppId
> > RANGER-3504 Create framework to execute DB patch dependent on
> Java
> > patch.
> > RANGER-3023 Permission tab takes longer time to load with large
> > number
> > of users and group_users data
> > RANGER-3487 Update underscore js with latest version.
> > RANGER-3548 Update performance engine test scripts
> > RANGER-3556 Ranger tagsync logs unnecessary messages
> > RANGER-3573 Add vim in docker base image
> > RANGER-3578 Simplify code for policy label creation
> > RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> > RANGER-3686 Docker setup to run Ranger with MySQL database
> > RANGER-3628 Support fine grain authorization for different solr
> > objects
> > RANGER-3629 RANGER - Handle solr permissions during upgrade
> > RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm
> > users
> > RANGER-3662 There should be pause button for error popup
> > RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for
> > better
> > user experience
> > RANGER-3649 Represent the Solr admin object types on the Ranger
> UI
> > RANGER-3658 Docker: Ranger containers to run as user=ranger
> > RANGER-3603 HDFS audit files rollover improvement to trigger
> > rollover
> > in monitoring thread
> > RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> > RANGER-3621 Optimise Tag/Policy iterator
> > RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED
> > BY RFC
> > 6797
> > RANGER-3455 [Logout-Ranger] Should either be disabled/ should
> > redirect
> > to knox logout page
> > RANGER-3630 Support wildcards, group short names, and list of
> > memberof
> > attribute DNs for computing user search filter
> > RANGER-3597 User role should not be able to modify the Policy
> > RANGER-3512 Create Java patch to update policy guid to unique
> > value.
> > RANGER-3511 Create Java patch to update policy resource-signature
> > to
> > unique value.
> > RANGER-3493 Add unique index on service and resource_signature
> > column
> > of x_policy table
> > RANGER-3435 Add unique index on guid, service and zone_id column
> of
> > x_policy table
> > RANGER-3439 Add rest api to get or delete ranger policy based on
> > guid
> > RANGER-3498 RANGER : Remove log4j1 dependencies.
> > RANGER-3475 Promote TagRest endpoints to /public/v2
> > RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> > RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> > RANGER-3533 Provide sorting on columns throughout the audits
> > result set
> > and policy listing page.
> > RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> > RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> > RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> > RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> > RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
> > RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> > RANGER-3653 Replace aws java sdk bom dependencies with bundled
> > dependencies
> > RANGER-3561 Upgrade Storm version to 1.2.4
> > RANGER-3704 remove semicolon from c3P0 preferredTestQuery
> >
> > *Bug Fixes:*
> >
> > RANGER-3544 Security zones listing will be in alphabetical order.
> > RANGER-3638 Solr Ranger document level security breaks solr if
> > collection is reloaded
> > RANGER-3591 Upgrade protobuf-java to 3.19.3
> > RANGER-3403 Ranger usersync role based rules not working as
> > expected
> > RANGER-3285 expose user source details in ranger UI
> > RANGER-3592 Upgrade Spring framework to 5.3.15
> > RANGER-3568 Services of one zone are seen in other zone from UI
> > RANGER-3589 Ranger java patches failing due to admin privilege
> > checks.
> > RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
> > RANGER-3554 [Intermittent] API call to fetch the list of policies
> > for a
> > particular service repo returns a deleted policy in the response
> > RANGER-3546 Update Spotbugs plugin Executions cycle
> > RANGER-3427 Null Dereference in PublicApis.java
> > RANGER-3502 Make GET zone APIs accessible to authorized users
> only
> > RANGER-3535 A delegate admin user should be able to add another
> > user
> > with all or subset of permissions they have
> > RANGER-3468 When multiple Ranger tabs are opened, Some tabs are
> not
> > redirecting to Knox Logout page
> > RANGER-3528 Ranger Group creation audit is not shown during
> service
> > creation
> > RANGER-3490 Make policy resource signature is unique in a service
> > RANGER-3507 Handle trailing slash in the ranger Hive URL policy
> > authorization
> > RANGER-3519 Provide an option to optimize space needed by Trie
> > objects
> > RANGER-3516 Java patch 'J10045' taking more time during upgrade.
