diff --git a/polaris-core/src/main/java/org/apache/polaris/core/credentials/connection/ConnectionCredentials.java b/polaris-core/src/main/java/org/apache/polaris/core/credentials/connection/ConnectionCredentials.java
index bc8cd3e958..1d86bf03c0 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/credentials/connection/ConnectionCredentials.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/credentials/connection/ConnectionCredentials.java
@@ -22,21 +22,21 @@
import java.time.Instant;
import java.util.Map;
import java.util.Optional;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.immutables.PolarisImmutable;
/**
* Encapsulates credentials and configuration needed to connect to external federated catalogs.
*
- * Similar to {@link AccessConfig} for storage, this class holds the credentials and properties
- * required for Polaris to authenticate with remote catalog services (e.g., AWS Glue, other Iceberg
- * REST catalogs).
+ *
Similar to {@link StorageAccessConfig} for storage, this class holds the credentials and
+ * properties required for Polaris to authenticate with remote catalog services (e.g., AWS Glue,
+ * other Iceberg REST catalogs).
*
*
Credentials may be temporary and include an expiration time.
*
*
Note: This interface currently includes only {@code credentials} and {@code expiresAt}.
* Additional fields like {@code extraProperties} and {@code internalProperties} (similar to {@link
- * AccessConfig}) are not included for now but can be added later if needed for more complex
+ * StorageAccessConfig}) are not included for now but can be added later if needed for more complex
* credential scenarios.
*/
@PolarisImmutable
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java b/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
index 1ec8c89d41..3ae2ac2c9e 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
@@ -77,9 +77,9 @@
import org.apache.polaris.core.policy.PolicyEntity;
import org.apache.polaris.core.policy.PolicyMappingUtil;
import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -1635,14 +1635,14 @@ private void revokeGrantRecord(
entityId);
try {
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
storageIntegration.getSubscopedCreds(
callCtx.getRealmConfig(),
allowListOperation,
allowedReadLocations,
allowedWriteLocations,
refreshCredentialsEndpoint);
- return new ScopedCredentialsResult(accessConfig);
+ return new ScopedCredentialsResult(storageAccessConfig);
} catch (Exception ex) {
return new ScopedCredentialsResult(
BaseResult.ReturnStatus.SUBSCOPE_CREDS_ERROR, ex.getMessage());
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
index 76526a8635..fab339243f 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
@@ -20,13 +20,13 @@
import jakarta.annotation.Nonnull;
import jakarta.annotation.Nullable;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/** Result of a getSubscopedCredsForEntity() call */
public class ScopedCredentialsResult extends BaseResult {
// null if not success. Else, set of name/value pairs for the credentials
- private final AccessConfig accessConfig;
+ private final StorageAccessConfig storageAccessConfig;
/**
* Constructor for an error
@@ -37,20 +37,16 @@ public class ScopedCredentialsResult extends BaseResult {
public ScopedCredentialsResult(
@Nonnull ReturnStatus errorCode, @Nullable String extraInformation) {
super(errorCode, extraInformation);
- this.accessConfig = null;
+ this.storageAccessConfig = null;
}
- /**
- * Constructor for success
- *
- * @param accessConfig credentials
- */
- public ScopedCredentialsResult(AccessConfig accessConfig) {
+ /** Constructor for success */
+ public ScopedCredentialsResult(StorageAccessConfig storageAccessConfig) {
super(ReturnStatus.SUCCESS);
- this.accessConfig = accessConfig;
+ this.storageAccessConfig = storageAccessConfig;
}
- public AccessConfig getAccessConfig() {
- return accessConfig;
+ public StorageAccessConfig getStorageAccessConfig() {
+ return storageAccessConfig;
}
}
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java b/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java
index db3ccd0f35..815e119d30 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java
@@ -82,9 +82,9 @@
import org.apache.polaris.core.policy.PolicyEntity;
import org.apache.polaris.core.policy.PolicyMappingUtil;
import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -2128,14 +2128,14 @@ private PolarisEntityResolver resolveSecurableToRoleGrant(
entityId);
try {
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
storageIntegration.getSubscopedCreds(
callCtx.getRealmConfig(),
allowListOperation,
allowedReadLocations,
allowedWriteLocations,
refreshCredentialsEndpoint);
- return new ScopedCredentialsResult(accessConfig);
+ return new ScopedCredentialsResult(storageAccessConfig);
} catch (Exception ex) {
return new ScopedCredentialsResult(
BaseResult.ReturnStatus.SUBSCOPE_CREDS_ERROR, ex.getMessage());
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java
index 1828d01c81..8a2ae7c3a8 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java
@@ -62,7 +62,7 @@ public String getStorageIdentifierOrId() {
* handling the relative path
* @return An enum map including the scoped credentials
*/
- public abstract AccessConfig getSubscopedCreds(
+ public abstract StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set allowedReadLocations,
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/AccessConfig.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/StorageAccessConfig.java
similarity index 94%
rename from polaris-core/src/main/java/org/apache/polaris/core/storage/AccessConfig.java
rename to polaris-core/src/main/java/org/apache/polaris/core/storage/StorageAccessConfig.java
index 94e74a3d66..19745322d2 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/storage/AccessConfig.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/StorageAccessConfig.java
@@ -26,7 +26,7 @@
import org.immutables.value.Value;
@PolarisImmutable
-public interface AccessConfig {
+public interface StorageAccessConfig {
Map credentials();
Map extraProperties();
@@ -57,8 +57,8 @@ default String get(StorageAccessProperty key) {
}
}
- static AccessConfig.Builder builder() {
- return ImmutableAccessConfig.builder();
+ static StorageAccessConfig.Builder builder() {
+ return ImmutableStorageAccessConfig.builder();
}
interface Builder {
@@ -89,6 +89,6 @@ default Builder put(StorageAccessProperty key, String value) {
}
}
- AccessConfig build();
+ StorageAccessConfig build();
}
}
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java
index 8023f7a607..e393911f71 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java
