Fixed Issues in Apache Atlas

Review the list of Atlas issues that are resolved in Cloudera Runtime 7.1.9.

OPSAPS-67782: ZDU | During rolling upgrade one ATLAS server failed to start while other server went fine
Exclusion of jackson databind from parent dependency
OPSAPS-67878: [CKP-2,3,4] Apply config injectors for all Atlas csd
Changes made in 7.1.8 CSD, for 7.1.9 CSD CM team has already taken care.
CDPD-56309: [Atlas] Download Search with Basic Search gives
Default value for the download directory will be read from system property "user.dir" instead of property "atlas.home"
CDPD-49053: Atlas - Upgrade Tinkerpop to 3.5.4
Upgrade Tinkerpop to 3.5.4
CDPD-48090: Atlas - Upgrade icu4j to 66.1+ due to CVE-2020-21913
Upgrade icu4j to 66.1+ due to CVE-2020-21913
CDPD-50022: Test failure - Atlas 'Service Unavailable' error
Circular dependency issue caused by class is resolved by adding @Lazy annotation on @Component definition of this class.
CDPD-29307: Kafka producer entity stays in incomplete state in Atlas
The Kafka-Atlas plugin now fully creates Producer and Consumer entities and won't generate incomplete ones.
CDPD-57305: Atlas - Upgrade moment.js to 2.29.4 due to CVE-2022-24785, CVE-2022-31129
Updated moment.js version to 2.29.4
CDPD-45073: Implement aging for audits stored by Atlas.
Feature to reduce Atlas audit storage by aging out audit data, using different criteria like TTL and audit count
CDPD-58592: [CKP4 (same value)] Atlas not null filter on classification returns null values
Cause: It is because of Solr version upgrade, untill 8.4.1, Solr supported non empty string. Fix: For IndexQuery : ["" TO *] works to get nonEmpty field entities. For Inmemory Predicates: Used NonEmptyPredicate
CDPD-55098: 7.1.9 - Dynamic Index Recovery issues and improvements
Introduced AtlasClient API to perform index recovery
CDPD-50762: Regression : admin/audits , admin/purge fail with "[__AtlasAuditEntry.startTime] is not indexed in the targeted index [vertex_index]" 7.1.9
Cause: The attributes of AtlasAuditEntry type where not getting indexed in the Solr, because the entity of AtlasAuditEntry gets created before the attributes gets indexed. FIx: Ordering the typeDefChangeListeners helped, to create the AtlasAuditEntry typeDef first before auditing.
CDPD-59409: Tags are not getting synced from one node of rangertagsync
Log4j version incompatibility between Atlas and Ranger led to this issue. A temporary fix has been merged to avoid the exception.
CDPD-54645: Ranger tag sync for Iceberg table type
Added iceberg support for Ranger Tagsync
CDPD-59713: [backport] Indexed string field (solr.StrField) which is too large ERROR
Imapala process entities created by ImpalaHook saves query-string in name field. Since query-string can be large, you are getting the longer than the max error.
To store qualifiedName in name field instead of query-string
CDPD-49495: OOM issue with DSL search caching added by CDPD-27872
Fixed OOM seen after large number DSL search requests. This was caused by the fix for ATLAS-4347
CDPD-57277: Atlas - Upgrade Spring Framework to 5.3.27/6.0.8 due to CVE-2023-20861, CVE-2023-20860 and CVE-2023-20863
Upgrade Spring Framework to 5.3.27 from 5.3.21
CDPD-57433: Atlas - Upgrade gremlin shaded to 3.5.5+ due to jackson-databind CVEs
Upgrade gremlin shaded to 3.5.5 from 3.5.4
CDPD-49450: Atlas - Upgrade jettison to 1.5.4 due to CVE-2022-45685 and CVE-2022-45693
Upgrade jettison to 1.5.4 from 1.3.7.
CDPD-53745: commits in CDH-7.1.8.x but NOT IN CDH-7.1.9.x