> > RANGER-3505 Ranger usersync fails to sync users when a duplicate
> > user
> > exists in ranger
> > RANGER-3509 update role fails for role admins
> > RANGER-3433 Null Dereference in ServiceREST getPolicyByName
> method
> > RANGER-2704 Support browser login using kerberized authentication
> > RANGER-3584 ServiceTags are not computed correctly by applying
> > incremental changes to existing ServiceTags
> > RANGER-3663 RangerBizUtil.checkAdminAccess() should return false
> if
> > user-session is not available
> > RANGER-3709 Fix NullPointerException in
> > getSecureServicePoliciesIfUpdated call of ServiceRest
> > RANGER-3702 RANGER - Export policy in excel is failing.
> > RANGER-3677 Update Password Policy validation at WEB-UI
> > RANGER-3690 Fix NullPointerException in java patch 054
> > RANGER-2362 [security] Admin webui - Lack of account lockout
> > RANGER-3678 Update password validation criteria
> > RANGER-3674 Fix PMD issue
> > RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
> > RANGER-3559 RANGER KMS - Metric details for kms are not getting
> > collected
> > RANGER-3625 Update isDebugEnable condition in
> RangerHiveAuthorizer
> > RANGER-3610 Docker: Skip service creation for ranger components
> > during
> > ranger container restart
> > RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
> > RANGER-3593 the hive table owner who create the table can not
> > have the
> > full privilege
> > RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> > RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that
> we
> > are
> > using supported version of log4j
> > RANGER-3576 service creation is failing intermittently due to DB
> > unique
> > key constraint violation
> > RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that
> we
> > are
> > using supported version of log4j
> >
> >
> >
> >
> >
>
Re: Planning for Apache Ranger 2.3.0 release
Posted by Sailaja Polavarapu <sp...@cloudera.com.INVALID>.
Hi Ramesh,
+1 for Ranger 2.3 release. Thanks for the initiative.
- Sailaja
On Thu, Apr 28, 2022 at 7:21 AM Ramesh Mani <rm...@apache.org> wrote:
> zhoutianling,
>
> Thanks for the review. These Jiras are part of the Apache Ranger 2.3 apache
> release, it's not pulled in this published list as this may not have
> correct fixed version maintained or it is part of KMS as a component. I
> shall add it to the list in the release note.
>
> Thanks,
> Ramesh
>
> On Thu, Apr 28, 2022 at 2:19 AM KirbY ZhoU <zh...@sensorsdata.cn>
> wrote:
>
> > Missed some commit
> > For example:
> >
> > RANGER-3299
> > RANGER-3580
> > RANGER-3600
> > RANGER-3619
> > RANGER-3669
> >
> > 在 2022/4/27 14:49,“Ramesh Mani”<rm...@apache.org> 写入:
> >
> > Dear Ranger Community members,
> >
> > There are various features and critical bug fixes done in the Apache
> > Ranger
> > project since the release of Apache Ranger 2.2.0.
> > Around 55 improvements, 45 bug fixes and a total of 527 commits were
> > made
> > from the last release.
> > Now with that Ranger community is expecting a release to adapt those
> > changes and hence planning this release.
> >
> > Please review and provide your opinion.
> >
> > Thanks,
> > Ramesh
> >
> > *Improvements:*
> >
> > RANGER-3687 Password Policy Best Practices for Strong Security
> > RANGER-3667 Improve feedback in policy creation UI when resource
> > does
> > not exist
> > RANGER-3659 Ranger Admin goes to OOM when usersync is trying to
> > delete
> > existing group mappings from ranger DB
> > RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> > RANGER-3551 Analyze & optimize module permissions related API
> > RANGER-3539 Add jacoco-maven-plugin for code coverage
> > RANGER-3562 Redesign post commit tasks for updating ref-tables
> when
> > policy/role is updated
> > RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> > RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> > RANGER-3538 Reduce the granularity of locking when
> > building/retrieving
> > a policy-engine within Ranger admin service
> > RANGER-3518 Limit the query size stored in Audit logs
> > RANGER-3276 Remove duplicate code from buildks.java
> > RANGER-3515 Enhance Ranger Java client SSL config to be
> configured
> > using serviceType and AppId
> > RANGER-3504 Create framework to execute DB patch dependent on
> Java
> > patch.
> > RANGER-3023 Permission tab takes longer time to load with large
> > number
> > of users and group_users data
> > RANGER-3487 Update underscore js with latest version.
