Re: Review Request 74102: ATLAS-4666 : Intermittently, the audits for creation of hive_db registered are different than expected

2022-10-06 Thread Sidharth Mishra 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74102/#review224762
---




repository/src/main/java/org/apache/atlas/repository/audit/EntityAuditListenerV2.java
Lines 659 (patched)


If someone set "atlas.rest.create.shell.entity.for.non-existing.ref" to 
true and used REST calls to create entities, it might end up creating multiple 
create audit records. Please try testing this. If it does I need to see how to 
fix this and have only one create entry.


- Sidharth Mishra


On Sept. 6, 2022, 5:16 a.m., Mandar Ambawane wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74102/
> ---
> 
> (Updated Sept. 6, 2022, 5:16 a.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Pinal Shah, Radhika Kundam, and 
> Sidharth Mishra.
> 
> 
> Bugs: ATLAS-4666
> https://issues.apache.org/jira/browse/ATLAS-4666
> 
> 
> Repository: atlas
> 
> 
> Description
> ---
> 
> Sometimes, when I create a hive database and then check for the same in 
> Atlas, the audits tab shows unexpected audit entries: it shows two audit 
> entries both marked as 'Entity Updated' rather than showing a 'Entity 
> Created' audit entry anywhere.
> 
> This patch will check for the Shell entities created and then assign the 
> Entity status to the Audit entry.
> 
> 
> Diffs
> -
> 
>   
> repository/src/main/java/org/apache/atlas/repository/audit/EntityAuditListenerV2.java
>  d48c91709 
> 
> 
> Diff: https://reviews.apache.org/r/74102/diff/1/
> 
> 
> Testing
> ---
> 
> 
> Thanks,
> 
> Mandar Ambawane
> 
>

Apache Atlas Project Status

2022-10-06 Thread Jakob, Marcel (HPE DACH Data Practice) 
Hello Apache Atlas community,

we are currently doing several PoCs with Apache Atlas for large scale German 
customers.
We deployed Atlas in the most recent version (3.0.0-SNAPSHOT) on a customer 
platform a few days ago.
A platform security component then scanned Atlas and its dependencies.
Unfortunately, this security component detected more than 300 vulnerabilities, 
which could be fixed by updating dependencies.

We then noticed, that the last official Atlas release is from 10th August 2021.

We also saw that there are a  lot of pull requests that are targeted to version 
upgrades.
For example: Bump moment-timezone from 0.5.14 to 0.5.35 in /dashboardv3 #195

Is there a timeline for adding those pull requests to the project and fixing 
those vulnerabilities?
What is the timeline for the next release (3.0.0)?

Our customers really like the functionality of Atlas, in particular the 
interplay with Apache Ranger.
Unfortunately, if there is no planned date for upgrading the dependencies and 
releasing a new version in the near future, we have to find an alternative.

Thank you in Advance,
Isabelle Steinhauser & Marcel Jakob

Re: Review Request 74133: ATLAS-4678 : Restrict Relationship Typedef creation if relationshipCategory value is not provided

2022-10-06 Thread Mandar Ambawane 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74133/
---

(Updated Oct. 6, 2022, 9:42 a.m.)


Review request for atlas, Ashutosh Mestry, Jayendra Parab, Madhan Neethiraj, 
Pinal Shah, Radhika Kundam, Sarath Subramanian, Sheetal Shah, and Sidharth 
Mishra.


Changes
---

Addressed review comments


Bugs: ATLAS-4678
https://issues.apache.org/jira/browse/ATLAS-4678


Repository: atlas


Description
---

When Relationship typedef is created without "relationshipCategory", the 
default "relationshipCategory" provided as "ASSOCIATION".
For "relationshipCategory" "ASSOCIATION", it is required that both enddefs 
should have "isContainer" value as "false".

while creating the Relationship type, Whenever user does not provide the 
"relationshipCategory" value and put one of the "isContainer" value as "true".
Because of this, Relationship type gets created with "relationshipCategory" = 
"ASSOCIATION" and one of the Enddefs with "isContainer" = "true"

When atlas service is restarted, it throws and exception for such Relationship 
type. and due to this, entire TypeRegistry does not get populated.
So even after the Atlas service comes up, user cannot see any Typedefs.

At the time of create operation, this patch checks Relationship type which has 
no "relationshipCategory", it also checks for the "isContainer" values for both 
the Enddefs.
If both "isContainer" values are false, then only it sets the default 
"relationshipCategory" as "ASSOCIATION" otherwise it throws an exception.