@@ -28,8 +28,8 @@
import java.util.Set;
import java.util.stream.Stream;
import org.apache.polaris.core.config.RealmConfig;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.InMemoryStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.StorageUtil;
import org.apache.polaris.core.storage.aws.StsClientProvider.StsDestination;
@@ -70,7 +70,7 @@ public AwsCredentialsStorageIntegration(
/** {@inheritDoc} */
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set allowedReadLocations,
@@ -80,7 +80,7 @@ public AccessConfig getSubscopedCreds(
realmConfig.getConfig(STORAGE_CREDENTIAL_DURATION_SECONDS);
AwsStorageConfigurationInfo storageConfig = config();
String region = storageConfig.getRegion();
- AccessConfig.Builder accessConfig = AccessConfig.builder();
+ StorageAccessConfig.Builder accessConfig = StorageAccessConfig.builder();
if (shouldUseSts(storageConfig)) {
AssumeRoleRequest.Builder request =
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java
index a043a7daa5..0b189b3116 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java
@@ -49,8 +49,8 @@
import java.util.Optional;
import java.util.Set;
import org.apache.polaris.core.config.RealmConfig;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.InMemoryStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -73,7 +73,7 @@ public AzureCredentialsStorageIntegration(AzureStorageConfigurationInfo config)
}
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set allowedReadLocations,
@@ -176,12 +176,12 @@ public AccessConfig getSubscopedCreds(
}
@VisibleForTesting
- static AccessConfig toAccessConfig(
+ static StorageAccessConfig toAccessConfig(
String sasToken,
String storageDnsName,
Instant expiresAt,
Optional refreshCredentialsEndpoint) {
- AccessConfig.Builder accessConfig = AccessConfig.builder();
+ StorageAccessConfig.Builder accessConfig = StorageAccessConfig.builder();
handleAzureCredential(accessConfig, sasToken, storageDnsName, expiresAt);
accessConfig.put(
StorageAccessProperty.EXPIRATION_TIME, String.valueOf(expiresAt.toEpochMilli()));
@@ -193,7 +193,7 @@ static AccessConfig toAccessConfig(
}
private static void handleAzureCredential(
- AccessConfig.Builder config, String sasToken, String host, Instant expiresAt) {
+ StorageAccessConfig.Builder config, String sasToken, String host, Instant expiresAt) {
config.putCredential(StorageAccessProperty.AZURE_SAS_TOKEN.getPropertyName() + host, sasToken);
config.putCredential(
StorageAccessProperty.AZURE_SAS_TOKEN_EXPIRES_AT_MS_PREFIX.getPropertyName() + host,
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
index 82de799152..93f5e351ab 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
@@ -37,8 +37,8 @@
import org.apache.polaris.core.entity.PolarisEntity;
import org.apache.polaris.core.entity.PolarisEntityType;
import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisCredentialVendor;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -103,7 +103,7 @@ private long maxCacheDurationMs(RealmConfig realmConfig) {
* @param allowedWriteLocations a set of allowed to write locations.
* @return the a map of string containing the scoped creds information
*/
- public AccessConfig getOrGenerateSubScopeCreds(
+ public StorageAccessConfig getOrGenerateSubScopeCreds(
@Nonnull PolarisCredentialVendor credentialVendor,
@Nonnull PolarisCallContext callCtx,
@Nonnull PolarisEntity polarisEntity,
@@ -140,7 +140,7 @@ public AccessConfig getOrGenerateSubScopeCreds(
if (scopedCredentialsResult.isSuccess()) {
long maxCacheDurationMs = maxCacheDurationMs(callCtx.getRealmConfig());
return new StorageCredentialCacheEntry(
- scopedCredentialsResult.getAccessConfig(), maxCacheDurationMs);
+ scopedCredentialsResult.getStorageAccessConfig(), maxCacheDurationMs);
}
LOGGER
.atDebug()
@@ -156,11 +156,11 @@ public AccessConfig getOrGenerateSubScopeCreds(
@VisibleForTesting
@Nullable
Map getIfPresent(StorageCredentialCacheKey key) {
- return getAccessConfig(key).map(AccessConfig::credentials).orElse(null);
+ return getAccessConfig(key).map(StorageAccessConfig::credentials).orElse(null);
}
@VisibleForTesting
- Optional getAccessConfig(StorageCredentialCacheKey key) {
+ Optional getAccessConfig(StorageCredentialCacheKey key) {
return Optional.ofNullable(cache.getIfPresent(key))
.map(StorageCredentialCacheEntry::toAccessConfig);
}
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
index 7f5789ecbf..1141b34bfb 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
@@ -19,17 +19,18 @@
package org.apache.polaris.core.storage.cache;
import java.time.Instant;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/** A storage credential cached entry. */
public class StorageCredentialCacheEntry {
/** The scoped creds map that is fetched from a creds vending service */
- public final AccessConfig accessConfig;
+ public final StorageAccessConfig storageAccessConfig;
private final long maxCacheDurationMs;
- public StorageCredentialCacheEntry(AccessConfig accessConfig, long maxCacheDurationMs) {
- this.accessConfig = accessConfig;
+ public StorageCredentialCacheEntry(
+ StorageAccessConfig storageAccessConfig, long maxCacheDurationMs) {
+ this.storageAccessConfig = storageAccessConfig;
this.maxCacheDurationMs = maxCacheDurationMs;
}
@@ -39,7 +40,7 @@ public long getMaxCacheDurationMs() {
/** Get the expiration time in millisecond for the cached entry */
public long getExpirationTime() {
- return accessConfig.expiresAt().map(Instant::toEpochMilli).orElse(Long.MAX_VALUE);
+ return storageAccessConfig.expiresAt().map(Instant::toEpochMilli).orElse(Long.MAX_VALUE);
}
/**
@@ -47,7 +48,7 @@ public long getExpirationTime() {
*
* @return a map of string representing the subscoped creds info.
*/
- AccessConfig toAccessConfig() {
- return accessConfig;
+ StorageAccessConfig toAccessConfig() {
+ return storageAccessConfig;
}
}
diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java
index c0568cc9b5..5f524d9ae4 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java
@@ -39,9 +39,9 @@
import java.util.Set;
import java.util.stream.Stream;
import org.apache.polaris.core.config.RealmConfig;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.InMemoryStorageIntegration;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.StorageUtil;
import org.slf4j.Logger;
@@ -72,7 +72,7 @@ public GcpCredentialsStorageIntegration(
}
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set allowedReadLocations,
@@ -109,7 +109,7 @@ public AccessConfig getSubscopedCreds(
// If expires_in missing, use source credential's expire time, which require another api call to
// get.
