Re: [PR] [#9247] fix(iceberg): lazy check for authz configuration items in IRC to start Gravitino server [gravitino]

Tue, 02 Dec 2025 20:00:42 -0800 


Copilot commented on code in PR #9360:
URL: https://github.com/apache/gravitino/pull/9360#discussion_r2583543723


##########
iceberg/iceberg-rest-server/src/main/java/org/apache/gravitino/iceberg/service/IcebergCatalogWrapperManager.java:
##########
@@ -88,6 +90,14 @@ public CatalogWrapperForREST getCatalogWrapper(String 
catalogName) {
   }
 
   private CatalogWrapperForREST createCatalogWrapper(String catalogName) {
+    IcebergRESTServerContext serverContext = 
IcebergRESTServerContext.getInstance();
+    if (serverContext.isAuthorizationEnabled()
+        && !(configProvider instanceof DynamicIcebergConfigProvider)) {
+      throw new IllegalArgumentException(
+          "Authorization is enabled. Set 
`gravitino.iceberg-rest.catalog-config-provider="
+              + "dynamic-config-provider` in gravitino.conf for Iceberg 
REST.");
+    }

Review Comment:
   The validation logic calls `IcebergRESTServerContext.getInstance()` on every 
catalog creation. Since this validation is checking static configuration that 
doesn't change at runtime, consider performing this validation once during 
manager initialization in the constructor instead of on every 
`createCatalogWrapper()` call. This would improve performance by avoiding 
repeated validation for the same condition.



##########
iceberg/iceberg-rest-server/src/main/java/org/apache/gravitino/iceberg/service/IcebergCatalogWrapperManager.java:
##########
@@ -88,6 +90,14 @@ public CatalogWrapperForREST getCatalogWrapper(String 
catalogName) {
   }
 
   private CatalogWrapperForREST createCatalogWrapper(String catalogName) {
+    IcebergRESTServerContext serverContext = 
IcebergRESTServerContext.getInstance();
+    if (serverContext.isAuthorizationEnabled()
+        && !(configProvider instanceof DynamicIcebergConfigProvider)) {
+      throw new IllegalArgumentException(
+          "Authorization is enabled. Set 
`gravitino.iceberg-rest.catalog-config-provider="
+              + "dynamic-config-provider` in gravitino.conf for Iceberg 
REST.");

Review Comment:
   The error message is inconsistent with the warning in 
IcebergRESTServerContext. Here it says "Set 
`gravitino.iceberg-rest.catalog-config-provider=dynamic-config-provider`" but 
the warning in IcebergRESTServerContext.java uses the constant which resolves 
to the same value but displayed differently. Consider using 
`IcebergConstants.DYNAMIC_ICEBERG_CATALOG_CONFIG_PROVIDER_NAME` constant for 
consistency: `"Authorization is enabled. Set 
\`gravitino.iceberg-rest.catalog-config-provider=" + 
IcebergConstants.DYNAMIC_ICEBERG_CATALOG_CONFIG_PROVIDER_NAME + "\` in 
gravitino.conf for Iceberg REST."`



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to