pingtimeout commented on code in PR #1606: URL: https://github.com/apache/polaris/pull/1606#discussion_r2095063180
########## site/content/in-dev/unreleased/configuring-polaris-for-production.md: ########## @@ -209,13 +207,11 @@ curl -X POST http://localhost:8181/api/catalog/v1/oauth/tokens \ -d "scope=PRINCIPAL_ROLE:ALL" ``` -## Other Configurations - -When deploying Polaris in production, consider adjusting the following configurations: - -#### `polaris.features."SUPPORTED_CATALOG_STORAGE_TYPES"` - -- By default, Polaris catalogs are allowed to be located in local filesystem with the `FILE` storage - type. This should be disabled for production systems. -- Use this configuration to additionally disable any other storage types that will not be in use. +### Disable FILE Storage Type +By default, Polaris allows using the local file system (`FILE`) for catalog storage. This is fine for testing, Review Comment: Same, given that #1566 has been merged, this sentence is false, isn't it? ########## site/content/in-dev/unreleased/configuring-polaris-for-production.md: ########## @@ -17,23 +17,21 @@ # specific language governing permissions and limitations # under the License. # -title: Configuring Apache Polaris (Incubating) for Production Review Comment: Given that this page is displayed on polaris.apache.org, and that "Apache Polaris" is already mentioned on the menubar, this change seems ok. But pinging @jbonofre for confirmation. ########## site/content/in-dev/unreleased/configuring-polaris-for-production.md: ########## @@ -17,23 +17,21 @@ # specific language governing permissions and limitations # under the License. # -title: Configuring Apache Polaris (Incubating) for Production -linkTitle: Deploying In Production +title: Configuring Polaris for Production +linkTitle: Production Configuration type: docs weight: 600 --- -## Configuring Polaris for Production +The default server configuration is intended for development and testing. When you deploy Polaris in production, +review and apply the following checklist: +- [ ] Configure OAuth2 keys +- [ ] Enforce realm header validation (`require-header=true`) +- [ ] Use a durable metastore (JDBC + PostgreSQL) +- [ ] Bootstrap valid realms in the metastore +- [ ] Disable local FILE storage Review Comment: Given that #1566 has been merged, that bullet point should not be necessary. Am I missing something? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
