+1
- Verified 2.3.0-rc3 builds successfully
On Mon, Jun 27, 2022 at 12:05 PM Madhan Neethiraj <mad...@apache.org> wrote:
> +1 for Apache Ranger 2.3.0-rc3
>
> - verified signature
> - verified 2.3.0-rc3 builds successfully
> - installed Ranger with Postgres database; verified startup of
> admin/usersync/tagsync services
> - added new users and groups; updated user-group association; verified
> that usersync picked up these users and groups
> - created services, policies, security zones
> - sanity testing of HDFS/Hive/HBase/Kafka/YARN plugins
> - verified tag-based policies and {OWNER} macro in Hive
> - verified audit logs from plugins, audit-filters
>
> Thank you, Ramesh for putting this release together.
>
> Go Rangers!
>
> Madhan
>
>
>
>
> On 6/25/22, 12:00 AM, "Ramesh Mani" <rm...@apache.org> wrote:
>
> Dear Rangers,
>
> Apache Ranger 2.3.0 release candidate #3 is now available for a vote
> within
> the dev community. Links to the release artifacts are given below.
> Please
> review and vote.
>
> The vote will be open for at least 72 hours or until necessary votes
> are
> reached.
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Thanks,
> Ramesh
>
> List of all issues / improvements addressed in this release:
> https://issues.apache.org/jira/issues/?jql=project=RANGER AND
> status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
>
> Git tag for the release:
> https://github.com/apache/ranger/tree/release-2.3.0-rc3
>
> Sources for the release:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc3/apache-ranger-2.3.0.tar.gz
>
> Source release verification:
> PGP Signature:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc3/apache-ranger-2.3.0.tar.gz.asc
> SHA256 Hash:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc3/apache-ranger-2.3.0.tar.gz.sha256
> SHA512 Hash:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc3/apache-ranger-2.3.0.tar.gz.sha512
>
> Keys to verify the signature of the release artifacts are available at:
> https://dist.apache.org/repos/dist/release/ranger/KEYS
>
> New features/enhancements:
>
> RANGER-2846 Add support for resource[volume, bucket, key] look up in
> ozone
> plugin
> RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
> RANGER-3023 Permission tab takes longer time to load with large number
> of
> users and group_users data
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3182 Prestosql is renamed to Trino
> RANGER-3221 Improve logging in Presto plugin
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
> RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
> RANGER-3298 Add coarse URI check for Hive Agent
> RANGER-3389 Swagger UI Support for Ranger REST API
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on guid
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
> to
> knox logout page
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3487 Update underscore js with latest version.
> RANGER-3493 Add unique index on service and resource_signature column
> of
> x_policy table
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3504 Create framework to execute DB patch dependent on Java
> patch.
> RANGER-3510 Ranger upgrade spring framework version to 5.3.12
> RANGER-3511 Create Java patch to update policy resource-signature to
> unique
> value.
> RANGER-3512 Create Java patch to update policy guid to unique value.
> RANGER-3515 Enhance Ranger Java client SSL config to be configured
> using
> serviceType and AppId
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY
> RFC 6797
> RANGER-3526 policy evaluation ordering to use name as secondary
> sorting key
> RANGER-3533 Provide sorting on columns throughout the audits result
> set and
> policy listing page.
> RANGER-3538 Reduce the granularity of locking when building/retrieving
> a
> policy-engine within Ranger admin service
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3545 Remove Logger Checks for Info Enabled
> RANGER-3548 Update performance engine test scripts
> RANGER-3550 support for using user/tag attributes in row-filter
> expressions
> and conditions
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3565 RangerRESTClient to support retry
> RANGER-3567 support for use of user attributes in policy resources
> RANGER-3569 Support Ranger KMS integration with Google cloud HSM
> RANGER-3573 Add vim in docker base image
> RANGER-3577 RANGER : Upgrade POI version to 5.1.0
> RANGER-3578 Simplify code for policy label creation
> RANGER-3580 Support Ranger KMS integration with TencentKMS
> RANGER-3585 Docker setup to run Ranger usersync and tagsync
> RANGER-3586 Script condition expression to support csv of group/tag
> attributes
> RANGER-3595 Tar of KMS contains rubbish files
> RANGER-3597 User role should not be able to modify the Policy
> RANGER-3600 Ranger service tags import request failure
> RANGER-3603 HDFS audit files rollover improvement to trigger rollover
> in
> monitoring thread
> RANGER-3605 Support macros in row-filter/condition expressions
> RANGER-3606 remove unnecessary static members from plugin class loaders
> RANGER-3609 option to add user group enricher automatically based on
> references in policies
> RANGER-3620 Ranger - Upgrade tomcat to 8.5.75
> RANGER-3621 Optimise Tag/Policy iterator
> RANGER-3624 Update Ranger services Password Policy
> RANGER-3628 Support fine grain authorization for different solr objects
> RANGER-3629 RANGER - Handle solr permissions during upgrade
> RANGER-3630 Support wildcards, group short names, and list of memberof
> attribute DNs for computing user search filter
> RANGER-3632 Improve ranger logs, RENAME_ON_ROTATE and others
> RANGER-3634 Remove duplicate entries from usersync distribution file
> RANGER-3646 LOG.debug print content error
> RANGER-3647 Connection to DB fails for MySQL version above 8.0
> RANGER-3649 Represent the Solr admin object types on the Ranger UI
> RANGER-3651 Remove jersey 1.x version dependency for knox plugin
> RANGER-3653 Replace aws java sdk bom dependencies with bundled
> dependencies
> RANGER-3658 Docker: Ranger containers to run as user=ranger
> RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete
> existing group mappings from ranger DB
> RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better
> user
> experience
> RANGER-3662 There should be a pause button for error popup
> RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users
> RANGER-3666 Ranger UI improvement - Add warning popup if auto-complete
> for
> resource lookup is failing in Edit policy page
> RANGER-3667 Improve feedback in policy creation UI when resource does
> not
> exist
> RANGER-3669 Connection to DB fails for MySQL version above 8.0
> RANGER-3672 Show better error messages during failed logins
> RANGER-3673 Need to enable cipher configuration for Usersync
> RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT
> RANGER-3686 Docker setup to run Ranger with MySQL database
> RANGER-3687 Password Policy Best Practices for Strong Security
> RANGER-3689 Ranger : ranger-2.3 Port missing commits.
> RANGER-3693 Ranger - Upgrade tomcat to 8.5.78
> RANGER-3698 Ranger - Upgrade kylin to 3.1.3
> RANGER-3699 Ranger - Upgrade poi to 5.2.1+
> RANGER-3704 remove semicolon from c3P0 preferredTestQuery
> RANGER-3725 Update atlas default audit filter to filter Atlas
> entity-read
> events by Nifi user.
> RANGER-3736 Update RangerChainedPlugin to support masking and
> row-filtering
> RANGER-3738 Restructure ranger Dockerfile to use multi-stage builds
> RANGER-3743 Add isDenyAllElse mapping to addCustomRangerDefaultPolicies
> method
> RANGER-3744 Produces annotation ordering should be consistent: json,
> xml
> RANGER-3764:conditions to support macros IS_IN_GROUP, IS_IN_ROLE,
> HAS_TAG
> RANGER-3768 RangerBasePlugin configuration to optionally disable
> userstore
> refresher
> RANGER-3779:Conditions enhancement to support macros IS_IN_ANY_GROUP,
> IS_IN_ANY_ROLE, HAS_TAGS
>
>
>