- AccessConfig.Builder accessConfig = AccessConfig.builder();
+ StorageAccessConfig.Builder accessConfig = StorageAccessConfig.builder();
accessConfig.put(StorageAccessProperty.GCS_ACCESS_TOKEN, token.getTokenValue());
accessConfig.put(
StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT,
diff --git a/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java
index 9ba5271ab4..e9640cef81 100644
--- a/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java
+++ b/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java
@@ -194,7 +194,7 @@ public MockInMemoryStorageIntegration() {
}
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set allowedReadLocations,
diff --git a/polaris-core/src/test/java/org/apache/polaris/core/storage/AccessConfigTest.java b/polaris-core/src/test/java/org/apache/polaris/core/storage/StorageAccessConfigTest.java
similarity index 87%
rename from polaris-core/src/test/java/org/apache/polaris/core/storage/AccessConfigTest.java
rename to polaris-core/src/test/java/org/apache/polaris/core/storage/StorageAccessConfigTest.java
index 57e1f14650..98fad9ef9b 100644
--- a/polaris-core/src/test/java/org/apache/polaris/core/storage/AccessConfigTest.java
+++ b/polaris-core/src/test/java/org/apache/polaris/core/storage/StorageAccessConfigTest.java
@@ -30,14 +30,14 @@
import java.util.Map;
import org.junit.jupiter.api.Test;
-public class AccessConfigTest {
+public class StorageAccessConfigTest {
@Test
public void testPutGet() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
b.put(AWS_ENDPOINT, "ep1");
b.put(AWS_SECRET_KEY, "sk2");
- AccessConfig c = b.build();
+ StorageAccessConfig c = b.build();
assertThat(c.credentials()).isEqualTo(Map.of(AWS_SECRET_KEY.getPropertyName(), "sk2"));
assertThat(c.extraProperties()).isEqualTo(Map.of(AWS_ENDPOINT.getPropertyName(), "ep1"));
assertThat(c.get(AWS_SECRET_KEY)).isEqualTo("sk2");
@@ -46,19 +46,19 @@ public void testPutGet() {
@Test
public void testGetExtraProperty() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
b.putExtraProperty(AWS_ENDPOINT.getPropertyName(), "extra");
- AccessConfig c = b.build();
+ StorageAccessConfig c = b.build();
assertThat(c.extraProperties()).isEqualTo(Map.of(AWS_ENDPOINT.getPropertyName(), "extra"));
assertThat(c.get(AWS_ENDPOINT)).isEqualTo("extra");
}
@Test
public void testGetInternalProperty() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
b.putExtraProperty(AWS_ENDPOINT.getPropertyName(), "extra");
b.putInternalProperty(AWS_ENDPOINT.getPropertyName(), "ep1");
- AccessConfig c = b.build();
+ StorageAccessConfig c = b.build();
assertThat(c.extraProperties()).isEqualTo(Map.of(AWS_ENDPOINT.getPropertyName(), "extra"));
assertThat(c.internalProperties()).isEqualTo(Map.of(AWS_ENDPOINT.getPropertyName(), "ep1"));
assertThat(c.get(AWS_ENDPOINT)).isEqualTo("ep1");
@@ -66,11 +66,11 @@ public void testGetInternalProperty() {
@Test
public void testNoCredentialOverride() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
b.put(AWS_SECRET_KEY, "sk-test");
b.putExtraProperty(AWS_SECRET_KEY.getPropertyName(), "sk-extra");
b.putInternalProperty(AWS_SECRET_KEY.getPropertyName(), "sk-internal");
- AccessConfig c = b.build();
+ StorageAccessConfig c = b.build();
assertThat(c.get(AWS_SECRET_KEY)).isEqualTo("sk-test");
assertThat(c.extraProperties()).isEqualTo(Map.of(AWS_SECRET_KEY.getPropertyName(), "sk-extra"));
assertThat(c.internalProperties())
@@ -79,7 +79,7 @@ public void testNoCredentialOverride() {
@Test
public void testExpiresAt() {
- AccessConfig.Builder b = AccessConfig.builder();
+ StorageAccessConfig.Builder b = StorageAccessConfig.builder();
assertThat(b.build().expiresAt()).isEmpty();
b.put(GCS_ACCESS_TOKEN_EXPIRES_AT, "111");
assertThat(b.build().expiresAt()).hasValue(Instant.ofEpochMilli(111));
diff --git a/polaris-core/src/test/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegrationTest.java
index 794ae25fe5..eda958fcac 100644
--- a/polaris-core/src/test/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegrationTest.java
+++ b/polaris-core/src/test/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegrationTest.java
@@ -23,7 +23,7 @@
import java.time.Instant;
import java.util.Optional;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.Test;
@@ -34,7 +34,7 @@ public class AzureCredentialsStorageIntegrationTest {
public void testAzureCredentialFormatting() {
Instant expiresAt = Instant.ofEpochMilli(Long.MAX_VALUE);
- AccessConfig noSuffixResult =
+ StorageAccessConfig noSuffixResult =
toAccessConfig("sasToken", "some_account", expiresAt, Optional.empty());
Assertions.assertThat(noSuffixResult.credentials()).hasSize(3);
Assertions.assertThat(noSuffixResult.credentials()).containsKey("adls.sas-token.some_account");
@@ -44,7 +44,7 @@ public void testAzureCredentialFormatting() {
.doesNotContainKey(
StorageAccessProperty.AZURE_REFRESH_CREDENTIALS_ENDPOINT.getPropertyName());
- AccessConfig adlsSuffixResult =
+ StorageAccessConfig adlsSuffixResult =
toAccessConfig(
"sasToken",
"some_account." + AzureLocation.ADLS_ENDPOINT,
@@ -63,7 +63,7 @@ public void testAzureCredentialFormatting() {
StorageAccessProperty.AZURE_REFRESH_CREDENTIALS_ENDPOINT.getPropertyName(),
"endpoint/credentials");
- AccessConfig blobSuffixResult =
+ StorageAccessConfig blobSuffixResult =
toAccessConfig(
"sasToken", "some_account." + AzureLocation.BLOB_ENDPOINT, expiresAt, Optional.empty());
Assertions.assertThat(blobSuffixResult.credentials()).hasSize(4);
diff --git a/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java b/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
index a51badf4b8..f1e5ac1f61 100644
--- a/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
+++ b/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
@@ -42,7 +42,7 @@
import org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
import org.apache.polaris.core.persistence.transactional.TreeMapMetaStore;
import org.apache.polaris.core.persistence.transactional.TreeMapTransactionalPersistenceImpl;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.RepeatedTest;
@@ -412,7 +412,7 @@ private static List getFakeScopedCreds(int number, bool
