Re: [PR] Make regression tests use default authentication [polaris]

Fri, 24 Jan 2025 11:19:23 -0800 


HonahX commented on code in PR #804:
URL: https://github.com/apache/polaris/pull/804#discussion_r1929118039


##########
regtests/run_spark_sql.sh:
##########
@@ -55,7 +55,7 @@ if [ -z "${SPARK_HOME}"]; then
   export SPARK_HOME=$(realpath ~/${SPARK_DISTRIBUTION})
 fi
 
-SPARK_BEARER_TOKEN="${REGTEST_ROOT_BEARER_TOKEN:-principal:root;realm:default-realm}"
+SPARK_BEARER_TOKEN="${REGTEST_ROOT_BEARER_TOKEN:-principal:root;realm:POLARIS}"

Review Comment:
   Since the authenticator is `default` now, do we still need this token 
default value, `principal:root;realm:POLARIS`. Seems we will need to run the 
added script in `run.sh` to get a token using root credential first before 
running `run_spark_sql.sh`.
   
   Additionally, is `run_spark_sql.sh` expected to work without first running 
`run.sh`? If so, may be we should consider adding code to get a token within 
this script to make it work out-of-box.



##########
regtests/docker-compose.yml:
##########
@@ -31,14 +31,8 @@ services:
       AZURE_TENANT_ID: $AZURE_TENANT_ID
       AZURE_CLIENT_ID: $AZURE_CLIENT_ID
       AZURE_CLIENT_SECRET: $AZURE_CLIENT_SECRET
-      polaris.persistence.type: in-memory
-      polaris.authentication.authenticator.type: test
-      polaris.authentication.token-service.type: test
-      polaris.authentication.token-broker.type: symmetric-key
-      polaris.authentication.token-broker.symmetric-key.secret: polaris
-      polaris.features.defaults."SUPPORTED_CATALOG_STORAGE_TYPES": 
'["FILE","S3","GCS","AZURE"]'
-      polaris.realm-context.realms: default-realm,realm1
-      quarkus.log.file.enable: false
+      POLARIS_BOOTSTRAP_CREDENTIALS: POLARIS,root,secret
+      quarkus.log.file.enable: "false"

Review Comment:
   This can also help simplify the docker-compose.yml in `getting-started` 
examples: e.g. https://github.com/apache/polaris/pull/868
   
   I am happy to update that PR if this one goes in first : )



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to