Review Request 73747: ATLAS-4502: Add cassandra and elasticsearch search profile for Atlas
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73747/ --- Review request for atlas, Ashutosh Mestry, Disha Talreja, Radhika Kundam, and Sarath Subramanian. Bugs: ATLAS-4502 https://issues.apache.org/jira/browse/ATLAS-4502 Repository: atlas Description --- ATLAS-4502: Add cassandra and elasticsearch search profile for Atlas Diffs - distro/pom.xml 950a79c85 pom.xml 4c92a09ad webapp/pom.xml 858ab9aaf Diff: https://reviews.apache.org/r/73747/diff/1/ Testing --- Manually tested locally with local Cassandra ans embedded elastic search Thanks, Sidharth Mishra
[jira] [Updated] (ATLAS-4503) Handle cross version messages in Atlas server
[ https://issues.apache.org/jira/browse/ATLAS-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] chaitali borole updated ATLAS-4503: --- Summary: Handle cross version messages in Atlas server (was: SDX Version Compatibility: Handle cross version messages in Atlas server) > Handle cross version messages in Atlas server > - > > Key: ATLAS-4503 > URL: https://issues.apache.org/jira/browse/ATLAS-4503 > Project: Atlas > Issue Type: Improvement > Components: atlas-core >Affects Versions: 2.0.0, 3.0.0 >Reporter: chaitali borole >Assignee: chaitali borole >Priority: Major > Fix For: 2.0.0, 3.0.0 > > > Atlas sever can receive notification messages from atlas hooks running on > different version (than Atlas server version). When messages are not > compatible, error logs should be thrown. > Log Error/Warning in Atlas logs about cross-compat version messages. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (ATLAS-4497) Large number of CVE's (vulnerabilities) when building 2.2.0 and 3.0.0-SNAPSHOT from source
[ https://issues.apache.org/jira/browse/ATLAS-4497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Greg updated ATLAS-4497: Affects Version/s: 3.0.0 > Large number of CVE's (vulnerabilities) when building 2.2.0 and > 3.0.0-SNAPSHOT from source > -- > > Key: ATLAS-4497 > URL: https://issues.apache.org/jira/browse/ATLAS-4497 > Project: Atlas > Issue Type: Bug > Components: atlas-core >Affects Versions: 3.0.0, 2.2.0 > Environment: Redhat UBI (Universal Base Image) 8.5 >Reporter: Greg >Priority: Critical > Labels: security > > Atlas 2.2.0 and 3.0.0-SNAPSHOT when built from source both have a large > number of jar packages that suffer from known exploits / vulnerabilities. > I've performed an Anchore and a Twistlock scan of the compiled Atlas > application from the released 2.2.0 codebase and 3.0.0-SNAPSHOT git master. > Here are the lists of the High and Critical vulnerabilities discovered: > > ATLAS 2.2.0 > [https://repo1.dso.mil/dsop/opensource/apache/atlas/-/jobs/8351429] > ATLAS 3.0.0-SNAPSHOT (git-master 2021.1201) > [https://repo1.dso.mil/dsop/opensource/apache/atlas/-/jobs/8401537] > > This effort was attempting to put together a public docker image of Atlas > compiled from source. The build process source codes is hosted here: > [https://github.com/589290/docker-apache-atlas-ubi8/blob/main/Dockerfile] > > Thoughts: > * an updated pom.xml that has newer (vulnerability free) versions of the > package chain may remediate these findings in a future build -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (ATLAS-4497) Large number of CVE's (vulnerabilities) when building 2.2.0 and 3.0.0-SNAPSHOT from source
