RANGER-5080: Add docker support for MS SQL Server

.github/workflows/maven.yml

@@ -128,55 +128,20 @@ jobs:
           docker compose -f docker-compose.ranger-base.yml build
           export DOCKER_BUILDKIT=1
           export COMPOSE_DOCKER_CLI_BUILD=1
-          export RANGER_DB_TYPE=postgres
+          export RANGER_DB_TYPE=sqlserver
           docker compose \
           -f docker-compose.ranger-${RANGER_DB_TYPE}.yml \
-          -f docker-compose.ranger.yml \
-          -f docker-compose.ranger-usersync.yml \
-          -f docker-compose.ranger-tagsync.yml \
-          -f docker-compose.ranger-kms.yml \
-          -f docker-compose.ranger-hadoop.yml \
-          -f docker-compose.ranger-hbase.yml \
-          -f docker-compose.ranger-kafka.yml \
-          -f docker-compose.ranger-hive.yml \
-          -f docker-compose.ranger-knox.yml \
-          -f docker-compose.ranger-ozone.yml build
+          -f docker-compose.ranger.yml build
 
       - name: Bring up containers
         run: |
           cd dev-support/ranger-docker
-          ./scripts/ozone-plugin-docker-setup.sh
-          export RANGER_DB_TYPE=postgres
+          export RANGER_DB_TYPE=sqlserver
           docker compose \
           -f docker-compose.ranger-${RANGER_DB_TYPE}.yml \
-          -f docker-compose.ranger.yml \
-          -f docker-compose.ranger-usersync.yml \
-          -f docker-compose.ranger-tagsync.yml \
-          -f docker-compose.ranger-kms.yml \
-          -f docker-compose.ranger-hadoop.yml \
-          -f docker-compose.ranger-hbase.yml \
-          -f docker-compose.ranger-kafka.yml \
-          -f docker-compose.ranger-hive.yml \
-          -f docker-compose.ranger-knox.yml \
-          -f docker-compose.ranger-ozone.yml up -d
-      - name: Check status of containers and remove them
-        run: | 
-          sleep 60
-          containers=(ranger ranger-zk ranger-solr ranger-postgres ranger-usersync ranger-tagsync ranger-kms ranger-hadoop ranger-hbase ranger-kafka ranger-hive ranger-knox ozone-om ozone-scm ozone-datanode);
-          flag=true;
-          for container in "${containers[@]}"; do
-              if [[ $(docker inspect -f '{{.State.Running}}' $container 2>/dev/null) == "true" ]]; then
-                  echo "Container $container is running!";
-              else
-                  flag=false;
-                  echo "Container $container is NOT running!";
-              fi
-          done
-
-          if [[ $flag == true ]]; then
-              echo "All required containers are up and running";
-              docker stop $(docker ps -q) && docker rm $(docker ps -aq);
-          else
-              docker stop $(docker ps -q) && docker rm $(docker ps -aq);
-              exit 1;
-          fi
+          -f docker-compose.ranger.yml up -d
+
+      - name: View sql server logs
+        run: |
+          docker logs ranger-sqlserver
+

dev-support/ranger-docker/.env

@@ -36,6 +36,7 @@ UBI_VERSION=latest
 MARIADB_VERSION=10.7.3
 POSTGRES_VERSION=12
 ORACLE_VERSION=23.6
+SQLSERVER_VERSION=2022-latest
 ENABLE_DB_MOUNT=true
 ZK_VERSION=3.9.2
 SOLR_VERSION=8.11.3

dev-support/ranger-docker/Dockerfile.ranger

@@ -58,6 +58,10 @@ FROM ranger AS ranger_oracle
 COPY ./downloads/ojdbc8.jar         /home/ranger/dist/
 RUN mv /home/ranger/dist/ojdbc8.jar /usr/share/java/oracle.jar
 
+FROM ranger AS ranger_sqlserver
+COPY ./downloads/mssql-jdbc-12.8.1.jre8.jar            /home/ranger/dist/
+RUN mv /home/ranger/dist/mssql-jdbc-12.8.1.jre8.jar    /usr/share/java/mssql.jar
+
 FROM ranger_${RANGER_DB_TYPE}
 
