How long until 2.3.0 release? Sounds like it's just pushing the button for the build.
On Mon, May 9, 2022 at 1:33 AM Ramesh Mani <rm...@apache.org> wrote: > Dear Ranger Community members, > > Thanks for all the +1s for Apache Release 2.3 release work. Here is the > revised list of JIRAs that are to be in Apache Release 2.3. > > Apache Ranger 2.3 branch is now closed for further commits to start the > artifacts build. Thank you all for the support. > > Regards, > Ramesh > > Apache Release 2.3 JIRAs. > > Improvements: > > RANGER-2846 Add support for resource[volume, bucket, key] look up in ozone > plugin > RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store > RANGER-3023 Permission tab takes longer time to load with large number of > users and group_users data > RANGER-3030 Replace Findbugs with Spotbugs maven plugin > RANGER-3182 Prestosql is renamed to Trino > RANGER-3221 Improve logging in Presto plugin > RANGER-3276 Remove duplicate code from buildks.java > RANGER-3290 ArrayIndexOutOfBoundsException if solr is down > RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on > RANGER-3298 Add coarse URI check for Hive Agent > RANGER-3389 Swagger UI Support for Ranger REST API > RANGER-3435 Add unique index on guid, service and zone_id column of > x_policy table > RANGER-3439 Add rest api to get or delete ranger policy based on guid > RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect to > knox logout page > RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8 > RANGER-3475 Promote TagRest endpoints to /public/v2 > RANGER-3487 Update underscore js with latest version. > RANGER-3493 Add unique index on service and resource_signature column of > x_policy table > RANGER-3498 RANGER : Remove log4j1 dependencies. > RANGER-3504 Create framework to execute DB patch dependent on Java patch. > RANGER-3510 Ranger upgrade spring framework version to 5.3.12 > RANGER-3511 Create Java patch to update policy resource-signature to unique > value. > RANGER-3512 Create Java patch to update policy guid to unique value. > RANGER-3515 Enhance Ranger Java client SSL config to be configured using > serviceType and AppId > RANGER-3518 Limit the query size stored in Audit logs > RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC > 6797 > RANGER-3526 policy evaluation ordering to use name as secondary sorting key > RANGER-3533 Provide sorting on columns throughout the audits result set and > policy listing page. > RANGER-3538 Reduce the granularity of locking when building/retrieving a > policy-engine within Ranger admin service > RANGER-3539 Add jacoco-maven-plugin for code coverage > RANGER-3540 Add support to read audit logs from Amazon CloudWatch > RANGER-3545 Remove Logger Checks for Info Enabled > RANGER-3548 Update performance engine test scripts > RANGER-3550 support for using user/tag attributes in row-filter expressions > and conditions > RANGER-3551 Analyze & optimize module permissions related API > RANGER-3553 Unit test coverage for XUserMgr and UserMgr class > RANGER-3556 Ranger tagsync logs unnecessary messages > RANGER-3561 Upgrade Storm version to 1.2.4 > RANGER-3562 Redesign post commit tasks for updating ref-tables when > policy/role is updated > RANGER-3565 RangerRESTClient to support retry > RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT > RANGER-3567 support for use of user attributes in policy resources > RANGER-3569 Support Ranger KMS integration with Google cloud HSM > RANGER-3573 Add vim in docker base image > RANGER-3577 RANGER : Upgrade POI version to 5.1.0 > RANGER-3578 Simplify code for policy label creation > RANGER-3580 Support Ranger KMS integration with TencentKMS > RANGER-3585 Docker setup to run Ranger usersync and tagsync > RANGER-3586 Script condition expression to support csv of group/tag > attributes > RANGER-3595 Tar of KMS