This is an automated email from the ASF dual-hosted git repository.
dimas pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git
The following commit(s) were added to refs/heads/main by this push:
new aa72157a8 Rename AccessConfig and AccessConfigProvider for clarity
(#2883)
aa72157a8 is described below
commit aa72157a8433c98f1de19b4237d31188cc6c3c83
Author: Nuoya Jiang <[email protected]>
AuthorDate: Mon Nov 10 17:53:01 2025 -0600
Rename AccessConfig and AccessConfigProvider for clarity (#2883)
* rename AccessConfig for clarity
* rename getStorageAccessConfig() and add javadoc
---
.../connection/ConnectionCredentials.java | 10 +++----
.../AtomicOperationMetaStoreManager.java | 6 ++--
.../dao/entity/ScopedCredentialsResult.java | 20 ++++++--------
.../TransactionalMetaStoreManagerImpl.java | 6 ++--
.../core/storage/PolarisStorageIntegration.java | 2 +-
...{AccessConfig.java => StorageAccessConfig.java} | 8 +++---
.../aws/AwsCredentialsStorageIntegration.java | 6 ++--
.../azure/AzureCredentialsStorageIntegration.java | 10 +++----
.../core/storage/cache/StorageCredentialCache.java | 10 +++----
.../storage/cache/StorageCredentialCacheEntry.java | 15 +++++-----
.../gcp/GcpCredentialsStorageIntegration.java | 6 ++--
.../storage/InMemoryStorageIntegrationTest.java | 2 +-
...onfigTest.java => StorageAccessConfigTest.java} | 20 +++++++-------
.../AzureCredentialsStorageIntegrationTest.java | 8 +++---
.../storage/cache/StorageCredentialCacheTest.java | 12 ++++----
.../aws/AwsCredentialsStorageIntegrationTest.java | 32 +++++++++++-----------
.../AzureCredentialStorageIntegrationTest.java | 26 +++++++++---------
.../gcp/GcpCredentialsStorageIntegrationTest.java | 14 +++++-----
.../service/catalog/iceberg/IcebergCatalog.java | 16 +++++------
.../catalog/iceberg/IcebergCatalogAdapter.java | 10 +++----
.../catalog/iceberg/IcebergCatalogHandler.java | 20 +++++++-------
.../service/catalog/io/DefaultFileIOFactory.java | 10 +++----
.../polaris/service/catalog/io/FileIOFactory.java | 7 +++--
.../polaris/service/catalog/io/FileIOUtil.java | 16 +++++------
...vider.java => StorageAccessConfigProvider.java} | 16 +++++------
.../catalog/io/WasbTranslatingFileIOFactory.java | 4 +--
.../catalog/PolarisCallContextCatalogFactory.java | 10 +++----
.../PolarisStorageIntegrationProviderImpl.java | 6 ++--
.../polaris/service/task/TaskFileIOSupplier.java | 16 +++++------
.../service/admin/PolarisAuthzTestBase.java | 8 +++---
.../AbstractPolarisGenericTableCatalogTest.java | 10 +++----
.../iceberg/AbstractIcebergCatalogTest.java | 20 +++++++-------
.../iceberg/AbstractIcebergCatalogViewTest.java | 10 +++----
.../iceberg/IcebergCatalogHandlerAuthzTest.java | 10 +++----
...ebergCatalogHandlerFineGrainedDisabledTest.java | 2 +-
.../service/catalog/io/FileIOFactoryTest.java | 5 ++--
.../catalog/policy/AbstractPolicyCatalogTest.java | 10 +++----
.../task/BatchFileCleanupTaskHandlerTest.java | 4 +--
.../task/ManifestFileCleanupTaskHandlerTest.java | 4 +--
.../service/task/TableCleanupTaskHandlerTest.java | 4 +--
.../polaris/service/task/TaskExecutorImplTest.java | 2 +-
.../apache/polaris/service/TestFileIOFactory.java | 4 +--
.../org/apache/polaris/service/TestServices.java | 14 +++++-----
.../service/catalog/io/MeasuredFileIOFactory.java | 6 ++--
44 files changed, 228 insertions(+), 229 deletions(-)
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/credentials/connection/ConnectionCredentials.java
b/polaris-core/src/main/java/org/apache/polaris/core/credentials/connection/ConnectionCredentials.java
index bc8cd3e95..1d86bf03c 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/credentials/connection/ConnectionCredentials.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/credentials/connection/ConnectionCredentials.java
@@ -22,21 +22,21 @@ import
com.google.errorprone.annotations.CanIgnoreReturnValue;
import java.time.Instant;
import java.util.Map;
import java.util.Optional;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.immutables.PolarisImmutable;
/**
* Encapsulates credentials and configuration needed to connect to external
federated catalogs.
*
- * <p>Similar to {@link AccessConfig} for storage, this class holds the
credentials and properties
- * required for Polaris to authenticate with remote catalog services (e.g.,
AWS Glue, other Iceberg
- * REST catalogs).
+ * <p>Similar to {@link StorageAccessConfig} for storage, this class holds the
credentials and
+ * properties required for Polaris to authenticate with remote catalog
services (e.g., AWS Glue,
+ * other Iceberg REST catalogs).
*
* <p>Credentials may be temporary and include an expiration time.
*
* <p><b>Note:</b> This interface currently includes only {@code credentials}
and {@code expiresAt}.
* Additional fields like {@code extraProperties} and {@code
internalProperties} (similar to {@link
- * AccessConfig}) are not included for now but can be added later if needed
for more complex
+ * StorageAccessConfig}) are not included for now but can be added later if
needed for more complex
* credential scenarios.
*/
@PolarisImmutable
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
index 1ec8c89d4..3ae2ac2c9 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
@@ -77,9 +77,9 @@ import
org.apache.polaris.core.policy.PolarisPolicyMappingRecord;
import org.apache.polaris.core.policy.PolicyEntity;
import org.apache.polaris.core.policy.PolicyMappingUtil;
import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -1635,14 +1635,14 @@ public class AtomicOperationMetaStoreManager extends
BaseMetaStoreManager {
entityId);
try {
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
storageIntegration.getSubscopedCreds(
callCtx.getRealmConfig(),
allowListOperation,
allowedReadLocations,
allowedWriteLocations,
refreshCredentialsEndpoint);
- return new ScopedCredentialsResult(accessConfig);
+ return new ScopedCredentialsResult(storageAccessConfig);
} catch (Exception ex) {
return new ScopedCredentialsResult(
BaseResult.ReturnStatus.SUBSCOPE_CREDS_ERROR, ex.getMessage());
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
index 76526a863..fab339243 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
@@ -20,13 +20,13 @@ package org.apache.polaris.core.persistence.dao.entity;
import jakarta.annotation.Nonnull;
import jakarta.annotation.Nullable;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/** Result of a getSubscopedCredsForEntity() call */
public class ScopedCredentialsResult extends BaseResult {
// null if not success. Else, set of name/value pairs for the credentials
- private final AccessConfig accessConfig;
+ private final StorageAccessConfig storageAccessConfig;
/**
* Constructor for an error
@@ -37,20 +37,16 @@ public class ScopedCredentialsResult extends BaseResult {
public ScopedCredentialsResult(
@Nonnull ReturnStatus errorCode, @Nullable String extraInformation) {
super(errorCode, extraInformation);
- this.accessConfig = null;
+ this.storageAccessConfig = null;
}
- /**
- * Constructor for success
- *
- * @param accessConfig credentials
- */
- public ScopedCredentialsResult(AccessConfig accessConfig) {
+ /** Constructor for success */
+ public ScopedCredentialsResult(StorageAccessConfig storageAccessConfig) {
super(ReturnStatus.SUCCESS);
- this.accessConfig = accessConfig;
+ this.storageAccessConfig = storageAccessConfig;
}
- public AccessConfig getAccessConfig() {
- return accessConfig;
+ public StorageAccessConfig getStorageAccessConfig() {
+ return storageAccessConfig;
}
}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java
index db3ccd0f3..815e119d3 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java
@@ -82,9 +82,9 @@ import
org.apache.polaris.core.policy.PolarisPolicyMappingRecord;
import org.apache.polaris.core.policy.PolicyEntity;
import org.apache.polaris.core.policy.PolicyMappingUtil;
import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -2128,14 +2128,14 @@ public class TransactionalMetaStoreManagerImpl extends
BaseMetaStoreManager {
entityId);
try {
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
storageIntegration.getSubscopedCreds(
callCtx.getRealmConfig(),
allowListOperation,
allowedReadLocations,
allowedWriteLocations,
refreshCredentialsEndpoint);
- return new ScopedCredentialsResult(accessConfig);
+ return new ScopedCredentialsResult(storageAccessConfig);
} catch (Exception ex) {
return new ScopedCredentialsResult(
BaseResult.ReturnStatus.SUBSCOPE_CREDS_ERROR, ex.getMessage());
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java
