[GitHub] [ranger] bolkedebruin commented on issue #36: [RANGER-2395] Add Presto plugin
bolkedebruin commented on issue #36: [RANGER-2395] Add Presto plugin URL: https://github.com/apache/ranger/pull/36#issuecomment-596051979 Code changes as the API has changed. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [ranger] ebyhr opened a new pull request #57: [RANGER-2747] Ranger integration with presto works on "Release 317" but fails on versions later
ebyhr opened a new pull request #57: [RANGER-2747] Ranger integration with presto works on "Release 317" but fails on versions later URL: https://github.com/apache/ranger/pull/57 Update Presto version to 318 from 310 JIRA https://issues.apache.org/jira/browse/RANGER-2747 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[jira] [Updated] (RANGER-2755) Update Atlas service-def and plugin for changes in ATLAS-3653
[
https://issues.apache.org/jira/browse/RANGER-2755?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Madhan Neethiraj updated RANGER-2755:
-
Attachment: RANGER-2755.patch
> Update Atlas service-def and plugin for changes in ATLAS-3653
> -
>
> Key: RANGER-2755
> URL: https://issues.apache.org/jira/browse/RANGER-2755
> Project: Ranger
> Issue Type: Bug
> Components: admin, plugins
>Affects Versions: 2.1.0
>Reporter: Madhan Neethiraj
>Assignee: Madhan Neethiraj
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: RANGER-2755.patch
>
>
> Recent change in ATLAS-3653 renamed permission {{entity-update-namespace}} to
> {{entity-update-business-metadata}}. Atlas service-def and
> authorization-plugin in Ranger should be updated for this change.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (RANGER-2755) Update Atlas service-def and plugin for changes in ATLAS-3653
[
https://issues.apache.org/jira/browse/RANGER-2755?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17053779#comment-17053779
]
Velmurugan Periasamy commented on RANGER-2755:
--
+1 for the patch. Not able to see review. May be it is down.
> Update Atlas service-def and plugin for changes in ATLAS-3653
> -
>
> Key: RANGER-2755
> URL: https://issues.apache.org/jira/browse/RANGER-2755
> Project: Ranger
> Issue Type: Bug
> Components: admin, plugins
>Affects Versions: 2.1.0
>Reporter: Madhan Neethiraj
>Assignee: Madhan Neethiraj
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: RANGER-2755.patch
>
>
> Recent change in ATLAS-3653 renamed permission {{entity-update-namespace}} to
> {{entity-update-business-metadata}}. Atlas service-def and
> authorization-plugin in Ranger should be updated for this change.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
Re: Review Request 72209: RANGER-2755: updated Atlas service-def and plugin for changes in ATLAS-3653
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72209/#review219831 --- Ship it! Ship It! - Ramesh Mani On March 6, 2020, 6:44 p.m., Madhan Neethiraj wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72209/ > --- > > (Updated March 6, 2020, 6:44 p.m.) > > > Review request for ranger, keval bhatt, Abhay Kulkarni, Mehul Parikh, Nixon > Rodrigues, Ramesh Mani, Sarath Subramanian, and Velmurugan Periasamy. > > > Bugs: ATLAS-3653 and RANGER-2755 > https://issues.apache.org/jira/browse/ATLAS-3653 > https://issues.apache.org/jira/browse/RANGER-2755 > > > Repository: ranger > > > Description > --- > > - updated Atlas service-def and Atlas plugin for renaming of 'namespace' to > 'business-metadata' > - since current Atlas service-def and plugin that references 'namespace' is > not yet included in any release, there is no need for migration (of existing > service-def and policies) > > > Diffs > - > > agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json > 9355b71c5 > > plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java > ca06cf830 > > plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java > d27cde3c0 > > > Diff: https://reviews.apache.org/r/72209/diff/1/ > > > Testing > --- > > > Thanks, > > Madhan Neethiraj > >
[jira] [Commented] (RANGER-2755) Update Atlas service-def and plugin for changes in ATLAS-3653
[
https://issues.apache.org/jira/browse/RANGER-2755?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17053765#comment-17053765
]
Ramesh Mani commented on RANGER-2755:
-
+1 for the Patch.
