Repository: sentry Updated Branches: refs/heads/branch-2.0.0 [created] 7a89fa496
SENTRY-2002: Update CHANGELOG on master to reflect 2.0.0 changes Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/2b5f0181 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/2b5f0181 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/2b5f0181 Branch: refs/heads/branch-2.0.0 Commit: 2b5f01816b3d0c9390d5233596034ef9c48a0b58 Parents: 2de4adf Author: Kalyan Kumar Kalvagadda <kkal...@cloudera.com> Authored: Mon Nov 27 07:50:57 2017 -0600 Committer: Kalyan Kumar Kalvagadda <kkal...@cloudera.com> Committed: Mon Nov 27 07:50:57 2017 -0600 ---------------------------------------------------------------------- CHANGELOG.txt | 579 +++++++++++++++++++++++++++++++++++------------------ 1 file changed, 386 insertions(+), 193 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/2b5f0181/CHANGELOG.txt ---------------------------------------------------------------------- diff --git a/CHANGELOG.txt b/CHANGELOG.txt index d126f25..e21bf15 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,130 +1,333 @@ -Release Notes - Sentry - Version 1.8.0 +Release Notes - Sentry - Version 2.0.0 ** New Feature - * [SENTRY-711] - Implement grant user to role - * [SENTRY-785] - Allow export of sentry for a specific auth object - * [SENTRY-912] - Sentry integration with Apache Kafka - * [SENTRY-1154] - Uber Jira for enabling Sentry with blob storage + * [SENTRY-872] - Uber jira for HMS HA + Sentry HA redesign + * [SENTRY-1446] - Upgrade httpmime (Sentry) to 4.3.6 or greater. + * [SENTRY-1475] - Integrate Sentry with Solr 7 authorization framework + * [SENTRY-1853] - Add the log level access mechanism + * [SENTRY-1881] - PrivilegeOperatePersistence throws wrong type of exceptions + * [SENTRY-2027] - Create mechanism of delivering commands via WebUI ** Improvement - * [SENTRY-67] - Complete Hive Integration points - * [SENTRY-480] - Create import tool that will load policy file about Solr into the DB store - * [SENTRY-662] - SentryServiceIntegrationBase should use UGI based login - * [SENTRY-807] - Grant on URI should prepend namenode prefix - * [SENTRY-873] - [HMS HA] Have a HMS leader which would be responsible for sending path updates to Sentry - * [SENTRY-990] - Improve load time for HMS paths + HDFS sync - * [SENTRY-999] - Refactor the sentry to integrate with external components quickly - * [SENTRY-1076] - Add SSL support, print version info on Sentry Service webpage + * [SENTRY-198] - Create command line utility to display and mutate privileges on Sentry service + * [SENTRY-627] - Extend Sentry HA to work with Hive Metastore HA and HDFS + * [SENTRY-967] - Use the Maven Dependency Plugin to download artifacts for the Sqoop tests * [SENTRY-1120] - Show role / privileges info in Sentry Service Webpage - * [SENTRY-1168] - Fix some "major" issues identified by Sonarqube - * [SENTRY-1205] - Refactor the code for sentry-provider-db and create sentry-service module - * [SENTRY-1206] - Add document for how to integrate with Sentry - * [SENTRY-1220] - Improve the import/export to support user scope - * [SENTRY-1229] - Add caching to SentryGenericProviderBackend - * [SENTRY-1233] - Logging improvements to SentryConfigToolSolr - * [SENTRY-1235] - Some pom changes - * [SENTRY-1251] - Move PolicyFileConstants to sentry-core-common - * [SENTRY-1254] - Upgrading SQL script for implement grant user to role - * [SENTRY-1268] - Add solr privilege convertor by default to solr binding - * [SENTRY-1269] - Converter vs Convertor is inconsistent - * [SENTRY-1290] - Performance improvement for ResourceAuthorizationProvider - * [SENTRY-1297] - wget is not a default command on mac + * [SENTRY-1210] - Refactor the SentryShellSolr and SentryShellKafka * [SENTRY-1404] - Use the new INodeAttributesProvider API in sentry-hdfs - * [SENTRY-1406] - Refactor: move AuthorizationProvider out of sentry-provider-common - * [SENTRY-1436] - Move PolicyFiles from sentry-provider-file to sentry-core-common - * [SENTRY-1450] - Have privilege converter set by Kafka binding - * [SENTRY-1470] - Apply Checkstyle changes to the core + * [SENTRY-1453] - Enable passing sentry client cache configs from kafka conf * [SENTRY-1501] - SentryStore shouldn't synchronize openTransaction() and commitUpdateTransaction() - * [SENTRY-1505] - CommitContext isn't used by anything and should be removed * [SENTRY-1507] - Sentry should use Datanucleus version of javax.jdo - * [SENTRY-1512] - Refactor the database transaction management - * [SENTRY-1516] - Add gpg configuration to the root pom to enable deployment to Maven Central * [SENTRY-1517] - SentryStore should actually use function getMSentryRole to get roles * [SENTRY-1518] - Add metrics for SentryStore transactions * [SENTRY-1525] - Provide script to run Sentry directly from the repo * [SENTRY-1533] - Sentry console metrics reporting interval should be configurable * [SENTRY-1556] - Simplify privilege cleaning * [SENTRY-1557] - getRolesForGroups() does too many trips to the the DB - * [SENTRY-1564] - Improve error detection and reporting in MetastoreCacheInitializer.java * [SENTRY-1577] - Support "create function using jar" for hive when Sentry is enabled * [SENTRY-1581] - Provide Log4J metrics reporter * [SENTRY-1582] - Comments to clarify the intent of string manipulation methods in SentryStore.java * [SENTRY-1594] - TransactionBlock should become generic * [SENTRY-1599] - CloseablePersistenceManager is no longer needed + * [SENTRY-1604] - Sentry JSON message factory: Need more information in alter partition event * [SENTRY-1615] - SentryStore should not allocate empty objects that are immediately returned * [SENTRY-1625] - PrivilegeOperatePersistence can use QueryParamBuilder * [SENTRY-1633] - Disable mvn failIfNotTest flag * [SENTRY-1636] - Remove thrift dependency on fb303 + * [SENTRY-1639] - Refactor thrift clients configuration constants * [SENTRY-1642] - Integrate Sentry build with Error Prone + * [SENTRY-1691] - TransactionManager should use try-with-resource for timers + * [SENTRY-1710] - Reduce datanucleus key cache size for MSentryPermChange and MSentryPathChange tables to avoid holes in change IDs * [SENTRY-1730] - Remove FileInputStream/FileOutputStream * [SENTRY-1742] - Upgrade to Maven surefire plugin v2.2 * [SENTRY-1744] - Simplify creation of DelegateSentryStore * [SENTRY-1811] - Optimize data structures used in HDFS sync + * [SENTRY-1812] - Provide interactive Sentry CLI + * [SENTRY-1816] - Sentry client classes should be AutoCloseable + * [SENTRY-1820] - Add JSON file reporter for Sentry metrics + * [SENTRY-1822] - Allow multiple Sentry reporters. * [SENTRY-1823] - Fix the sentryShell script to support other types * [SENTRY-1827] - Minimize TPathsDump thrift message used in HDFS sync - * [SENTRY-1836] - Add sentry web service config in service template - * [SENTRY-1846] - Use a consistent configuration variable for the sentry provider property + * [SENTRY-1867] - DataNucleus.Query INFO level logging spams Sentry log files + * [SENTRY-1873] - Upgrade PMD plugin and fix related issues + * [SENTRY-1892] - Reduce memory consumption of HMSPath$Entry and TPathEntry + * [SENTRY-1896] - Optimize retrieving role names for groups + * [SENTRY-1903] - TransactionManager shows retried transactions starting from 0 + * [SENTRY-1905] - How to contribute to documentation + * [SENTRY-1906] - Sentry clients to retry connections to server with delay to avoid failing fast + * [SENTRY-1907] - Potential memory optimization when handling big full snapshots. + * [SENTRY-1909] - Improvements for memory usage when full path snapshot is sent from Sentry to NN + * [SENTRY-1921] - Make SentryServiceFactory.create static and all calling instances use the static call + * [SENTRY-1932] - Improve logging for HMSPath + * [SENTRY-1937] - Optimize performance for listing sentry roles by group name + * [SENTRY-1938] - Sentry logs to provide more relevant information + * [SENTRY-1943] - Update Guava to 14.0 + * [SENTRY-1958] - Bump to Hive version 2.0 + * [SENTRY-1962] - Merge hive 2.0 authz1/authz2 profile dependencies + * [SENTRY-1963] - Sentry JSON reporter should use regular implementation for local file system + * [SENTRY-1966] - Improve logging of HMS sync data (paths and permissions) flowing from Sentry to NameNode + * [SENTRY-1968] - Remove sentry-binding-hive-hmsfollower-v2 module after Hive 2.0 version bump + * [SENTRY-1973] - Use KafkaPrivilegeModel to retrieve Kafka validators + * [SENTRY-1974] - Consolidate the Solr + Kafka PrivilegeValidators into a single GenericPrivilegeValidator + * [SENTRY-1975] - Add sqoop support to SentryShellGeneric + * [SENTRY-1979] - Consolidate code for converting Hive privilege objects to Strings + * [SENTRY-1981] - Bump codehale metrics version to latest 3.0.2 version + * [SENTRY-1988] - Bump slf4j version from 1.6.0 to 1.7.25 (latest version) + * [SENTRY-1989] - Bump Kafka version from 0.9 to 0.11 + * [SENTRY-1992] - Improve parameter handling for SentryGenericProviderBackend + * [SENTRY-1996] - Rename Sqoop SentryAuthorizationHander + * [SENTRY-2009] - Upgrade Surefire plugin + * [SENTRY-2013] - Align the SentryGenericServiceClient and SentryPolicyServiceClient a bit more closely + * [SENTRY-2015] - Refactor Command implementations + * [SENTRY-2031] - Add trigger mechanism for Sentry to pull full path snapshot from HMS + * [SENTRY-2038] - Some ShellCommand improvements + * [SENTRY-2042] - Support file based Sentry provider for Solr plugin + * [SENTRY-2048] - Bump Hive version to 2.3.2 + * [SENTRY-2062] - Support the new Hive 2.3.2 DbNotificationListener + + +** Sub-task + * [SENTRY-851] - UpdateForwarder does not have to implement Updateable + * [SENTRY-852] - Create PathUpdateForwarder and PermUpdateForwarder + * [SENTRY-1316] - Implement Sentry leadership election + * [SENTRY-1317] - Implement fencing required for active/standby + * [SENTRY-1321] - Implement HMSFollower in Sentry service which reads the NotificationLog entries + * [SENTRY-1324] - Add sentry specific test cases to use NotificationLog + * [SENTRY-1325] - Store HMSPaths in Sentry DB to allow fast failover + * [SENTRY-1329] - Adapt SentryMetaStorePostEventListener to write HMS notification logs + * [SENTRY-1330] - Notify Sentry about HMS new notifications if low delay is desired + * [SENTRY-1362] - add sentry ha e2e test back accommodating to the re-design + * [SENTRY-1365] - Upgrading SQL script for HMSPaths persistence + * [SENTRY-1371] - Rework fetching Hive Paths state + * [SENTRY-1388] - Make HiveConf and Hive client jars available to Sentry deamon + * [SENTRY-1389] - Handle updating HMSState for HDFS plugin in HMSFollower + * [SENTRY-1395] - Move the HDFS code which lives inside the sentry daemon into sentry-provider + * [SENTRY-1398] - Fix TestLeaderStatus#testRacingClients + * [SENTRY-1399] - Integrate Fencer with SentryStore + * [SENTRY-1403] - Move SentryHDFSServiceClient code from hdfs-common into hdfs-service + * [SENTRY-1411] - The sentry client should retry RPCs if it gets a SentryStandbyException (SentryPolicyServiceClient - pool version) + * [SENTRY-1413] - Changes to get the Fencer working with Oracle and MySQL + * [SENTRY-1414] - Evict datanucleus second-level cache during activation + * [SENTRY-1415] - [Test hook] Provide a hook to stop the active sentry sevice + * [SENTRY-1422] - JDO deadlocks while processing grant while a background thread processes Notificationlogs + * [SENTRY-1423] - Sentry HA Test: programmatic failover in a mini cluster env; also add some test data. + * [SENTRY-1425] - May want to disallow reads on Sentry passive + * [SENTRY-1426] - Do not start up HMSFollower if hive is not using Sentry + * [SENTRY-1427] - Test TGT renewals in HMSFollower + * [SENTRY-1428] - Only leader should follow HMS updates + * [SENTRY-1430] - Test Sentry HA Tasks + * [SENTRY-1433] - GenericServiceClient should support connection pools + * [SENTRY-1437] - Sentry should not serve requests until the full update processing is finished + * [SENTRY-1440] - Fencing implementation in sentry-ha can create two fencing tables + * [SENTRY-1441] - Error during fencing table rename can disable master + * [SENTRY-1448] - Store processed notification sequence ID in database + * [SENTRY-1449] - Rebase sentry-ha-redesign branch on master + * [SENTRY-1463] - Ensure HMS point-in-time snapshot consistency + * [SENTRY-1477] - Sentry clients should retry with another server when they get connection errors + * [SENTRY-1478] - Disable fencing in Sentry store for Active/Active + * [SENTRY-1483] - HMS plugin should wait