contains rubbish files > RANGER-3597 User role should not be able to modify the Policy > RANGER-3600 Ranger service tags import request failure > RANGER-3603 HDFS audit files rollover improvement to trigger rollover in > monitoring thread > RANGER-3605 Support macros in row-filter/condition expressions > RANGER-3606 remove unnecessary static members from plugin class loaders > RANGER-3609 option to add user group enricher automatically based on > references in policies > RANGER-3620 Ranger - Upgrade tomcat to 8.5.75 > RANGER-3621 Optimise Tag/Policy iterator > RANGER-3624 Update Ranger services Password Policy > RANGER-3628 Support fine grain authorization for different solr objects > RANGER-3629 RANGER - Handle solr permissions during upgrade > RANGER-3630 Support wildcards, group short names, and list of memberof > attribute DNs for computing user search filter > RANGER-3632 Improve ranger logs, RENAME_ON_ROTATE and others > RANGER-3634 Remove duplicate entries from usersync distribution file > RANGER-3646 LOG.debug print content error > RANGER-3647 Connection to DB fails for MySQL version above 8.0 > RANGER-3649 Represent the Solr admin object types on the Ranger UI > RANGER-3651 Remove jersey 1.x version dependency for knox plugin > RANGER-3653 Replace aws java sdk bom dependencies with bundled dependencies > RANGER-3658 Docker: Ranger containers to run as user=ranger > RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete > existing group mappings from ranger DB > RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better user > experience > RANGER-3662 There should be a pause button for error popup > RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users > RANGER-3666 Ranger UI improvement - Add warning popup if auto-complete for > resource lookup is failing in Edit policy page > RANGER-3667 Improve feedback in policy creation UI when resource does not > exist > RANGER-3669 Connection to DB fails for MySQL version above 8.0 > RANGER-3672 Show better error messages during failed logins > RANGER-3673 Need to enable cipher configuration for Usersync > RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT > RANGER-3686 Docker setup to run Ranger with MySQL database > RANGER-3687 Password Policy Best Practices for Strong Security > RANGER-3689 Ranger : ranger-2.3 Port missing commits. > RANGER-3693 Ranger - Upgrade tomcat to 8.5.78 > RANGER-3698 Ranger - Upgrade kylin to 3.1.3 > RANGER-3699 Ranger - Upgrade poi to 5.2.1+ > RANGER-3704 remove semicolon from c3P0 preferredTestQuery > RANGER-3725 Update atlas default audit filter to filter Atlas entity-read > events by Nifi user. > RANGER-3736 Update RangerChainedPlugin to support masking and row-filtering > RANGER-3738 Restructure ranger Dockerfile to use multi-stage builds > RANGER-3743 Add isDenyAllElse mapping to addCustomRangerDefaultPolicies > method > RANGER-3744 Produces annotation ordering should be consistent: json, xml > > Bug Fixes: > > RANGER-2362 [security] Admin webui - Lack of account lockout > RANGER-2426 ranger-plugins-audits should depend on kafka-clients not kafka > server > RANGER-2704 Support browser login using kerberized authentication > RANGER-2847 Add support/Fix Test connection with Ozone service > RANGER-3285 expose user source details in ranger UI > RANGER-3403 Ranger usersync role based rules not working as expected > RANGER-3427 Null Dereference in PublicApis.java > RANGER-3433 Null Dereference in ServiceREST getPolicyByName method > RANGER-3442 Ranger KMS DAO memory issues when many new keys are created > RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not > redirecting to Knox Logout page > RANGER-3484 Ranger usersync directory is being created as root owner > RANGER-3490 Make policy resource signature is unique in a service > RANGER-3502 Make GET zone APIs accessible to authorized