Diffs (updated)
-

  
repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasRelationshipDefStoreV2.java
 7bc4b28c3 


Diff: https://reviews.apache.org/r/74133/diff/2/

Changes: https://reviews.apache.org/r/74133/diff/1-2/


Testing
---


Thanks,

Mandar Ambawane

[jira] [Commented] (ATLAS-4652) Missing null check leading to NPE in isSoftReferenced method in AtlasStructDef

2022-10-06 Thread ASF subversion and git services (Jira) 


[ 
https://issues.apache.org/jira/browse/ATLAS-4652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17613364#comment-17613364
 ] 

ASF subversion and git services commented on ATLAS-4652:


Commit 596a0af385459770aff330053ac2154dd1763496 in atlas's branch 
refs/heads/branch-2.0 from Madhan Neethiraj
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=596a0af38 ]

ATLAS-4652: fix to address potential NPE in AtlasAttributeDef.isSoftReferenced()

(cherry picked from commit 43daa256dd04a2e9167de6749f34e262b8216de3)


> Missing null check leading to NPE in isSoftReferenced method in 
> AtlasStructDef 
> ---
>
> Key: ATLAS-4652
> URL: https://issues.apache.org/jira/browse/ATLAS-4652
> Project: Atlas
>  Issue Type: Bug
>  Components:  atlas-core
>Affects Versions: 2.2.0
>Reporter: Srikanth Venkat
>Assignee: Madhan Neethiraj
>Priority: Critical
> Fix For: 3.0.0, 2.3.0
>
> Attachments: ATLAS-4652.patch
>
>
> The code inside isSoftReferenced method in AtlasStructDef class below:
>    *{{}}* {{@JsonIgnore}}
> {{    public boolean isSoftReferenced() {}}
> {{    return this.options != null && }}{{          
> getOptions().containsKey(AtlasAttributeDef.ATTRDEF_OPTION_SOFT_REFERENCE) &&}}
> {{    
> getOptions().get(AtlasAttributeDef.ATTRDEF_OPTION_SOFT_REFERENCE){color:#de350b}.equals(STRING_TRUE){color};}}
> {{    }}}
>  
> Since the null check is not performed, it can lead to NPE in typedef 
> resolution.
>  
> A sample typedef payload like the following can potentially trigger the NPE 
> error in attribute resolution, i.e. 
> EntityGraphRetriever.mapVertexToAttribute, where 
> attribute.getAttributeDef().isSoftReferenced() is called
> {
>   "businessMetadataDefs": [
>     {
>   "category": "BUSINESS_METADATA",
>   "name": "bizType1",
>   "description": "test",
>   "attributeDefs": [
>     {
>   "name": "bizAttr1",
>   "typeName": "string",
>   "isOptional": true,
>   "cardinality": "SINGLE", 
>   "options": { 
> *"isSoftReference": null,*   
> "maxStrLength": "50",
>     "applicableEntityTypes": "[\"Asset\"]"
>   } 
> }
>   ]
>     }
>   ]
> }
>  
> It would be furthermore helpful to run SonarCube or FindBugs to determine any 
> other incidences where this pattern of missing null check exists in Atlas 
> codebase and address them. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (ATLAS-4652) Missing null check leading to NPE in isSoftReferenced method in AtlasStructDef

2022-10-06 Thread ASF subversion and git services (Jira) 


[ 
https://issues.apache.org/jira/browse/ATLAS-4652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17613363#comment-17613363
 ] 

ASF subversion and git services commented on ATLAS-4652:


Commit 43daa256dd04a2e9167de6749f34e262b8216de3 in atlas's branch 
refs/heads/master from Madhan Neethiraj
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=43daa256d ]

ATLAS-4652: fix to address potential NPE in AtlasAttributeDef.isSoftReferenced()


> Missing null check leading to NPE in isSoftReferenced method in 
> AtlasStructDef 
> ---
>
> Key: ATLAS-4652
> URL: https://issues.apache.org/jira/browse/ATLAS-4652
> Project: Atlas
>  Issue Type: Bug
>  Components:  atlas-core
>Affects Versions: 2.2.0
>Reporter: Srikanth Venkat
>Assignee: Madhan Neethiraj
>Priority: Critical
> Fix For: 3.0.0, 2.3.0
>
> Attachments: ATLAS-4652.patch
>
>
> The code inside isSoftReferenced method in AtlasStructDef class below:
>    *{{}}* {{@JsonIgnore}}
> {{    public boolean isSoftReferenced() {}}
> {{    return this.options != null && }}{{          
> getOptions().containsKey(AtlasAttributeDef.ATTRDEF_OPTION_SOFT_REFERENCE) &&}}
> {{    
> getOptions().get(AtlasAttributeDef.ATTRDEF_OPTION_SOFT_REFERENCE){color:#de350b}.equals(STRING_TRUE){color};}}
> {{    }}}
>  
> Since the null check is not performed, it can lead to NPE in typedef 
> resolution.
>  
> A sample typedef payload like the following can potentially trigger the NPE 
> error in attribute resolution, i.e. 
> EntityGraphRetriever.mapVertexToAttribute, where 
> attribute.getAttributeDef().isSoftReferenced() is called
> {
>   "businessMetadataDefs": [
>     {
>   "category": "BUSINESS_METADATA",
>   "name": "bizType1",
>   "description": "test",
>   "attributeDefs": [
>     {
>   "name": "bizAttr1",
>   "typeName": "string",
>   "isOptional": true,
>   "cardinality": "SINGLE", 
>   "options": { 
> *"isSoftReference": null,*   
> "maxStrLength": "50",
>     "applicableEntityTypes": "[\"Asset\"]"
>   } 
> }
>   ]
>     }
>   ]
> }
>  
> It would be furthermore helpful to run SonarCube or FindBugs to determine any 
> other incidences where this pattern of missing null check exists in Atlas 
> codebase and address them. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)