until Sentry handles the update before continuing. + * [SENTRY-1487] - Renaming SQL script for HMSPaths persistence + * [SENTRY-1499] - Add feature flag for using NotifcationLog + * [SENTRY-1510] - Add option to use non pool model for sentry client + * [SENTRY-1511] - HDFS Sync change for handling persisted Sentry delta or full updates + * [SENTRY-1522] - Port SENTRY-1505 to sentry-ha_redesign branch + * [SENTRY-1529] - HMS Follower thread should terminate when Sentry receives ^C + * [SENTRY-1535] - HMS Follower should update HDFS plugin paths + * [SENTRY-1536] - Refactor SentryStore transaction management to allow for extra TransanctionBlocks for a single permission update + * [SENTRY-1538] - Create schema for storing HMS path change and Sentry permission change. + * [SENTRY-1539] - HMS Follower should store arriving HMS notifications + * [SENTRY-1553] - Port SENTRY1517 to sentry-ha-redesign branch + * [SENTRY-1554] - Port SENTRY-1518 to sentry-ha-redesign + * [SENTRY-1559] - Remove fencing support + * [SENTRY-1560] - Add feature flag to allow stand-alone configuration without ZK + * [SENTRY-1566] - Make full Perm/Path snapshot available for NN plugin + * [SENTRY-1567] - Refactor propagating logic for Perm/Path delta to NN plugin + * [SENTRY-1569] - Upgrading SQL scripts for persist Perm/Path change + * [SENTRY-1575] - Backport SENTRY-1404 to Sentry-ha-redesign branch + * [SENTRY-1578] - Suport secure ZK configuration for leader election + * [SENTRY-1580] - Provide pooled client connection model with HA + * [SENTRY-1583] - Refactor ZK/Curator code + * [SENTRY-1587] - Refactor SentryStore transaction to persist a single path transcation bundled with corresponding delta path change + * [SENTRY-1592] - Implement NN client failover for Sentry HA + * [SENTRY-1593] - Implement client failover for Generic and NN clients + * [SENTRY-1595] - Backport SENTRY-1577 to sentry-ha-redesign + * [SENTRY-1596] - Hive tests failing for sentry-ha-redesign branch + * [SENTRY-1598] - Port SENTRY-1507 to sentry-ha-redesign + * [SENTRY-1600] - Define Thrift API for HMS to Sentry notification barrier + * [SENTRY-1601] - Implement HMS Notification barrier on the server side + * [SENTRY-1606] - Sentry HDFS Sync should survive in presence of bad paths objects + * [SENTRY-1607] - Backport SENTRY-1134 to sentry-ha-redesign + * [SENTRY-1608] - Converting Sentry to a stateless service + * [SENTRY-1611] - Purge MSentryPerm/PathChange tables + * [SENTRY-1612] - HMSFollower should persist full HMS snapshot into SentryDB if there is not one. + * [SENTRY-1613] - Add propagating logic for Perm/Path updates in Sentry service + * [SENTRY-1617] - Fetch Hive Paths point-in-time full snapshot during Sentry startup + * [SENTRY-1619] - Fix the secure HMS connection code in HMSFollower + * [SENTRY-1620] - Incorrect usage of AuthzConfVars.AUTHZ_SERVER_NAME may cause HS2 HA not work + * [SENTRY-1621] - HMSFollower to retry connecting to HMS upon connection loss + * [SENTRY-1622] - Backport SENTRY-1615 to sentry-ha-redesign branch + * [SENTRY-1623] - Typo for notification log feature flag + * [SENTRY-1628] - In HMSFollower failing of catching error causes the executor to halt + * [SENTRY-1629] - Current MAuthzPathsMapping table definition may cause error 'Duplicate entry XX for key PRIMARY' + * [SENTRY-1630] - out of sequence error in HMSFollower + * [SENTRY-1632] - Make HMSFollower initialDelay and run period configurable + * [SENTRY-1634] - HMSFollower should not check isLoadMetastoreConfig when trying to connect to HMS + * [SENTRY-1635] - Limit HMS connections only to the leader of the sentry servers + * [SENTRY-1637] - Periodically purge Delta change tables. + * [SENTRY-1638] - Update SQL script of MSentryPathChange table to add a column for notification ID + * [SENTRY-1641] - Cleanup creation of SentryStore and HMSFollower + * [SENTRY-1643] - AutoIncrement ChangeID of MSentryPermChange/MSentryPathChange may be error-prone + * [SENTRY-1645] - Port SENTRY-1642 to sentry-ha-redesign + * [SENTRY-1649] - Initialize HMSFollower when sentry server actually starts + * [SENTRY-1650] - Port SENTRY-1360 to sentry-ha-redesign + * [SENTRY-1652] - Port SENTRY-1464 to sentry-ha-redesign + * [SENTRY-1655] - Port SENTRY-1471 to sentry-ha-redesign + * [SENTRY-1656] - Port Sentry-1459 to sentry-ha-redesign + * [SENTRY-1666] - TestHDFSIntegrationAdvanced timeouts on sentry-ha-redesign branch + * [SENTRY-1669] - HMSFollower should read current processed notification ID from database every time it runs + * [SENTRY-1670] - Expose current HMS notification ID as a Sentry gauge (metric) + * [SENTRY-1671] - Provide HMSFollower healthcheck (metric) + * [SENTRY-1672] - Expose HMS data via Sentry web UI + * [SENTRY-1673] - Improve error reporting from FullUpdateInitializer + * [SENTRY-1674] - HMSFollower shouldn't print the same value of notification ID multiple times + * [SENTRY-1675] - sentry-hdfs-dist should include sentry-core-common after refactor SentryHDFSServiceClientDefaultImpl + * [SENTRY-1676] - FullUpdateInitializer#createInitialUpdate should not throw RuntimeException + * [SENTRY-1677] - Add metrics to measure how much time to get Delta Path/Perm Updates + * [SENTRY-1680] - MetastoreCacheInitializer is lo longer used and should be removed + * [SENTRY-1682] - Investigate use of EXPORT for replication for initial HMS snapshot + * [SENTRY-1684] - FullUpdateInitializer has a race condition in handling results list + * [SENTRY-1685] - Port SENTRY-1489 to sentry-ha-redesign branch + * [SENTRY-1686] - Port SENTRY-1548 to sentry-ha-redesign branch + * [SENTRY-1687] - FullUpdateInitializer can be more efficient + * [SENTRY-1690] - sql changed needed for AUTHZ_PATH table + * [SENTRY-1693] - HMSFollower should handle adding a view with empty path. + * [SENTRY-1695] - Waiting for HMS notifications from Thrift should be interruptible + * [SENTRY-1696] - Expose time spent creating the initial snapshot as a metric + * [SENTRY-1697] - Deprecate feature flag for enabling notification log + * [SENTRY-1698] - PathsUpdate.parsePath() calls FileSystem.getDefaultUri() way too often + * [SENTRY-1700] - FullUpdateInitializer should not use preconditions to verify HMS data + * [SENTRY-1701] - Improve retry handling for FullUpdateInitializer + * [SENTRY-1705] - Do