users only > RANGER-3505 Ranger usersync fails to sync users when a duplicate user > exists in ranger > RANGER-3507 Handle trailing slash in the ranger Hive URL policy > authorization > RANGER-3509 update role fails for role admins > RANGER-3514 Fix updates to sync source post upgrades > RANGER-3516 Java patch 'J10045' taking more time during upgrade. > RANGER-3519 Provide an option to optimize space needed by Trie objects > RANGER-3522 Improve Tagsync authentication error reporting > RANGER-3527 Create Apache Ranger next maintenance release branch 2.3 > RANGER-3528 Ranger Group creation audit is not shown during service > creation > RANGER-3535 A delegate admin user should be able to add another user with > all or subset of permissions they have > RANGER-3542 Invalid HTTPS Check > RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath > RANGER-3544 Security zones listing will be in alphabetical order. > RANGER-3546 Update Spotbugs plugin Executions cycle > RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we are > using supported version of log4j > RANGER-3554 [Intermittent] API call to fetch the list of policies for a > particular service repo returns a deleted policy in the response > RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we are > using supported version of log4j > RANGER-3559 RANGER KMS - Metric details for kms are not getting collected > RANGER-3563 [Docker] plugin installation fails with error: > XAAUDIT.AMAZON_CLOUDWATCH.ENABLE not defined > RANGER-3564 Installation of Ranger plugin for HDFS fails due to missing > libraries > RANGER-3568 Services of one zone are seen in other zone from UI > RANGER-3571 Typo in GrantRevokeRoleRequest.java > RANGER-3576 service creation is failing intermittently due to DB unique key > constraint violation > RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832 > RANGER-3584 ServiceTags are not computed correctly by applying incremental > changes to existing ServiceTags > RANGER-3589 Ranger java patches failing due to admin privilege checks. > RANGER-3591 Upgrade protobuf-java to 3.19.3 > RANGER-3592 Upgrade Spring framework to 5.3.15 > RANGER-3593 the hive table owner who create the table can not have the > full privilege > RANGER-3594 mysql setup scripts failed with binlog-enabled mysql > RANGER-3610 Docker: Skip service creation for ranger components during > ranger container restart > RANGER-3611 Uncatched NullPointerException when missing lastKnownVersion in > ServiceREST::getServicePoliciesIfUpdated > RANGER-3613 RANGER KMS : Check if master key with the given alias exists or > not if LUNA HSM is enabled. > RANGER-3617 incorrect deny for _any access due to tag policy > RANGER-3619 REST API should return 403 when authenticated client is not > allowed to access API. > RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer > RANGER-3631 logback.xml of rangeradmin leads to log confusion. > RANGER-3638 Solr Ranger document level security breaks solr if collection > is reloaded > RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1 > RANGER-3644 tagsync: FileTagSource to retry if Ranger is not reachable > RANGER-3652 update resource-matcher unit tests to include wildcard=false > RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if > user-session is not available > RANGER-3674 Fix PMD issue > RANGER-3676 tag-based policies don't recognize {OWNER} in users as resource > owners > RANGER-3677 Update Password Policy validation at WEB-UI > RANGER-3678 Update password validation criteria > RANGER-3681 Ranger Database deadlock when createPolicy is running parallel > RANGER-3690 Fix NullPointerException in java patch 054 > RANGER-3691 Upgrade spring to 5.3.18 CVE-2022-22965 > RANGER-3692 Ranger cannot connect to the DB when the DB is outaged for a > long time > RANGER-3702 RANGER - Export policy in excel is failing. > RANGER-3709 Fix NullPointerException in getSecureServicePoliciesIfUpdated > call of ServiceRest > RANGER-3735 RANGER : Behaviour change in external user status. > RANGER-3750 RANGER : PatchForSolrSvcDefAndPoliciesUpdate_J10055 failing > with 'duplicate key value violates unique constraint' > > On Mon, May 2, 2022 at 2:46 PM Velmurugan Periasamy <v...