This issue is fix in CDPD-52776.
CDPD-54846: Atlas: CVE-2023-24998-upgrade commons-fileupload library to version 1.5
Upgrade commons-fileupload library to version 1.5 from 1.3.3.
CDPD-54852: Backward compatibility for check provided for AttributeName in Parent and Child TypeDef
This patch provides backward compatibility for two changes mentioned: Restrict typedef creation when a child type attribute conflicts with parent type attribute of same name Updating typedef with new supertype should be allowed only if attributes are unique compared to other existing supertypes.
CDPD-49451: Atlas - Upgrade snakeyaml due to CVE-2022-1471
Upgrade snakeyaml to 2.0 from 1.33.
CDPD-50740: [7.1.9]Atlas - Upgrade azure-storage libraries due to CVE-2022-30187
Upgrade azure-storage-blob version to 12.9.0 from 12.20.2 Upgrade azure-storage-queue version to 12.7.0 from 12.15.2.
CDPD-55440: Atlas - Upgrade snakeyaml to 2.0 due to CVE-2022-1471
Upgrade snakeyaml to 2.0 from 1.33.
CDPD-58492: Atlas - Upgrade Netty Project to 4.1.94.Final due CVE-2023-34462
Upgrade Netty Project to 4.1.94.Final from 4.1.86.Final.
CDPD-49452: Atlas - Upgrade Netty to 4.1.86.Final due to CVE-2022-41881, CVE-2022-41915
Upgrade Netty to 4.1.86.Final from 4.1.77.Final.
CDPD-57685: Atlas docs failures in CDH builds
Added the library "fix-esm" to handle the dependency update issue which was causing the build to fail.
CDPD-55617: Atlas - Upgrade Nimbus-JOSE-JWT to 9.24 due to CVEs coming from json-smart
Upgrade Nimbus-JOSE-JWT to 9.24 from 9.8.1.
CDPD-49978: Atlas - Upgrade icu4j to 66.1+ due to CVE-2020-21913
Upgrade icu4j to 66.1.
CDPD-58596: Large number of warn messages logged in tagsync log indicating process entity notification dropped
Added code to send version in the messages sent from Atlas to Ranger, so that the warning messages are not seen.
CDPD-53808: Atlas - Upgrade Spring Framework to 5.3.27/6.0.8 due to CVE-2023-20861, CVE-2023-20860 and CVE-2023-20863
Upgrade Spring Framework to 5.3.27 from 5.3.20.
CDPD-51181: Atlas - Upgrade Woodstox to 5.4.0/6.4.0 due to multiple CVEs
Upgrade Woodstox to 5.4.0 from 5.0.3.
CDPD-49980: Atlas - Upgrade Tinkerpop to 3.5.4
Upgrade Tinkerpop to 3.5.4 from 3.5.2.
CDPD-55876: Atlas - Upgrade Spring Security to 5.7.8+/5.8.3+/6.0.3+ due to CVE-2023-20862
Upgrade Spring Security to 5.8.3 to 5.7.5.
CDPD-55252: Atlas - Upgrade jackson-databind to due to CVE-2022-42003, CVE-2022-42004
Upgrade jackson-databind to
CDPD-50741: [7.1.9]Atlas - Upgrade reactor-netty to 1.0.24+ due to CVE-2022-31684
Upgrade reactor-netty to 1.0.24.
CDPD-54864: Every hive insert generates an Atlas audit event
Introduced "DML audit filters" feature to skip unnecessary DML audit events using configuration property atlas.hook.hive.skip.dml.messages=true (Enabled by default).
CDPD-48641: Atlas - Support for JDK17 in all sub-components
Added JDK17 support for Atlas.
CDPD-56497: Regression : DSL queries redirected to passive server fails
DSL search request sent to Passive server having HTML encoded characters are now properly redirected to Active server.
CDPD-59758: [ST][Atlas] test_export_import_api_sanity test fails
Upgraded tinkerpop version from 3.5.5 to 3.5.6 : This resolved unsupported class major version error faced while running export API in JDK17 Runtime.

Apache patch information

  • ATLAS-4733
  • ATLAS-4754
  • ATLAS-4442
  • ATLAS-4735
  • ATLAS-4768
  • ATLAS-4762
  • ATLAS-4727
  • ATLAS-4571
  • ATLAS-4576
  • ATLAS-4757