[ https://issues.apache.org/jira/browse/ATLAS-4497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Greg updated ATLAS-4497: Description: Atlas 2.2.0 and 3.0.0-SNAPSHOT when built from source both have a large number of jar packages that suffer from known exploits / vulnerabilities. I've performed an Anchore and a Twistlock scan of the compiled Atlas application from the released 2.2.0 codebase and 3.0.0-SNAPSHOT git master. Here are the lists of the High and Critical vulnerabilities discovered: ATLAS 2.2.0 [https://repo1.dso.mil/dsop/opensource/apache/atlas/-/jobs/8351429] ATLAS 3.0.0-SNAPSHOT (git-master 2021.1201) [https://repo1.dso.mil/dsop/opensource/apache/atlas/-/jobs/8401537] This effort was attempting to put together a public docker image of Atlas compiled from source. The build process source codes is hosted here: [https://github.com/589290/docker-apache-atlas-ubi8/blob/main/Dockerfile] Thoughts: * an updated pom.xml that has newer (vulnerability free) versions of the package chain may remediate these findings in a future build was: Atlas 2.2.0 and 3.0.0-SNAPSHOT when built from source both have a large number of jar packages that suffer from known exploits / vulnerabilities. I've performed an Anchore and a Twistlock scan of the compiled applications. Here are the lists of the High and Critical vulnerabilities found: ATLAS 2.2.0 [https://repo1.dso.mil/dsop/opensource/apache/atlas/-/jobs/8351429] ATLAS 3.0.0-SNAPSHOT (git-master 2021.1201) [https://repo1.dso.mil/dsop/opensource/apache/atlas/-/jobs/8401537] I am attempting to put together a public docker image of Atlas compiled from source. You can see my build process here to see how I arrived at the compiled build that I performed the scans on: [https://github.com/589290/docker-apache-atlas-ubi8/blob/main/Dockerfile] I'm not a Java developer, but I would think that an updated pom.xml that has newer / more current (vulnerability free) versions of these packages may remediate these findings. > Large number of CVE's (vulnerabilities) when building 2.2.0 and > 3.0.0-SNAPSHOT from source > -- > > Key: ATLAS-4497 > URL: https://issues.apache.org/jira/browse/ATLAS-4497 > Project: Atlas > Issue Type: Bug > Components: atlas-core >Affects Versions: 2.2.0 > Environment: Redhat UBI (Universal Base Image) 8.5 >Reporter: Greg >Priority: Critical > Labels: security > > Atlas 2.2.0 and 3.0.0-SNAPSHOT when built from source both have a large > number of jar packages that suffer from known exploits / vulnerabilities. > I've performed an Anchore and a Twistlock scan of the compiled Atlas > application from the released 2.2.0 codebase and 3.0.0-SNAPSHOT git master. > Here are the lists of the High and Critical vulnerabilities discovered: > > ATLAS 2.2.0 > [https://repo1.dso.mil/dsop/opensource/apache/atlas/-/jobs/8351429] > ATLAS 3.0.0-SNAPSHOT (git-master 2021.1201) > [https://repo1.dso.mil/dsop/opensource/apache/atlas/-/jobs/8401537] > > This effort was attempting to put together a public docker image of Atlas > compiled from source. The build process source codes is hosted here: > [https://github.com/589290/docker-apache-atlas-ubi8/blob/main/Dockerfile] > > Thoughts: > * an updated pom.xml that has newer (vulnerability free) versions of the > package chain may remediate these findings in a future build -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Created] (ATLAS-4503) SDX Version Compatibility: Handle cross version messages in Atlas server