> Update Atlas service-def and plugin for changes in ATLAS-3653
> -
>
> Key: RANGER-2755
> URL: https://issues.apache.org/jira/browse/RANGER-2755
> Project: Ranger
> Issue Type: Bug
> Components: admin, plugins
>Affects Versions: 2.1.0
>Reporter: Madhan Neethiraj
>Assignee: Madhan Neethiraj
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: RANGER-2755.patch
>
>
> Recent change in ATLAS-3653 renamed permission {{entity-update-namespace}} to
> {{entity-update-business-metadata}}. Atlas service-def and
> authorization-plugin in Ranger should be updated for this change.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[GitHub] [ranger] tooptoop4 edited a comment on issue #36: [RANGER-2395] Add Presto plugin
tooptoop4 edited a comment on issue #36: [RANGER-2395] Add Presto plugin URL: https://github.com/apache/ranger/pull/36#issuecomment-595948740 @bolkedebruin for getting plugin to work again (not add row/col level) is it just a matter of updating version in pom.xml or code changes too? I'm guessing https://github.com/prestosql/presto/pull/1624 in release 320 and https://github.com/prestosql/presto/pull/171 in release 318 broke it as users mention 317 works. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [ranger] tooptoop4 commented on issue #36: [RANGER-2395] Add Presto plugin
tooptoop4 commented on issue #36: [RANGER-2395] Add Presto plugin URL: https://github.com/apache/ranger/pull/36#issuecomment-595948740 @bolkedebruin for getting plugin to work again (not add row/col level) is it just a matter of updating version in pom.xml or code changes too? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
Review Request 72209: RANGER-2755: updated Atlas service-def and plugin for changes in ATLAS-3653
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72209/ --- Review request for ranger, keval bhatt, Abhay Kulkarni, Mehul Parikh, Nixon Rodrigues, Ramesh Mani, Sarath Subramanian, and Velmurugan Periasamy. Bugs: ATLAS-3653 and RANGER-2755 https://issues.apache.org/jira/browse/ATLAS-3653 https://issues.apache.org/jira/browse/RANGER-2755 Repository: ranger Description --- - updated Atlas service-def and Atlas plugin for renaming of 'namespace' to 'business-metadata' - since current Atlas service-def and plugin that references 'namespace' is not yet included in any release, there is no need for migration (of existing service-def and policies) Diffs - agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json 9355b71c5 plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java ca06cf830 plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java d27cde3c0 Diff: https://reviews.apache.org/r/72209/diff/1/ Testing --- Thanks, Madhan Neethiraj
[jira] [Created] (RANGER-2755) Update Atlas service-def and plugin for changes in ATLAS-3653
Madhan Neethiraj created RANGER-2755:
Summary: Update Atlas service-def and plugin for changes in
ATLAS-3653
Key: RANGER-2755
URL: https://issues.apache.org/jira/browse/RANGER-2755
Project: Ranger
Issue Type: Bug
Components: admin, plugins
Affects Versions: 2.1.0
Reporter: Madhan Neethiraj
Assignee: Madhan Neethiraj
Recent change in ATLAS-3653 renamed permission {{entity-update-namespace}} to
{{entity-update-business-metadata}}. Atlas service-def and authorization-plugin
in Ranger should be updated for this change.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (RANGER-2749) Ranger depends on commons-lang but doesn't specify it in it's pom
[ https://issues.apache.org/jira/browse/RANGER-2749?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17053479#comment-17053479 ] Grant Henke commented on RANGER-2749: - [~pradeep] I posted a patch and review board that resolves the issue. Let me know if you need anything else. > Ranger depends on commons-lang but doesn't specify it in it's pom > - > > Key: RANGER-2749 > URL: https://issues.apache.org/jira/browse/RANGER-2749 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 2.0.0 >Reporter: Grant Henke >Priority: Major > Attachments: > 0001-RANGER-2749-Add-explicit-commons-lang-dependency.patch > > > Ranger uses commons lang for StringUtils in places like: > [https://github.com/apache/ranger/blob/master/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java#L31] > However, it doesn't add commons-lang as a dependency and instead depends on > the transitive dependency from hadoop-common. When compiling my plugin with > with Hadoop 3.2+ I get a `java.lang.NoClassDefFoundError: > org/apache/commons/lang/StringUtils` because Hadoop no longer depends on > commons-lang. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ranger] brucemen711 commented on issue #36: [RANGER-2395] Add Presto plugin
brucemen711 commented on issue #36: [RANGER-2395] Add Presto plugin URL: https://github.com/apache/ranger/pull/36#issuecomment-595795880 Thanks @bolkedebruin, im looking for it. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
Re: Review Request 72207: RANGER-2744 : Add response header in login.jsp page
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72207/ --- (Updated March 6, 2020, 1:32 p.m.) Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy. Bugs: RANGER-2744 https://issues.apache.org/jira/browse/RANGER-2744 Repository: ranger Description --- Good coding practice-add additional headers in ranger. Diffs - security-admin/src/main/resources/conf.dist/security-applicationContext.xml c359971 Diff: https://reviews.apache.org/r/72207/diff/1/ Testing --- Thanks, Nitin Galave
[jira] [Commented] (RANGER-2751) SSL enabled Apache Ranger (2.1.0) not working with SSL enabled Presto (Prestosql 310) - Policy synch up not happening
[
https://issues.apache.org/jira/browse/RANGER-2751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17053397#comment-17053397
]
Pradeep Agrawal commented on RANGER-2751:
-
You can try either of the two approach here :
1) import the ranger admin cert into jdk cacert of the presto plugin machine.
