-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72205/
-----------------------------------------------------------
Review request for ranger and Pradeep Agrawal.
Bugs: RANGER-2752
https://issues.apache.org/jira/browse/RANGER-2752
Repository: ranger
Description
-------
Upgrading from 0.7.0 to the current master fails with the following error:
2020-03-04 07:38:00,523 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java
-cp
/opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/*
org.apache.util.sql.Jisql -driver mysqlconj -cstring
jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c
\; -query "insert into x_db_version_h (version, inst_at, inst_by, updated_at,
updated_by,active) values ('J10015', current_timestamp, 'Ranger
2.1.0-SNAPSHOT', current_timestamp, '306a9688fa98','N') ;"
Wed Mar 04 07:38:01 UTC 2020 WARN: Establishing SSL connection without server's
identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+
and 5.7.6+ requirements SSL connection must be established by default if
explicit option isn't set. For compliance with existing applications not using
SSL the verifyServerCertificate property is set to 'false'. You need either to
explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide
truststore for server certificate verification.
2020-03-04 07:38:01,164 [I] java patch PatchForKafkaServiceDefUpdate_J10015 is
being applied..
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's
identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+
and 5.7.6+ requirements SSL connection must be established by default if
explicit option isn't set. For compliance with existing applications not using
SSL the verifyServerCertificate property is set to 'false'. You need either to
explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide
truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's
identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+
and 5.7.6+ requirements SSL connection must be established by default if
explicit option isn't set. For compliance with existing applications not using
SSL the verifyServerCertificate property is set to 'false'. You need either to
explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide
truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's
identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+
and 5.7.6+ requirements SSL connection must be established by default if
explicit option isn't set. For compliance with existing applications not using
SSL the verifyServerCertificate property is set to 'false'. You need either to
explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide
truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's
identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+
and 5.7.6+ requirements SSL connection must be established by default if
explicit option isn't set. For compliance with existing applications not using
SSL the verifyServerCertificate property is set to 'false'. You need either to
explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide
truststore for server certificate verification.
Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without server's
identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+
and 5.7.6+ requirements SSL connection must be established by default if
explicit option isn't set. For compliance with existing applications not using
SSL the verifyServerCertificate property is set to 'false'. You need either to
explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide
truststore for server certificate verification.
[EL Warning]: 2020-03-04 07:38:19.282-ClientSession(841450293)-Exception
[EclipseLink-4002] (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of
range value for column 'sort_order' at row 1
Error Code: 1264
Call: INSERT INTO x_access_type_def (ADDED_BY_ID, CREATE_TIME,
datamask_options, def_id, item_id, label, name, sort_order, rb_key_label,
rowfilter_options, UPDATE_TIME, UPD_BY_ID) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?)
bind => [12 parameters bound]
Query: ValueReadQuery(name="x_access_type_def_SEQ" sql="SELECT
LAST_INSERT_ID()")
2020-03-04 07:38:19,406 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java
-cp
/opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/*
org.apache.util.sql.Jisql -driver mysqlconj -cstring
jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '********' -noheader -trim -c
\; -query "delete from x_db_version_h where version = 'J10015' and active =
'N' and updated_by='306a9688fa98';"
Wed Mar 04 07:38:19 UTC 2020 WARN: Establishing SSL connection without server's
identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+
and 5.7.6+ requirements SSL connection must be established by default if
explicit option isn't set. For compliance with existing applications not using
SSL the verifyServerCertificate property is set to 'false'. You need either to
explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide
truststore for server certificate verification.
2020-03-04 07:38:20,091 [E] applying java patch
PatchForKafkaServiceDefUpdate_J10015 failed
This seems to be due to this commit not having corresponding handling (DDL
patch) for upgrade scenarios:
https://github.com/apache/ranger/commit/2a6dd3d078c52cc1314af581f7b8e6c8cdab933a
Diffs
-----
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 47618f6b3
security-admin/db/mysql/patches/048-increase-sort-order.sql PRE-CREATION
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
e59e7de61
security-admin/db/oracle/patches/048-increase-sort-order.sql PRE-CREATION
security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
37ea61912
security-admin/db/postgres/patches/048-increase-sort-order.sql PRE-CREATION
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
bd1c47cc4
security-admin/db/sqlanywhere/patches/048-increase-sort-order.sql
PRE-CREATION
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
22e1746f2
security-admin/db/sqlserver/patches/048-increase-sort-order.sql PRE-CREATION
Diff: https://reviews.apache.org/r/72205/diff/1/
Testing
-------
Tested 0.7.0 to 2.1.0 upgrade on MySQL. Unfortunately I don't have 0.7.0
environments for upgrade testing on other DBs but I copied much of the patch
syntax from patch 024, which changes the same column for other tables.
Thanks,
Andrew Luo