> > RANGER-3548 Update performance engine test scripts
> > RANGER-3556 Ranger tagsync logs unnecessary messages
> > RANGER-3573 Add vim in docker base image
> > RANGER-3578 Simplify code for policy label creation
> > RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> > RANGER-3686 Docker setup to run Ranger with MySQL database
> > RANGER-3628 Support fine grain authorization for different solr
> > objects
> > RANGER-3629 RANGER - Handle solr permissions during upgrade
> > RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm
> > users
> > RANGER-3662 There should be pause button for error popup
> > RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for
> > better
> > user experience
> > RANGER-3649 Represent the Solr admin object types on the Ranger
> UI
> > RANGER-3658 Docker: Ranger containers to run as user=ranger
> > RANGER-3603 HDFS audit files rollover improvement to trigger
> > rollover
> > in monitoring thread
> > RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> > RANGER-3621 Optimise Tag/Policy iterator
> > RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED
> > BY RFC
> > 6797
> > RANGER-3455 [Logout-Ranger] Should either be disabled/ should
> > redirect
> > to knox logout page
> > RANGER-3630 Support wildcards, group short names, and list of
> > memberof
> > attribute DNs for computing user search filter
> > RANGER-3597 User role should not be able to modify the Policy
> > RANGER-3512 Create Java patch to update policy guid to unique
> > value.
> > RANGER-3511 Create Java patch to update policy resource-signature
> > to
> > unique value.
> > RANGER-3493 Add unique index on service and resource_signature
> > column
> > of x_policy table
> > RANGER-3435 Add unique index on guid, service and zone_id column
> of
> > x_policy table
> > RANGER-3439 Add rest api to get or delete ranger policy based on
> > guid
> > RANGER-3498 RANGER : Remove log4j1 dependencies.
> > RANGER-3475 Promote TagRest endpoints to /public/v2
> > RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> > RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> > RANGER-3533 Provide sorting on columns throughout the audits
> > result set
> > and policy listing page.
> > RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> > RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> > RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> > RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> > RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
> > RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> > RANGER-3653 Replace aws java sdk bom dependencies with bundled
> > dependencies
> > RANGER-3561 Upgrade Storm version to 1.2.4
> > RANGER-3704 remove semicolon from c3P0 preferredTestQuery
> >
> > *Bug Fixes:*
> >
> > RANGER-3544 Security zones listing will be in alphabetical order.
> > RANGER-3638 Solr Ranger document level security breaks solr if
> > collection is reloaded
> > RANGER-3591 Upgrade protobuf-java to 3.19.3
> > RANGER-3403 Ranger usersync role based rules not working as
> > expected
> > RANGER-3285 expose user source details in ranger UI
> > RANGER-3592 Upgrade Spring framework to 5.3.15
> > RANGER-3568 Services of one zone are seen in other zone from UI
> > RANGER-3589 Ranger java patches failing due to admin privilege
> > checks.
> > RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
> > RANGER-3554 [Intermittent] API call to fetch the list of policies
> > for a
> > particular service repo returns a deleted policy in the response
> > RANGER-3546 Update Spotbugs plugin Executions cycle
> > RANGER-3427 Null Dereference in PublicApis.java
> > RANGER-3502 Make GET zone APIs accessible to authorized users
> only
> > RANGER-3535 A delegate admin user should be able to add another
> > user
> > with all or subset of permissions they have
> > RANGER-3468 When multiple Ranger tabs are opened, Some tabs are
> not
> > redirecting to Knox Logout page
> > RANGER-3528 Ranger Group creation audit is not shown during
> service
> > creation
> > RANGER-3490 Make policy resource signature is unique in a service
> > RANGER-3507 Handle trailing slash in the ranger Hive URL policy
> > authorization
> > RANGER-3519 Provide an option to optimize space needed by Trie
> > objects
> > RANGER-3516 Java patch 'J10045' taking more time during upgrade.
> > RANGER-3505 Ranger usersync fails to sync users when a duplicate
> > user
> > exists in ranger
> > RANGER-3509 update role fails for role admins
> > RANGER-3433 Null Dereference in ServiceREST getPolicyByName
> method
> > RANGER-2704 Support browser login using kerberized authentication
> > RANGER-3584 ServiceTags are not computed correctly by applying
> > incremental changes to existing ServiceTags
> > RANGER-3663 RangerBizUtil.checkAdminAccess() should return false
> if
> > user-session is not available
> > RANGER-3709 Fix NullPointerException in
> > getSecureServicePoliciesIfUpdated call of ServiceRest
> > RANGER-3702 RANGER - Export policy in excel is failing.