 USER ranger

dev-support/ranger-docker/Dockerfile.ranger-sqlserver

@@ -0,0 +1,31 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ARG SQLSERVER_VERSION
+
+FROM mcr.microsoft.com/mssql/server:${SQLSERVER_VERSION}
+
+USER root
+
+RUN ACCEPT_EULA=Y apt-get update
+RUN ACCEPT_EULA=Y apt-get install -y --no-install-recommends curl gnupg unixodbc-dev mssql-tools
+RUN ACCEPT_EULA=Y apt-get clean && rm -rf /var/lib/apt/lists/*
+
+RUN  mkdir -p /docker-entrypoint-initdb.d
+COPY config/init_mssql.sh /docker-entrypoint-initdb.d/
+RUN chown -R mssql /docker-entrypoint-initdb.d/
+ENV MSSQL_PASSWORD=rangerR0cks!
+USER mssql

dev-support/ranger-docker/config/init_mssql.sh

@@ -0,0 +1,71 @@
+#!/bin/bash
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License,  Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# Wait for SQL Server to be ready
+echo "Waiting for SQL Server to start..."
+RETRIES=30  # Number of retries
+SLEEP_INTERVAL=5  # Seconds to wait between retries
+for i in $(seq 1 $RETRIES); do
+    # Try to connect to SQL Server
+    /opt/mssql-tools/bin/sqlcmd -S localhost -U SA -P "rangerR0cks!" -Q "SELECT 1" > /dev/null 2>&1
+    if [ $? -eq 0 ]; then
+        echo "SQL Server is ready!"
+        break
+    else
+        echo "SQL Server is not ready yet. Waiting..."
+        sleep $SLEEP_INTERVAL
+    fi
+done
+
+if [ $i -eq $RETRIES ]; then
+    echo "SQL Server did not become ready in time. Exiting."
+    exit 1
+fi
+
+
+sqlcmd -S localhost -U mssql -P 'rangerR0cks!' -Q "
+
+-- Set the database context
+USE master;
+
+-- Create databases
+CREATE DATABASE ranger;
+CREATE DATABASE rangerkms;
+CREATE DATABASE hive;
+GO
+
+-- Create users and assign permissions
+USE ranger;
+CREATE LOGIN rangeradmin WITH PASSWORD = 'rangerR0cks!';
+CREATE USER rangeradmin FOR LOGIN rangeradmin;
+ALTER ROLE db_owner ADD MEMBER rangeradmin; -- Grant equivalent high-level permissions
+GO
+
+USE rangerkms;
+CREATE LOGIN rangerkms WITH PASSWORD = 'rangerR0cks!';
+CREATE USER rangerkms FOR LOGIN rangerkms;
+ALTER ROLE db_owner ADD MEMBER rangerkms; -- Grant equivalent high-level permissions
+GO
+
+USE hive;
+CREATE LOGIN hive WITH PASSWORD = 'rangerR0cks!';
+CREATE USER hive FOR LOGIN hive;
+ALTER ROLE db_owner ADD MEMBER hive; -- Grant equivalent high-level permissions
+GO
+"

dev-support/ranger-docker/docker-compose.ranger-sqlserver.yml

@@ -0,0 +1,28 @@
+services:
+  ranger-db:
+    build:
+      context: .
+      dockerfile: Dockerfile.ranger-sqlserver
+      args:
+        - SQLSERVER_VERSION=${SQLSERVER_VERSION}
+    image: ranger-sqlserver
+    container_name: ranger-sqlserver
+    hostname: ranger-db.example.com
+    networks:
+      - ranger
+    healthcheck:
+      test: [
+        "CMD-SHELL",
+        "sqlcmd -S localhost -U SA -P 'rangerR0cks!' -Q \"SELECT 1\" || exit 1"
+      ]
+      interval: 10s
+      timeout: 2s
+      retries: 30
+    environment:
+      - ACCEPT_EULA=Y
+      - MSSQL_SA_PASSWORD=rangerR0cks!
+      - SA_PASSWORD=rangerR0cks!
+
+networks:
+  ranger:
+    name: rangernw