: String.valueOf(Long.MAX_VALUE);
res.add(
new ScopedCredentialsResult(
- AccessConfig.builder()
+ StorageAccessConfig.builder()
.put(StorageAccessProperty.AWS_KEY_ID, "key_id_" + finalI)
.put(StorageAccessProperty.AWS_SECRET_KEY, "key_secret_" + finalI)
.put(StorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS, expireTime)
@@ -421,14 +421,14 @@ private static List getFakeScopedCreds(int number, bool
if (res.size() == number) return res;
res.add(
new ScopedCredentialsResult(
- AccessConfig.builder()
+ StorageAccessConfig.builder()
.put(StorageAccessProperty.AZURE_SAS_TOKEN, "sas_token_" + finalI)
.put(StorageAccessProperty.EXPIRATION_TIME, expireTime)
.build()));
if (res.size() == number) return res;
res.add(
new ScopedCredentialsResult(
- AccessConfig.builder()
+ StorageAccessConfig.builder()
.put(StorageAccessProperty.GCS_ACCESS_TOKEN, "gcs_token_" + finalI)
.put(StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT, expireTime)
.build()));
@@ -459,7 +459,7 @@ public void testExtraProperties() {
storageCredentialCache = newStorageCredentialCache();
ScopedCredentialsResult properties =
new ScopedCredentialsResult(
- AccessConfig.builder()
+ StorageAccessConfig.builder()
.put(StorageAccessProperty.AWS_SECRET_KEY, "super-secret-123")
.put(StorageAccessProperty.AWS_ENDPOINT, "test-endpoint1")
.put(StorageAccessProperty.AWS_PATH_STYLE_ACCESS, "true")
@@ -477,7 +477,7 @@ public void testExtraProperties() {
.thenReturn(properties);
List entityList = getPolarisEntities();
- AccessConfig config =
+ StorageAccessConfig config =
storageCredentialCache.getOrGenerateSubScopeCreds(
metaStoreManager,
callCtx,
diff --git a/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java
index ac1ba85fd2..fb0c63c403 100644
--- a/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java
+++ b/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java
@@ -25,8 +25,8 @@
import java.util.List;
import java.util.Optional;
import java.util.Set;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.BaseStorageIntegrationTest;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.aws.AwsCredentialsStorageIntegration;
import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo;
@@ -84,7 +84,7 @@ public void testGetSubscopedCreds(String scheme) {
return ASSUME_ROLE_RESPONSE;
});
String warehouseDir = scheme + "://bucket/path/to/warehouse";
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(warehouseDir)
@@ -98,7 +98,7 @@ public void testGetSubscopedCreds(String scheme) {
Set.of(warehouseDir + "/namespace/table"),
Set.of(warehouseDir + "/namespace/table"),
Optional.of("/namespace/table/credentials"));
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(), "sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(), "accessKey")
@@ -106,7 +106,7 @@ public void testGetSubscopedCreds(String scheme) {
.containsEntry(
StorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS.getPropertyName(),
String.valueOf(EXPIRE_TIME.toEpochMilli()));
- assertThat(accessConfig.extraProperties())
+ assertThat(storageAccessConfig.extraProperties())
.containsEntry(
StorageAccessProperty.AWS_REFRESH_CREDENTIALS_ENDPOINT.getPropertyName(),
"/namespace/table/credentials");
@@ -254,7 +254,7 @@ public void testGetSubscopedCredsInlinePolicy(String awsPartition) {
break;
case AWS_PARTITION:
case "aws-us-gov":
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -269,7 +269,7 @@ public void testGetSubscopedCredsInlinePolicy(String awsPartition) {
Set.of(s3Path(bucket, firstPath), s3Path(bucket, secondPath)),
Set.of(s3Path(bucket, firstPath)),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(), "sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(), "accessKey")
@@ -355,7 +355,7 @@ public void testGetSubscopedCredsInlinePolicyWithoutList() {
});
return ASSUME_ROLE_RESPONSE;
});
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -370,7 +370,7 @@ public void testGetSubscopedCredsInlinePolicyWithoutList() {
Set.of(s3Path(bucket, firstPath), s3Path(bucket, secondPath)),
Set.of(s3Path(bucket, firstPath)),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(), "sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(), "accessKey")
@@ -450,7 +450,7 @@ public void testGetSubscopedCredsInlinePolicyWithoutWrites() {
});
return ASSUME_ROLE_RESPONSE;
});
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -465,7 +465,7 @@ public void testGetSubscopedCredsInlinePolicyWithoutWrites() {
Set.of(s3Path(bucket, firstPath), s3Path(bucket, secondPath)),
Set.of(),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(), "sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(), "accessKey")
@@ -517,7 +517,7 @@ public void testGetSubscopedCredsInlinePolicyWithEmptyReadAndWrite() {
});
return ASSUME_ROLE_RESPONSE;
});
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -532,7 +532,7 @@ public void testGetSubscopedCredsInlinePolicyWithEmptyReadAndWrite() {
Set.of(),
Set.of(),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(), "sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(), "accessKey")
@@ -578,7 +578,7 @@ public void testClientRegion(String awsPartition) {
break;
case AWS_PARTITION:
case "aws-us-gov":
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -593,7 +593,7 @@ public void testClientRegion(String awsPartition) {
Set.of(),
Set.of(),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(), "sess")
.containsEntry(StorageAccessProperty.AWS_KEY_ID.getPropertyName(), "accessKey")
.containsEntry(StorageAccessProperty.AWS_SECRET_KEY.getPropertyName(), "secretKey")
@@ -619,7 +619,7 @@ public void testNoClientRegion(String awsPartition) {
});
switch (awsPartition) {
case AWS_PARTITION:
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
new AwsCredentialsStorageIntegration(
AwsStorageConfigurationInfo.builder()
.addAllowedLocation(s3Path(bucket, warehouseKeyPrefix))
@@ -633,7 +633,7 @@ public void testNoClientRegion(String awsPartition) {
Set.of(),
Set.of(),
Optional.empty());
- assertThat(accessConfig.credentials())
+ assertThat(storageAccessConfig.credentials())
.isNotEmpty()
.doesNotContainKey(StorageAccessProperty.CLIENT_REGION.getPropertyName());