> > RANGER-3677 Update Password Policy validation at WEB-UI
> > RANGER-3690 Fix NullPointerException in java patch 054
> > RANGER-2362 [security] Admin webui - Lack of account lockout
> > RANGER-3678 Update password validation criteria
> > RANGER-3674 Fix PMD issue
> > RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
> > RANGER-3559 RANGER KMS - Metric details for kms are not getting
> > collected
> > RANGER-3625 Update isDebugEnable condition in
> RangerHiveAuthorizer
> > RANGER-3610 Docker: Skip service creation for ranger components
> > during
> > ranger container restart
> > RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
> > RANGER-3593 the hive table owner who create the table can not
> > have the
> > full privilege
> > RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> > RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that
> we
> > are
> > using supported version of log4j
> > RANGER-3576 service creation is failing intermittently due to DB
> > unique
> > key constraint violation
> > RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that
> we
> > are
> > using supported version of log4j
> >
> >
> >
> >
> >
>
Re: Planning for Apache Ranger 2.3.0 release
Posted by Ramesh Mani <rm...@apache.org>.
zhoutianling,
Thanks for the review. These Jiras are part of the Apache Ranger 2.3 apache
release, it's not pulled in this published list as this may not have
correct fixed version maintained or it is part of KMS as a component. I
shall add it to the list in the release note.
Thanks,
Ramesh
On Thu, Apr 28, 2022 at 2:19 AM KirbY ZhoU <zh...@sensorsdata.cn>
wrote:
> Missed some commit
> For example:
>
> RANGER-3299
> RANGER-3580
> RANGER-3600
> RANGER-3619
> RANGER-3669
>
> 在 2022/4/27 14:49,“Ramesh Mani”<rm...@apache.org> 写入:
>
> Dear Ranger Community members,
>
> There are various features and critical bug fixes done in the Apache
> Ranger
> project since the release of Apache Ranger 2.2.0.
> Around 55 improvements, 45 bug fixes and a total of 527 commits were
> made
> from the last release.
> Now with that Ranger community is expecting a release to adapt those
> changes and hence planning this release.
>
> Please review and provide your opinion.
>
> Thanks,
> Ramesh
>
> *Improvements:*
>
> RANGER-3687 Password Policy Best Practices for Strong Security
> RANGER-3667 Improve feedback in policy creation UI when resource
> does
> not exist
> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to
> delete
> existing group mappings from ranger DB
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3538 Reduce the granularity of locking when
> building/retrieving
> a policy-engine within Ranger admin service
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3515 Enhance Ranger Java client SSL config to be configured
> using serviceType and AppId
> RANGER-3504 Create framework to execute DB patch dependent on Java
> patch.
> RANGER-3023 Permission tab takes longer time to load with large
> number
> of users and group_users data
> RANGER-3487 Update underscore js with latest version.
> RANGER-3548 Update performance engine test scripts
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3573 Add vim in docker base image
> RANGER-3578 Simplify code for policy label creation
> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> RANGER-3686 Docker setup to run Ranger with MySQL database
> RANGER-3628 Support fine grain authorization for different solr
> objects
> RANGER-3629 RANGER - Handle solr permissions during upgrade
> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm
> users
> RANGER-3662 There should be pause button for error popup
> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for
> better
> user experience
> RANGER-3649 Represent the Solr admin object types on the Ranger UI
> RANGER-3658 Docker: Ranger containers to run as user=ranger
> RANGER-3603 HDFS audit files rollover improvement to trigger
> rollover
> in monitoring thread
> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> RANGER-3621 Optimise Tag/Policy iterator
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED
> BY RFC
> 6797
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should
> redirect
> to knox logout page
> RANGER-3630 Support wildcards, group short names, and list of
> memberof
> attribute DNs for computing user search filter
> RANGER-3597 User role should not be able to modify the Policy
> RANGER-3512 Create Java patch to update policy guid to unique
> value.
> RANGER-3511 Create Java patch to update policy resource-signature
> to
> unique value.
> RANGER-3493 Add unique index on service and resource_signature
> column
> of x_policy table
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on
> guid
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> RANGER-3533 Provide sorting on columns throughout the audits
> result set
> and policy listing page.
> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3653 Replace aws java sdk bom dependencies with bundled
> dependencies
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
>
> *Bug Fixes:*
>
> RANGER-3544 Security zones listing will be in alphabetical order.