@apache.org> > wrote: > > > > > +1 > > > > Thanks Ramesh. > > > > On Mon, May 2, 2022 at 12:54 PM Nixon Rodrigues <ni...@atlan.com> wrote: > > > >> Thanks Ramesh for volunteering for release. > >> +1 for Ranger 2.3 release. Thanks for the initiative. > >> > >> > >> On Fri, 29 Apr 2022 at 22:25, Sailaja Polavarapu < > >> spolavar...@cloudera.com.invalid> wrote: > >> > >>> Hi Ramesh, > >>> +1 for Ranger 2.3 release. Thanks for the initiative. > >>> - Sailaja > >>> > >>> On Thu, Apr 28, 2022 at 7:21 AM Ramesh Mani <rm...@apache.org> wrote: > >>> > >>> > zhoutianling, > >>> > > >>> > Thanks for the review. These Jiras are part of the Apache Ranger 2.3 > >>> apache > >>> > release, it's not pulled in this published list as this may not have > >>> > correct fixed version maintained or it is part of KMS as a > component. I > >>> > shall add it to the list in the release note. > >>> > > >>> > Thanks, > >>> > Ramesh > >>> > > >>> > On Thu, Apr 28, 2022 at 2:19 AM KirbY ZhoU < > >>> zhoutianl...@sensorsdata.cn> > >>> > wrote: > >>> > > >>> > > Missed some commit > >>> > > For example: > >>> > > > >>> > > RANGER-3299 > >>> > > RANGER-3580 > >>> > > RANGER-3600 > >>> > > RANGER-3619 > >>> > > RANGER-3669 > >>> > > > >>> > > 在 2022/4/27 14:49,“Ramesh Mani”<rm...@apache.org> 写入: > >>> > > > >>> > > Dear Ranger Community members, > >>> > > > >>> > > There are various features and critical bug fixes done in the > >>> Apache > >>> > > Ranger > >>> > > project since the release of Apache Ranger 2.2.0. > >>> > > Around 55 improvements, 45 bug fixes and a total of 527 commits > >>> were > >>> > > made > >>> > > from the last release. > >>> > > Now with that Ranger community is expecting a release to adapt > >>> those > >>> > > changes and hence planning this release. > >>> > > > >>> > > Please review and provide your opinion. > >>> > > > >>> > > Thanks, > >>> > > Ramesh > >>> > > > >>> > > *Improvements:* > >>> > > > >>> > > RANGER-3687 Password Policy Best Practices for Strong > >>> Security > >>> > > RANGER-3667 Improve feedback in policy creation UI when > >>> resource > >>> > > does > >>> > > not exist > >>> > > RANGER-3659 Ranger Admin goes to OOM when usersync is > trying > >>> to > >>> > > delete > >>> > > existing group mappings from ranger DB > >>> > > RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8 > >>> > > RANGER-3551 Analyze & optimize module permissions related > API > >>> > > RANGER-3539 Add jacoco-maven-plugin for code coverage > >>> > > RANGER-3562 Redesign post commit tasks for updating > >>> ref-tables > >>> > when > >>> > > policy/role is updated > >>> > > RANGER-3540 Add support to read audit logs from Amazon > >>> CloudWatch > >>> > > RANGER-3030 Replace Findbugs with Spotbugs maven plugin > >>> > > RANGER-3538 Reduce the granularity of locking when > >>> > > building/retrieving > >>> > > a policy-engine within Ranger admin service > >>> > > RANGER-3518 Limit the query size stored in Audit logs > >>> > > RANGER-3276 Remove duplicate code from buildks.java > >>> > > RANGER-3515 Enhance Ranger Java client SSL config to be > >>> > configured > >>> > > using serviceType and AppId > >>> > > RANGER-3504 Create framework to execute DB patch dependent > on > >>> > Java > >>> > > patch. > >>> > > RANGER-3023 Permission tab takes longer time to load with > >>> large > >>> > > number > >>> > > of users and group_users data > >>> > > RANGER-3487 Update underscore js with latest version. > >>> > > RANGER-3548 Update