break;
diff --git a/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java
index 96e4410007..42a8bd3272 100644
--- a/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java
+++ b/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java
@@ -47,8 +47,8 @@
import java.util.List;
import java.util.Optional;
import java.util.stream.Stream;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.BaseStorageIntegrationTest;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.azure.AzureCredentialsStorageIntegration;
import org.apache.polaris.core.storage.azure.AzureStorageConfigurationInfo;
@@ -121,13 +121,13 @@ public void testGetSubscopedTokenList(boolean allowListAction, String service) {
String.format(
"abfss://container@icebergdfsstorageacct.%s.core.windows.net/polaris-test/",
service));
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
subscopedCredsForOperations(
/* allowedReadLoc= */ allowedLoc,
/* allowedWriteLoc= */ new ArrayList<>(),
allowListAction);
- Assertions.assertThat(accessConfig.credentials()).hasSize(2);
- String sasToken = accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN);
+ Assertions.assertThat(storageAccessConfig.credentials()).hasSize(2);
+ String sasToken = storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN);
Assertions.assertThat(sasToken).isNotNull();
String serviceEndpoint =
String.format("https://icebergdfsstorageacct.%s.core.windows.net", service);
@@ -192,7 +192,7 @@ public void testGetSubscopedTokenRead(
String.format(
"abfss://container@icebergdfsstorageacct.%s.core.windows.net/%s",
service, allowedPrefix));
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
subscopedCredsForOperations(
/* allowedReadLoc= */ allowedLoc,
/* allowedWriteLoc= */ new ArrayList<>(),
@@ -200,7 +200,7 @@ public void testGetSubscopedTokenRead(
BlobClient blobClient =
createBlobClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
"https://icebergdfsstorageacct.dfs.core.windows.net",
"container",
allowedPrefix);
@@ -231,7 +231,7 @@ public void testGetSubscopedTokenRead(
// read fail because container is blocked
BlobClient blobClientReadFail =
createBlobClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
String.format("https://icebergdfsstorageacct.%s.core.windows.net", service),
"regtest",
blockedPrefix);
@@ -262,7 +262,7 @@ public void testGetSubscopedTokenWrite(
String.format(
"abfss://container@icebergdfsstorageacct.%s.core.windows.net/%s",
service, allowedPrefix));
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
subscopedCredsForOperations(
/* allowedReadLoc= */ new ArrayList<>(),
/* allowedWriteLoc= */ allowedLoc,
@@ -271,13 +271,13 @@ public void testGetSubscopedTokenWrite(
String.format("https://icebergdfsstorageacct.%s.core.windows.net", service);
BlobClient blobClient =
createBlobClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
serviceEndpoint,
"container",
allowedPrefix + "metadata/00000-65ffa17b-fe64-4c38-bcb9-06f9bd12aa2a.metadata.json");
DataLakeFileClient fileClient =
createDatalakeFileClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
serviceEndpoint,
"container",
"polaris-test/scopedcreds/metadata",
@@ -312,13 +312,13 @@ public void testGetSubscopedTokenWrite(
String blockedContainer = "regtest";
BlobClient blobClientWriteFail =
createBlobClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
serviceEndpoint,
blockedContainer,
blockedPrefix);
DataLakeFileClient fileClientFail =
createDatalakeFileClient(
- accessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.AZURE_SAS_TOKEN),
serviceEndpoint,
blockedContainer,
"polaris-test/scopedcreds/metadata",
@@ -339,7 +339,7 @@ public void testGetSubscopedTokenWrite(
}
}
- private AccessConfig subscopedCredsForOperations(
+ private StorageAccessConfig subscopedCredsForOperations(
List allowedReadLoc, List allowedWriteLoc, boolean allowListAction) {
AzureStorageConfigurationInfo azureConfig =
AzureStorageConfigurationInfo.builder()
diff --git a/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java
index c4f026d86a..b0be0883d8 100644
--- a/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java
+++ b/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java
@@ -44,8 +44,8 @@
import java.util.List;
import java.util.Optional;
import java.util.Set;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.BaseStorageIntegrationTest;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.gcp.GcpCredentialsStorageIntegration;
import org.apache.polaris.core.storage.gcp.GcpStorageConfigurationInfo;
@@ -144,20 +144,20 @@ BlobInfo createStorageBlob(String bucket, String prefix, String fileName) {
return BlobInfo.newBuilder(blobId).build();
}
- private Storage createStorageClient(AccessConfig accessConfig) {
+ private Storage createStorageClient(StorageAccessConfig storageAccessConfig) {
AccessToken accessToken =
new AccessToken(
- accessConfig.get(StorageAccessProperty.GCS_ACCESS_TOKEN),
+ storageAccessConfig.get(StorageAccessProperty.GCS_ACCESS_TOKEN),
new Date(
Long.parseLong(
- accessConfig.get(StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT))));
+ storageAccessConfig.get(StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT))));
return StorageOptions.newBuilder()
.setCredentials(GoogleCredentials.create(accessToken))
.build()
.getService();
}
- private AccessConfig subscopedCredsForOperations(
+ private StorageAccessConfig subscopedCredsForOperations(
List allowedReadLoc, List allowedWriteLoc, boolean allowListAction)
throws IOException {
GcpStorageConfigurationInfo gcpConfig =
@@ -302,10 +302,10 @@ public void testRefreshCredentialsEndpointIsReturned() throws IOException {
.isNotNull()
.isNotEmpty();
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
subscopedCredsForOperations(
List.of("gs://bucket1/path/to/data"), List.of("gs://bucket1/path/to/data"), true);
- assertThat(accessConfig.get(StorageAccessProperty.GCS_REFRESH_CREDENTIALS_ENDPOINT))
+ assertThat(storageAccessConfig.get(StorageAccessProperty.GCS_REFRESH_CREDENTIALS_ENDPOINT))
.isEqualTo(REFRESH_ENDPOINT);
}
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalog.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalog.java