> RANGER-3638 Solr Ranger document level security breaks solr if
> collection is reloaded
> RANGER-3591 Upgrade protobuf-java to 3.19.3
> RANGER-3403 Ranger usersync role based rules not working as
> expected
> RANGER-3285 expose user source details in ranger UI
> RANGER-3592 Upgrade Spring framework to 5.3.15
> RANGER-3568 Services of one zone are seen in other zone from UI
> RANGER-3589 Ranger java patches failing due to admin privilege
> checks.
> RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
> RANGER-3554 [Intermittent] API call to fetch the list of policies
> for a
> particular service repo returns a deleted policy in the response
> RANGER-3546 Update Spotbugs plugin Executions cycle
> RANGER-3427 Null Dereference in PublicApis.java
> RANGER-3502 Make GET zone APIs accessible to authorized users only
> RANGER-3535 A delegate admin user should be able to add another
> user
> with all or subset of permissions they have
> RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not
> redirecting to Knox Logout page
> RANGER-3528 Ranger Group creation audit is not shown during service
> creation
> RANGER-3490 Make policy resource signature is unique in a service
> RANGER-3507 Handle trailing slash in the ranger Hive URL policy
> authorization
> RANGER-3519 Provide an option to optimize space needed by Trie
> objects
> RANGER-3516 Java patch 'J10045' taking more time during upgrade.
> RANGER-3505 Ranger usersync fails to sync users when a duplicate
> user
> exists in ranger
> RANGER-3509 update role fails for role admins
> RANGER-3433 Null Dereference in ServiceREST getPolicyByName method
> RANGER-2704 Support browser login using kerberized authentication
> RANGER-3584 ServiceTags are not computed correctly by applying
> incremental changes to existing ServiceTags
> RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if
> user-session is not available
> RANGER-3709 Fix NullPointerException in
> getSecureServicePoliciesIfUpdated call of ServiceRest
> RANGER-3702 RANGER - Export policy in excel is failing.
> RANGER-3677 Update Password Policy validation at WEB-UI
> RANGER-3690 Fix NullPointerException in java patch 054
> RANGER-2362 [security] Admin webui - Lack of account lockout
> RANGER-3678 Update password validation criteria
> RANGER-3674 Fix PMD issue
> RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
> RANGER-3559 RANGER KMS - Metric details for kms are not getting
> collected
> RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer
> RANGER-3610 Docker: Skip service creation for ranger components
> during
> ranger container restart
> RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
> RANGER-3593 the hive table owner who create the table can not
> have the
> full privilege
> RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we
> are
> using supported version of log4j
> RANGER-3576 service creation is failing intermittently due to DB
> unique
> key constraint violation
> RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we
> are
> using supported version of log4j
>
>
>
>
>
Re: Planning for Apache Ranger 2.3.0 release
Posted by Ramesh Mani <rm...@apache.org>.
zhoutianling,
Thanks for the review. These Jiras are part of the Apache Ranger 2.3 apache
release, it's not pulled in this published list as this may not have
correct fixed version maintained or it is part of KMS as a component. I
shall add it to the list in the release note.
Thanks,
Ramesh
On Thu, Apr 28, 2022 at 2:19 AM KirbY ZhoU <zh...@sensorsdata.cn>
wrote:
> Missed some commit
> For example:
>
> RANGER-3299
> RANGER-3580
> RANGER-3600
> RANGER-3619
> RANGER-3669
>
> 在 2022/4/27 14:49,“Ramesh Mani”<rm...@apache.org> 写入:
>
> Dear Ranger Community members,
>
> There are various features and critical bug fixes done in the Apache
> Ranger
> project since the release of Apache Ranger 2.2.0.
> Around 55 improvements, 45 bug fixes and a total of 527 commits were
> made
> from the last release.
> Now with that Ranger community is expecting a release to adapt those
> changes and hence planning this release.
>
> Please review and provide your opinion.
>
> Thanks,
> Ramesh
>
> *Improvements:*
>
> RANGER-3687 Password Policy Best Practices for Strong Security
> RANGER-3667 Improve feedback in policy creation UI when resource
> does
> not exist
> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to
> delete
> existing group mappings from ranger DB
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3538 Reduce the granularity of locking when
> building/retrieving
> a policy-engine within Ranger admin service
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3515 Enhance Ranger Java client SSL config to be configured
> using serviceType and AppId
> RANGER-3504 Create framework to execute DB patch dependent on Java
> patch.
> RANGER-3023 Permission tab takes longer time to load with large
> number
> of users and group_users data
> RANGER-3487 Update underscore js with latest version.