chaitali borole created ATLAS-4503: -- Summary: SDX Version Compatibility: Handle cross version messages in Atlas server Key: ATLAS-4503 URL: https://issues.apache.org/jira/browse/ATLAS-4503 Project: Atlas Issue Type: Improvement Components: atlas-core Affects Versions: 2.0.0, 3.0.0 Reporter: chaitali borole Assignee: chaitali borole Fix For: 3.0.0, 2.0.0 Atlas sever can receive notification messages from atlas hooks running on different version (than Atlas server version). When messages are not compatible, error logs should be thrown. Log Error/Warning in Atlas logs about cross-compat version messages. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (ATLAS-4491) Atlas - Upgrade Spring framework to 5.3.13
[ https://issues.apache.org/jira/browse/ATLAS-4491?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] VINAYAK MARRAIYA updated ATLAS-4491: Attachment: (was: Atlas-Upgrade-Spring-framework-to-5.3.10-5.2.17.patch) > Atlas - Upgrade Spring framework to 5.3.13 > -- > > Key: ATLAS-4491 > URL: https://issues.apache.org/jira/browse/ATLAS-4491 > Project: Atlas > Issue Type: Improvement > Components: atlas-core >Affects Versions: 2.0.0 >Reporter: VINAYAK MARRAIYA >Priority: Major > Fix For: 3.0.0, 2.3.0 > > > Currently Atlas is using Spring framework version 5.3.8 upgrading it to 5.3.13 -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (ATLAS-4491) Atlas - Upgrade Spring framework to 5.3.13
[ https://issues.apache.org/jira/browse/ATLAS-4491?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] VINAYAK MARRAIYA updated ATLAS-4491: Fix Version/s: 3.0.0 2.3.0 Description: Currently Atlas is using Spring framework version 5.3.8 upgrading it to 5.3.13 (was: Atlas is currently pulling in 5.3.8. This needs to be upgraded to 5.3.11 or higher) Summary: Atlas - Upgrade Spring framework to 5.3.13 (was: Atlas - Upgrade Spring framework to 5.3.10+/5.2.17+) > Atlas - Upgrade Spring framework to 5.3.13 > -- > > Key: ATLAS-4491 > URL: https://issues.apache.org/jira/browse/ATLAS-4491 > Project: Atlas > Issue Type: Improvement > Components: atlas-core >Affects Versions: 2.0.0 >Reporter: VINAYAK MARRAIYA >Priority: Major > Fix For: 3.0.0, 2.3.0 > > > Currently Atlas is using Spring framework version 5.3.8 upgrading it to 5.3.13 -- This message was sent by Atlassian Jira (v8.20.1#820001)
Re: Review Request 73740: ATLAS-4491 :- Atlas - Upgrade Spring framework to 5.3.10+/5.2.17+
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73740/ --- (Updated Dec. 7, 2021, 9:47 a.m.) Review request for atlas, Ashutosh Mestry, chaitali, Jayendra Parab, Mandar Ambawane, Pinal Shah, and Sarath Subramanian. Bugs: ATLAS-4491 https://issues.apache.org/jira/browse/ATLAS-4491 Repository: atlas Description (updated) --- Currently Atlas is using Spring framework version 5.3.8 upgrading it to 5.3.13 Diffs - pom.xml 4b3408acc Diff: https://reviews.apache.org/r/73740/diff/2/ Testing --- 1)mvn clean package -Pdist,embedded-hbase-solr -DskipTests -Drat.skip Atlas server runnning 2)Quick started was passed successfully Precommit - https://ci-builds.apache.org/job/Atlas/job/PreCommit-ATLAS-Build-Test/1000/console Thanks, Vinayak Marraiya
[jira] [Commented] (ATLAS-4491) Atlas - Upgrade Spring framework to 5.3.10+/5.2.17+
[ https://issues.apache.org/jira/browse/ATLAS-4491?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17454499#comment-17454499 ] ASF subversion and git services commented on ATLAS-4491: Commit 3ed06552553dc1551167bff3b1a1d109a0316e19 in atlas's branch refs/heads/branch-2.0 from vinayak.marraiya [ https://gitbox.apache.org/repos/asf?p=atlas.git;h=3ed0655 ] ATLAS-4491: Upgrade Spring framework to 5.3.13 Signed-off-by: Pinal Shah (cherry picked from commit c53c1095c5895e086a9f0366225932b825ef37b9) > Atlas - Upgrade Spring framework to 5.3.10+/5.2.17+ > --- > > Key: ATLAS-4491 > URL: https://issues.apache.org/jira/browse/ATLAS-4491 > Project: Atlas > Issue Type: Improvement > Components: atlas-core >Affects Versions: 2.0.0 >Reporter: VINAYAK MARRAIYA >Priority: Major > Attachments: Atlas-Upgrade-Spring-framework-to-5.3.10-5.2.17.patch > > > Atlas is currently pulling in 5.3.8. This needs to be upgraded to 5.3.11 or > higher -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (ATLAS-4491) Atlas - Upgrade Spring framework to 5.3.10+/5.2.17+