index 1828d01c8..8a2ae7c3a 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java
@@ -62,7 +62,7 @@ public abstract class PolarisStorageIntegration<T extends
PolarisStorageConfigur
* handling the relative path
* @return An enum map including the scoped credentials
*/
- public abstract AccessConfig getSubscopedCreds(
+ public abstract StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set<String> allowedReadLocations,
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/AccessConfig.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/StorageAccessConfig.java
similarity index 94%
rename from
polaris-core/src/main/java/org/apache/polaris/core/storage/AccessConfig.java
rename to
polaris-core/src/main/java/org/apache/polaris/core/storage/StorageAccessConfig.java
index 94e74a3d6..19745322d 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/AccessConfig.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/StorageAccessConfig.java
@@ -26,7 +26,7 @@ import org.apache.polaris.immutables.PolarisImmutable;
import org.immutables.value.Value;
@PolarisImmutable
-public interface AccessConfig {
+public interface StorageAccessConfig {
Map<String, String> credentials();
Map<String, String> extraProperties();
@@ -57,8 +57,8 @@ public interface AccessConfig {
}
}
- static AccessConfig.Builder builder() {
- return ImmutableAccessConfig.builder();
+ static StorageAccessConfig.Builder builder() {
+ return ImmutableStorageAccessConfig.builder();
}
interface Builder {
@@ -89,6 +89,6 @@ public interface AccessConfig {
}
}
- AccessConfig build();
+ StorageAccessConfig build();
}
}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java
index 8023f7a60..e393911f7 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java
@@ -28,8 +28,8 @@ import java.util.Optional;
import java.util.Set;
import java.util.stream.Stream;
import org.apache.polaris.core.config.RealmConfig;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.InMemoryStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.StorageUtil;
import org.apache.polaris.core.storage.aws.StsClientProvider.StsDestination;
@@ -70,7 +70,7 @@ public class AwsCredentialsStorageIntegration
/** {@inheritDoc} */
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set<String> allowedReadLocations,
@@ -80,7 +80,7 @@ public class AwsCredentialsStorageIntegration
realmConfig.getConfig(STORAGE_CREDENTIAL_DURATION_SECONDS);
AwsStorageConfigurationInfo storageConfig = config();
String region = storageConfig.getRegion();
- AccessConfig.Builder accessConfig = AccessConfig.builder();
+ StorageAccessConfig.Builder accessConfig = StorageAccessConfig.builder();
if (shouldUseSts(storageConfig)) {
AssumeRoleRequest.Builder request =
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java
index a043a7daa..0b189b311 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java
@@ -49,8 +49,8 @@ import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import org.apache.polaris.core.config.RealmConfig;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.InMemoryStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -73,7 +73,7 @@ public class AzureCredentialsStorageIntegration
}
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set<String> allowedReadLocations,
@@ -176,12 +176,12 @@ public class AzureCredentialsStorageIntegration
}
@VisibleForTesting
- static AccessConfig toAccessConfig(
+ static StorageAccessConfig toAccessConfig(
String sasToken,
String storageDnsName,
Instant expiresAt,
Optional<String> refreshCredentialsEndpoint) {
- AccessConfig.Builder accessConfig = AccessConfig.builder();
+ StorageAccessConfig.Builder accessConfig = StorageAccessConfig.builder();
handleAzureCredential(accessConfig, sasToken, storageDnsName, expiresAt);
accessConfig.put(
StorageAccessProperty.EXPIRATION_TIME,
String.valueOf(expiresAt.toEpochMilli()));
@@ -193,7 +193,7 @@ public class AzureCredentialsStorageIntegration
}
private static void handleAzureCredential(
- AccessConfig.Builder config, String sasToken, String host, Instant
expiresAt) {
+ StorageAccessConfig.Builder config, String sasToken, String host,
Instant expiresAt) {
config.putCredential(StorageAccessProperty.AZURE_SAS_TOKEN.getPropertyName() +
host, sasToken);
config.putCredential(
StorageAccessProperty.AZURE_SAS_TOKEN_EXPIRES_AT_MS_PREFIX.getPropertyName() +
host,
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
index 82de79915..93f5e351a 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
@@ -37,8 +37,8 @@ import org.apache.polaris.core.config.RealmConfig;
import org.apache.polaris.core.entity.PolarisEntity;
import org.apache.polaris.core.entity.PolarisEntityType;
import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisCredentialVendor;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -103,7 +103,7 @@ public class StorageCredentialCache {
* @param allowedWriteLocations a set of allowed to write locations.
* @return the a map of string containing the scoped creds information
*/
- public AccessConfig getOrGenerateSubScopeCreds(
+ public StorageAccessConfig getOrGenerateSubScopeCreds(
@Nonnull PolarisCredentialVendor credentialVendor,
@Nonnull PolarisCallContext callCtx,
@Nonnull PolarisEntity polarisEntity,
@@ -140,7 +140,7 @@ public class StorageCredentialCache {
if (scopedCredentialsResult.isSuccess()) {
long maxCacheDurationMs =
maxCacheDurationMs(callCtx.getRealmConfig());
return new StorageCredentialCacheEntry(
- scopedCredentialsResult.getAccessConfig(), maxCacheDurationMs);
+ scopedCredentialsResult.getStorageAccessConfig(),
maxCacheDurationMs);
}
LOGGER
.atDebug()
@@ -156,11 +156,11 @@ public class StorageCredentialCache {
@VisibleForTesting
@Nullable
Map<String, String> getIfPresent(StorageCredentialCacheKey key) {
- return getAccessConfig(key).map(AccessConfig::credentials).orElse(null);
+ return
getAccessConfig(key).map(StorageAccessConfig::credentials).orElse(null);
}
@VisibleForTesting
- Optional<AccessConfig> getAccessConfig(StorageCredentialCacheKey key) {
+ Optional<StorageAccessConfig> getAccessConfig(StorageCredentialCacheKey key)
{
return Optional.ofNullable(cache.getIfPresent(key))
.map(StorageCredentialCacheEntry::toAccessConfig);
}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
index 7f5789ecb..1141b34bf 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
@@ -19,17 +19,18 @@
package org.apache.polaris.core.storage.cache;
import java.time.Instant;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/** A storage credential cached entry. */
public class StorageCredentialCacheEntry {
/** The scoped creds map that is fetched from a creds vending service */
- public final AccessConfig accessConfig;
+ public final StorageAccessConfig storageAccessConfig;
private final long maxCacheDurationMs;
- public StorageCredentialCacheEntry(AccessConfig accessConfig, long
maxCacheDurationMs) {
- this.accessConfig = accessConfig;
+ public StorageCredentialCacheEntry(
+ StorageAccessConfig storageAccessConfig, long maxCacheDurationMs) {
+ this.storageAccessConfig = storageAccessConfig;
this.maxCacheDurationMs = maxCacheDurationMs;
}
@@ -39,7 +40,7 @@ public class StorageCredentialCacheEntry {
/** Get the expiration time in millisecond for the cached entry */
public long getExpirationTime() {
- return
accessConfig.expiresAt().map(Instant::toEpochMilli).orElse(Long.MAX_VALUE);
+ return
storageAccessConfig.expiresAt().map(Instant::toEpochMilli).orElse(Long.MAX_VALUE);
}
/**
@@ -47,7 +48,7 @@ public class StorageCredentialCacheEntry {
*
* @return a map of string representing the subscoped creds info.
*/
- AccessConfig toAccessConfig() {
- return accessConfig;
+ StorageAccessConfig toAccessConfig() {
+ return storageAccessConfig;
}
}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java
index c0568cc9b..5f524d9ae 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java
@@ -39,9 +39,9 @@ import java.util.Optional;
import java.util.Set;
import java.util.stream.Stream;
import org.apache.polaris.core.config.RealmConfig;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.InMemoryStorageIntegration;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.StorageUtil;
import org.slf4j.Logger;
@@ -72,7 +72,7 @@ public class GcpCredentialsStorageIntegration
}
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set<String> allowedReadLocations,
@@ -109,7 +109,7 @@ public class GcpCredentialsStorageIntegration
// If expires_in missing, use source credential's expire time, which
require another api call to
// get.