or
2) Try to create a trust store and import the ranger admin certificate in that
trust store at the plugin end. you might have to use below two properties and
make sure its reflected in ranger-*ssl*.site.xml when you enable the presto
plugin
SSL_TRUSTSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-truststore.jks
SSL_TRUSTSTORE_PASSWORD=none
> SSL enabled Apache Ranger (2.1.0) not working with SSL enabled Presto
> (Prestosql 310) - Policy synch up not happening
> --
>
> Key: RANGER-2751
> URL: https://issues.apache.org/jira/browse/RANGER-2751
> Project: Ranger
> Issue Type: Bug
> Components: plugins
>Affects Versions: 2.1.0
>Reporter: sajai
>Priority: Major
> Fix For: 2.1.0
>
>
> *Facing the below error when trying to integrate Apache Ranger with Prestosql
> (310 version).*
> *Both Ranger and Presto is working independently, but the Presto policies
> from Ranger are not downloading/refreshing. Couldn't find the policies
> downloaded in Ranger web ui in Audits/Plugin tab. Also if we remove SSL from
> Ranger side it starts working fine. Issue is only when SSL is enabled in
> Ranger, then Presto inot working with Ranger,*
> 2020-03-04T07:50:59.600-0600 ERROR Thread-91
> org.apache.ranger.plugin.util.PolicyRefresher
> PolicyRefresher(serviceName=presto-catalogs-dev): failed to refresh policies.
> Will continue to use last known version of policies (-1)
> java.lang.IllegalArgumentException: TrustManager is not specified
> *ranger-2.1.0-SNAPSHOT-admin/install.properties:-*
> db_root_user=root
> db_root_password=Sqlpwd@123
> db_host=localhost
> db_name=ranger
> db_user=rangeradmin
> db_password=Rangerpwd@123
> rangerAdmin_password=Rangerpwd@123
> rangerTagsync_password=Rangerpwd@123
> rangerUsersync_password=Rangerpwd@123
> keyadmin_password=Rangerpwd@123
> policymgr_external_url=https://hostname_ranger:6182
> policymgr_http_enabled=false
> policymgr_https_keystore_file=/opt/iss_cert/clientcert.jks
> policymgr_https_keystore_keyalias=
> policymgr_https_keystore_password=31b17532aeb4fb5ba3af2bae850567
> unix_user=ranger
> unix_user_pwd=Rangerpwd@123
> unix_group=ranger
> #LDAP|ACTIVE_DIRECTORY|UNIX|NONE
> authentication_method=LDAP
> xa_ldap_url=ldaps://hostname_ldapserver:636
> xa_ldap_userDNpattern=uid=\{0},OU=xxx,DC=xx,DC=,DC=COM
> xa_ldap_groupSearchBase=DC=xxx,DC=ccc,DC=COM
> xa_ldap_groupSearchFilter=(member=cn=\{0},OU=xxx,DC=xx,DC=,DC=COM)
> xa_ldap_groupRoleAttribute=cn
> xa_ldap_base_dn=DC=xx,DC=,DC=COM
> xa_ldap_bind_dn=CN=XXX,OU=XX,DC=xx,DC=,DC=COM
> xa_ldap_bind_password=uBLRzVJK
> xa_ldap_referral=follow
> xa_ldap_userSearchFilter=(uid=\{0})
> *With the above values,able to start ranger with SSL and LDAP enabled and
> also able to login succesfully with both unix admin credentials and also with
> ldap credentials.*
>
> *ranger-2.1.0-SNAPSHOT-presto-plugin/install.properties:-*
> POLICY_MGR_URL=https:/hostname_ranger:6182
> REPOSITORY_NAME=presto-catalogs-dev
> *# You do not need use SSL between agent and security admin tool, please
> leave these sample value as it is.*
> SSL_KEYSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-keystore.jks
> SSL_KEYSTORE_PASSWORD=none
> SSL_TRUSTSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-truststore.jks
> SSL_TRUSTSTORE_PASSWORD=none
> *keep blank if component user is default*
> CUSTOM_USER=
> *keep blank if component group is default*
> CUSTOM_GROUP=
>
> *presto-server-310/etc/config.properties:-*
> coordinator=true
> node-scheduler.include-coordinator=true
> http-server.http.enabled=false
> node.internal-address-source=FQDN
> node.internal-address=hostname_presto
> internal-communication.https.required=true
> internal-communication.https.keystore.path=/opt/iss_cert/clientcert.jks
