(druid) branch master updated: remove aws-sdk from ranger-extension (#16011)

Fri, 08 Mar 2024 07:35:58 -0800 

This is an automated email from the ASF dual-hosted git repository.

xvrl pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git


The following commit(s) were added to refs/heads/master by this push:
     new a7b2747e56d remove aws-sdk from ranger-extension (#16011)
a7b2747e56d is described below

commit a7b2747e56dd9a716268327f5faa8720b9ddb0c6
Author: Jan Werner <[email protected]>
AuthorDate: Fri Mar 8 10:35:29 2024 -0500

    remove aws-sdk from ranger-extension (#16011)
    
    Fixes # size blowup regression introduced in 
https://github.com/apache/druid/pull/15443
    
    This PR removes the transitive dependency of ranger-plugins-audit to reduce 
the size of the compiled artifacts
    
    * add aws-logs-sdk to ensure that all the transitive dependencies are 
satisfied
    * replace aws-bundle-sdk with aws-logs-sdk
    * add additional guidance on ranger update, add dependency ignore to 
satisfy dependency analyzer
    * add aws-sdk-logs to list of ignored dependencies to satisfy the maven 
plugin
    * align aws-sdk versions
---
 extensions-core/druid-ranger-security/pom.xml | 23 +++++++++++++++++------
 licenses.yaml                                 | 14 ++++++++++++--
 pom.xml                                       |  2 ++
 3 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/extensions-core/druid-ranger-security/pom.xml 
b/extensions-core/druid-ranger-security/pom.xml
index 9680e885dc9..a761cbe80cf 100644
--- a/extensions-core/druid-ranger-security/pom.xml
+++ b/extensions-core/druid-ranger-security/pom.xml
@@ -41,11 +41,6 @@
                 <artifactId>woodstox-core</artifactId>
                 <version>6.4.0</version>
             </dependency>
-            <dependency>
-                <groupId>com.amazonaws</groupId>
-                <artifactId>aws-java-sdk-bundle</artifactId>
-                <version>${aws.sdk.version}</version>
-            </dependency>
         </dependencies>
     </dependencyManagement>
 
@@ -178,6 +173,11 @@
                     <groupId>org.apache.hadoop</groupId>
                     <artifactId>hadoop-common</artifactId>
                 </exclusion>
+                <!-- removing the complete bundle sdk to be replaced with only 
logs-sdk  -->
+                <exclusion>
+                    <groupId>com.amazonaws</groupId>
+                    <artifactId>aws-java-sdk-bundle</artifactId>
+                </exclusion>
                 <exclusion>
                     <groupId>org.elasticsearch</groupId>
                     <artifactId>*</artifactId>
@@ -193,7 +193,14 @@
             </exclusions>
             <scope>compile</scope>
         </dependency>
-
+        <!-- This is a transitive dependency of ranger-plugins-audit
+             added here to replace bloated bundle sdk, remove this if /when
+             apache ranger replaces bundle-skd with logs-sdk  -->
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-java-sdk-logs</artifactId>
+            <version>${aws.sdk.version}</version>
+        </dependency>
         <dependency>
             <groupId>com.google.code.gson</groupId>
             <artifactId>gson</artifactId>
@@ -254,6 +261,10 @@
                         <!-- These are needed for scope: compile -->
                         
<dependency>org.apache.ranger:ranger-plugins-audit</dependency>
                     </usedDependencies>
+                    <!-- this is due to replacement of aws-bundle-sdk with 
aws-logs-sdk  -->
+                    <ignoredDependencies>
+                        
<ignoredDependency>com.amazonaws:aws-java-sdk-logs</ignoredDependency>
+                    </ignoredDependencies>
                 </configuration>
             </plugin>
         </plugins>
diff --git a/licenses.yaml b/licenses.yaml
index 11dc3d1eccd..d025d9d5b9e 100644
--- a/licenses.yaml
+++ b/licenses.yaml
@@ -4650,13 +4650,23 @@ libraries:
 
 ---
 
-name: com.amazonaws aws-java-sdk-bundle
+name: com.amazonaws aws-java-sdk-logs
 license_category: binary
 version: 1.12.638
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
-  - com.amazonaws: aws-java-sdk-bundle
+  - com.amazonaws: aws-java-sdk-logs
+
+---
+
+name: com.amazonaws jmespath-java
+license_category: binary
+version: 1.12.638
+module: druid-ranger-security
+license_name: Apache License version 2.0
+libraries:
+  - com.amazonaws: jmespath-java
 
 ---
 
diff --git a/pom.xml b/pom.xml
index 475accf1337..027efd1ff50 100644
--- a/pom.xml
+++ b/pom.xml
@@ -77,6 +77,8 @@
         <aether.version>0.9.0.M2</aether.version>
         <apache.curator.version>5.5.0</apache.curator.version>
         <apache.kafka.version>3.6.1</apache.kafka.version>
+        <!-- when updating apache ranger, verify the usage of aws-bundle-sdk 
vs aws-logs-sdk
+        and update as needed in extensions-core/druid-ranger-security/pm.xml  
-->
         <apache.ranger.version>2.4.0</apache.ranger.version>
         <gson.version>2.10.1</gson.version>
         <scala.library.version>2.13.11</scala.library.version>


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to