- AccessConfig.Builder accessConfig = AccessConfig.builder();
+ StorageAccessConfig.Builder accessConfig = StorageAccessConfig.builder();
accessConfig.put(StorageAccessProperty.GCS_ACCESS_TOKEN,
token.getTokenValue());
accessConfig.put(
StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT,
diff --git
a/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java
b/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java
index 9ba5271ab..e9640cef8 100644
---
a/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java
+++
b/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java
@@ -194,7 +194,7 @@ class InMemoryStorageIntegrationTest {
}
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set<String> allowedReadLocations,
diff --git
a/polaris-core/src/test/java/org/apache/polaris/core/storage/AccessConfigTest.java
b/polaris-core/src/test/java/org/apache/polaris/core/storage/StorageAccessConfigTest.java
similarity index 87%
rename from
polaris-core/src/test/java/org/apache/polaris/core/storage/AccessConfigTest.java
rename to
polaris-core/src/test/java/org/apache/polaris/core/storage/StorageAccessConfigTest.java
index 57e1f1465..98fad9ef9 100644
---
a/polaris-core/src/test/java/org/apache/polaris/core/storage/AccessConfigTest.java
+++
b/polaris-core/src/test/java/org/apache/polaris/core/storage/StorageAccessConfigTest.java
@@ -30,14 +30,14 @@ import java.time.Instant;
import java.util.Map;
import org.junit.jupiter.api.Test;
-public class AccessConfigTest {
+public class StorageAccessConfigTest {
@Test
public void testPutGet() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
b.put(AWS_ENDPOINT, "ep1");
b.put(AWS_SECRET_KEY, "sk2");
- AccessConfig c = b.build();
+ StorageAccessConfig c = b.build();
assertThat(c.credentials()).isEqualTo(Map.of(AWS_SECRET_KEY.getPropertyName(),
"sk2"));
assertThat(c.extraProperties()).isEqualTo(Map.of(AWS_ENDPOINT.getPropertyName(),
"ep1"));
assertThat(c.get(AWS_SECRET_KEY)).isEqualTo("sk2");
@@ -46,19 +46,19 @@ public class AccessConfigTest {
@Test
public void testGetExtraProperty() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
b.putExtraProperty(AWS_ENDPOINT.getPropertyName(), "extra");
- AccessConfig c = b.build();
+ StorageAccessConfig c = b.build();
assertThat(c.extraProperties()).isEqualTo(Map.of(AWS_ENDPOINT.getPropertyName(),
"extra"));
assertThat(c.get(AWS_ENDPOINT)).isEqualTo("extra");
}
@Test
public void testGetInternalProperty() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
b.putExtraProperty(AWS_ENDPOINT.getPropertyName(), "extra");
b.putInternalProperty(AWS_ENDPOINT.getPropertyName(), "ep1");
- AccessConfig c = b.build();
+ StorageAccessConfig c = b.build();
assertThat(c.extraProperties()).isEqualTo(Map.of(AWS_ENDPOINT.getPropertyName(),
"extra"));
assertThat(c.internalProperties()).isEqualTo(Map.of(AWS_ENDPOINT.getPropertyName(),
"ep1"));
assertThat(c.get(AWS_ENDPOINT)).isEqualTo("ep1");
@@ -66,11 +66,11 @@ public class AccessConfigTest {
@Test
public void testNoCredentialOverride() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
b.put(AWS_SECRET_KEY, "sk-test");
b.putExtraProperty(AWS_SECRET_KEY.getPropertyName(), "sk-extra");
b.putInternalProperty(AWS_SECRET_KEY.getPropertyName(), "sk-internal");
- AccessConfig c = b.build();
+ StorageAccessConfig c = b.build();
assertThat(c.get(AWS_SECRET_KEY)).isEqualTo("sk-test");
assertThat(c.extraProperties()).isEqualTo(Map.of(AWS_SECRET_KEY.getPropertyName(),
"sk-extra"));
assertThat(c.internalProperties())
@@ -79,7 +79,7 @@ public class AccessConfigTest {
@Test
public void testExpiresAt() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
assertThat(b.build().expiresAt()).isEmpty();
b.put(GCS_ACCESS_TOKEN_EXPIRES_AT, "111");
assertThat(b.build().expiresAt()).hasValue(Instant.ofEpochMilli(111));
diff --git
a/polaris-core/src/test/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegrationTest.java
b/polaris-core/src/test/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegrationTest.java
index 794ae25fe..eda958fca 100644
---
a/polaris-core/src/test/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegrationTest.java
+++
b/polaris-core/src/test/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegrationTest.java
@@ -23,7 +23,7 @@ import static
org.apache.polaris.core.storage.azure.AzureCredentialsStorageInteg
import java.time.Instant;
import java.util.Optional;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.Test;
@@ -34,7 +34,7 @@ public class AzureCredentialsStorageIntegrationTest {
public void testAzureCredentialFormatting() {
Instant expiresAt = Instant.ofEpochMilli(Long.MAX_VALUE);
- AccessConfig noSuffixResult =
+ StorageAccessConfig noSuffixResult =
toAccessConfig("sasToken", "some_account", expiresAt,
Optional.empty());
Assertions.assertThat(noSuffixResult.credentials()).hasSize(3);
Assertions.assertThat(noSuffixResult.credentials()).containsKey("adls.sas-token.some_account");
@@ -44,7 +44,7 @@ public class AzureCredentialsStorageIntegrationTest {
.doesNotContainKey(
StorageAccessProperty.AZURE_REFRESH_CREDENTIALS_ENDPOINT.getPropertyName());
- AccessConfig adlsSuffixResult =
+ StorageAccessConfig adlsSuffixResult =
toAccessConfig(
"sasToken",
"some_account." + AzureLocation.ADLS_ENDPOINT,
@@ -63,7 +63,7 @@ public class AzureCredentialsStorageIntegrationTest {
StorageAccessProperty.AZURE_REFRESH_CREDENTIALS_ENDPOINT.getPropertyName(),
"endpoint/credentials");
- AccessConfig blobSuffixResult =
+ StorageAccessConfig blobSuffixResult =
toAccessConfig(
"sasToken", "some_account." + AzureLocation.BLOB_ENDPOINT,
expiresAt, Optional.empty());
Assertions.assertThat(blobSuffixResult.credentials()).hasSize(4);
diff --git
a/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
b/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
index a51badf4b..f1e5ac1f6 100644
---
a/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
+++
b/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
@@ -42,7 +42,7 @@ import
org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
import
org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
import org.apache.polaris.core.persistence.transactional.TreeMapMetaStore;
import
org.apache.polaris.core.persistence.transactional.TreeMapTransactionalPersistenceImpl;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.RepeatedTest;
@@ -412,7 +412,7 @@ public class StorageCredentialCacheTest {
: String.valueOf(Long.MAX_VALUE);
res.add(
new ScopedCredentialsResult(
- AccessConfig.builder()
+ StorageAccessConfig.builder()
.put(StorageAccessProperty.AWS_KEY_ID, "key_id_" + finalI)
.put(StorageAccessProperty.AWS_SECRET_KEY, "key_secret_" +
finalI)
.put(StorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS,
expireTime)
@@ -421,14 +421,14 @@ public class StorageCredentialCacheTest {
if (res.size() == number) return res;
res.add(
new ScopedCredentialsResult(
- AccessConfig.builder()
+ StorageAccessConfig.builder()
.put(StorageAccessProperty.AZURE_SAS_TOKEN, "sas_token_" +
finalI)
.put(StorageAccessProperty.EXPIRATION_TIME, expireTime)
.build()));
if (res.size() == number) return res;
res.add(
new ScopedCredentialsResult(
- AccessConfig.builder()
+ StorageAccessConfig.builder()
.put(StorageAccessProperty.GCS_ACCESS_TOKEN, "gcs_token_" +
finalI)
.put(StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT,
expireTime)
.build()));
@@ -459,7 +459,7 @@ public class StorageCredentialCacheTest {
storageCredentialCache = newStorageCredentialCache();
ScopedCredentialsResult properties =
new ScopedCredentialsResult(
- AccessConfig.builder()
+ StorageAccessConfig.builder()
.put(StorageAccessProperty.AWS_SECRET_KEY, "super-secret-123")
.put(StorageAccessProperty.AWS_ENDPOINT, "test-endpoint1")
.put(StorageAccessProperty.AWS_PATH_STYLE_ACCESS, "true")
@@ -477,7 +477,7 @@ public class StorageCredentialCacheTest {
.thenReturn(properties);
List<PolarisEntity> entityList = getPolarisEntities();
- AccessConfig config =
+ StorageAccessConfig config =
storageCredentialCache.getOrGenerateSubScopeCreds(
metaStoreManager,
callCtx,
diff --git
a/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java
b/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java
index ac1ba85fd..fb0c63c40 100644
---
a/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java
+++
b/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java
@@ -25,8 +25,8 @@ import java.time.Instant;
import java.util.List;
import java.util.Optional;
import java.util.Set;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.BaseStorageIntegrationTest;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.aws.AwsCredentialsStorageIntegration;
import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo;
@@ -84,7 +84,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
return ASSUME_ROLE_RESPONSE;
});
String warehouseDir = scheme + "://bucket/path/to/warehouse";
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(warehouseDir)
@@ -98,7 +98,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
Set.of(warehouseDir + "/namespace/table"),
Set.of(warehouseDir + "/namespace/table"),
Optional.of("/namespace/table/credentials"));
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(),
"sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(),
"accessKey")
@@ -106,7 +106,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
.containsEntry(
StorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS.getPropertyName(),
String.valueOf(EXPIRE_TIME.toEpochMilli()));
- assertThat(accessConfig.extraProperties())
+ assertThat(storageAccessConfig.extraProperties())
.containsEntry(
StorageAccessProperty.AWS_REFRESH_CREDENTIALS_ENDPOINT.getPropertyName(),
"/namespace/table/credentials");
@@ -254,7 +254,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
break;
case AWS_PARTITION:
case "aws-us-gov":
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -269,7 +269,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
Set.of(s3Path(bucket, firstPath), s3Path(bucket,
secondPath)),
Set.of(s3Path(bucket, firstPath)),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(),
"sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(),
"accessKey")
@@ -355,7 +355,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
});
return ASSUME_ROLE_RESPONSE;
});
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -370,7 +370,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
Set.of(s3Path(bucket, firstPath), s3Path(bucket, secondPath)),
Set.of(s3Path(bucket, firstPath)),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(),
"sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(),
"accessKey")
@@ -450,7 +450,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
});
return ASSUME_ROLE_RESPONSE;
});
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -465,7 +465,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
Set.of(s3Path(bucket, firstPath), s3Path(bucket, secondPath)),
Set.of(),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(),
"sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(),
"accessKey")
@@ -517,7 +517,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
});
return ASSUME_ROLE_RESPONSE;
});
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -532,7 +532,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
Set.of(),
Set.of(),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(),
"sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(),
"accessKey")
@@ -578,7 +578,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
break;
case AWS_PARTITION:
case "aws-us-gov":
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -593,7 +593,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
Set.of(),
Set.of(),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(),
"sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(),
"accessKey")
.containsEntry(StorageAccessProperty.AWS_SECRET_KEY.getPropertyName(),
"secretKey")
@@ -619,7 +619,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
});
switch (awsPartition) {
case AWS_PARTITION:
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -633,7 +633,7 @@ class AwsCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
Set.of(),
Set.of(),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.doesNotContainKey(StorageAccessProperty.CLIENT_REGION.getPropertyName());
break;
diff --git
a/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java
b/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java
index 96e441000..42a8bd327 100644
---
a/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java
+++
b/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java
@@ -47,8 +47,8 @@ import java.util.HashSet;
import java.util.List;
import java.util.Optional;