not start HMSFollower if Hive isn't configured + * [SENTRY-1709] - Avoid randomizing the servers at client side based on configuration. + * [SENTRY-1711] - HMSFollower shouldn't call processNotificationEvents() unless there are events + * [SENTRY-1713] - Enable TestHDFSIntegrationEnd2End.testEnd2End + * [SENTRY-1715] - Disable HMSFollower when HMS integration is not enabled + * [SENTRY-1716] - HMSFollower doesn't need to save path info when HDFS sync is disabled + * [SENTRY-1717] - Sentry should emit log messages when it is ready to serve requests. + * [SENTRY-1718] - TestSentryStore often fails in setup() + * [SENTRY-1719] - Implement alternative HMS/Sentry synchronization + * [SENTRY-1721] - Unit test failures in TestSentryStore due to changeId miscount + * [SENTRY-1722] - Create HMSFollower when SentryService.Start() is called + * [SENTRY-1723] - HDFS e2e tests should wait for HMSFollower to start + * [SENTRY-1724] - Remove old PoolClientInvocationHandler + * [SENTRY-1725] - Include response status in TSentrySyncIDResponse + * [SENTRY-1726] - sql changes to store last notification-id processed + * [SENTRY-1729] - Test secure ZK connections + * [SENTRY-1732] - Test concurrent roles/groups/privs operations + * [SENTRY-1733] - Add log message for key store file path + * [SENTRY-1734] - Create/Alter/Drop database/table should check corresponding property before drop privileges + * [SENTRY-1735] - Sentry Clients should not log every connection request + * [SENTRY-1736] - Generic service client should support Kerberos + * [SENTRY-1737] - SentryTransportFactory may use incorrect kerberos principal + * [SENTRY-1738] - Inefficient connection management by retrying invocation handler + * [SENTRY-1741] - HMSFollower doesn't handle INSERT operation + * [SENTRY-1747] - HMSFollower shouldn't create local hive during tests + * [SENTRY-1750] - HMSFollower does not handle view update correctly + * [SENTRY-1751] - HMSFollower should not persist empty full snapshot + * [SENTRY-1752] - HMSFollower gets stuck once it fails to process a notification event + * [SENTRY-1755] - Add HMSFollower per-operation metrics + * [SENTRY-1756] - Passive nodes should still follow latest notification ID + * [SENTRY-1757] - Avoid using local hive meta store with wrong configuration + * [SENTRY-1758] - Improve Sentry memory usage by interning object names + * [SENTRY-1760] - HMSFollower should detect when a full snapshot from HMS is required + * [SENTRY-1762] - notification id's in SENTRY_HMS_NOTIFICATION_ID should be purged periodically + * [SENTRY-1763] - Fix the config string for server load balancing + * [SENTRY-1764] - HMSFollower should check for leader status after each event processed + * [SENTRY-1765] - CounterWait.update should be less strict + * [SENTRY-1766] - Generic model clients using kerberos can no longer connect to Sentry server + * [SENTRY-1767] - Multiple followers should not create full snapshot + * [SENTRY-1768] - Avoid detaching object on transaction exit when it isn't needed + * [SENTRY-1769] - Refactor HMSFollower Class + * [SENTRY-1770] - Avoid more detaches on commit + * [SENTRY-1771] - HDFS client concurrently requests full permission update multiple times + * [SENTRY-1772] - Permissions created before table creation are not reflected in HDFS ACLs + * [SENTRY-1773] - Delta change cleaner should leave way more then a single entry intact + * [SENTRY-1774] - HMSFollower should always depend on persisted information to decide is full snapshot is needed + * [SENTRY-1776] - SentryStore should clear SENTRY_HMS_NOTIFICATION_ID while clearing store + * [SENTRY-1777] - Generic clients are not able to connect to sentry server with kerberos enabled. + * [SENTRY-1780] - FullUpdateInitializer does not kill the threads whenever getFullHMSSnapshot throws an exception + * [SENTRY-1781] - Persist new HMS snapshots with a new generation ID. + * [SENTRY-1782] - Add an HMS image ID to the thrift schema definition for hdfs/sentry requests + * [SENTRY-1784] - DBUpdateForwarder returns empty update list to HDFS instead of full update + * [SENTRY-1791] - Sentry Clients failover not working with kerberos enabled + * [SENTRY-1792] - Ensure DB to sort delta changes by CHANGE_ID + * [SENTRY-1793] - Reenable ignored unit tests from TestHDFSIntegrationEnd2End + * [SENTRY-1794] - HMSFollower not persisting last processed notifications when partition is altered + * [SENTRY-1795] - Delta tables should not have holes + * [SENTRY-1796] - Add better debug logging for retrieving the delta changes + * [SENTRY-1798] - Provide names for HMSFollower and cleaner threads + * [SENTRY-1799] - Fix flaky HDFS END2END tests + * [SENTRY-1800] - Flaky testConcurrentUpdateChanges test + * [SENTRY-1803] - HMSFollower should handle the case of multiple notifications with the same ID + * [SENTRY-1804] - Sentry server can be more efficient in handling full snapshot from HMS + * [SENTRY-1805] - Define a DB schema for HMS generation IDs + * [SENTRY-1806] - Improve memory handling for HDFS sync + * [SENTRY-1807] - NotificationProcessor may put the wrong path in the update + * [SENTRY-1814] - Provide unit test for LeaderStatusMonitor + * [SENTRY-1815] - Send new HMS snapshots to HDFS requesting an old generation ID + * [SENTRY-1817] - Deprecate SENTRY_HA_ENABLED and all tests that use it + * [SENTRY-1818] - HMSFollower should be a singleton + * [SENTRY-1821] - Transactions could fail to commit to the database under load + * [SENTRY-1824] - SentryStore may serialize transactions that rely on unique key + * [SENTRY-1825] - Dropping a Hive database/table doesn't cleanup the permissions associated with it + * [SENTRY-1828] - Rename version in sentry-ha-redesign branch to 2.0.0-SNAPSHOT + * [SENTRY-1830] - Create new release version 2.0.0 on JIRA + * [SENTRY-1832] - Sentry e2e tests should enable SentrySyncHMSNotificationsPostEventListener + * [SENTRY-1833] - Expose current set of IDs as Sentry metrics + * [SENTRY-1834] - Fix build failures when hive-authz2 profile is enabled. + * [SENTRY-1839] - Fork files from sentry-binding-hive-common package to sentry-binding-hive and sentry-binding-hive-v2 packages + * [SENTRY-1843] - Fork sentry-binding-hive-follower package to support Hive 2.x + * [SENTRY-1847] - Integrate sentry with Hive 2.0.0 + * [SENTRY-1848] - Separate legacy sentry configs from sentry ha configs for api compatibility + * [SENTRY-1849] - Fix the pom file to use appropriate hive dependencies based on hive-authz profile + * [SENTRY-1851] - Revert HMSFollower refactoring change + * [SENTRY-1854] - HMSFollower should handle notifications even if HDFS sync is disabled. + * [SENTRY-1856] - Persisting HMS snapshot and the notification-id to database in same transaction + * [SENTRY-1860] - Update CHANGELOG on master to reflect 1.8.0 changes + * [SENTRY-1869] - Try to use pool with idle connections first + * [SENTRY-1879] - Sentry e2e tests are trying to test without notification log + * [SENTRY-1880] - Fake subtask to deal with jenkins issues + * [SENTRY-1895] - Sentry should handle the case of multiple notifications with the same ID + * [SENTRY-1978] - Move the hive-authz2 grant/revoke implementation into the sentry-binding-hive module + * [SENTRY-1980] - Move the hive-authz2 HMS client filtering implementation into the sentry-binding-hive module + * [SENTRY-1998] - Create release version 2.1.0 in Jira + * [SENTRY-1999] - Sanitize issues that are outstanding for 2.0.0 release + * [SENTRY-2000] - Cut 2.0.0 branch + * [SENTRY-2001] - Update POM with new version + * [SENTRY-2002] - Update CHANGELOG on master to reflect 2.0.0 changes + * [SENTRY-2003] - Create tag Release-2.0.0 + * [SENTRY-2004] - Create Release-2.0.0 + * [SENTRY-2005] - Run vote on Release-2.0.0 + * [SENTRY-2006] - Release artifacts for 2.0.0 + * [SENTRY-2007] - Finish Release-2.0.0 + * [SENTRY-2055] - update the pom file on master with the new version. + * [SENTRY-2061] - Prepare release notes for 2.0.0 release ** Bug - * [SENTRY-320] - show role grant group groupname should not throw an exception if group doesnt exist in db - * [SENTRY-418] - org.mortbay.log package accidentally picked up in a few test classes - * [SENTRY-522] - [Unit Test] TestExportImportPrivileges failed due to error "Couldn't access new HiveServer: " - * [SENTRY-722] - Grant on URI should validate the required resource string format - * [SENTRY-887] - Sentry Hive binding fails with NPE when authorizing permanent Hive UDFs - * [SENTRY-933] - Some UTs in TestPrivilegesAtFunctionScope should have two arguments for âorg.apache.hadoop.hive.ql.udf.generic.GenericUDFPrintfâ - * [SENTRY-947] - Improve error message in HDFS NN Plugin when unable to connect to Sentry - * [SENTRY-951] - move hive warehouse dir to /hive, the dir doesn't have hive:hive as owner. - * [SENTRY-961] - Remove fb303.thrift reference from thrift definitions - * [SENTRY-1001] - Improve usability of URIs and URI privileges - * [SENTRY-1020] - Action ALL is not recognized in the generic API - * [SENTRY-1069] - [Unit Test Failure] Fix TestAuditLogForSentryGenericService - * [SENTRY-1094] - SentryMetastorePostEventListener.onAlterTable should check for null dereference - * [SENTRY-1101] - When edit log for HDFS sync in Sentry Server is full, the next Path update is not correctly setup - * [SENTRY-1184] - Clean up HMSPaths.renameAuthzObject - * [SENTRY-1190] - IMPORT TABLE silently fails if Sentry is enabled - * [SENTRY-1193] - Add SQL upgrade script for 1.8.0 - * [SENTRY-1201] - Sentry ignores database prefix for MSCK statement - * [SENTRY-1209] - Sentry does not block Hive's cross-schema table renames - * [SENTRY-1212] - Small authorization and compatibility checking bugs in Sentry conversion tool - * [SENTRY-1213] - Remove unnecessary file - * [SENTRY-1215] - Sentry's db provider makes privileges case insensitive. - * [SENTRY-1216] - [unit test failure] disable sentry ha tests for now; add time out for each test class/method; fix trainsient junit time out issue - * [SENTRY-1218] - [unit test failure] testFuncPrivileges1 takes more than 180s to finish so keep failing the test suites - * [SENTRY-1228] - SimpleFileProviderBackend error message missing spaces - * [SENTRY-1230] - Add basic testing workflow to test Sentry with Hive storage on S3 - * [SENTRY-1236] - Bump thrift version to 0.9.3 - * [SENTRY-1250] - Document kafka integration with sentry - * [SENTRY-1252] - grantServerPrivilege and revokeServerPrivilege should treat "*" and "ALL" as synonyms when action is not explicitly specified - * [SENTRY-1253] - SentryShellKafka is incorrectly setting component as "KAFKA" + * [SENTRY-1231] - Sentry doesn't secure index location uri, when do "CREATE INDEX LOCATION ''/uri" * [SENTRY-1260] - Improve error handling - ArrayIndexOutOfBoundsException in PathsUpdate.parsePath can cause MetastoreCacheInitializer intialization to fail - * [SENTRY-1265] - Sentry service should not require a TGT as it is not talking to other kerberos services as a client * [SENTRY-1270] - Improve error handling - Database with malformed URI causes NPE in HMS plugin during DDL - * [SENTRY-1294] - Fix the management problem for dependency's version - * [SENTRY-1302] - Update Hive V2 after moving Exception to sentry-core-common module - * [SENTRY-1311] - Improve usability of URI privileges by supporting mixed use of URIs with and without scheme - * [SENTRY-1312] - HDFS_PERMISSION_DEFAULT does not parse correctly * [SENTRY-1313] - Database prefix is not honoured when executing grant statement - * [SENTRY-1320] - truncate table db_name.table_name fails - * [SENTRY-1334] - [column level privileges] test and add test for CTAS and Create View AS SELECT (cross databases cases) - * [SENTRY-1345] - ACLS on table folder disappear after insert for unpartitioned tables - * [SENTRY-1346] - add a test case into hdfs acl e2e suite to test a db.tbl without partition, can take more than certain number groups - * [SENTRY-1354] - add column level test cases for select ... group by, order by and where in V2 - * [SENTRY-1357] - SentryMetastorePostEventListenerBase.onAlterTable should check for null dereference - * [SENTRY-1376] - Fix alter property case correctly - Deletes ACLS on the table - * [SENTRY-1401] - In V2, show role grant group groupname should not throw an exception if group doesnt exist in db. - * [SENTRY-1405] - Add test for "show grant role on all " command in V2 - * [SENTRY-1410] - Enable sentry ha, validate is able to read active sentry server - * [SENTRY-1438] - Move PolicyFiles from sentry-provider-file to sentry-core-common in V2 - * [SENTRY-1447] - When