index 75742412e3..89624418a6 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalog.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalog.java
@@ -119,16 +119,16 @@
import org.apache.polaris.core.persistence.resolver.ResolverFactory;
import org.apache.polaris.core.persistence.resolver.ResolverPath;
import org.apache.polaris.core.persistence.resolver.ResolverStatus;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageLocation;
import org.apache.polaris.core.storage.StorageUtil;
import org.apache.polaris.service.catalog.SupportsNotifications;
import org.apache.polaris.service.catalog.common.CatalogUtils;
import org.apache.polaris.service.catalog.common.LocationUtils;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.FileIOFactory;
import org.apache.polaris.service.catalog.io.FileIOUtil;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.catalog.validation.IcebergPropertiesValidation;
import org.apache.polaris.service.events.IcebergRestCatalogEvents;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -179,7 +179,7 @@ public class IcebergCatalog extends BaseMetastoreViewCatalog
private long catalogId = -1;
private String defaultBaseLocation;
private Map catalogProperties;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider storageAccessConfigProvider;
private FileIOFactory fileIOFactory;
private PolarisMetaStoreManager metaStoreManager;
@@ -197,7 +197,7 @@ public IcebergCatalog(
PolarisResolutionManifestCatalogView resolvedEntityView,
PolarisPrincipal principal,
TaskExecutor taskExecutor,
- AccessConfigProvider accessConfigProvider,
+ StorageAccessConfigProvider storageAccessConfigProvider,
FileIOFactory fileIOFactory,
PolarisEventListener polarisEventListener) {
this.diagnostics = diagnostics;
@@ -210,7 +210,7 @@ public IcebergCatalog(
this.taskExecutor = taskExecutor;
this.catalogId = catalogEntity.getId();
this.catalogName = catalogEntity.getName();
- this.accessConfigProvider = accessConfigProvider;
+ this.storageAccessConfigProvider = storageAccessConfigProvider;
this.fileIOFactory = fileIOFactory;
this.metaStoreManager = metaStoreManager;
this.polarisEventListener = polarisEventListener;
@@ -2078,8 +2078,8 @@ private FileIO loadFileIOForTableLike(
PolarisResolvedPathWrapper resolvedStorageEntity,
Map tableProperties,
Set storageActions) {
- AccessConfig accessConfig =
- accessConfigProvider.getAccessConfig(
+ StorageAccessConfig storageAccessConfig =
+ storageAccessConfigProvider.getStorageAccessConfig(
callContext,
identifier,
readLocations,
@@ -2087,7 +2087,7 @@ private FileIO loadFileIOForTableLike(
Optional.empty(),
resolvedStorageEntity);
// Reload fileIO based on table specific context
- FileIO fileIO = fileIOFactory.loadFileIO(accessConfig, ioImplClassName, tableProperties);
+ FileIO fileIO = fileIOFactory.loadFileIO(storageAccessConfig, ioImplClassName, tableProperties);
// ensure the new fileIO is closed when the catalog is closed
closeableGroup.addCloseable(fileIO);
return fileIO;
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
index c636fb075c..352d1a81cc 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
@@ -81,7 +81,7 @@
import org.apache.polaris.service.catalog.api.IcebergRestCatalogApiService;
import org.apache.polaris.service.catalog.api.IcebergRestConfigurationApiService;
import org.apache.polaris.service.catalog.common.CatalogAdapter;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.context.catalog.CallContextCatalogFactory;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -150,7 +150,7 @@ public class IcebergCatalogAdapter
private final CatalogHandlerUtils catalogHandlerUtils;
private final Instance externalCatalogFactories;
private final PolarisEventListener polarisEventListener;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider storageAccessConfigProvider;
private final PolarisMetricsReporter metricsReporter;
@Inject
@@ -169,7 +169,7 @@ public IcebergCatalogAdapter(
CatalogHandlerUtils catalogHandlerUtils,
@Any Instance externalCatalogFactories,
PolarisEventListener polarisEventListener,
- AccessConfigProvider accessConfigProvider,
+ StorageAccessConfigProvider storageAccessConfigProvider,
PolarisMetricsReporter metricsReporter) {
this.diagnostics = diagnostics;
this.realmContext = realmContext;
@@ -186,7 +186,7 @@ public IcebergCatalogAdapter(
this.catalogHandlerUtils = catalogHandlerUtils;
this.externalCatalogFactories = externalCatalogFactories;
this.polarisEventListener = polarisEventListener;
- this.accessConfigProvider = accessConfigProvider;
+ this.storageAccessConfigProvider = storageAccessConfigProvider;
this.metricsReporter = metricsReporter;
}
@@ -228,7 +228,7 @@ IcebergCatalogHandler newHandlerWrapper(SecurityContext securityContext, String
catalogHandlerUtils,
externalCatalogFactories,
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
@Override
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
index a10c7afe76..1de129cacc 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
@@ -99,14 +99,14 @@
import org.apache.polaris.core.persistence.pagination.Page;
import org.apache.polaris.core.persistence.pagination.PageToken;
import org.apache.polaris.core.persistence.resolver.ResolutionManifestFactory;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageUtil;
import org.apache.polaris.service.catalog.AccessDelegationMode;
import org.apache.polaris.service.catalog.SupportsNotifications;
import org.apache.polaris.service.catalog.common.CatalogHandler;
import org.apache.polaris.service.catalog.common.CatalogUtils;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.context.catalog.CallContextCatalogFactory;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -139,7 +139,7 @@ public class IcebergCatalogHandler extends CatalogHandler implements AutoCloseab
private final ReservedProperties reservedProperties;
private final CatalogHandlerUtils catalogHandlerUtils;
private final PolarisEventListener polarisEventListener;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider storageAccessConfigProvider;
// Catalog instance will be initialized after authorizing resolver successfully resolves
// the catalog entity.