import java.util.stream.Stream;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.BaseStorageIntegrationTest;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import
org.apache.polaris.core.storage.azure.AzureCredentialsStorageIntegration;
import org.apache.polaris.core.storage.azure.AzureStorageConfigurationInfo;
@@ -121,13 +121,13 @@ public class AzureCredentialStorageIntegrationTest
extends BaseStorageIntegratio
String.format(
"abfss://container@icebergdfsstorageacct.%s.core.windows.net/polaris-test/",
service));
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
subscopedCredsForOperations(
/* allowedReadLoc= */ allowedLoc,
/* allowedWriteLoc= */ new ArrayList<>(),
allowListAction);
- Assertions.assertThat(accessConfig.credentials()).hasSize(2);
- String sasToken = accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN);
+ Assertions.assertThat(storageAccessConfig.credentials()).hasSize(2);
+ String sasToken =
storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN);
Assertions.assertThat(sasToken).isNotNull();
String serviceEndpoint =
String.format("https://icebergdfsstorageacct.%s.core.windows.net";,
service);
@@ -192,7 +192,7 @@ public class AzureCredentialStorageIntegrationTest extends
BaseStorageIntegratio
String.format(
"abfss://container@icebergdfsstorageacct.%s.core.windows.net/%s",
service, allowedPrefix));
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
subscopedCredsForOperations(
/* allowedReadLoc= */ allowedLoc,
/* allowedWriteLoc= */ new ArrayList<>(),
@@ -200,7 +200,7 @@ public class AzureCredentialStorageIntegrationTest extends
BaseStorageIntegratio
BlobClient blobClient =
createBlobClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
"https://icebergdfsstorageacct.dfs.core.windows.net";,
"container",
allowedPrefix);
@@ -231,7 +231,7 @@ public class AzureCredentialStorageIntegrationTest extends
BaseStorageIntegratio
// read fail because container is blocked
BlobClient blobClientReadFail =
createBlobClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
String.format("https://icebergdfsstorageacct.%s.core.windows.net";,
service),
"regtest",
blockedPrefix);
@@ -262,7 +262,7 @@ public class AzureCredentialStorageIntegrationTest extends
BaseStorageIntegratio
String.format(
"abfss://container@icebergdfsstorageacct.%s.core.windows.net/%s",
service, allowedPrefix));
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
subscopedCredsForOperations(
/* allowedReadLoc= */ new ArrayList<>(),
/* allowedWriteLoc= */ allowedLoc,
@@ -271,13 +271,13 @@ public class AzureCredentialStorageIntegrationTest
extends BaseStorageIntegratio
String.format("https://icebergdfsstorageacct.%s.core.windows.net";,
service);
BlobClient blobClient =
createBlobClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
serviceEndpoint,
"container",
allowedPrefix +
"metadata/00000-65ffa17b-fe64-4c38-bcb9-06f9bd12aa2a.metadata.json");
DataLakeFileClient fileClient =
createDatalakeFileClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
serviceEndpoint,
"container",
"polaris-test/scopedcreds/metadata",
@@ -312,13 +312,13 @@ public class AzureCredentialStorageIntegrationTest
extends BaseStorageIntegratio
String blockedContainer = "regtest";
BlobClient blobClientWriteFail =
createBlobClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
serviceEndpoint,
blockedContainer,
blockedPrefix);
DataLakeFileClient fileClientFail =
createDatalakeFileClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
serviceEndpoint,
blockedContainer,
"polaris-test/scopedcreds/metadata",
@@ -339,7 +339,7 @@ public class AzureCredentialStorageIntegrationTest extends
BaseStorageIntegratio
}
}
- private AccessConfig subscopedCredsForOperations(
+ private StorageAccessConfig subscopedCredsForOperations(
List<String> allowedReadLoc, List<String> allowedWriteLoc, boolean
allowListAction) {
AzureStorageConfigurationInfo azureConfig =
AzureStorageConfigurationInfo.builder()
diff --git
a/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java
b/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java
index c4f026d86..b0be0883d 100644
---
a/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java
+++
b/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java
@@ -44,8 +44,8 @@ import java.util.HashSet;
import java.util.List;
import java.util.Optional;
import java.util.Set;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.BaseStorageIntegrationTest;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.gcp.GcpCredentialsStorageIntegration;
import org.apache.polaris.core.storage.gcp.GcpStorageConfigurationInfo;
@@ -144,20 +144,20 @@ class GcpCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
return BlobInfo.newBuilder(blobId).build();
}
- private Storage createStorageClient(AccessConfig accessConfig) {
+ private Storage createStorageClient(StorageAccessConfig storageAccessConfig)
{
AccessToken accessToken =
new AccessToken(
- accessConfig.get(StorageAccessProperty.GCS_ACCESS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.GCS_ACCESS_TOKEN),
new Date(
Long.parseLong(
-
accessConfig.get(StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT))));
+
storageAccessConfig.get(StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT))));
return StorageOptions.newBuilder()
.setCredentials(GoogleCredentials.create(accessToken))
.build()
.getService();
}
- private AccessConfig subscopedCredsForOperations(
+ private StorageAccessConfig subscopedCredsForOperations(
List<String> allowedReadLoc, List<String> allowedWriteLoc, boolean
allowListAction)
throws IOException {
GcpStorageConfigurationInfo gcpConfig =
@@ -302,10 +302,10 @@ class GcpCredentialsStorageIntegrationTest extends
BaseStorageIntegrationTest {
.isNotNull()
.isNotEmpty();
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
subscopedCredsForOperations(
List.of("gs://bucket1/path/to/data"),
List.of("gs://bucket1/path/to/data"), true);
-
assertThat(accessConfig.get(StorageAccessProperty.GCS_REFRESH_CREDENTIALS_ENDPOINT))
+
assertThat(storageAccessConfig.get(StorageAccessProperty.GCS_REFRESH_CREDENTIALS_ENDPOINT))
.isEqualTo(REFRESH_ENDPOINT);
}
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalog.java
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalog.java
index 75742412e..89624418a 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalog.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalog.java
@@ -119,16 +119,16 @@ import
org.apache.polaris.core.persistence.resolver.PolarisResolutionManifestCat
import org.apache.polaris.core.persistence.resolver.ResolverFactory;
import org.apache.polaris.core.persistence.resolver.ResolverPath;
import org.apache.polaris.core.persistence.resolver.ResolverStatus;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageLocation;
import org.apache.polaris.core.storage.StorageUtil;
import org.apache.polaris.service.catalog.SupportsNotifications;
import org.apache.polaris.service.catalog.common.CatalogUtils;
import org.apache.polaris.service.catalog.common.LocationUtils;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.FileIOFactory;
import org.apache.polaris.service.catalog.io.FileIOUtil;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import
org.apache.polaris.service.catalog.validation.IcebergPropertiesValidation;
import org.apache.polaris.service.events.IcebergRestCatalogEvents;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -179,7 +179,7 @@ public class IcebergCatalog extends BaseMetastoreViewCatalog
private long catalogId = -1;
private String defaultBaseLocation;
private Map<String, String> catalogProperties;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider storageAccessConfigProvider;
private FileIOFactory fileIOFactory;
private PolarisMetaStoreManager metaStoreManager;
@@ -197,7 +197,7 @@ public class IcebergCatalog extends BaseMetastoreViewCatalog
PolarisResolutionManifestCatalogView resolvedEntityView,
PolarisPrincipal principal,
TaskExecutor taskExecutor,
- AccessConfigProvider accessConfigProvider,
+ StorageAccessConfigProvider storageAccessConfigProvider,
FileIOFactory fileIOFactory,
PolarisEventListener polarisEventListener) {
this.diagnostics = diagnostics;
@@ -210,7 +210,7 @@ public class IcebergCatalog extends BaseMetastoreViewCatalog
this.taskExecutor = taskExecutor;
this.catalogId = catalogEntity.getId();
this.catalogName = catalogEntity.getName();
- this.accessConfigProvider = accessConfigProvider;
+ this.storageAccessConfigProvider = storageAccessConfigProvider;
this.fileIOFactory = fileIOFactory;
this.metaStoreManager = metaStoreManager;
this.polarisEventListener = polarisEventListener;
@@ -2078,8 +2078,8 @@ public class IcebergCatalog extends
BaseMetastoreViewCatalog
PolarisResolvedPathWrapper resolvedStorageEntity,
Map<String, String> tableProperties,
Set<PolarisStorageActions> storageActions) {
- AccessConfig accessConfig =
- accessConfigProvider.getAccessConfig(
+ StorageAccessConfig storageAccessConfig =
+ storageAccessConfigProvider.getStorageAccessConfig(
callContext,
identifier,
readLocations,
@@ -2087,7 +2087,7 @@ public class IcebergCatalog extends
BaseMetastoreViewCatalog
Optional.empty(),
resolvedStorageEntity);
// Reload fileIO based on table specific context
- FileIO fileIO = fileIOFactory.loadFileIO(accessConfig, ioImplClassName,
tableProperties);
+ FileIO fileIO = fileIOFactory.loadFileIO(storageAccessConfig,
ioImplClassName, tableProperties);
// ensure the new fileIO is closed when the catalog is closed
closeableGroup.addCloseable(fileIO);
return fileIO;
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
index c636fb075..352d1a81c 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
@@ -81,7 +81,7 @@ import org.apache.polaris.service.catalog.CatalogPrefixParser;
import org.apache.polaris.service.catalog.api.IcebergRestCatalogApiService;
import
org.apache.polaris.service.catalog.api.IcebergRestConfigurationApiService;
import org.apache.polaris.service.catalog.common.CatalogAdapter;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.context.catalog.CallContextCatalogFactory;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -150,7 +150,7 @@ public class IcebergCatalogAdapter
private final CatalogHandlerUtils catalogHandlerUtils;
private final Instance<ExternalCatalogFactory> externalCatalogFactories;
private final PolarisEventListener polarisEventListener;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider storageAccessConfigProvider;
private final PolarisMetricsReporter metricsReporter;
@Inject
@@ -169,7 +169,7 @@ public class IcebergCatalogAdapter
CatalogHandlerUtils catalogHandlerUtils,
@Any Instance<ExternalCatalogFactory> externalCatalogFactories,
PolarisEventListener polarisEventListener,
- AccessConfigProvider accessConfigProvider,
+ StorageAccessConfigProvider storageAccessConfigProvider,
PolarisMetricsReporter metricsReporter) {
this.diagnostics = diagnostics;
this.realmContext = realmContext;
@@ -186,7 +186,7 @@ public class IcebergCatalogAdapter
this.catalogHandlerUtils = catalogHandlerUtils;
this.externalCatalogFactories = externalCatalogFactories;
this.polarisEventListener = polarisEventListener;
- this.accessConfigProvider = accessConfigProvider;
+ this.storageAccessConfigProvider = storageAccessConfigProvider;
this.metricsReporter = metricsReporter;
}
@@ -228,7 +228,7 @@ public class IcebergCatalogAdapter
catalogHandlerUtils,
externalCatalogFactories,
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
@Override
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
index a10c7afe7..1de129cac 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
@@ -99,14 +99,14 @@ import
org.apache.polaris.core.persistence.dao.entity.EntityWithPath;
import org.apache.polaris.core.persistence.pagination.Page;
import org.apache.polaris.core.persistence.pagination.PageToken;
import org.apache.polaris.core.persistence.resolver.ResolutionManifestFactory;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageUtil;
import org.apache.polaris.service.catalog.AccessDelegationMode;
import org.apache.polaris.service.catalog.SupportsNotifications;
import org.apache.polaris.service.catalog.common.CatalogHandler;
import org.apache.polaris.service.catalog.common.CatalogUtils;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.context.catalog.CallContextCatalogFactory;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -139,7 +139,7 @@ public class IcebergCatalogHandler extends CatalogHandler
implements AutoCloseab
private final ReservedProperties reservedProperties;
private final CatalogHandlerUtils catalogHandlerUtils;
private final PolarisEventListener polarisEventListener;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider storageAccessConfigProvider;
// Catalog instance will be initialized after authorizing resolver
successfully resolves
// the catalog entity.