[ https://issues.apache.org/jira/browse/ATLAS-4491?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17454498#comment-17454498 ] ASF subversion and git services commented on ATLAS-4491: Commit c53c1095c5895e086a9f0366225932b825ef37b9 in atlas's branch refs/heads/master from vinayak.marraiya [ https://gitbox.apache.org/repos/asf?p=atlas.git;h=c53c109 ] ATLAS-4491: Upgrade Spring framework to 5.3.13 Signed-off-by: Pinal Shah > Atlas - Upgrade Spring framework to 5.3.10+/5.2.17+ > --- > > Key: ATLAS-4491 > URL: https://issues.apache.org/jira/browse/ATLAS-4491 > Project: Atlas > Issue Type: Improvement > Components: atlas-core >Affects Versions: 2.0.0 >Reporter: VINAYAK MARRAIYA >Priority: Major > Attachments: Atlas-Upgrade-Spring-framework-to-5.3.10-5.2.17.patch > > > Atlas is currently pulling in 5.3.8. This needs to be upgraded to 5.3.11 or > higher -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (ATLAS-4367) UI: Spelling mistake in error message that comes when attempting to delete assigned term
[ https://issues.apache.org/jira/browse/ATLAS-4367?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17454494#comment-17454494 ] ASF subversion and git services commented on ATLAS-4367: Commit d1974fb859516a23cb76f3f80838b394bae0ed06 in atlas's branch refs/heads/branch-2.0 from Umesh Padashetty [ https://gitbox.apache.org/repos/asf?p=atlas.git;h=d1974fb ] ATLAS-4367: UI: Single quote in can't is being removed. Hence renaming the message to cannot Signed-off-by: Pinal Shah (cherry picked from commit 2df43c237c5a6f95b3cbe5004088bf41d6d49ff3) > UI: Spelling mistake in error message that comes when attempting to delete > assigned term > > > Key: ATLAS-4367 > URL: https://issues.apache.org/jira/browse/ATLAS-4367 > Project: Atlas > Issue Type: Bug >Reporter: Rahul Kurup >Assignee: Umesh Padashetty >Priority: Minor > Attachments: ATLAS-4367.patch, image-2021-07-22-17-57-55-410.png > > > !image-2021-07-22-17-57-55-410.png|width=450,height=250! > > As you can see in the above screenshot, 'can't' is misspelled as 'cant'. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (ATLAS-4367) UI: Spelling mistake in error message that comes when attempting to delete assigned term
[ https://issues.apache.org/jira/browse/ATLAS-4367?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17454493#comment-17454493 ] ASF subversion and git services commented on ATLAS-4367: Commit 2df43c237c5a6f95b3cbe5004088bf41d6d49ff3 in atlas's branch refs/heads/master from Umesh Padashetty [ https://gitbox.apache.org/repos/asf?p=atlas.git;h=2df43c2 ] ATLAS-4367: UI: Single quote in can't is being removed. Hence renaming the message to cannot Signed-off-by: Pinal Shah > UI: Spelling mistake in error message that comes when attempting to delete > assigned term > > > Key: ATLAS-4367 > URL: https://issues.apache.org/jira/browse/ATLAS-4367 > Project: Atlas > Issue Type: Bug >Reporter: Rahul Kurup >Assignee: Umesh Padashetty >Priority: Minor > Attachments: ATLAS-4367.patch, image-2021-07-22-17-57-55-410.png > > > !image-2021-07-22-17-57-55-410.png|width=450,height=250! > > As you can see in the above screenshot, 'can't' is misspelled as 'cant'. -- This message was sent by Atlassian Jira (v8.20.1#820001)