> internal-communication.https.keystore.key=31b17532aeb4fb5ba3af2bae850567
> discovery-server.enabled=true
> discovery.uri=https://hostname_presto:8443
> http-server.authentication.type=PASSWORD,CERTIFICATE
> http-server.https.enabled=true
> http-server.https.port=8443
> http-server.https.keystore.path=/opt/iss_cert/clientcert.jks
> http-server.https.keystore.key=31b17532aeb4fb5ba3af2bae850567
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (RANGER-2751) SSL enabled Apache Ranger (2.1.0) not working with SSL enabled Presto (Prestosql 310) - Policy synch up not happening
[
https://issues.apache.org/jira/browse/RANGER-2751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17053348#comment-17053348
]
Bolke de Bruin commented on RANGER-2751:
https://issues.apache.org/jira/browse/RANGER-2611
Check what the config file of the plugin actually says (your ranger-XXX.xml)
> SSL enabled Apache Ranger (2.1.0) not working with SSL enabled Presto
> (Prestosql 310) - Policy synch up not happening
> --
>
> Key: RANGER-2751
> URL: https://issues.apache.org/jira/browse/RANGER-2751
> Project: Ranger
> Issue Type: Bug
> Components: plugins
>Affects Versions: 2.1.0
>Reporter: sajai
>Priority: Major
> Fix For: 2.1.0
>
>
> *Facing the below error when trying to integrate Apache Ranger with Prestosql
> (310 version).*
> *Both Ranger and Presto is working independently, but the Presto policies
> from Ranger are not downloading/refreshing. Couldn't find the policies
> downloaded in Ranger web ui in Audits/Plugin tab. Also if we remove SSL from
> Ranger side it starts working fine. Issue is only when SSL is enabled in
> Ranger, then Presto inot working with Ranger,*
> 2020-03-04T07:50:59.600-0600 ERROR Thread-91
> org.apache.ranger.plugin.util.PolicyRefresher
> PolicyRefresher(serviceName=presto-catalogs-dev): failed to refresh policies.
> Will continue to use last known version of policies (-1)
> java.lang.IllegalArgumentException: TrustManager is not specified
> *ranger-2.1.0-SNAPSHOT-admin/install.properties:-*
> db_root_user=root
> db_root_password=Sqlpwd@123
> db_host=localhost
> db_name=ranger
> db_user=rangeradmin
> db_password=Rangerpwd@123
> rangerAdmin_password=Rangerpwd@123
> rangerTagsync_password=Rangerpwd@123
> rangerUsersync_password=Rangerpwd@123
> keyadmin_password=Rangerpwd@123
> policymgr_external_url=https://hostname_ranger:6182
> policymgr_http_enabled=false
> policymgr_https_keystore_file=/opt/iss_cert/clientcert.jks
> policymgr_https_keystore_keyalias=
> policymgr_https_keystore_password=31b17532aeb4fb5ba3af2bae850567
> unix_user=ranger
> unix_user_pwd=Rangerpwd@123
> unix_group=ranger
> #LDAP|ACTIVE_DIRECTORY|UNIX|NONE
> authentication_method=LDAP
> xa_ldap_url=ldaps://hostname_ldapserver:636
> xa_ldap_userDNpattern=uid=\{0},OU=xxx,DC=xx,DC=,DC=COM
> xa_ldap_groupSearchBase=DC=xxx,DC=ccc,DC=COM
> xa_ldap_groupSearchFilter=(member=cn=\{0},OU=xxx,DC=xx,DC=,DC=COM)
> xa_ldap_groupRoleAttribute=cn
> xa_ldap_base_dn=DC=xx,DC=,DC=COM
> xa_ldap_bind_dn=CN=XXX,OU=XX,DC=xx,DC=,DC=COM
> xa_ldap_bind_password=uBLRzVJK
> xa_ldap_referral=follow
> xa_ldap_userSearchFilter=(uid=\{0})
> *With the above values,able to start ranger with SSL and LDAP enabled and
> also able to login succesfully with both unix admin credentials and also with
> ldap credentials.*
>
> *ranger-2.1.0-SNAPSHOT-presto-plugin/install.properties:-*
> POLICY_MGR_URL=https:/hostname_ranger:6182
> REPOSITORY_NAME=presto-catalogs-dev
> *# You do not need use SSL between agent and security admin tool, please
> leave these sample value as it is.*
> SSL_KEYSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-keystore.jks
> SSL_KEYSTORE_PASSWORD=none
> SSL_TRUSTSTORE_FILE_PATH=/etc/hadoop/conf/ranger-plugin-truststore.jks
> SSL_TRUSTSTORE_PASSWORD=none