@@ -164,7 +164,7 @@ public class IcebergCatalogHandler extends CatalogHandler
implements AutoCloseab
CatalogHandlerUtils catalogHandlerUtils,
Instance<ExternalCatalogFactory> externalCatalogFactories,
PolarisEventListener polarisEventListener,
- AccessConfigProvider accessConfigProvider) {
+ StorageAccessConfigProvider storageAccessConfigProvider) {
super(
diagnostics,
callContext,
@@ -179,7 +179,7 @@ public class IcebergCatalogHandler extends CatalogHandler
implements AutoCloseab
this.reservedProperties = reservedProperties;
this.catalogHandlerUtils = catalogHandlerUtils;
this.polarisEventListener = polarisEventListener;
- this.accessConfigProvider = accessConfigProvider;
+ this.storageAccessConfigProvider = storageAccessConfigProvider;
}
private CatalogEntity getResolvedCatalogEntity() {
@@ -810,15 +810,15 @@ public class IcebergCatalogHandler extends CatalogHandler
implements AutoCloseab
validateRemoteTableLocations(tableIdentifier, tableLocations,
resolvedStoragePath);
}
- AccessConfig accessConfig =
- accessConfigProvider.getAccessConfig(
+ StorageAccessConfig storageAccessConfig =
+ storageAccessConfigProvider.getStorageAccessConfig(
callContext,
tableIdentifier,
tableLocations,
actions,
refreshCredentialsEndpoint,
resolvedStoragePath);
- Map<String, String> credentialConfig = accessConfig.credentials();
+ Map<String, String> credentialConfig = storageAccessConfig.credentials();
if (delegationModes.contains(VENDED_CREDENTIALS)) {
if (!credentialConfig.isEmpty()) {
responseBuilder.addAllConfig(credentialConfig);
@@ -831,12 +831,12 @@ public class IcebergCatalogHandler extends CatalogHandler
implements AutoCloseab
Boolean skipCredIndirection =
realmConfig.getConfig(FeatureConfiguration.SKIP_CREDENTIAL_SUBSCOPING_INDIRECTION);
Preconditions.checkArgument(
- !accessConfig.supportsCredentialVending() || skipCredIndirection,
+ !storageAccessConfig.supportsCredentialVending() ||
skipCredIndirection,
"Credential vending was requested for table %s, but no
credentials are available",
tableIdentifier);
}
}
- responseBuilder.addAllConfig(accessConfig.extraProperties());
+ responseBuilder.addAllConfig(storageAccessConfig.extraProperties());
}
return responseBuilder;
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java
index a2e78524d..c132322f5 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java
@@ -27,7 +27,7 @@ import java.util.HashMap;
import java.util.Map;
import org.apache.iceberg.CatalogUtil;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/**
* A default FileIO factory implementation for creating Iceberg {@link FileIO}
instances with
@@ -45,7 +45,7 @@ public class DefaultFileIOFactory implements FileIOFactory {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig storageAccessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map<String, String> properties) {
@@ -56,9 +56,9 @@ public class DefaultFileIOFactory implements FileIOFactory {
// Update with properties in case there are table-level overrides the
credentials should
// always override table-level properties, since storage configuration
will be found at
// whatever entity defines it
- properties.putAll(accessConfig.credentials());
- properties.putAll(accessConfig.extraProperties());
- properties.putAll(accessConfig.internalProperties());
+ properties.putAll(storageAccessConfig.credentials());
+ properties.putAll(storageAccessConfig.extraProperties());
+ properties.putAll(storageAccessConfig.internalProperties());
return loadFileIOInternal(ioImplClassName, properties);
}
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOFactory.java
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOFactory.java
index 5c6007efa..b9bfbf97e 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOFactory.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOFactory.java
@@ -22,7 +22,7 @@ import jakarta.annotation.Nonnull;
import jakarta.enterprise.context.ApplicationScoped;
import java.util.Map;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/**
* Interface for providing a way to construct FileIO objects, such as for
reading/writing S3.
@@ -37,13 +37,14 @@ public interface FileIOFactory {
* <p>This method may obtain subscoped credentials to restrict the FileIO's
permissions, ensuring
* secure and limited access to the table's data and locations.
*
- * @param accessConfig the access configuration containing credentials and
other properties.
+ * @param storageAccessConfig the storage access configuration containing
credentials and other
+ * properties.
* @param ioImplClassName the class name of the FileIO implementation to
load.
* @param properties configuration properties for the FileIO.
* @return a configured FileIO instance.
*/
FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig storageAccessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map<String, String> properties);
}
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOUtil.java
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOUtil.java
index f4a6320d6..7d5a112bb 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOUtil.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOUtil.java
@@ -26,9 +26,9 @@ import org.apache.polaris.core.context.CallContext;
import org.apache.polaris.core.entity.PolarisEntity;
import org.apache.polaris.core.entity.PolarisEntityConstants;
import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisCredentialVendor;
import org.apache.polaris.core.storage.PolarisStorageActions;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.cache.StorageCredentialCache;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
import org.slf4j.Logger;
@@ -74,7 +74,7 @@ public class FileIOUtil {
* and read/write metadata JSON files.
* </ul>
*/
- public static AccessConfig refreshAccessConfig(
+ public static StorageAccessConfig refreshAccessConfig(
CallContext callContext,
StorageCredentialCache storageCredentialCache,
PolarisCredentialVendor credentialVendor,
@@ -93,7 +93,7 @@ public class FileIOUtil {
.atDebug()
.addKeyValue("tableIdentifier", tableIdentifier)
.log("Skipping generation of subscoped creds for table");
- return AccessConfig.builder().build();
+ return StorageAccessConfig.builder().build();
}
boolean allowList =
@@ -105,7 +105,7 @@ public class FileIOUtil {
|| storageActions.contains(PolarisStorageActions.ALL)
? tableLocations
: Set.of();
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
storageCredentialCache.getOrGenerateSubScopeCreds(
credentialVendor,
callContext.getPolarisCallContext(),
@@ -117,12 +117,12 @@ public class FileIOUtil {
LOGGER
.atDebug()
.addKeyValue("tableIdentifier", tableIdentifier)
- .addKeyValue("credentialKeys", accessConfig.credentials().keySet())
- .addKeyValue("extraProperties", accessConfig.extraProperties())
+ .addKeyValue("credentialKeys",
storageAccessConfig.credentials().keySet())
+ .addKeyValue("extraProperties", storageAccessConfig.extraProperties())
.log("Loaded scoped credentials for table");
- if (accessConfig.credentials().isEmpty()) {
+ if (storageAccessConfig.credentials().isEmpty()) {
LOGGER.debug("No credentials found for table");
}
- return accessConfig;
+ return storageAccessConfig;
}
}
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/AccessConfigProvider.java
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/StorageAccessConfigProvider.java
similarity index 88%
rename from
runtime/service/src/main/java/org/apache/polaris/service/catalog/io/AccessConfigProvider.java
rename to
runtime/service/src/main/java/org/apache/polaris/service/catalog/io/StorageAccessConfigProvider.java
index d33604027..80e62856a 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/AccessConfigProvider.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/StorageAccessConfigProvider.java
@@ -29,8 +29,8 @@ import org.apache.polaris.core.context.CallContext;
import org.apache.polaris.core.entity.PolarisEntity;
import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.cache.StorageCredentialCache;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -43,15 +43,15 @@ import org.slf4j.LoggerFactory;
* primary entrypoint to get sub-scoped credentials for accessing table data.
