Due to the issues posted here, I am cancelling VOTE for the Ranger 2.4.0
Release candidate #1.
Thanks,
Selva-
On 3/24/23 1:16 PM, Madhan Neethiraj wrote:
Selva,
Thank you for Apache Ranger 2.4.0 rc1.
- verified signature
- verified 2.4.0-rc1 builds successfully
- installed Ranger with Postgres database; verified startup of
admin/usersync/tagsync services
- created services, policies, security zones
- sanity testing of HDFS/Hive/HBase/Kafka/YARN plugins
- verified tag-based policies and {OWNER} macro in Hive
- verified audit logs from plugins, audit-filters
Found following issues:
- usersync and tagsync services don't generate log files, due to missing
logback libraries in deployment
- users sent by usersync module are ignored by Ranger admin, due to a
regression introduced in RANGER-4055
I filed RANGER-4154 to track above issues; fix is in review. This fix needs to
be included in 2.4.0 release.
Thanks,
Madhan
On 3/23/23, 3:44 PM, "Selvamohan Neethiraj" <sneet...@apache.org
<mailto:sneet...@apache.org>> wrote:
Rangers:
As a critical HBase Plugin issue was identified in the earlier release
candidate, I am posting another release candidate (rc1) details below for VOTE.
Apache Ranger 2.4.0 release candidate #1 is now available for a vote within the
dev community. Links to the release artifacts are given below. Please review
and vote.
The vote will be open for at least 72 hours or until necessary votes are
reached.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Thanks,
Selva-
Ranger PMC
List of issues / improvements addressed in this release:
click-here<https://issues.apache.org/jira/issues/?jql=project%3DRANGER%20and%20fixVersion%20%20%3D%202.4.0%20and%20status%20%3D%20Resolved%20ORDER%20BY%20key%20desc>
<https://issues.apache.org/jira/issues/?jql=project%3DRANGER%20and%20fixVersion%20%20%3D%202.4.0%20and%20status%20%3D%20Resolved%20ORDER%20BY%20key%20desc>>
Git tag for the release:https://github.com/apache/ranger/tree/release-2.4.0-rc1
<https://github.com/apache/ranger/tree/release-2.4.0-rc1>
Sources for the
release:https://dist.apache.org/repos/dist/dev/ranger/2.4.0-rc1/apache-ranger-2.4.0.tar.gz
<https://dist.apache.org/repos/dist/dev/ranger/2.4.0-rc1/apache-ranger-2.4.0.tar.gz>
Source release verification:
PGP
Signature:https://dist.apache.org/repos/dist/dev/ranger/2.4.0-rc1/apache-ranger-2.4.0.tar.gz.asc
<https://dist.apache.org/repos/dist/dev/ranger/2.4.0-rc1/apache-ranger-2.4.0.tar.gz.asc>
SHA256
Hash:https://dist.apache.org/repos/dist/dev/ranger/2.4.0-rc1/apache-ranger-2.4.0.tar.gz.sha256
<https://dist.apache.org/repos/dist/dev/ranger/2.4.0-rc1/apache-ranger-2.4.0.tar.gz.sha256>
SHA512
Hash:https://dist.apache.org/repos/dist/dev/ranger/2.4.0-rc1/apache-ranger-2.4.0.tar.gz.sha512
<https://dist.apache.org/repos/dist/dev/ranger/2.4.0-rc1/apache-ranger-2.4.0.tar.gz.sha512>
Keys to verify the signature:https://dist.apache.org/repos/dist/release/ranger/KEYS
<https://dist.apache.org/repos/dist/release/ranger/KEYS>
New features/enhancements:
Issue Type
Issue key
Summary
Improvement
RANGER-4117
service-def option to include expression condition implictly
Improvement
RANGER-4114
Consistent use of plugin property prefix in context enrichers
Improvement
RANGER-4107
Upgrade EclipseLink
Improvement
RANGER-4101
Java client update to add missing security-zone APIs
Improvement
RANGER-4100
Efficient computation of the smallest set of evaluators returned by search of
multiple Trie trees
Improvement
RANGER-4083
Tag-based policy UI to not show permissions in deny/exception for services that
don't support deny/exception
Improvement
RANGER-4080
Python client update to add missing security-zone APIs
Improvement
RANGER-4071
Support for LDAP/AD usernames and group names with special chars
New Feature
RANGER-4028
Ranger - Upgrade bootbox.js.
Improvement
RANGER-4024
Adding requestId as part of Ranger logs via RangerMDCFilter when the request
header contains request-Id
Improvement
RANGER-4012
getPolicyByName searches policy by serviceName, policyName simply by traverse
all policies in RangerServicePoliciesCache instead of DB
Improvement
RANGER-4011
option to disable creation of default policies per hierarchy
Improvement
RANGER-4004
During the service deletion also, we can clear the in-memory cache for that
service which got deleted on the ranger side
Improvement
RANGER-3997
option to use default value when user/group/tag does not have the attribute
Improvement
RANGER-3986
Upgrade trino guice dependency to 5.1.0
Improvement
RANGER-3983
Support getColumnMasks and getRowFilters in Trino SPI 376+
Improvement
RANGER-3982
Python client for Ranger KMS REST APIs
Improvement
RANGER-3978
Docker setup to run Ranger KMS
New Feature
RANGER-3971
Upgrade HBASE version to 2.4.6
Improvement
RANGER-3955
optimization to reduce duplicate strings
Improvement
RANGER-3951
optimize memory used for tags in plugins and server
Improvement
RANGER-3948
update serialization to skip empty values
Improvement
RANGER-3940
Add javascript includes(), intersects() polyfills for array prototype to
RangerCommonConstants
Improvement
RANGER-3934
improve tag cache handling to reduce resource usage
Improvement
RANGER-3910
API Documentation is broken for knox sso
Improvement
RANGER-3903
Improvement in RangerPolicyDeltaUtil--> applyDeltas method
Improvement
RANGER-3902
dbLoadTime is not added correctly in RangerServicePoliciesCache
Improvement
RANGER-3900
Roles deletion Takes time in Apache Ranger when there are more
users,groups,roles
Improvement
RANGER-3865
support for using user attributes in masking expressions
Improvement
RANGER-3856
Ranger admin client option to work with non-kerberized server
New Feature
RANGER-3855
RangerExternalUserStoreRetriever class
New Feature
RANGER-3852
Performance and scalability analyzer tool for Ranger
Improvement
RANGER-3837
Allow Ranger non-admins to get, create, edit and delete roles
New Feature
RANGER-3828
Fine-grained Access Control over nested structures
Improvement
RANGER-3822
RangerService outputs password information in plaintext
Improvement
RANGER-3818
Upgrade Solr to 8.11.2
Improvement
RANGER-3796
Enhancement to support multiple resource sets in a policy
Improvement
RANGER-3794
Improve performance of delete users/groups utility
Improvement
RANGER-3787
Non-daemon threads started by ElasticSearchAuditDestination cause Spark
application hanging
Improvement
RANGER-3767
Add text message in HDFS and YARN policy pages to highlight the fallback ACL
option
Improvement
RANGER-3763
The max limit of the requested entities is not configurable in tagsync
Improvement
RANGER-3633
Remove eclipse .project file from git
Improvement
RANGER-3623
Add ability to enable anonymous download of policy/role/tag
Improvement
RANGER-3534
Review of RangerHiveAuditHandler
Improvement
RANGER-3165
Upgrade Elasticsearch version in Ranger to Elasticsearch 7.10.2
Improvement
RANGER-2928
[Ranger Zone REST API] Resources data is missing in XML format