s3 is configured as HDFS defaultFS and Hive Warehouse Dir, need to fix some e2e test failures. For example, TestDbHdfsMaxGroups.java. - * [SENTRY-1459] - Alter view with HMS Client fails with "java.lang.IllegalArgumentException: Can not create a Path from a null string" - * [SENTRY-1464] - Sentry e2e test failure in org.apache.sentry.tests.e2e.dbprovider.TestDbUriPermissions.testAlterPartitionLocationPrivileges - * [SENTRY-1471] - TestHDFSIntegrationBase.java implements HDFS ACL checking and query verification incorrectly + * [SENTRY-1331] - Add a kerberos end to end test case to access isActive and isHa metrics. + * [SENTRY-1336] - Fix PMD violation in testSentryServiceGauges + * [SENTRY-1378] - Login fails for a secure Sentry Web UI + * [SENTRY-1397] - Add Notification log tests for Hive commands which do not change obj- location + * [SENTRY-1416] - kafka-sentry tool's service name's default is different from KafkaSentryAuthorizer's default service name * [SENTRY-1476] - SentryStore is subject to JDQL injection - * [SENTRY-1479] - Apply Checkstyle to sentry-policy module - * [SENTRY-1486] - Sentry should use repeatable-read consistency level * [SENTRY-1491] - Sentry transactions are not rolled back immediately when commit fails - * [SENTRY-1504] - NPE in log4j.properties parsing - * [SENTRY-1508] - MetastorePlugin.java does not handle properly initialization failure + * [SENTRY-1498] - Move SentryAdminServlet from sentry-service to sentry-provider + * [SENTRY-1509] - Disable solr unit tests from e2e runs.are becoming flaky + * [SENTRY-1514] - Massive Solr Unit Test Failures found, disable them for now. * [SENTRY-1515] - Cleanup exception handling in SentryStore * [SENTRY-1524] - sentry-dist is missing dependency on sentry-hdfs-dist * [SENTRY-1526] - Sentry processed stays alive after being killed @@ -132,130 +335,120 @@ Release Notes - Sentry - Version 1.8.0 * [SENTRY-1534] - Oracle supports serializable instead of repeatable-read * [SENTRY-1546] - Generic Policy provides bad error messages for Sentry exceptions * [SENTRY-1548] - Setting GrantOption to UNSET upsets Sentry + * [SENTRY-1574] - SentryMetastorePostEventListener class is not used by anything * [SENTRY-1586] - [unit test] Race condition between metastore server/client could cause connection refused errors - * [SENTRY-1605] - SENTRY-1508 need to be fixed because of Kerberos initialization issue + * [SENTRY-1602] - Code cleanup for Sentry JSON message factory for hive notifications * [SENTRY-1609] - DelegateSentryStore is subject to JDQL injection * [SENTRY-1624] - DefaultSentryValidator doesn't correctly construct SentryOnFailureHookContextImpl + * [SENTRY-1640] - Implement HMS Notification barrier on the HMS plugin side * [SENTRY-1644] - Partition ACLs disappear after renaming Hive table with partitions * [SENTRY-1646] - Unable to truncate table <database>.<tablename>; from "default" databases * [SENTRY-1658] - Null pointer dereference in SentryShellHive + * [SENTRY-1661] - SentryStore has a couple of public static fields that are not final * [SENTRY-1663] - UpdateableAuthzPermissions has mutable static fields * [SENTRY-1665] - cross-site scripting vulnerability in ConfServlet - * [SENTRY-1683] - MetastoreCacheInitializer has a race condition in handling results list + * [SENTRY-1667] - Switching to Jetty v9 library + * [SENTRY-1681] - SentryHdfsServiceException is an unchecked exception + * [SENTRY-1689] - sql changed needed for MAuthzPathsMapping + * [SENTRY-1692] - ZK namespace configuration doesn't work + * [SENTRY-1699] - MetastoreCacheInitializer shouldn't use Preconditions for HMS data + * [SENTRY-1712] - Add trigger mechanism for Sentry to push full path snapshot to Name Node * [SENTRY-1727] - HMSPathsDumper.cloneToEntry should set authzObjToEntries properly + * [SENTRY-1739] - Sentry Kafka tests do not stop periodic update after the test end + * [SENTRY-1745] - Bundle sentry-core-common into sentry-hdfs-dist to avoid NN failing with NoClassDefFoundError + * [SENTRY-1749] - HMSFollower uses incorrect keytab for HMS connection * [SENTRY-1759] - UpdatableCache leaks connections * [SENTRY-1783] - alterSentryRoleGrantPrivilegeCore does more persistence work than required * [SENTRY-1785] - Fix TestKrbConnectionTimeout test * [SENTRY-1788] - Sentry Store may use JDO object after the associated data is removed in DB + * [SENTRY-1790] - NoClassDefFoundError: org/apache/sentry/binding/hive/SentryOnFailureHookContextImpl * [SENTRY-1801] - Sentry Namenode Plugin should handle unknown permissions - * [SENTRY-1844] - When setting web authentication type to none, sentry fails to start - * [SENTRY-1845] - LOAD + OVERWRITE not supported in Hive v2. plugin + * [SENTRY-1831] - The MetastorePlugin SyncTask is leaking connection threads when read timed out issues are thrown + * [SENTRY-1850] - Duplicate dependency in the sentry-binding-hive pom + * [SENTRY-1852] - Refactor HMSFollower without renaming file + * [SENTRY-1868] - SentryStore should set loadResultsAtCommit to false when query result isn't needed + * [SENTRY-1874] - Do not require quiet HMS when taking initial HMS snapshot + * [SENTRY-1886] - Add 1.8.0 -> 2.0.0 upgrade SQL scripts + * [SENTRY-1888] - Sentry might not fetch all HMS duplicated events IDs when requested + * [SENTRY-1889] - HMSFollower should log better detailed error message if it cannot connect to HMS + * [SENTRY-1890] - HMSFollower keep getting full snapshot when HDFS is disabled + * [SENTRY-1897] - Rename sentry property to provide the list of sentry servers + * [SENTRY-1898] - Sentry no longer supports creating more than ~15 partitions at once + * [SENTRY-1901] - sentry-tests-sqoop is pulling hardcoded snapshot version that doesnt exist anymore + * [SENTRY-1902] - TestSentryStore causes ID conflicts on MSentryPermChange + * [SENTRY-1913] - Incorrect constraints on AUTHZ_PATHS_MAPPING.AUTHZ_OBJ_NAME + * [SENTRY-1915] - Sentry is doing a lot of work to convert list of paths to HMSPaths structure + * [SENTRY-1916] - Sentry should not store paths outside of the prefix + * [SENTRY-1918] - NN snapshot should not be served while HMS snapshot is collected + * [SENTRY-1919] - Sentry should prevent two snapshots from being sent to HDFS + * [SENTRY-1927] - PathImageRetriever should minimize size of the