*/
@ApplicationScoped
-public class AccessConfigProvider {
+public class StorageAccessConfigProvider {
- private static final Logger LOGGER =
LoggerFactory.getLogger(AccessConfigProvider.class);
+ private static final Logger LOGGER =
LoggerFactory.getLogger(StorageAccessConfigProvider.class);
private final StorageCredentialCache storageCredentialCache;
private final MetaStoreManagerFactory metaStoreManagerFactory;
@Inject
- public AccessConfigProvider(
+ public StorageAccessConfigProvider(
StorageCredentialCache storageCredentialCache,
MetaStoreManagerFactory metaStoreManagerFactory) {
this.storageCredentialCache = storageCredentialCache;
@@ -68,10 +68,10 @@ public class AccessConfigProvider {
* to
* @param refreshCredentialsEndpoint optional endpoint URL for clients to
refresh credentials
* @param resolvedPath the entity hierarchy to search for storage
configuration
- * @return {@link AccessConfig} with scoped credentials and metadata; empty
if no storage config
- * found
+ * @return {@link StorageAccessConfig} with scoped credentials and metadata;
empty if no storage
+ * config found
*/
- public AccessConfig getAccessConfig(
+ public StorageAccessConfig getStorageAccessConfig(
@Nonnull CallContext callContext,
@Nonnull TableIdentifier tableIdentifier,
@Nonnull Set<String> tableLocations,
@@ -89,7 +89,7 @@ public class AccessConfigProvider {
.atWarn()
.addKeyValue("tableIdentifier", tableIdentifier)
.log("Table entity has no storage configuration in its hierarchy");
- return AccessConfig.builder().supportsCredentialVending(false).build();
+ return
StorageAccessConfig.builder().supportsCredentialVending(false).build();
}
return FileIOUtil.refreshAccessConfig(
callContext,
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/WasbTranslatingFileIOFactory.java
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/WasbTranslatingFileIOFactory.java
index 47617309c..3e4b7f306 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/WasbTranslatingFileIOFactory.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/WasbTranslatingFileIOFactory.java
@@ -24,7 +24,7 @@ import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import java.util.Map;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/** A {@link FileIOFactory} that translates WASB paths to ABFS ones */
@ApplicationScoped
@@ -40,7 +40,7 @@ public class WasbTranslatingFileIOFactory implements
FileIOFactory {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig accessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map<String, String> properties) {
return new WasbTranslatingFileIO(
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/context/catalog/PolarisCallContextCatalogFactory.java
b/runtime/service/src/main/java/org/apache/polaris/service/context/catalog/PolarisCallContextCatalogFactory.java
index 70cb8e6b1..65eb7f9d5 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/context/catalog/PolarisCallContextCatalogFactory.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/context/catalog/PolarisCallContextCatalogFactory.java
@@ -32,8 +32,8 @@ import
org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.resolver.PolarisResolutionManifest;
import org.apache.polaris.core.persistence.resolver.ResolverFactory;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
import org.apache.polaris.service.task.TaskExecutor;
import org.slf4j.Logger;
@@ -46,7 +46,7 @@ public class PolarisCallContextCatalogFactory implements
CallContextCatalogFacto
private final PolarisDiagnostics diagnostics;
private final TaskExecutor taskExecutor;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider storageAccessConfigProvider;
private final FileIOFactory fileIOFactory;
private final ResolverFactory resolverFactory;
private final PolarisEventListener polarisEventListener;
@@ -59,7 +59,7 @@ public class PolarisCallContextCatalogFactory implements
CallContextCatalogFacto
PolarisDiagnostics diagnostics,
ResolverFactory resolverFactory,
TaskExecutor taskExecutor,
- AccessConfigProvider accessConfigProvider,
+ StorageAccessConfigProvider storageAccessConfigProvider,
FileIOFactory fileIOFactory,
PolarisEventListener polarisEventListener,
PolarisMetaStoreManager metaStoreManager,
@@ -68,7 +68,7 @@ public class PolarisCallContextCatalogFactory implements
CallContextCatalogFacto
this.diagnostics = diagnostics;
this.resolverFactory = resolverFactory;
this.taskExecutor = taskExecutor;
- this.accessConfigProvider = accessConfigProvider;
+ this.storageAccessConfigProvider = storageAccessConfigProvider;
this.fileIOFactory = fileIOFactory;
this.polarisEventListener = polarisEventListener;
this.metaStoreManager = metaStoreManager;
@@ -94,7 +94,7 @@ public class PolarisCallContextCatalogFactory implements
CallContextCatalogFacto
resolvedManifest,
principal,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener);
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java
b/runtime/service/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java
index 23ec20abc..706acb422 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java
@@ -32,11 +32,11 @@ import java.util.Optional;
import java.util.Set;
import java.util.function.Supplier;
import org.apache.polaris.core.config.RealmConfig;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.aws.AwsCredentialsStorageIntegration;
import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo;
import org.apache.polaris.core.storage.aws.StsClientProvider;
@@ -109,13 +109,13 @@ public class PolarisStorageIntegrationProviderImpl
implements PolarisStorageInte
storageIntegration =
new PolarisStorageIntegration<>((T)
polarisStorageConfigurationInfo, "file") {
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set<String> allowedReadLocations,
@Nonnull Set<String> allowedWriteLocations,
Optional<String> refreshCredentialsEndpoint) {
- return
AccessConfig.builder().supportsCredentialVending(false).build();
+ return
StorageAccessConfig.builder().supportsCredentialVending(false).build();
}
@Override
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java
b/runtime/service/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java
index 720f204fc..b4c31d692 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java
@@ -33,21 +33,21 @@ import org.apache.polaris.core.entity.PolarisTaskConstants;
import org.apache.polaris.core.entity.TaskEntity;
import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper;
import org.apache.polaris.core.persistence.ResolvedPolarisEntity;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
@ApplicationScoped
public class TaskFileIOSupplier {
private final FileIOFactory fileIOFactory;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider accessConfigProvider;
@Inject
public TaskFileIOSupplier(
- FileIOFactory fileIOFactory, AccessConfigProvider accessConfigProvider) {
+ FileIOFactory fileIOFactory, StorageAccessConfigProvider
storageAccessConfigProvider) {
this.fileIOFactory = fileIOFactory;
- this.accessConfigProvider = accessConfigProvider;
+ this.accessConfigProvider = storageAccessConfigProvider;
}
public FileIO apply(TaskEntity task, TableIdentifier identifier, CallContext
callContext) {
@@ -62,14 +62,14 @@ public class TaskFileIOSupplier {
new ResolvedPolarisEntity(task, List.of(), List.of());
PolarisResolvedPathWrapper resolvedPath =
new PolarisResolvedPathWrapper(List.of(resolvedTaskEntity));
- AccessConfig accessConfig =
- accessConfigProvider.getAccessConfig(
+ StorageAccessConfig storageAccessConfig =
+ accessConfigProvider.getStorageAccessConfig(
callContext, identifier, locations, storageActions,
Optional.empty(), resolvedPath);
String ioImpl =
properties.getOrDefault(
CatalogProperties.FILE_IO_IMPL,
"org.apache.iceberg.io.ResolvingFileIO");
- return fileIOFactory.loadFileIO(accessConfig, ioImpl, properties);
+ return fileIOFactory.loadFileIO(storageAccessConfig, ioImpl, properties);
}
}
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/admin/PolarisAuthzTestBase.java
b/runtime/service/src/test/java/org/apache/polaris/service/admin/PolarisAuthzTestBase.java
index 4b1799d8c..0bb4856eb 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/admin/PolarisAuthzTestBase.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/admin/PolarisAuthzTestBase.java
@@ -87,8 +87,8 @@ import org.apache.polaris.service.catalog.Profiles;
import org.apache.polaris.service.catalog.generic.PolarisGenericTableCatalog;
import org.apache.polaris.service.catalog.iceberg.CatalogHandlerUtils;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.catalog.policy.PolicyCatalog;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.context.catalog.CallContextCatalogFactory;
@@ -203,7 +203,7 @@ public abstract class PolarisAuthzTestBase {
@Inject protected PolarisConfigurationStore configurationStore;
@Inject protected StorageCredentialCache storageCredentialCache;
@Inject protected ResolverFactory resolverFactory;
- @Inject protected AccessConfigProvider accessConfigProvider;
+ @Inject protected StorageAccessConfigProvider storageAccessConfigProvider;
protected IcebergCatalog baseCatalog;
protected PolarisGenericTableCatalog genericTableCatalog;
@@ -499,7 +499,7 @@ public abstract class PolarisAuthzTestBase {
passthroughView,
authenticatedRoot,
Mockito.mock(),
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener);
this.baseCatalog.initialize(
@@ -527,7 +527,7 @@ public abstract class PolarisAuthzTestBase {
PolarisDiagnostics diagnostics,
ResolverFactory resolverFactory,
TaskExecutor taskExecutor,
- AccessConfigProvider accessConfigProvider,
+ StorageAccessConfigProvider accessConfigProvider,
FileIOFactory fileIOFactory,
PolarisEventListener polarisEventListener,
PolarisMetaStoreManager metaStoreManager,
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/generic/AbstractPolarisGenericTableCatalogTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/generic/AbstractPolarisGenericTableCatalogTest.java
index f4dceffe6..5cda9c798 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/generic/AbstractPolarisGenericTableCatalogTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/generic/AbstractPolarisGenericTableCatalogTest.java
@@ -66,9 +66,9 @@ import
org.apache.polaris.core.storage.cache.StorageCredentialCache;
import org.apache.polaris.service.admin.PolarisAdminService;
