DUE TO SPAM, SIGN-UP IS DISABLED. Goto Selfserve wiki signup and request an account.
The release is compatible with these versions of the various components:
- Java: JDK 8
- Python3: 3.10.12
- Databases [Ranger and Ranger KMS]:
- MariaDB: 10.7.3
- Postgres: 12
- Oracle: 23.6
- Apache Solr: 8.11.3
Breaking changes
- Library
ranger-plugins-auditis not available starting with Apache Ranger 2.7.0 release. Contents of this library are split into multiple libraries, one for each audit destination. This enables plugin implementations to minimize dependencies by including libraries only for the destinations they need. Plugin implementations should replace references toranger-plugins-auditwith audit destination specific librarys listed below:ranger-audit-dest-cloudwatchranger-audit-dest-esranger-audit-dest-hdfsranger-audit-dest-kafkaranger-audit-dest-log4jranger-audit-dest-solr
- Authorization plugin packages in Apache Ranger 2.7.0 include dependent libraries for 2 audit destinations only – Solr and HDFS. In earlier versions of Apache Ranger, plugin packages included libraries for all available audit destinations, like AWS CloudWatch, Elasticsearch, Kafka, Log4j. If support for other audit destinations is needed, it will be necessary to rebuild the plugin package after updating pom and packaging files of the plugin.
IMPROVEMENT
RANGER-3643: Service config UI to include additional configurations like service.admin.users, service.admin.groups
RANGER-5078: Set ranger.usersync.ldap.referral=follow as default config
RANGER-5113: DELETE multiple policies with a wildcard via API call
RANGER-5138: Docker setup: update Ubuntu version
RANGER-5147: Modernize Python scripts for Python 3
RANGER-5158: Pre-build ranger-base image
RANGER-5166: Expose database ports for all databases in docker compose
RANGER-5167: Merge all database compose files into a single file
RANGER-5198: Prevent selected long string values from getting truncated in the react-select control
RANGER-5201: Retry GET requests on HTTP 5xx errors in RangerRESTClient
RANGER-5207: Update jquery file naming to prevent version disclosure
RANGER-5208: refactor audit module to move each destination implementation to a separate module
RANGER-5216: add unit tests for RangerAtlasAuthorizer
RANGER-5229: CI: Generate Code Coverage Report with JaCoCo
RANGER-5241: Update all docker images to pull ranger-base from DockerHub
RANGER-5247: RangerOzoneAuthorizer: replace unused instance member with a local variable
RANGER-5258: Documentation : add reference to CI, source-repo and jira as menu items under resource
BUG
RANGER-3636: Plugin classloader should use classloader of shim class as parent
RANGER-4721: Ranger Admin server is not sending DataMasklabel for masking policy audit logs
RANGER-4993: Ranger KMS - Missing HSTS Headers for 404 Not found requests port 9494
RANGER-5003: Fix the bug that deleting a service fails with gtid enabled mysql server
RANGER-5074: keyadmin user is able to get admin user logs
RANGER-5102: Add config parameter to allow audits to HDFS in both WRITE and APPEND modes in case of errors/exceptions
RANGER-5123: Handle Transaction Log Migration for Fresh Install
RANGER-5134: Fix processing of tasks scheduled to run after current transaction is complete
RANGER-5146: 500 API Error When Deleting TagDef with a Linked Tag
RANGER-5151: Audit to HDFS fails with error: Stream encountered errors while writing audits to HDFS!
RANGER-5153: Intermittent test failure in RangerJSONAuditWriterTest
RANGER-5154: Functionality to delete records from x_auth_sess table via api is not working
RANGER-5155: Service Definition with empty configs causes Ranger UI rendering issues
RANGER-5162: Tag Allowed policy is not being enforced
RANGER-5164: Ranger: Upgrade Swagger-UI to the latest V5.20.1
RANGER-5165: Update notification settings in .asf.yaml
RANGER-5169: Error while migrating Masterkey from older format to external key store
RANGER-5174: failure in evaluating expressions in row-filter
RANGER-5177: For tagresourcemaps api, resourceId search filter does not work
RANGER-5182: Ranger: Upgrade axios version 1.7.4 to latest 1.8.4
RANGER-5183: Federated User getting created with wrong user source
RANGER-5185: Fix potential NPE in RangerBasePlugin
RANGER-5189: doc site format is incorrect ....
RANGER-5191: Typo in the log message in RangerRESTClient
RANGER-5197: build_ranger_using_docker.sh - fails due to centos docker image is not supported.
RANGER-5202: Tag deny policy is not getting enforced on scan table command for hbase
RANGER-5224: dedupTags removes the valid tags while deduplicating tags
RANGER-5225: Override allow policy not taking precedence over normal deny tag policy
RANGER-5251: dedupTags() doesn’t remove duplicate tag IDs within a single resource’s resourceToTagIds list
RANGER-5261: Disable Log4J Audit Destination for Ozone in OM container
RANGER-5264: Update commands in release-build.xml
TASK
RANGER-4587: Blog: Apache Ranger - dynamic expressions
RANGER-4846: Update Apache Ranger website with 2.5.0
RANGER-5100: Update Apache Ranger website with 2.6.0
RANGER-5124: The policy and tag active time are not in sync with the last update and policy download
RANGER-5149: update ranger-2.7 branch pom.xml version to 2.7.0-SNAPSHOT
RANGER-5228: Bump jacoco to 0.8.13
RANGER-5236: Setup apache/ranger-tools
RANGER-5244: Move Dockerfile.ranger-base-ubi to apache/ranger-tools