> *keep blank if component user is default*
> CUSTOM_USER=
> *keep blank if component group is default*
> CUSTOM_GROUP=
>
> *presto-server-310/etc/config.properties:-*
> coordinator=true
> node-scheduler.include-coordinator=true
> http-server.http.enabled=false
> node.internal-address-source=FQDN
> node.internal-address=hostname_presto
> internal-communication.https.required=true
> internal-communication.https.keystore.path=/opt/iss_cert/clientcert.jks
> internal-communication.https.keystore.key=31b17532aeb4fb5ba3af2bae850567
> discovery-server.enabled=true
> discovery.uri=https://hostname_presto:8443
> http-server.authentication.type=PASSWORD,CERTIFICATE
> http-server.https.enabled=true
> http-server.https.port=8443
> http-server.https.keystore.path=/opt/iss_cert/clientcert.jks
> http-server.https.keystore.key=31b17532aeb4fb5ba3af2bae850567
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (RANGER-2744) Add response header in login.jsp page
[ https://issues.apache.org/jira/browse/RANGER-2744?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nitin Galave updated RANGER-2744: - Attachment: (was: 0001-RANGER-2744.patch) > Add response header in login.jsp page > - > > Key: RANGER-2744 > URL: https://issues.apache.org/jira/browse/RANGER-2744 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nitin Galave >Assignee: Nitin Galave >Priority: Major > Attachments: 0001-RANGER-2744.patch > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2744) Add response header in login.jsp page
[ https://issues.apache.org/jira/browse/RANGER-2744?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nitin Galave updated RANGER-2744: - Attachment: 0001-RANGER-2744.patch > Add response header in login.jsp page > - > > Key: RANGER-2744 > URL: https://issues.apache.org/jira/browse/RANGER-2744 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Nitin Galave >Assignee: Nitin Galave >Priority: Major > Attachments: 0001-RANGER-2744.patch > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2752) Upgrade from 0.7.0 to master fails due to schema issue
[
https://issues.apache.org/jira/browse/RANGER-2752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pradeep Agrawal updated RANGER-2752:
Fix Version/s: (was: master)
> Upgrade from 0.7.0 to master fails due to schema issue
> --
>
> Key: RANGER-2752
> URL: https://issues.apache.org/jira/browse/RANGER-2752
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
>Affects Versions: 0.7.0
>Reporter: Andrew Luo
>Priority: Major
> Attachments:
> 0001-RANGER-2752-Add-corresponding-upgrade-patch-for-RANGER-2550.patch,
> ranger_admin_sql_db_patch.log
>
>
> Upgrading from 0.7.0 to the current master fails with the following error:
>
> 2020-03-04 07:38:00,523 [JISQL] /usr/lib/jvm/java-8-openjdk-amd64/bin/java
> -cp
> /opt/mysql-connector-java-5.1.48.jar:/opt/ranger-2.1.0-SNAPSHOT-admin/jisql/lib/*
> org.apache.util.sql.Jisql -driver mysqlconj -cstring
> jdbc:mysql://ranger-mysql/ranger -u 'ranger' -p '' -noheader -trim -c
> \; -query "insert into x_db_version_h (version, inst_at, inst_by,
> updated_at, updated_by,active) values ('J10015', current_timestamp, 'Ranger
> 2.1.0-SNAPSHOT', current_timestamp, '306a9688fa98','N') ;"
> Wed Mar 04 07:38:01 UTC 2020 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> 2020-03-04 07:38:01,164 [I] java patch PatchForKafkaServiceDefUpdate_J10015
> is being applied..
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> Wed Mar 04 07:38:11 UTC 2020 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate verification.
> [EL Warning]: 2020-03-04 07:38:19.282--ClientSession(841450293)--Exception
> [EclipseLink-4002] (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
> org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out
>