import org.apache.polaris.service.catalog.PolarisPassthroughResolutionView;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.DefaultFileIOFactory;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.events.listeners.NoOpPolarisEventListener;
import
org.apache.polaris.service.storage.PolarisStorageIntegrationProviderImpl;
@@ -119,7 +119,7 @@ public abstract class
AbstractPolarisGenericTableCatalogTest {
private FileIOFactory fileIOFactory;
private PolarisPrincipal authenticatedRoot;
private PolarisEntity catalogEntity;
- private AccessConfigProvider accessConfigProvider;
+ private StorageAccessConfigProvider storageAccessConfigProvider;
protected static final Schema SCHEMA =
new Schema(
@@ -156,8 +156,8 @@ public abstract class
AbstractPolarisGenericTableCatalogTest {
metaStoreManagerFactory.getOrCreateSession(realmContext),
configurationStore);
realmConfig = polarisContext.getRealmConfig();
- accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
+ storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
PrincipalEntity rootPrincipal =
metaStoreManager.findRootPrincipal(polarisContext).orElseThrow();
@@ -242,7 +242,7 @@ public abstract class
AbstractPolarisGenericTableCatalogTest {
passthroughView,
authenticatedRoot,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
new NoOpPolarisEventListener());
this.icebergCatalog.initialize(
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogTest.java
index fa05af7ef..3e7cc1985 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogTest.java
@@ -126,9 +126,9 @@ import
org.apache.polaris.core.persistence.resolver.Resolver;
import org.apache.polaris.core.persistence.resolver.ResolverFactory;
import org.apache.polaris.core.secrets.UserSecretsManager;
import org.apache.polaris.core.secrets.UserSecretsManagerFactory;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.aws.AwsCredentialsStorageIntegration;
import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo;
@@ -136,11 +136,11 @@ import
org.apache.polaris.core.storage.cache.StorageCredentialCache;
import org.apache.polaris.service.admin.PolarisAdminService;
import org.apache.polaris.service.catalog.PolarisPassthroughResolutionView;
import org.apache.polaris.service.catalog.Profiles;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.DefaultFileIOFactory;
import org.apache.polaris.service.catalog.io.ExceptionMappingFileIO;
import org.apache.polaris.service.catalog.io.FileIOFactory;
import org.apache.polaris.service.catalog.io.MeasuredFileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.events.IcebergRestCatalogEvents;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -252,7 +252,7 @@ public abstract class AbstractIcebergCatalogTest extends
CatalogTests<IcebergCat
private PolarisPrincipal authenticatedRoot;
private TestPolarisEventListener testPolarisEventListener;
private ReservedProperties reservedProperties;
- private AccessConfigProvider accessConfigProvider;
+ private StorageAccessConfigProvider storageAccessConfigProvider;
@BeforeAll
public static void setUpMocks() {
@@ -290,8 +290,8 @@ public abstract class AbstractIcebergCatalogTest extends
CatalogTests<IcebergCat
metaStoreManagerFactory.getOrCreateSession(realmContext),
configurationStore);
realmConfig = polarisContext.getRealmConfig();
- accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
+ storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
EntityCache entityCache = createEntityCache(diagServices, realmConfig,
metaStoreManager);
resolverFactory =
(principal, referenceCatalogName) ->
@@ -454,7 +454,7 @@ public abstract class AbstractIcebergCatalogTest extends
CatalogTests<IcebergCat
passthroughView,
authenticatedRoot,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener);
}
@@ -1905,7 +1905,7 @@ public abstract class AbstractIcebergCatalogTest extends
CatalogTests<IcebergCat
Set.of(tableMetadata.location()),
Set.of(tableMetadata.location()),
Optional.empty())
- .getAccessConfig()
+ .getStorageAccessConfig()
.credentials();
Assertions.assertThat(credentials)
.isNotNull()
@@ -1914,7 +1914,7 @@ public abstract class AbstractIcebergCatalogTest extends
CatalogTests<IcebergCat
.containsEntry(StorageAccessProperty.AWS_SECRET_KEY.getPropertyName(),
SECRET_ACCESS_KEY)
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(),
SESSION_TOKEN);
FileIO fileIO =
- new TaskFileIOSupplier(new DefaultFileIOFactory(),
accessConfigProvider)
+ new TaskFileIOSupplier(new DefaultFileIOFactory(),
storageAccessConfigProvider)
.apply(taskEntity, TABLE, polarisContext);
Assertions.assertThat(fileIO).isNotNull().isInstanceOf(ExceptionMappingFileIO.class);
Assertions.assertThat(((ExceptionMappingFileIO) fileIO).getInnerIo())
@@ -2083,14 +2083,14 @@ public abstract class AbstractIcebergCatalogTest
extends CatalogTests<IcebergCat
new FileIOFactory() {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig accessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map<String, String> properties) {
return measured.loadFileIO(
accessConfig,
"org.apache.iceberg.inmemory.InMemoryFileIO", Map.of());
}
},
- accessConfigProvider);
+ storageAccessConfigProvider);
TableCleanupTaskHandler handler =
new TableCleanupTaskHandler(
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogViewTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogViewTest.java
index 2406108ab..f8468d6bf 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogViewTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogViewTest.java
@@ -57,9 +57,9 @@ import
org.apache.polaris.core.storage.cache.StorageCredentialCache;
import org.apache.polaris.service.admin.PolarisAdminService;
import org.apache.polaris.service.catalog.PolarisPassthroughResolutionView;
import org.apache.polaris.service.catalog.Profiles;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.DefaultFileIOFactory;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.events.IcebergRestCatalogEvents;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -121,7 +121,7 @@ public abstract class AbstractIcebergCatalogViewTest
extends ViewCatalogTests<Ic
private UserSecretsManager userSecretsManager;
private PolarisCallContext polarisContext;
private RealmConfig realmConfig;
- private AccessConfigProvider accessConfigProvider;
+ private StorageAccessConfigProvider storageAccessConfigProvider;
private TestPolarisEventListener testPolarisEventListener;
@@ -162,8 +162,8 @@ public abstract class AbstractIcebergCatalogViewTest
extends ViewCatalogTests<Ic
metaStoreManagerFactory.getOrCreateSession(realmContext),
configurationStore);
realmConfig = polarisContext.getRealmConfig();
- accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
+ storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
PrincipalEntity rootPrincipal =
metaStoreManager.findRootPrincipal(polarisContext).orElseThrow();
PolarisPrincipal authenticatedRoot = PolarisPrincipal.of(rootPrincipal,
Set.of());
@@ -215,7 +215,7 @@ public abstract class AbstractIcebergCatalogViewTest
extends ViewCatalogTests<Ic
passthroughView,
authenticatedRoot,
Mockito.mock(),
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener);
Map<String, String> properties =
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerAuthzTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerAuthzTest.java
index 924e376e4..34118d6a7 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerAuthzTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerAuthzTest.java
@@ -134,7 +134,7 @@ public class IcebergCatalogHandlerAuthzTest extends
PolarisAuthzTestBase {
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
protected void doTestInsufficientPrivileges(
@@ -274,7 +274,7 @@ public class IcebergCatalogHandlerAuthzTest extends
PolarisAuthzTestBase {
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
// a variety of actions are all disallowed because the principal's
credentials must be rotated
doTestInsufficientPrivileges(
@@ -312,7 +312,7 @@ public class IcebergCatalogHandlerAuthzTest extends
PolarisAuthzTestBase {
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
doTestSufficientPrivilegeSets(
List.of(Set.of(PolarisPrivilege.NAMESPACE_LIST)),
@@ -1189,7 +1189,7 @@ public class IcebergCatalogHandlerAuthzTest extends
PolarisAuthzTestBase {
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
@Test
@@ -1894,7 +1894,7 @@ public class IcebergCatalogHandlerAuthzTest extends
PolarisAuthzTestBase {
diagServices,
resolverFactory,
Mockito.mock(),
- accessConfigProvider,
+ storageAccessConfigProvider,
new DefaultFileIOFactory(),
polarisEventListener,
metaStoreManager,
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerFineGrainedDisabledTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerFineGrainedDisabledTest.java
index 7c5ae41b6..0b4fcc910 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerFineGrainedDisabledTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerFineGrainedDisabledTest.java
@@ -71,7 +71,7 @@ public class IcebergCatalogHandlerFineGrainedDisabledTest
extends PolarisAuthzTe
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
public static class Profile extends PolarisAuthzTestBase.Profile {
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/io/FileIOFactoryTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/io/FileIOFactoryTest.java
index 731ab6f07..673e0f292 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/io/FileIOFactoryTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/io/FileIOFactoryTest.java
@@ -169,7 +169,8 @@ public class FileIOFactoryTest {
Assertions.assertThat(tasks).hasSize(1);
TaskEntity taskEntity = TaskEntity.of(tasks.get(0));
FileIO fileIO =
- new TaskFileIOSupplier(testServices.fileIOFactory(),
testServices.accessConfigProvider())
+ new TaskFileIOSupplier(
+ testServices.fileIOFactory(),
testServices.storageAccessConfigProvider())
.apply(taskEntity, TABLE, callContext);
Assertions.assertThat(fileIO).isNotNull().isInstanceOf(ExceptionMappingFileIO.class);
Assertions.assertThat(((ExceptionMappingFileIO) fileIO).getInnerIo())
@@ -216,7 +217,7 @@ public class FileIOFactoryTest {
passthroughView,
services.principal(),
services.taskExecutor(),
- services.accessConfigProvider(),
+ services.storageAccessConfigProvider(),
services.fileIOFactory(),
services.polarisEventListener());