@@ -164,7 +164,7 @@ public IcebergCatalogHandler(
CatalogHandlerUtils catalogHandlerUtils,
Instance externalCatalogFactories,
PolarisEventListener polarisEventListener,
- AccessConfigProvider accessConfigProvider) {
+ StorageAccessConfigProvider storageAccessConfigProvider) {
super(
diagnostics,
callContext,
@@ -179,7 +179,7 @@ public IcebergCatalogHandler(
this.reservedProperties = reservedProperties;
this.catalogHandlerUtils = catalogHandlerUtils;
this.polarisEventListener = polarisEventListener;
- this.accessConfigProvider = accessConfigProvider;
+ this.storageAccessConfigProvider = storageAccessConfigProvider;
}
private CatalogEntity getResolvedCatalogEntity() {
@@ -810,15 +810,15 @@ ALLOW_FEDERATED_CATALOGS_CREDENTIAL_VENDING, getResolvedCatalogEntity())) {
validateRemoteTableLocations(tableIdentifier, tableLocations, resolvedStoragePath);
}
- AccessConfig accessConfig =
- accessConfigProvider.getAccessConfig(
+ StorageAccessConfig storageAccessConfig =
+ storageAccessConfigProvider.getStorageAccessConfig(
callContext,
tableIdentifier,
tableLocations,
actions,
refreshCredentialsEndpoint,
resolvedStoragePath);
- Map credentialConfig = accessConfig.credentials();
+ Map credentialConfig = storageAccessConfig.credentials();
if (delegationModes.contains(VENDED_CREDENTIALS)) {
if (!credentialConfig.isEmpty()) {
responseBuilder.addAllConfig(credentialConfig);
@@ -831,12 +831,12 @@ ALLOW_FEDERATED_CATALOGS_CREDENTIAL_VENDING, getResolvedCatalogEntity())) {
Boolean skipCredIndirection =
realmConfig.getConfig(FeatureConfiguration.SKIP_CREDENTIAL_SUBSCOPING_INDIRECTION);
Preconditions.checkArgument(
- !accessConfig.supportsCredentialVending() || skipCredIndirection,
+ !storageAccessConfig.supportsCredentialVending() || skipCredIndirection,
"Credential vending was requested for table %s, but no credentials are available",
tableIdentifier);
}
}
- responseBuilder.addAllConfig(accessConfig.extraProperties());
+ responseBuilder.addAllConfig(storageAccessConfig.extraProperties());
}
return responseBuilder;
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java
index a2e78524dc..c132322f5d 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java
@@ -27,7 +27,7 @@
import java.util.Map;
import org.apache.iceberg.CatalogUtil;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/**
* A default FileIO factory implementation for creating Iceberg {@link FileIO} instances with
@@ -45,7 +45,7 @@ public DefaultFileIOFactory() {}
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig storageAccessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map properties) {
@@ -56,9 +56,9 @@ public FileIO loadFileIO(
// Update with properties in case there are table-level overrides the credentials should
// always override table-level properties, since storage configuration will be found at
// whatever entity defines it
- properties.putAll(accessConfig.credentials());
- properties.putAll(accessConfig.extraProperties());
- properties.putAll(accessConfig.internalProperties());
+ properties.putAll(storageAccessConfig.credentials());
+ properties.putAll(storageAccessConfig.extraProperties());
+ properties.putAll(storageAccessConfig.internalProperties());
return loadFileIOInternal(ioImplClassName, properties);
}
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOFactory.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOFactory.java
index 5c6007efa1..b9bfbf97e9 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOFactory.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOFactory.java
@@ -22,7 +22,7 @@
import jakarta.enterprise.context.ApplicationScoped;
import java.util.Map;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/**
* Interface for providing a way to construct FileIO objects, such as for reading/writing S3.
@@ -37,13 +37,14 @@ public interface FileIOFactory {
* This method may obtain subscoped credentials to restrict the FileIO's permissions, ensuring
* secure and limited access to the table's data and locations.
*
- * @param accessConfig the access configuration containing credentials and other properties.
+ * @param storageAccessConfig the storage access configuration containing credentials and other
+ * properties.
* @param ioImplClassName the class name of the FileIO implementation to load.
* @param properties configuration properties for the FileIO.
* @return a configured FileIO instance.
*/
FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig storageAccessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map properties);
}
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOUtil.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOUtil.java
index f4a6320d67..7d5a112bba 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOUtil.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/FileIOUtil.java
@@ -26,9 +26,9 @@
import org.apache.polaris.core.entity.PolarisEntity;
import org.apache.polaris.core.entity.PolarisEntityConstants;
import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisCredentialVendor;
import org.apache.polaris.core.storage.PolarisStorageActions;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.cache.StorageCredentialCache;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
import org.slf4j.Logger;
@@ -74,7 +74,7 @@ public static Optional findStorageInfoFromHierarchy(
* and read/write metadata JSON files.
*
*/
- public static AccessConfig refreshAccessConfig(
+ public static StorageAccessConfig refreshAccessConfig(
CallContext callContext,
StorageCredentialCache storageCredentialCache,
PolarisCredentialVendor credentialVendor,
@@ -93,7 +93,7 @@ public static AccessConfig refreshAccessConfig(
.atDebug()
.addKeyValue("tableIdentifier", tableIdentifier)
.log("Skipping generation of subscoped creds for table");
- return AccessConfig.builder().build();
+ return StorageAccessConfig.builder().build();
}
boolean allowList =
@@ -105,7 +105,7 @@ public static AccessConfig refreshAccessConfig(
|| storageActions.contains(PolarisStorageActions.ALL)
? tableLocations
: Set.of();
- AccessConfig accessConfig =
+ StorageAccessConfig storageAccessConfig =
storageCredentialCache.getOrGenerateSubScopeCreds(
credentialVendor,
callContext.getPolarisCallContext(),
@@ -117,12 +117,12 @@ public static AccessConfig refreshAccessConfig(
LOGGER
.atDebug()
.addKeyValue("tableIdentifier", tableIdentifier)
- .addKeyValue("credentialKeys", accessConfig.credentials().keySet())
- .addKeyValue("extraProperties", accessConfig.extraProperties())
+ .addKeyValue("credentialKeys", storageAccessConfig.credentials().keySet())
+ .addKeyValue("extraProperties", storageAccessConfig.extraProperties())
.log("Loaded scoped credentials for table");
- if (accessConfig.credentials().isEmpty()) {
+ if (storageAccessConfig.credentials().isEmpty()) {
LOGGER.debug("No credentials found for table");
}
- return accessConfig;
+ return storageAccessConfig;
}
}
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/AccessConfigProvider.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/StorageAccessConfigProvider.java
similarity index 88%
rename from runtime/service/src/main/java/org/apache/polaris/service/catalog/io/AccessConfigProvider.java
rename to runtime/service/src/main/java/org/apache/polaris/service/catalog/io/StorageAccessConfigProvider.java
index d336040273..80e62856ae 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/AccessConfigProvider.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/StorageAccessConfigProvider.java
@@ -29,8 +29,8 @@
import org.apache.polaris.core.entity.PolarisEntity;
import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.cache.StorageCredentialCache;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -43,15 +43,15 @@
* primary entrypoint to get sub-scoped credentials for accessing table data.
