[jira] [Commented] (RANGER-3245) Use OpenJDK in TravisCI config instead of OracleJDK
[ https://issues.apache.org/jira/browse/RANGER-3245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17323793#comment-17323793 ] Martin Tzvetanov Grigorov commented on RANGER-3245: --- I even tried with JDK 16 but there are tests failures: {code:java} [INFO] Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.007 s - in org.apache.ranger.plugin.policyengine.TestRangerAuthContext [INFO] [INFO] Results: [INFO] [ERROR] Failures: [ERROR] TestPolicyEngine.testPolicyEngine_geo:318->runTestsFromResourceFiles:457->runTests:574->runTestCaseTests:668 isAllowed mismatched! - DENY 'read /finance/restricted/sales.db' for g=finance; invalid clientIPAddress expected: but was: [ERROR] TestPolicyEngine.testPolicyEngine_hdfs:193->runTestsFromResourceFiles:457->runTests:574->runTestCaseTests:668 isAllowed mismatched! - DENY 'read /finance/restricted/sales.db' for g=finance; invalid clientIPAddress expected: but was: [ERROR] TestPolicyEngine.testPolicyEngine_hdfs_allaudit:200->runTestsFromResourceFiles:457->runTests:574->runTestCaseTests:668 isAllowed mismatched! - DENY 'read /finance/restricted/sales.db' for g=finance; invalid clientIPAddress expected: but was: [ERROR] TestPolicyEngine.testPolicyEngine_hdfs_noaudit:207->runTestsFromResourceFiles:457->runTests:574->runTestCaseTests:668 isAllowed mismatched! - DENY 'read /finance/restricted/sales.db' for g=finance; invalid clientIPAddress expected: but was: [ERROR] TestPolicyEngine.testPolicyEngine_hiveForTag:269->runTestsFromResourceFiles:457->runTests:574->runTestCaseTests:668 isAllowed mismatched! - ALLOW 'select ssn from employee.personal;' for user1 using EXPIRES_ON tag expected: but was: [ERROR] TestPolicyEngine.testPolicyEngine_hiveForTag_filebased:325->runTestsFromResourceFiles:457->runTests:574->runTestCaseTests:668 isAllowed mismatched! - ALLOW 'select ssn from employee.personal;' for user1 using EXPIRES_ON tag expected: but was: [INFO] [ERROR] Tests run: 207, Failures: 6, Errors: 0, Skipped: 0 {code} Please let me know if you want me to add JDK16 to the matrix! This way these test failures will be addressed sooner! > Use OpenJDK in TravisCI config instead of OracleJDK > --- > > Key: RANGER-3245 > URL: https://issues.apache.org/jira/browse/RANGER-3245 > Project: Ranger > Issue Type: Task > Components: build-infra >Reporter: Martin Tzvetanov Grigorov >Priority: Minor > > OpenJDK is recommended at TravisCI these days. > OracleJDK 8 is no more available for any version of Ubuntu there -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-3245) Use OpenJDK in TravisCI config instead of OracleJDK
[ https://issues.apache.org/jira/browse/RANGER-3245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17323786#comment-17323786 ] Martin Tzvetanov Grigorov commented on RANGER-3245: --- https://reviews.apache.org/r/73283/ > Use OpenJDK in TravisCI config instead of OracleJDK > --- > > Key: RANGER-3245 > URL: https://issues.apache.org/jira/browse/RANGER-3245 > Project: Ranger > Issue Type: Task > Components: build-infra >Reporter: Martin Tzvetanov Grigorov >Priority: Minor > > OpenJDK is recommended at TravisCI these days. > OracleJDK 8 is no more available for any version of Ubuntu there -- This message was sent by Atlassian Jira (v8.3.4#803005)
Review Request 73283: Use OpenJDK instead of OracleJDK at TravisCI
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73283/ --- Review request for ranger. Repository: ranger Description --- Test JDK 8 & 11 because they are Long Term supported Diffs - .travis.yml deac95161 Diff: https://reviews.apache.org/r/73283/diff/1/ Testing --- Thanks, Martin Grigorov
[jira] [Created] (RANGER-3245) Use OpenJDK in TravisCI config instead of OracleJDK
Martin Tzvetanov Grigorov created RANGER-3245: - Summary: Use OpenJDK in TravisCI config instead of OracleJDK Key: RANGER-3245 URL: https://issues.apache.org/jira/browse/RANGER-3245 Project: Ranger Issue Type: Task Components: build-infra Reporter: Martin Tzvetanov Grigorov OpenJDK is recommended at TravisCI these days. OracleJDK 8 is no more available for any version of Ubuntu there -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ranger] martin-g opened a new pull request #98: Use OpenJDK 8 (LTS), 11 (LTS) and 16 (latest) on Ubuntu 18.04
martin-g opened a new pull request #98: URL: https://github.com/apache/ranger/pull/98 Oracle 8 is not available at TravisCI anymore. Run `mvn verify` instead of `mvn package` to execute any integration tests if there are such. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: Review Request 73212: RANGER-3195 - Atlas Ranger Authorizer changes to add/update/remove classification on entities.