polarisCatalog.initialize(
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/policy/AbstractPolicyCatalogTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/policy/AbstractPolicyCatalogTest.java
index 69b9cde7b..3ee2faf34 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/catalog/policy/AbstractPolicyCatalogTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/catalog/policy/AbstractPolicyCatalogTest.java
@@ -78,9 +78,9 @@ import
org.apache.polaris.core.storage.cache.StorageCredentialCache;
import org.apache.polaris.service.admin.PolarisAdminService;
import org.apache.polaris.service.catalog.PolarisPassthroughResolutionView;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.DefaultFileIOFactory;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.events.listeners.NoOpPolarisEventListener;
import
org.apache.polaris.service.storage.PolarisStorageIntegrationProviderImpl;
@@ -145,7 +145,7 @@ public abstract class AbstractPolicyCatalogTest {
private FileIOFactory fileIOFactory;
private PolarisPrincipal authenticatedRoot;
private PolarisEntity catalogEntity;
- private AccessConfigProvider accessConfigProvider;
+ private StorageAccessConfigProvider storageAccessConfigProvider;
@BeforeAll
public static void setUpMocks() {
@@ -177,8 +177,8 @@ public abstract class AbstractPolicyCatalogTest {
metaStoreManagerFactory.getOrCreateSession(realmContext),
configurationStore);
realmConfig = polarisContext.getRealmConfig();
- accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
+ storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
PrincipalEntity rootPrincipal =
metaStoreManager.findRootPrincipal(polarisContext).orElseThrow();
@@ -259,7 +259,7 @@ public abstract class AbstractPolicyCatalogTest {
passthroughView,
authenticatedRoot,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
new NoOpPolarisEventListener());
this.icebergCatalog.initialize(
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/task/BatchFileCleanupTaskHandlerTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/task/BatchFileCleanupTaskHandlerTest.java
index 28db39376..b984ea823 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/task/BatchFileCleanupTaskHandlerTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/task/BatchFileCleanupTaskHandlerTest.java
@@ -49,7 +49,7 @@ import org.apache.polaris.core.entity.TaskEntity;
import org.apache.polaris.core.persistence.BasePersistence;
import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.service.TestFileIOFactory;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
@@ -60,7 +60,7 @@ public class BatchFileCleanupTaskHandlerTest {
private TaskFileIOSupplier buildTaskFileIOSupplier(FileIO fileIO) {
return new TaskFileIOSupplier(
- new TestFileIOFactory(fileIO),
Mockito.mock(AccessConfigProvider.class));
+ new TestFileIOFactory(fileIO),
Mockito.mock(StorageAccessConfigProvider.class));
}
private PolarisCallContext newCallContext() {
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandlerTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandlerTest.java
index d9ca54fac..5db3d7862 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandlerTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandlerTest.java
@@ -45,7 +45,7 @@ import org.apache.polaris.core.entity.TaskEntity;
import org.apache.polaris.core.persistence.BasePersistence;
import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.service.TestFileIOFactory;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
@@ -57,7 +57,7 @@ class ManifestFileCleanupTaskHandlerTest {
private TaskFileIOSupplier buildTaskFileIOSupplier(FileIO fileIO) {
return new TaskFileIOSupplier(
- new TestFileIOFactory(fileIO),
Mockito.mock(AccessConfigProvider.class));
+ new TestFileIOFactory(fileIO),
Mockito.mock(StorageAccessConfigProvider.class));
}
private PolarisCallContext newCallContext() {
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/task/TableCleanupTaskHandlerTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/task/TableCleanupTaskHandlerTest.java
index 8ebb96a42..c2569847f 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/task/TableCleanupTaskHandlerTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/task/TableCleanupTaskHandlerTest.java
@@ -51,7 +51,7 @@ import
org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.pagination.PageToken;
import org.apache.polaris.service.TestFileIOFactory;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -72,7 +72,7 @@ class TableCleanupTaskHandlerTest {
private TableCleanupTaskHandler newTableCleanupTaskHandler(FileIO fileIO) {
TaskFileIOSupplier taskFileIOSupplier =
new TaskFileIOSupplier(
- new TestFileIOFactory(fileIO),
Mockito.mock(AccessConfigProvider.class));
+ new TestFileIOFactory(fileIO),
Mockito.mock(StorageAccessConfigProvider.class));
return new TableCleanupTaskHandler(
Mockito.mock(), clock, metaStoreManagerFactory, taskFileIOSupplier);
}
diff --git
a/runtime/service/src/test/java/org/apache/polaris/service/task/TaskExecutorImplTest.java
b/runtime/service/src/test/java/org/apache/polaris/service/task/TaskExecutorImplTest.java
index d6743a372..0c6061e5a 100644
---
a/runtime/service/src/test/java/org/apache/polaris/service/task/TaskExecutorImplTest.java
+++
b/runtime/service/src/test/java/org/apache/polaris/service/task/TaskExecutorImplTest.java
@@ -64,7 +64,7 @@ public class TaskExecutorImplTest {
testServices.clock(),
testServices.metaStoreManagerFactory(),
new TaskFileIOSupplier(
- testServices.fileIOFactory(),
testServices.accessConfigProvider()),
+ testServices.fileIOFactory(),
testServices.storageAccessConfigProvider()),
testServices.polarisEventListener(),
null);
diff --git
a/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestFileIOFactory.java
b/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestFileIOFactory.java
index 74f2fbc4c..faffe363b 100644
---
a/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestFileIOFactory.java
+++
b/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestFileIOFactory.java
@@ -22,7 +22,7 @@ package org.apache.polaris.service;
import jakarta.annotation.Nonnull;
import java.util.Map;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.service.catalog.io.FileIOFactory;
/** A FileIOFactory that always returns the same FileIO instance. */
@@ -36,7 +36,7 @@ public class TestFileIOFactory implements FileIOFactory {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig accessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map<String, String> properties) {
return fileIO;
diff --git
a/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestServices.java
b/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestServices.java
index 030e00b73..6041d2c48 100644
---
a/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestServices.java
+++
b/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestServices.java
@@ -70,9 +70,9 @@ import
org.apache.polaris.service.catalog.api.IcebergRestCatalogApi;
import org.apache.polaris.service.catalog.api.IcebergRestConfigurationApi;
import org.apache.polaris.service.catalog.iceberg.CatalogHandlerUtils;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalogAdapter;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.FileIOFactory;
import org.apache.polaris.service.catalog.io.MeasuredFileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.context.catalog.CallContextCatalogFactory;
import
org.apache.polaris.service.context.catalog.PolarisCallContextCatalogFactory;
@@ -112,7 +112,7 @@ public record TestServices(
FileIOFactory fileIOFactory,
TaskExecutor taskExecutor,
PolarisEventListener polarisEventListener,
- AccessConfigProvider accessConfigProvider) {
+ StorageAccessConfigProvider storageAccessConfigProvider) {
private static final RealmContext TEST_REALM = () -> "test-realm";
private static final String GCP_ACCESS_TOKEN = "abc";
@@ -273,8 +273,8 @@ public record TestServices(
PolarisCredentialManager credentialManager =
new DefaultPolarisCredentialManager(realmContext,
mockCredentialVendors);
- AccessConfigProvider accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
+ StorageAccessConfigProvider storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache,
metaStoreManagerFactory);
FileIOFactory fileIOFactory = fileIOFactorySupplier.get();
TaskExecutor taskExecutor = Mockito.mock(TaskExecutor.class);
@@ -285,7 +285,7 @@ public record TestServices(
diagnostics,
resolverFactory,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener,
metaStoreManager,
@@ -317,7 +317,7 @@ public record TestServices(
catalogHandlerUtils,
externalCatalogFactory,
polarisEventListener,
- accessConfigProvider,
+ storageAccessConfigProvider,
new DefaultMetricsReporter());
IcebergRestCatalogApi restApi = new
IcebergRestCatalogApi(catalogService);
@@ -359,7 +359,7 @@ public record TestServices(
fileIOFactory,
taskExecutor,
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
}
diff --git
a/runtime/service/src/testFixtures/java/org/apache/polaris/service/catalog/io/MeasuredFileIOFactory.java
b/runtime/service/src/testFixtures/java/org/apache/polaris/service/catalog/io/MeasuredFileIOFactory.java
index 1d5668d0f..9d18f6a8e 100644
---
a/runtime/service/src/testFixtures/java/org/apache/polaris/service/catalog/io/MeasuredFileIOFactory.java
+++
b/runtime/service/src/testFixtures/java/org/apache/polaris/service/catalog/io/MeasuredFileIOFactory.java
@@ -27,7 +27,7 @@ import java.util.Map;
import java.util.Optional;
import java.util.function.Supplier;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/**
* A FileIOFactory that measures the number of bytes read, files written, and
files deleted. It can
@@ -52,7 +52,7 @@ public class MeasuredFileIOFactory implements FileIOFactory {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig storageAccessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map<String, String> properties) {
loadFileIOExceptionSupplier.ifPresent(
@@ -62,7 +62,7 @@ public class MeasuredFileIOFactory implements FileIOFactory {
MeasuredFileIO wrapped =
new MeasuredFileIO(
- defaultFileIOFactory.loadFileIO(accessConfig, ioImplClassName,
properties),
+ defaultFileIOFactory.loadFileIO(storageAccessConfig,
ioImplClassName, properties),
newInputFileExceptionSupplier,
newOutputFileExceptionSupplier,
getLengthExceptionSupplier);