serialized message when creating path dumps + * [SENTRY-1928] - HMSFollower should close HMS connections when an error to HMS occurs + * [SENTRY-1929] - When full HMS snapshot is created all higher notifications should be purged + * [SENTRY-1931] - NameNode only gets full snapshot once + * [SENTRY-1933] - hive-authz2 build fails because SentryJSONAlterPartitionMessage is not compatible + * [SENTRY-1934] - SQL Index name is too long for Oracle 11.2 + * [SENTRY-1939] - Resetting the CounterWait during full snapshot has to be handled across all sentry servers + * [SENTRY-1940] - Sentry should time out threads waiting for notifications + * [SENTRY-1941] - Add log4j2.properties file to sentry-hive-tests-v2 + * [SENTRY-1942] - Bump BoneCP version from 0.7.1 to 0.8.0 + * [SENTRY-1946] - getPathsUpdatesFrom() got its boolean logic inversed which results in sending two snapshots at the same time + * [SENTRY-1952] - SentrySyncHMSNotificationsPostEventListener should be public + * [SENTRY-1982] - Release sentry 2.0.0 upstream + * [SENTRY-1983] - Several commit/rollback errors happen in oracle12c-r1 due to current isolation level + * [SENTRY-1984] - Decrease number of max idle connections for Sentry clients + * [SENTRY-1985] - Sentry should log in stdout when it is ready to serve requests + * [SENTRY-1987] - Remove pom code related to non-existing TestSentryAuthorizationProvider class + * [SENTRY-1990] - Use same hadoop.version to hadoop-aws dependencies + * [SENTRY-1993] - StringIndexOutOfBoundsException in HMSPathsDumper.java + * [SENTRY-1994] - Bump Shiro dependency version to 1.4.0 + * [SENTRY-1995] - Bump Derby dependency version to 10.13.1.1 + * [SENTRY-1997] - Bump sqoop dependency version to 1.99.7 + * [SENTRY-2010] - Oracle does not allow creating more than one index on the same column + * [SENTRY-2011] - Oracle does not allow creating more than one index on the same column + * [SENTRY-2014] - Incorrect handling of HDFS paths with multiple slashes + * [SENTRY-2017] - Fix Sentry e2e tests to use SentryMetastorePostEventListenerNotificationLog + * [SENTRY-2018] - Remove SentryMetastorePostEventListener and SentryMetastorePostEventListenerBase classes + * [SENTRY-2020] - Fix testConsumeCycleWithInsufficientPrivileges test failure in kafka e2e tests. + * [SENTRY-2021] - MR session ACLs in Hive binding does not handle all types of ACLs + * [SENTRY-2022] - Alter View Rename and Alter View As commands not being tested for authorization + * [SENTRY-2024] - Drop Index that includes AUTHZ_OBJ_NAME + * [SENTRY-2026] - Bump Hadoop version from 2.7.2 to 2.7.4 + * [SENTRY-2028] - Avoid datanucleus to create/update database schema + * [SENTRY-2029] - Unit test fails consistently for org.apache.sentry.tests.e2e.dbprovider.TestDbPrivilegeCleanupOnDrop + * [SENTRY-2032] - Leading Slashes need to removed when creating HMS path entries + * [SENTRY-2033] - Fix TestDbPrivilegeCleanupOnDrop to use SentryMetastorePostEventListenerNotificationLog + * [SENTRY-2035] - Metrics should move to destination atomically + * [SENTRY-2036] - sentry_sync_notifications() should set ID when it returns errors + * [SENTRY-2037] - Remove not needed sentry-binding-hive-v2 dependency from the main pom.xml + * [SENTRY-2039] - KeyValue is case sensitive and it causes incompatibility issues with external components + * [SENTRY-2041] - Change Index name in Package.jdo to match index name in SQL + * [SENTRY-2046] - Create a full snapshot if AUTHZ_PATHS_SNAPSHOT_ID is empty, even if HMS and Sentry Notifications are in sync + * [SENTRY-2047] - isTableEmptyCore method in SentryStore has references to MAuthzPathsMapping when it should be generic + * [SENTRY-2066] - DB name is not set for AlterTable + * [SENTRY-2068] - Disable HTTP TRACE method from the Sentry Web Server ** Task - * [SENTRY-950] - add column level test cases for select ... group by, order by and where - * [SENTRY-1131] - Add document for Generate audit trail for Sentry generic model in wiki - * [SENTRY-1171] - Please delete old releases from mirroring system - * [SENTRY-1255] - Pull out client dependencies from sentry-provider-db - * [SENTRY-1276] - Bump hadoop version to 2.6.1 - * [SENTRY-1315] - Add an interface in WebUI to request for a Sentry full update - * [SENTRY-1431] - Sentry HA test HMSFollower during failover - * [SENTRY-1456] - SENTRY-1454 follow up: Commit message and rat check failure + * [SENTRY-1480] - A upgrade tool to migrate Solr/Sentry permissions * [SENTRY-1520] - Provide mechanism for triggering HMS full snapshot - -** Sub-task - * [SENTRY-726] - Update thrift API for grant user to role - * [SENTRY-727] - Update jdo model for grant user to role - * [SENTRY-728] - Update audit log for grant user to role - * [SENTRY-729] - Update binding-hive for grant user to role - * [SENTRY-730] - Update policy engine for grant user to role - * [SENTRY-731] - Update provider-backend for grant user to role - * [SENTRY-733] - Update notification handler for grant user to role - * [SENTRY-734] - Update SentryPolicyStoreProcessor for grant user to role - * [SENTRY-735] - Update AuthorizationProvider and e2e test for grant user to role - * [SENTRY-840] - Do not allow async initial updater of MetaStore cache - * [SENTRY-875] - Make update log size configurable in UpdateForwarder - * [SENTRY-1004] - Create CommonPrivilege for external component - * [SENTRY-1024] - Document for Sentry Kafka integration - * [SENTRY-1026] - Fix PMD tag for unused field. - * [SENTRY-1042] - Create CommonPolicy for external component - * [SENTRY-1070] - Rename kafka.superusers -> super.users based on kafka docs - * [SENTRY-1074] - Refactor ResourceAuthorizationProvider with CommonPrivilege and CommonPolicy - * [SENTRY-1086] - Add permission check and test case for alter db set owner - * [SENTRY-1089] - Move validator from sentry-policy-xxx to sentry-core-model-xxx - * [SENTRY-1090] - Improvement for CommonPrivilege - * [SENTRY-1091] - Create Model for specific components - * [SENTRY-1092] - Move Class KeyValue and PolicyConstants to sentry-core-common - * [SENTRY-1093] - Refactor the constructor of PolicyEngine - * [SENTRY-1103] - Authorizable names' case sensitivity must be decided by plugins - * [SENTRY-1104] - Add method in Privilege model to create privilege validators - * [SENTRY-1115] - Add