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73212/ --- (Updated April 16, 2021, 10:24 a.m.) Review request for ranger, Jayendra Parab, Madhan Neethiraj, Ramesh Mani, Sarath Subramanian, and Velmurugan Periasamy. Changes --- Rebased patch, resolved merged conflicts. Bugs: RANGER-3195 https://issues.apache.org/jira/browse/RANGER-3195 Repository: ranger Description --- Requirement :- The new requirement is to provide a way to authorize who can Add/Remove/Update Classification for an entity even if the entities on which classification have to be applied do not have classifications already tagged to it. Solution:- This will require changes on Ranger Atlas service defination to introduce a new resource "*classifications*" in entity authz model called classifications at level 40 [4th level], with the new classifications resource ranger authorizer will check the classification exist in policy for that add/update/remove classification request to authorize. Diffs (updated) - agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json d8331dbb4 plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java 79ef60465 plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java c13633ad2 security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 9d0cd9db2 security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql 1904c6847 security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 51ef67b8f security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 97ddb5df3 security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql d15015009 security-admin/src/main/java/org/apache/ranger/patch/PatchAtlasForClassificationResource_J10047.java PRE-CREATION Diff: https://reviews.apache.org/r/73212/diff/8/ Changes: https://reviews.apache.org/r/73212/diff/7-8/ Testing --- Tested Atlas with Ranger authorization with entities for add, update , add-classification, remove-classification, update-classification events. Thanks, Nixon Rodrigues
[GitHub] [ranger] martin-g commented on pull request #97: Update test related dependencies and Maven plugins
martin-g commented on pull request #97: URL: https://github.com/apache/ranger/pull/97#issuecomment-821021656 https://reviews.apache.org/r/73282/ https://issues.apache.org/jira/browse/RANGER-3244 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ranger] martin-g edited a comment on pull request #96: Fix build due to hive exec and JDK 8 specific class
martin-g edited a comment on pull request #96: URL: https://github.com/apache/ranger/pull/96#issuecomment-820990574 There are few more things I want to improve with this PR. Please give me some more time here! Update: Done! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (RANGER-3244) Update the versions of test related dependencies and Maven plugins
[ https://issues.apache.org/jira/browse/RANGER-3244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17322724#comment-17322724 ] Martin Tzvetanov Grigorov commented on RANGER-3244: --- https://reviews.apache.org/r/73282/ > Update the versions of test related dependencies and Maven plugins > -- > > Key: RANGER-3244 > URL: https://issues.apache.org/jira/browse/RANGER-3244 > Project: Ranger > Issue Type: Task > Components: build-infra >Reporter: Martin Tzvetanov Grigorov >Priority: Major > > Several test dependencies and Maven plugins could be updated without > affecting the build and the core functionality. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Review Request 73282: Update test dependencies and Maven plugins
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73282/ --- Review request for ranger. Repository: ranger Description --- Several test related dependencies and Maven plugins could be easily updated. Diffs - pom.xml fe7812bd7 security-admin/pom.xml 02edf9143 ugsync/pom.xml 07e0c5872 Diff: https://reviews.apache.org/r/73282/diff/1/ Testing --- Thanks, Martin Grigorov
[jira] [Created] (RANGER-3244) Update the versions of test related dependencies and Maven plugins
Martin Tzvetanov Grigorov created RANGER-3244: - Summary: Update the versions of test related dependencies and Maven plugins Key: RANGER-3244 URL: https://issues.apache.org/jira/browse/RANGER-3244 Project: Ranger Issue Type: Task Components: build-infra Reporter: Martin Tzvetanov Grigorov Several test dependencies and Maven plugins could be updated without affecting the build and the core functionality. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-3243) Build fails on JDK 8 and 11
[ https://issues.apache.org/jira/browse/RANGER-3243?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17322721#comment-17322721 ] Martin Tzvetanov Grigorov commented on RANGER-3243: --- https://reviews.apache.org/r/73281/ > Build fails on JDK 8 and 11 > --- > > Key: RANGER-3243 > URL: https://issues.apache.org/jira/browse/RANGER-3243 > Project: Ranger > Issue Type: Task > Components: build-infra >Reporter: Martin Tzvetanov Grigorov >Priority: Major > > The build of current master branch fails - > [https://travis-ci.com/github/apache/ranger/builds/223139469] > There are several issues: > [Issue 1|https://reviews.apache.org/r/73281/bugs/1/]) > org.apache.ranger.authorization.presto.authorizer.RangerSystemAccessControlFactory > was not able to import com.google.common.base.Throwables.throwIfUnchecked > because it was coming from an old copy of Guava's Throwables shaded in > hive-exec. > By replacing hive-exec with orc-core in agents-audit module all depending > modules use their preferred version of Guava (26.0-jre) > [Issue 2|https://reviews.apache.org/r/73281/bugs/2/]) > RangerSafenetKeySecure.java uses directly sun.security.pkcs11.SunPKCS11 - a > class that is not available in Java 9+ and this breaks the compilation. > This should use reflection to load SunPKCS11 class dynamically. > [Issue 3|https://reviews.apache.org/r/73281/bugs/3/]) JAXB is no more part of > JDK 11+ > [Issue 4|https://reviews.apache.org/r/73281/bugs/4/]) JUnit 4 > Assert.assertThat() is deprecated in favour of Hamcrest's > MatcherAssert.assertThat(). This fixes a compilation issue with JDK11. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-3243) Build fails on JDK 8 and 11