dev-support/ranger-docker/download-archives.sh

@@ -44,6 +44,7 @@ downloadIfNotPresent() {
 downloadIfNotPresent postgresql-42.2.16.jre7.jar            "https://search.maven.org/remotecontent?filepath=org/postgresql/postgresql/42.2.16.jre7"
 downloadIfNotPresent mysql-connector-java-8.0.28.jar        "https://search.maven.org/remotecontent?filepath=mysql/mysql-connector-java/8.0.28"
 downloadIfNotPresent ojdbc8.jar                             https://download.oracle.com/otn-pub/otn_software/jdbc/236
+downloadIfNotPresent mssql-jdbc-12.8.1.jre8.jar             https://repo1.maven.org/maven2/com/microsoft/sqlserver/mssql-jdbc/12.8.1.jre8/mssql-jdbc-12.8.1.jre8.jar
 downloadIfNotPresent log4jdbc-1.2.jar                       https://repo1.maven.org/maven2/com/googlecode/log4jdbc/log4jdbc/1.2
 
 if [[ $# -eq 0 ]]

dev-support/ranger-docker/scripts/ranger-admin-install-sqlserver.properties

@@ -0,0 +1,94 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# This file provides a list of the deployment variables for the Policy Manager Web Application
+#
+
+PYTHON_COMMAND_INVOKER=python3
+RANGER_ADMIN_LOG_DIR=/var/log/ranger
+RANGER_PID_DIR_PATH=/var/run/ranger
+DB_FLAVOR=MSSQL
+SQL_CONNECTOR_JAR=/usr/share/java/mssql.jar
+RANGER_ADMIN_LOGBACK_CONF_FILE=/opt/ranger/admin/ews/webapp/WEB-INF/classes/conf/logback.xml
+
+db_root_user=sa
+db_root_password=rangerR0cks!
+db_host=ranger-db
+
+db_name=ranger
+db_user=rangeradmin
+db_password=rangerR0cks!
+
+postgres_core_file=db/postgres/optimized/current/ranger_core_db_postgres.sql
+postgres_audit_file=db/postgres/xa_audit_db_postgres.sql
+mysql_core_file=db/mysql/optimized/current/ranger_core_db_mysql.sql
+mysql_audit_file=db/mysql/xa_audit_db.sql
+oracle_core_file=db/oracle/optimized/current/ranger_core_db_oracle.sql
+oracle_audit_file=db/oracle/xa_audit_db_oracle.sql
+sqlserver_core_file=db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
+sqlserver_audit_file=db/sqlserver/xa_audit_db_sqlserver.sql
+
+rangerAdmin_password=rangerR0cks!
+rangerTagsync_password=rangerR0cks!
+rangerUsersync_password=rangerR0cks!
+keyadmin_password=rangerR0cks!
+
+
+audit_store=solr
+audit_solr_urls=http://ranger-solr:8983/solr/ranger_audits
+audit_solr_collection_name=ranger_audits
+
+# audit_store=elasticsearch
+audit_elasticsearch_urls=
+audit_elasticsearch_port=9200
+audit_elasticsearch_protocol=http
+audit_elasticsearch_user=elastic
+audit_elasticsearch_password=elasticsearch
+audit_elasticsearch_index=ranger_audits
+audit_elasticsearch_bootstrap_enabled=true
+
+policymgr_external_url=http://ranger-admin:6080
+policymgr_http_enabled=true
+
+unix_user=ranger
+unix_user_pwd=ranger
+unix_group=ranger
+
+# Following variables are referenced in db_setup.py. Do not remove these
+sqlanywhere_core_file=
+cred_keystore_filename=
+
+# #################  DO NOT MODIFY ANY VARIABLES BELOW #########################
+#
+# --- These deployment variables are not to be modified unless you understand the full impact of the changes
+#
+################################################################################
+XAPOLICYMGR_DIR=$PWD
+app_home=$PWD/ews/webapp
+TMPFILE=$PWD/.fi_tmp
+LOGFILE=$PWD/logfile
+LOGFILES="$LOGFILE"
+
+JAVA_BIN='java'
+JAVA_VERSION_REQUIRED='1.8'
+
+ranger_admin_max_heap_size=1g
+#retry DB and Java patches after the given time in seconds.
+PATCH_RETRY_INTERVAL=120
+STALE_PATCH_ENTRY_HOLD_TIME=10
+
+hadoop_conf=
+authentication_method=UNIX