Skip to content

RANGER-5001: RANGER-4977: Support ignoreDescendantDeny & fix hbase scan authorization #912

RANGER-5001: RANGER-4977: Support ignoreDescendantDeny & fix hbase scan authorization

RANGER-5001: RANGER-4977: Support ignoreDescendantDeny & fix hbase scan authorization #912

Workflow file for this run

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: CI
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
jobs:
build-8:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 8
uses: actions/setup-java@v4
with:
java-version: '8'
distribution: 'temurin'
cache: maven
- name: build (8)
run: mvn -T 8 clean install --no-transfer-progress -B -V
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: target-8
path: target/*
build-11:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'temurin'
cache: maven
- name: build (11)
run: mvn -T 8 clean install -pl '!knox-agent' --no-transfer-progress -B -V
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: target-11
path: target/*
docker-build:
needs:
- build-8
- build-11
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Download build-8 artifacts
uses: actions/download-artifact@v4
with:
name: target-8
- name: Copy artifacts for docker build
run: |
cp ranger-*.tar.gz dev-support/ranger-docker/dist
cp version dev-support/ranger-docker/dist
- name: Cache downloaded archives
uses: actions/cache@v3
with:
path: dev-support/ranger-docker/downloads
key: ${{ runner.os }}-ranger-downloads-${{ hashFiles('dev-support/ranger-docker/.env') }}
restore-keys: |
${{ runner.os }}-ranger-downloads-
- name: Run download-archives.sh
run: |
cd dev-support/ranger-docker
./download-archives.sh hadoop hive hbase kafka knox ozone
- name: Clean up Docker space
run: docker system prune --all --force --volumes
- name: Build all ranger-service images
run: |
cd dev-support/ranger-docker
docker compose -f docker-compose.ranger-base.yml build
export DOCKER_BUILDKIT=1
export COMPOSE_DOCKER_CLI_BUILD=1
export RANGER_DB_TYPE=postgres
docker compose \
-f docker-compose.ranger-${RANGER_DB_TYPE}.yml \
-f docker-compose.ranger.yml \
-f docker-compose.ranger-usersync.yml \
-f docker-compose.ranger-tagsync.yml \
-f docker-compose.ranger-kms.yml \
-f docker-compose.ranger-hadoop.yml \
-f docker-compose.ranger-hbase.yml \
-f docker-compose.ranger-kafka.yml \
-f docker-compose.ranger-hive.yml \
-f docker-compose.ranger-knox.yml \
-f docker-compose.ranger-ozone.yml build
- name: Bring up containers
run: |
cd dev-support/ranger-docker
./scripts/ozone-plugin-docker-setup.sh
export RANGER_DB_TYPE=postgres
docker compose \
-f docker-compose.ranger-${RANGER_DB_TYPE}.yml \
-f docker-compose.ranger.yml \
-f docker-compose.ranger-usersync.yml \
-f docker-compose.ranger-tagsync.yml \
-f docker-compose.ranger-kms.yml \
-f docker-compose.ranger-hadoop.yml \
-f docker-compose.ranger-hbase.yml \
-f docker-compose.ranger-kafka.yml \
-f docker-compose.ranger-hive.yml \
-f docker-compose.ranger-knox.yml \
-f docker-compose.ranger-ozone.yml up -d
- name: Check status of containers and remove them
run: |
sleep 60
containers=(ranger ranger-zk ranger-solr ranger-postgres ranger-usersync ranger-tagsync ranger-kms ranger-hadoop ranger-hbase ranger-kafka ranger-hive ranger-knox ozone-om ozone-scm ozone-datanode);
flag=true;
for container in "${containers[@]}"; do
if [[ $(docker inspect -f '{{.State.Running}}' $container 2>/dev/null) == "true" ]]; then
echo "Container $container is running!";
else
flag=false;
echo "Container $container is NOT running!";
fi
done
if [[ $flag == true ]]; then
echo "All required containers are up and running";
docker stop $(docker ps -q) && docker rm $(docker ps -aq);
else
docker stop $(docker ps -q) && docker rm $(docker ps -aq);
exit 1;
fi