singhpk234 commented on code in PR #15850:
URL: https://github.com/apache/iceberg/pull/15850#discussion_r3023070628
##########
open-api/rest-catalog-open-api.yaml:
##########
@@ -3522,6 +3522,11 @@ components:
If remote signing for a specific storage provider is enabled, clients
must respect the following configurations when creating a remote signer client:
- `signer.endpoint`: the remote signer endpoint. Required. Can either
be a relative path (to be resolved against `signer.uri`) or an absolute URI.
- `signer.uri`: the base URI to resolve `signer.endpoint` against.
Optional. Only meaningful if `signer.endpoint` is a relative path. Defaults to
the catalog's base URI if not set.
+ - `signer.properties.*`: additional properties to be passed through
to the signer endpoint in remote sign
+ requests. Optional. If such properties are present, signer clients
MUST pass them through to the signer
Review Comment:
> it would be incorrect for it to deliberately omit them
why ? they can choose not to just forward its maybe since its not easy to
passback or simply they care about the freshness of the GRANTs duration (when
we stamp them and send back we kind of signup of stale grants, but this is true
for vended creds too)
I believe server should be prepared if they don't send back these values to
compute these always ? because we need this for backward compatibility.
wdyt considering above
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