caching to avoid huge performance hit - * [SENTRY-1123] - Add test cases for Hive, Solr, Index, Sqoop with the CommonPrivilege - * [SENTRY-1127] - Move test cases from sentry-policy-xxx to sentry-binding-xxx - * [SENTRY-1153] - Ensure AccessURI work with S3 - * [SENTRY-1158] - Remove unnecessary sentry-policy-xxx - * [SENTRY-1160] - Enable dist for kafka-binding - * [SENTRY-1166] - Update default value for sentry.hive.server in Sentry wiki - * [SENTRY-1175] - Improve usability of URI privileges when granting URIs - * [SENTRY-1176] - Update thrift API for export with specific auth object - * [SENTRY-1177] - Update SentryStore for export with specific auth object - * [SENTRY-1178] - Update Sentry Policy Service for export with specific auth object - * [SENTRY-1179] - Update Sentry config tool for export with specific auth object - * [SENTRY-1199] - Update wiki page for export with specific auth object - * [SENTRY-1203] - Rebase the code - * [SENTRY-1208] - Make HOST implied in privileges if not specified explicitly. - * [SENTRY-1214] - Make Kafka resources/ Kafka Model case sensitive - * [SENTRY-1221] - Improve the SentryStore and thrift api for import/export with user scope - * [SENTRY-1222] - Improve SentryIniPolicyFileFormatter to support user section in .ini file - * [SENTRY-1225] - Improve SentryPolicyServiceClientDefaultImpl to support user section with import/export - * [SENTRY-1258] - Mysql upgrade SQL script for implement grant user to role - * [SENTRY-1261] - Derby upgrade SQL script for implement grant user to role - * [SENTRY-1262] - Oracle upgrade SQL script for implement grant user to role - * [SENTRY-1263] - Postgres upgrade SQL script for implement grant user to role - * [SENTRY-1272] - Enable ALTERVIEW_RENAME and ALTERVIEW_AS operation in hive binding - * [SENTRY-1278] - DB2 upgrade SQL script for implement grant user to role - * [SENTRY-1283] - Enable alter table operation without outputs in hive binding - * [SENTRY-1286] - Create sentry-service-common module - * [SENTRY-1287] - Create sentry-service-server module - * [SENTRY-1288] - Create sentry-service-client module - * [SENTRY-1289] - Move exception to sentry-core-common module - * [SENTRY-1291] - SimpleCacheProviderBackend.getPrivileges should return the permission based on authorizationhierarchy - * [SENTRY-1292] - Reorder DBModelAction EnumSet - * [SENTRY-1293] - Avoid converting string permission to Privilege object - * [SENTRY-1304] - Enable CREATEMACRO and DROPMACRO operations in hive binding - * [SENTRY-1319] - Add metrics for isActive and isHA - * [SENTRY-1327] - Enable "show grant role roleName on all" command - * [SENTRY-1337] - Move GroupMappingService from sentry-provider-common to sentry-core-common - * [SENTRY-1344] - Move AuthorizationComponent from sentry-provider-common to sentry-core-common - * [SENTRY-1348] - Move HA related class from sentry-provider-db to sentry-service-common - * [SENTRY-1349] - Add permission check and test case for alter db set owner in V2 - * [SENTRY-1351] - Enable alter table operation without outputs in V2 - * [SENTRY-1352] - Enable CREATEMACRO and DROPMACRO operations in V2 - * [SENTRY-1358] - Implement Grant role_name To User user_name in V2 - * [SENTRY-1359] - Implement SHOW ROLE GRANT USER user_name in V2 - * [SENTRY-1360] - Refactor grantPrivilege of Sentry Client - * [SENTRY-1361] - Refactor revokePrivilege of Sentry Client - * [SENTRY-1363] - Clean all pom.xml - * [SENTRY-1369] - Fix compile error for sentry-binding-hive-v2 - * [SENTRY-1377] - improve handling of failures, both in tests and after-test cleanup, in TestHDFSIntegration.java - * [SENTRY-1394] - Fix compile error for sentry-test-hive-v2 - * [SENTRY-1454] - Fix intermittent time out issue for TestHDFSIntegration - * [SENTRY-1651] - Port SENTRY-1404 to sentry-ha-redesign - * [SENTRY-1652] - Port SENTRY-1464 to sentry-ha-redesign - * [SENTRY-1655] - Port SENTRY-1471 to sentry-ha-redesign - * [SENTRY-1656] - Port Sentry-1459 to sentry-ha-redesign - * [SENTRY-1857] - Create new branch (branch-1.8) based on master + * [SENTRY-1838] - Support Hive 2.1.1 for sentry 2.0 + * [SENTRY-1859] - Prepare master for next release (2.0.0) + * [SENTRY-1893] - Bump the minimum java version to 8 + * [SENTRY-1899] - Remove support for HIVE 1.x + * [SENTRY-1970] - Configure PreCommit-SENTRY-Build to build and test against JDK8 ** Test - * [SENTRY-583] - Add boundary condition test coverage to HDFS synchronization test suite around max #of groups - * [SENTRY-858] - Add a test case for - Database prefix is not honoured when executing grant statement - * [SENTRY-1108] - Improve surefire execution to run tests concurrently * [SENTRY-1134] - Add user defined udf test case - * [SENTRY-1266] - Add ConfigTool tests to skipSlowAndNotThreadSafeTests blacklist - * [SENTRY-1299] - Add a test case to verify SentryStore#verifySentryStoreSchema works - * [SENTRY-1390] - Add test cases to ensure usability of URI privileges for HMS binding - * [SENTRY-1391] - Add more test cases for perm and temp UDF - * [SENTRY-1402] - Add TestGrantUserToRole to V2 + * [SENTRY-1296] - Flaky test: TestPrivilegeOperatePersistence.testGrantPrivilegeExternalComponentInvalidConf + * [SENTRY-1387] - Add HDFS sync tests for drop partition for external/implicit locations + * [SENTRY-1400] - [Flaky test] TestSentryWebServerWithSSL times out + * [SENTRY-1458] - Remove unused file from Kafka tests * [SENTRY-1489] - Categorize e2e tests into slow and regular tests, so that can adapt the timeout and etc. * [SENTRY-1497] - create a sentry scale test tool to add various objects and privileges into Sentry and HMS * [SENTRY-1503] - Remove all sequence ID checks from TestSentryStore + * [SENTRY-1748] - Sentry HA: for testing purposes, allow the client to be configured to deterministically choose which Sentry server to use * [SENTRY-1809] - Use Apache Curator in the Kafka tests + * [SENTRY-2052] - Reduce TestSentryStore time by setting transaction retries to 1 and other refactors + * [SENTRY-2054] - Unit tests must create temporary files under the Maven target directory + * [SENTRY-2057] - Set hadoop.tmp.dir to the maven build directory configured on java.io.tmpdir + * [SENTRY-2058] - CLONE - Set hadoop.tmp.dir to the maven build directory configured on java.io.tmpdir +