Martin Tzvetanov Grigorov created RANGER-3243: - Summary: Build fails on JDK 8 and 11 Key: RANGER-3243 URL: https://issues.apache.org/jira/browse/RANGER-3243 Project: Ranger Issue Type: Task Components: build-infra Reporter: Martin Tzvetanov Grigorov The build of current master branch fails - [https://travis-ci.com/github/apache/ranger/builds/223139469] There are several issues: [Issue 1|https://reviews.apache.org/r/73281/bugs/1/]) org.apache.ranger.authorization.presto.authorizer.RangerSystemAccessControlFactory was not able to import com.google.common.base.Throwables.throwIfUnchecked because it was coming from an old copy of Guava's Throwables shaded in hive-exec. By replacing hive-exec with orc-core in agents-audit module all depending modules use their preferred version of Guava (26.0-jre) [Issue 2|https://reviews.apache.org/r/73281/bugs/2/]) RangerSafenetKeySecure.java uses directly sun.security.pkcs11.SunPKCS11 - a class that is not available in Java 9+ and this breaks the compilation. This should use reflection to load SunPKCS11 class dynamically. [Issue 3|https://reviews.apache.org/r/73281/bugs/3/]) JAXB is no more part of JDK 11+ [Issue 4|https://reviews.apache.org/r/73281/bugs/4/]) JUnit 4 Assert.assertThat() is deprecated in favour of Hamcrest's MatcherAssert.assertThat(). This fixes a compilation issue with JDK11. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Review Request 73281: Fix compilation problems for Java 8 and Java 11.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73281/ --- (Updated April 16, 2021, 8:08 a.m.) Review request for ranger. Repository: ranger Description --- Fix build due to hive exec and JDK 8 specific class Diffs (updated) - agents-audit/pom.xml 06ed81f55 kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 371e367c1 pom.xml fe7812bd7 ugsync-util/pom.xml aa992cabf ugsync/pom.xml 07e0c5872 ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java 30820ce33 Diff: https://reviews.apache.org/r/73281/diff/2/ Changes: https://reviews.apache.org/r/73281/diff/1-2/ Testing (updated) --- Issue 1) org.apache.ranger.authorization.presto.authorizer.RangerSystemAccessControlFactory was not able to import com.google.common.base.Throwables.throwIfUnchecked because it was coming from an old copy of Guava's Throwables shaded in hive-exec. By replacing hive-exec with orc-core in agents-audit module all depending modules use their preferred version of Guava (26.0-jre) Issue 2) RangerSafenetKeySecure.java uses directly sun.security.pkcs11.SunPKCS11 - a class that is not available in Java 9+ and this breaks the compilation. This should use reflection to load SunPKCS11 class dynamically. Issue 3) JAXB is no more part of JDK 11+ Issue 4) JUnit 4 Assert.assertThat() is deprecated in favour of Hamcrest's MatcherAssert.assertThat(). This fixes a compilation issue with JDK11. Thanks, Martin Grigorov
[GitHub] [ranger] martin-g commented on pull request #96: Fix build due to hive exec and JDK 8 specific class
martin-g commented on pull request #96: URL: https://github.com/apache/ranger/pull/96#issuecomment-820990574 There are few more things I want to improve with this PR. Please give me some more time here! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ranger] martin-g commented on pull request #96: Fix build due to hive exec and JDK 8 specific class
martin-g commented on pull request #96: URL: https://github.com/apache/ranger/pull/96#issuecomment-820939084 https://reviews.apache.org/r/73281/ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Review Request 73281: Fix compilation problems for Java 8 and Java 11.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73281/ --- Review request for ranger. Repository: ranger Description --- Fix build due to hive exec and JDK 8 specific class Diffs - agents-audit/pom.xml 06ed81f55c kms/src/main/java/org/apache/hadoop/crypto/key/RangerSafenetKeySecure.java 371e367c18 pom.xml fe7812bd72 Diff: https://reviews.apache.org/r/73281/diff/1/ Testing --- Issue 1) org.apache.ranger.authorization.presto.authorizer.RangerSystemAccessControlFactory was not able to import com.google.common.base.Throwables.throwIfUnchecked because it was coming from an old copy of Guava's Throwables shaded in hive-exec. By replacing hive-exec with orc-core in agents-audit module all depending modules use their preferred version of Guava (26.0-jre) Issue 2) RangerSafenetKeySecure.java uses directly sun.security.pkcs11.SunPKCS11 - a class that is not available in Java 9+ and this breaks the compilation. This should use reflection to load SunPKCS11 class dynamically. Thanks, Martin Grigorov