performance engine test scripts > >>> > > RANGER-3556 Ranger tagsync logs unnecessary messages > >>> > > RANGER-3573 Add vim in docker base image > >>> > > RANGER-3578 Simplify code for policy label creation > >>> > > RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT > >>> > > RANGER-3686 Docker setup to run Ranger with MySQL database > >>> > > RANGER-3628 Support fine grain authorization for different > >>> solr > >>> > > objects > >>> > > RANGER-3629 RANGER - Handle solr permissions during > upgrade > >>> > > RANGER-3665 "No Data Found !!" messages in Ranger admin UI > >>> alarm > >>> > > users > >>> > > RANGER-3662 There should be pause button for error popup > >>> > > RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints > >>> for > >>> > > better > >>> > > user experience > >>> > > RANGER-3649 Represent the Solr admin object types on the > >>> Ranger > >>> > UI > >>> > > RANGER-3658 Docker: Ranger containers to run as user=ranger > >>> > > RANGER-3603 HDFS audit files rollover improvement to > trigger > >>> > > rollover > >>> > > in monitoring thread > >>> > > RANGER-3651 Remove jersey 1.x version dependency for knox > >>> plugin > >>> > > RANGER-3621 Optimise Tag/Policy iterator > >>> > > RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT > >>> DEFINED > >>> > > BY RFC > >>> > > 6797 > >>> > > RANGER-3455 [Logout-Ranger] Should either be disabled/ > should > >>> > > redirect > >>> > > to knox logout page > >>> > > RANGER-3630 Support wildcards, group short names, and list > of > >>> > > memberof > >>> > > attribute DNs for computing user search filter > >>> > > RANGER-3597 User role should not be able to modify the > Policy > >>> > > RANGER-3512 Create Java patch to update policy guid to > unique > >>> > > value. > >>> > > RANGER-3511 Create Java patch to update policy > >>> resource-signature > >>> > > to > >>> > > unique value. > >>> > > RANGER-3493 Add unique index on service and > >>> resource_signature > >>> > > column > >>> > > of x_policy table > >>> > > RANGER-3435 Add unique index on guid, service and zone_id > >>> column > >>> > of > >>> > > x_policy table > >>> > > RANGER-3439 Add rest api to get or delete ranger policy > >>> based on > >>> > > guid > >>> > > RANGER-3498 RANGER : Remove log4j1 dependencies. > >>> > > RANGER-3475 Promote TagRest endpoints to /public/v2 > >>> > > RANGER-3698 Ranger - Upgrade kylin to 3.1.3 > >>> > > RANGER-3699 Ranger - Upgrade poi to 5.2.1+ > >>> > > RANGER-3533 Provide sorting on columns throughout the > audits > >>> > > result set > >>> > > and policy listing page. > >>> > > RANGER-3693 Ranger - Upgrade tomcat to 8.5.78 > >>> > > RANGER-3689 Ranger : ranger-2.3 Port missing commits. > >>> > > RANGER-3620 Ranger - Upgrade tomcat to 8.5.75 > >>> > > RANGER-3577 RANGER : Upgrade POI version to 5.1.0 > >>> > > RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT > >>> > > RANGER-3553 Unit test coverage for XUserMgr and UserMgr > class > >>> > > RANGER-3653 Replace aws java sdk bom dependencies with > >>> bundled > >>> > > dependencies > >>> > > RANGER-3561 Upgrade Storm version to 1.2.4 > >>> > > RANGER-3704 remove semicolon from c3P0 preferredTestQuery > >>> > > > >>> > > *Bug Fixes:* > >>> > > > >>> > > RANGER-3544 Security zones listing will be in alphabetical > >>> order. > >>> > > RANGER-3638 Solr Ranger document level security breaks solr > >>> if > >>> > > collection is reloaded > >>> > > RANGER-3591 Upgrade protobuf-java to 3.19.3 > >>> > > RANGER-3403 Ranger usersync role based rules not working as > >>> > > expected > >>> > > RANGER-3285 expose user source details in ranger UI > >>> > > RANGER-3592 Upgrade Spring framework to 5.3.15 > >>> > > RANGER-3568 Services of one zone are seen in other zone > from > >>> UI > >>> > > RANGER-3589 Ranger java patches failing due to admin > >>> privilege > >>> > > checks. > >>> > > RANGER-3543 Remove spotbugs-annotations-3.1.9 from > classpath > >>> > > RANGER-3554 [Intermittent] API call to fetch the list of > >>> policies > >>> > > for a > >>> > > particular service repo returns a deleted policy in the > response > >>> > > RANGER-3546 Update Spotbugs plugin Executions cycle > >>> > > RANGER-3427 Null Dereference in PublicApis.java > >>> > > RANGER-3502 Make GET zone APIs accessible to authorized > users > >>> > only > >>> > > RANGER-3535 A delegate admin user should be able to add > >>> another > >>> > > user > >>> > > with all or subset of permissions they have > >>> > > RANGER-3468 When multiple Ranger tabs are opened, Some tabs > >>> are > >>> > not > >>> > > redirecting to Knox Logout page > >>> > > RANGER-3528 Ranger Group creation audit is not shown during > >>> > service > >>> > > creation > >>> > > RANGER-3490 Make policy resource signature is unique in a > >>> service > >>> > > RANGER-3507 Handle trailing slash in the ranger Hive URL > >>> policy > >>> > > authorization > >>> > > RANGER-3519 Provide an option to optimize space needed by > >>> Trie > >>> > > objects > >>> > > RANGER-3516 Java patch 'J10045' taking more time during > >>> upgrade. > >>> > > RANGER-3505 Ranger usersync fails to sync users when a > >>> duplicate > >>> > > user > >>> > > exists in ranger > >>> > > RANGER-3509 update role fails for role admins > >>> > > RANGER-3433 Null Dereference in ServiceREST getPolicyByName > >>> > method > >>> > > RANGER-2704 Support browser login using kerberized > >>> authentication > >>> > > RANGER-3584 ServiceTags are not computed correctly by > >>> applying > >>> > > incremental changes to existing ServiceTags > >>> > > RANGER-3663 RangerBizUtil.checkAdminAccess() should return > >>> false > >>> > if > >>> > > user-session is not available > >>> > > RANGER-3709 Fix NullPointerException in > >>> > > getSecureServicePoliciesIfUpdated call of ServiceRest > >>> > > RANGER-3702 RANGER - Export policy in excel is failing. > >>> > > RANGER-3677 Update Password Policy validation at WEB-UI > >>> > > RANGER-3690 Fix NullPointerException in java patch 054 > >>> > > RANGER-2362 [security] Admin webui - Lack of account > lockout > >>> > > RANGER-3678 Update password validation criteria > >>> > > RANGER-3674 Fix PMD issue > >>> > > RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1 > >>> > > RANGER-3559 RANGER KMS - Metric details for kms are not > >>> getting > >>> > > collected > >>> > > RANGER-3625 Update isDebugEnable condition in > >>> > RangerHiveAuthorizer > >>> > > RANGER-3610 Docker: Skip service creation for ranger > >>> components > >>> > > during > >>> > > ranger container restart > >>> > > RANGER-3594 mysql setup scripts failed with binlog-enabled > >>> mysql > >>> > > RANGER-3593 the hive table owner who create the table can > >>> not > >>> > > have the > >>> > > full privilege > >>> > > RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832 > >>> > > RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure > >>> that > >>> > we > >>> > > are > >>> > > using supported version of log4j > >>> > > RANGER-3576 service creation is failing intermittently due > >>> to DB > >>> > > unique > >>> > > key constraint violation > >>> > > RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure > >>> that > >>> > we > >>> > > are > >>> > > using supported version of log4j > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > >>> > > >> > >> > -- Ricardo Martinelli De Oliveira Senior Software Engineer, AI Managed Services Red Hat Brazil <https://www.redhat.com/> Av. Brigadeiro Faria Lima, 3900 8th floor rmart...@redhat.com T: +551135426125 M: +5511970696531 @redhatjobs <https://twitter.com/redhatjobs> redhatjobs <https://www.facebook.com/redhatjobs> @redhatjobs <https://instagram.com/redhatjobs> <https://www.redhat.com/>