[
https://issues.apache.org/jira/browse/SENTRY-2300?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16634627#comment-16634627
]
Hadoop QA commented on SENTRY-2300:
-----------------------------------
Here are the results of testing the latest attachment
https://issues.apache.org/jira/secure/attachment/12942029/SENTRY-2300.001.patch
against master.
{color:red}Overall:{color} -1 due to 11 errors
{color:red}ERROR:{color} mvn test exited 1
{color:red}ERROR:{color} Failed:
org.apache.sentry.binding.metastore.TestSentrySyncHMSNotificationsPostEventListener
{color:red}ERROR:{color} Failed:
org.apache.sentry.binding.metastore.TestSentrySyncHMSNotificationsPostEventListener
{color:red}ERROR:{color} Failed:
org.apache.sentry.binding.metastore.TestSentrySyncHMSNotificationsPostEventListener
{color:red}ERROR:{color} Failed:
org.apache.sentry.binding.metastore.TestSentrySyncHMSNotificationsPostEventListener
{color:red}ERROR:{color} Failed:
org.apache.sentry.binding.metastore.TestSentrySyncHMSNotificationsPostEventListener
{color:red}ERROR:{color} Failed:
org.apache.sentry.binding.metastore.TestSentrySyncHMSNotificationsPostEventListener
{color:red}ERROR:{color} Failed:
org.apache.sentry.binding.metastore.TestSentrySyncHMSNotificationsPostEventListener
{color:red}ERROR:{color} Failed:
org.apache.sentry.binding.metastore.TestSentrySyncHMSNotificationsPostEventListener
{color:red}ERROR:{color} Failed:
org.apache.sentry.provider.db.service.persistent.TestHMSFollowerSentryStoreIntegration
{color:red}ERROR:{color} Failed:
org.apache.sentry.provider.db.service.persistent.TestHMSFollowerSentryStoreIntegration
Console output:
https://builds.apache.org/job/PreCommit-SENTRY-Build/4159/console
This message is automatically generated.
> Move Permission Update due to DDL to HMS Post Event Listener
> ------------------------------------------------------------
>
> Key: SENTRY-2300
> URL: https://issues.apache.org/jira/browse/SENTRY-2300
> Project: Sentry
> Issue Type: Bug
> Components: Sentry
> Affects Versions: 2.1.0, 2.2.0
> Reporter: Na Li
> Assignee: Na Li
> Priority: Major
> Attachments: SENTRY-2300.001.patch
>
>
> There was a code in MetastorePlugin that modified Sentry privileges on table
> Create/Drop and database Create/Drop. As part of Sentry HA work we moved all
> this logic from Sentry plugin to be driven by notifications which required
> the extra synchronization between HMS and Sentry.
> It should be possible to do permission changes in the post event listener
> itself to avoid blocking for Sentry. This requires some experiments though
> because it may cause strange artifacts since at the time these DDL operations
> are done Sentry may not be aware of the current state - for example you may
> try to change permissions of a table that Sentry doesn’t know about, which
> seems to be OK.
> This update will have the following benefits:
> {code}
> * HMS waits on Sentry polling HMS update takes 0.5 to 1 second. This update
> will remove this delay
> * Sentry knows every DDL update, and therefore can update permission
> correctly. In current approach using notification processing, Sentry could
> miss updates if full snapshot is fetched from HMS, and permission is not
> updated correctly. In the case of table rename, when mission DDL update event
> because of full snapshot, sentry will not move the permissions associated
> with old table to the new table. And the authorization on queries on the
> renamed table will fail.
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