> RANGER-3548 Update performance engine test scripts
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3573 Add vim in docker base image
> RANGER-3578 Simplify code for policy label creation
> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> RANGER-3686 Docker setup to run Ranger with MySQL database
> RANGER-3628 Support fine grain authorization for different solr
> objects
> RANGER-3629 RANGER - Handle solr permissions during upgrade
> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm
> users
> RANGER-3662 There should be pause button for error popup
> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for
> better
> user experience
> RANGER-3649 Represent the Solr admin object types on the Ranger UI
> RANGER-3658 Docker: Ranger containers to run as user=ranger
> RANGER-3603 HDFS audit files rollover improvement to trigger
> rollover
> in monitoring thread
> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> RANGER-3621 Optimise Tag/Policy iterator
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED
> BY RFC
> 6797
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should
> redirect
> to knox logout page
> RANGER-3630 Support wildcards, group short names, and list of
> memberof
> attribute DNs for computing user search filter
> RANGER-3597 User role should not be able to modify the Policy
> RANGER-3512 Create Java patch to update policy guid to unique
> value.
> RANGER-3511 Create Java patch to update policy resource-signature
> to
> unique value.
> RANGER-3493 Add unique index on service and resource_signature
> column
> of x_policy table
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on
> guid
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> RANGER-3533 Provide sorting on columns throughout the audits
> result set
> and policy listing page.
> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3653 Replace aws java sdk bom dependencies with bundled
> dependencies
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
>
> *Bug Fixes:*
>
> RANGER-3544 Security zones listing will be in alphabetical order.
> RANGER-3638 Solr Ranger document level security breaks solr if
> collection is reloaded
> RANGER-3591 Upgrade protobuf-java to 3.19.3
> RANGER-3403 Ranger usersync role based rules not working as
> expected
> RANGER-3285 expose user source details in ranger UI
> RANGER-3592 Upgrade Spring framework to 5.3.15
> RANGER-3568 Services of one zone are seen in other zone from UI
> RANGER-3589 Ranger java patches failing due to admin privilege
> checks.
> RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath
> RANGER-3554 [Intermittent] API call to fetch the list of policies
> for a
> particular service repo returns a deleted policy in the response
> RANGER-3546 Update Spotbugs plugin Executions cycle
> RANGER-3427 Null Dereference in PublicApis.java
> RANGER-3502 Make GET zone APIs accessible to authorized users only
> RANGER-3535 A delegate admin user should be able to add another
> user
> with all or subset of permissions they have
> RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not
> redirecting to Knox Logout page
> RANGER-3528 Ranger Group creation audit is not shown during service
> creation
> RANGER-3490 Make policy resource signature is unique in a service
> RANGER-3507 Handle trailing slash in the ranger Hive URL policy
> authorization
> RANGER-3519 Provide an option to optimize space needed by Trie
> objects
> RANGER-3516 Java patch 'J10045' taking more time during upgrade.
> RANGER-3505 Ranger usersync fails to sync users when a duplicate
> user
> exists in ranger
> RANGER-3509 update role fails for role admins
> RANGER-3433 Null Dereference in ServiceREST getPolicyByName method
> RANGER-2704 Support browser login using kerberized authentication
> RANGER-3584 ServiceTags are not computed correctly by applying
> incremental changes to existing ServiceTags
> RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if
> user-session is not available
> RANGER-3709 Fix NullPointerException in
> getSecureServicePoliciesIfUpdated call of ServiceRest
> RANGER-3702 RANGER - Export policy in excel is failing.
> RANGER-3677 Update Password Policy validation at WEB-UI
> RANGER-3690 Fix NullPointerException in java patch 054
> RANGER-2362 [security] Admin webui - Lack of account lockout
> RANGER-3678 Update password validation criteria
> RANGER-3674 Fix PMD issue
> RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1
> RANGER-3559 RANGER KMS - Metric details for kms are not getting
> collected
> RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer
> RANGER-3610 Docker: Skip service creation for ranger components
> during
> ranger container restart
> RANGER-3594 mysql setup scripts failed with binlog-enabled mysql
> RANGER-3593 the hive table owner who create the table can not
> have the
> full privilege
> RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
> RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we
> are
> using supported version of log4j
> RANGER-3576 service creation is failing intermittently due to DB
> unique
> key constraint violation
> RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we
> are
> using supported version of log4j
>
>
>
>
>