Release 380-e LTS (23 May 2022)#
Starburst Enterprise platform (SEP) 380-e is the follow up release to the 379-e STS release and the 370-e LTS release.
This release is a long term support (LTS) release.
The 380-e release includes all improvements from the following Trino project releases:
It contains all improvements from the Starburst Enterprise releases since 370-e LTS:
Highlights since 370-e#
Add support for data products as securable entities with built-in access control.
Improve Kafka, PostgreSQL, Redshift, and Vertica connectors.
Add a session timeout configuration property for the Starburst Enterprise web UI.
Support two-way TLS for LDAP authentication.
Improve performance of queries involving complex predicates for the Teradata, Stargate, and PostgreSQL connectors.
Add autocomplete functionality for SQL in the query editor.
Add support for download of a full result set from the query editor.
Add an option to control the query log data retention period
Breaking changes since 370-e#
The SQL Server connector now enables TLS and certificate verification by default between the cluster and SQL Server, causing potential failures for catalogs that use the connector.
The
ldap.ssl-trust-certificate
configuration property for an LDAP password authenticator has been deprecated in favor ofldap.ssl.keystore.path
andldap.ssl.truststore.path
for two-way TLS with an LDAP authentication server. Clusters that use the deprecated property in their LDAP password authenticator should migrate to the new properties as soon as possible.Data products title length is now limited to 40 characters. Any existing data products with titles longer than 40 characters must be deleted and recreated.
Require value for the shared secret configuration for internal communication when any authentication is enabled.
The
insights.authorized-users
andinsights.authorized-groups
configuration properties are deprecated in favor ofstarburst.access-control.authorized-users
andstarburst.access-control.authorized-groups
, respectively. Thesestarburst.
configuration properties also use a comma-separated list value, instead of a pipe-delineated list like the deprecatedinsights.
properties. For more information, see Insights general configuration properties.There are new format requirements for role names using built-in access controls. Role names with spaces must be replaced. Role names can have up to 64 characters, but can only contain lowercase Latin letters, digits, and underlines.
380-e.0 initial changes#
General#
Improve display for privileges with grant option in the Starburst Enterprise web UI.
Added Java configuration options
-XX:+UnlockDiagnosticVMOptions -XX:+UseAESCTRIntrinsics
injvm.config
to reflect Trino defaults.
Security#
Allow role creation only after specific role is set with
SET ROLE
.Reintroduce
ldap.ssl-trust-certificate
as a legacy configuration property.Update Helm chart to Starburst Ranger 2.1.0-e.39.
Built-in access control#
Add privileges for Starburst Enterprise web UI.
Add privileges for Data products and domain access.
Add audit logs for built-in access control as public preview feature.
Raise built-in access control to a general availability feature.
Data products#
Raise data products to a general availability feature.
Add Starburst Enterprise REST API for managing data products.
Add usage metrics for individual data products.
Improve the data product edit workflow.
Add discussion threads.
Helm charts#
Add KEDA scaler for SEP.
380-e.1 changes (8 Jun 2022)#
Standardize on UBI minimal base image for all containers used by the EKS listings.
Fix reading of grant change logs from SEP versions 375-e and earlier.
Fix potential query failure when metastore caching is enabled.
Fix typo in the configuration property name to remove an unsupported underscore and replace it with the appropriate dash
DELEGATED-OAUTH2
.Fix
sync_partition_metadata
procedure failure when table has a large number of partitions.Fix incorrect results for queries where aggregation is pushed down for a remote database to execute and the aggregation function result is not needed to evaluate the query. Applies to the ClickHouse, MariaDB, MySQL, Oracle, SQL Server, PostgreSQL, and SingleStore connectors.
380-e.2 changes (1 Jul 2022)#
Update
jackson-databind
to 2.13.3, see security advisory CVE-2020-36518.Fix
bigint
parsing for the Web UI Query editor, no longer shows truncated results if it uses the defaultJSON.parse
method.Allow canceling a query on a transactional table if it is waiting for a lock.
Avoid errors when attempting to query tables that exist in multiple Snowflake databases with role impersonation enabled. The errors were a result of multiple tables matching the same schema/table name.