*/
@ApplicationScoped
-public class AccessConfigProvider {
+public class StorageAccessConfigProvider {
- private static final Logger LOGGER = LoggerFactory.getLogger(AccessConfigProvider.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(StorageAccessConfigProvider.class);
private final StorageCredentialCache storageCredentialCache;
private final MetaStoreManagerFactory metaStoreManagerFactory;
@Inject
- public AccessConfigProvider(
+ public StorageAccessConfigProvider(
StorageCredentialCache storageCredentialCache,
MetaStoreManagerFactory metaStoreManagerFactory) {
this.storageCredentialCache = storageCredentialCache;
@@ -68,10 +68,10 @@ public AccessConfigProvider(
* to
* @param refreshCredentialsEndpoint optional endpoint URL for clients to refresh credentials
* @param resolvedPath the entity hierarchy to search for storage configuration
- * @return {@link AccessConfig} with scoped credentials and metadata; empty if no storage config
- * found
+ * @return {@link StorageAccessConfig} with scoped credentials and metadata; empty if no storage
+ * config found
*/
- public AccessConfig getAccessConfig(
+ public StorageAccessConfig getStorageAccessConfig(
@Nonnull CallContext callContext,
@Nonnull TableIdentifier tableIdentifier,
@Nonnull Set tableLocations,
@@ -89,7 +89,7 @@ public AccessConfig getAccessConfig(
.atWarn()
.addKeyValue("tableIdentifier", tableIdentifier)
.log("Table entity has no storage configuration in its hierarchy");
- return AccessConfig.builder().supportsCredentialVending(false).build();
+ return StorageAccessConfig.builder().supportsCredentialVending(false).build();
}
return FileIOUtil.refreshAccessConfig(
callContext,
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/WasbTranslatingFileIOFactory.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/WasbTranslatingFileIOFactory.java
index 47617309ce..3e4b7f306f 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/WasbTranslatingFileIOFactory.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/WasbTranslatingFileIOFactory.java
@@ -24,7 +24,7 @@
import jakarta.inject.Inject;
import java.util.Map;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/** A {@link FileIOFactory} that translates WASB paths to ABFS ones */
@ApplicationScoped
@@ -40,7 +40,7 @@ public WasbTranslatingFileIOFactory() {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig accessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map properties) {
return new WasbTranslatingFileIO(
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/context/catalog/PolarisCallContextCatalogFactory.java b/runtime/service/src/main/java/org/apache/polaris/service/context/catalog/PolarisCallContextCatalogFactory.java
index 70cb8e6b1d..65eb7f9d57 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/context/catalog/PolarisCallContextCatalogFactory.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/context/catalog/PolarisCallContextCatalogFactory.java
@@ -32,8 +32,8 @@
import org.apache.polaris.core.persistence.resolver.PolarisResolutionManifest;
import org.apache.polaris.core.persistence.resolver.ResolverFactory;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
import org.apache.polaris.service.task.TaskExecutor;
import org.slf4j.Logger;
@@ -46,7 +46,7 @@ public class PolarisCallContextCatalogFactory implements CallContextCatalogFacto
private final PolarisDiagnostics diagnostics;
private final TaskExecutor taskExecutor;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider storageAccessConfigProvider;
private final FileIOFactory fileIOFactory;
private final ResolverFactory resolverFactory;
private final PolarisEventListener polarisEventListener;
@@ -59,7 +59,7 @@ public PolarisCallContextCatalogFactory(
PolarisDiagnostics diagnostics,
ResolverFactory resolverFactory,
TaskExecutor taskExecutor,
- AccessConfigProvider accessConfigProvider,
+ StorageAccessConfigProvider storageAccessConfigProvider,
FileIOFactory fileIOFactory,
PolarisEventListener polarisEventListener,
PolarisMetaStoreManager metaStoreManager,
@@ -68,7 +68,7 @@ public PolarisCallContextCatalogFactory(
this.diagnostics = diagnostics;
this.resolverFactory = resolverFactory;
this.taskExecutor = taskExecutor;
- this.accessConfigProvider = accessConfigProvider;
+ this.storageAccessConfigProvider = storageAccessConfigProvider;
this.fileIOFactory = fileIOFactory;
this.polarisEventListener = polarisEventListener;
this.metaStoreManager = metaStoreManager;
@@ -94,7 +94,7 @@ public Catalog createCallContextCatalog(final PolarisResolutionManifest resolved
resolvedManifest,
principal,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener);
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java b/runtime/service/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java
index 23ec20abc3..706acb4222 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java
@@ -32,11 +32,11 @@
import java.util.Set;
import java.util.function.Supplier;
import org.apache.polaris.core.config.RealmConfig;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.aws.AwsCredentialsStorageIntegration;
import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo;
import org.apache.polaris.core.storage.aws.StsClientProvider;
@@ -109,13 +109,13 @@ public PolarisStorageIntegrationProviderImpl(
storageIntegration =
new PolarisStorageIntegration<>((T) polarisStorageConfigurationInfo, "file") {
@Override
- public AccessConfig getSubscopedCreds(
+ public StorageAccessConfig getSubscopedCreds(
@Nonnull RealmConfig realmConfig,
boolean allowListOperation,
@Nonnull Set allowedReadLocations,
@Nonnull Set allowedWriteLocations,
Optional refreshCredentialsEndpoint) {
- return AccessConfig.builder().supportsCredentialVending(false).build();
+ return StorageAccessConfig.builder().supportsCredentialVending(false).build();
}
@Override
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java b/runtime/service/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java
index 720f204fc2..b4c31d6921 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java
@@ -33,21 +33,21 @@
import org.apache.polaris.core.entity.TaskEntity;
import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper;
import org.apache.polaris.core.persistence.ResolvedPolarisEntity;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageActions;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
@ApplicationScoped
public class TaskFileIOSupplier {
private final FileIOFactory fileIOFactory;
- private final AccessConfigProvider accessConfigProvider;
+ private final StorageAccessConfigProvider accessConfigProvider;
@Inject
public TaskFileIOSupplier(
- FileIOFactory fileIOFactory, AccessConfigProvider accessConfigProvider) {
+ FileIOFactory fileIOFactory, StorageAccessConfigProvider storageAccessConfigProvider) {
this.fileIOFactory = fileIOFactory;
- this.accessConfigProvider = accessConfigProvider;
+ this.accessConfigProvider = storageAccessConfigProvider;
}
public FileIO apply(TaskEntity task, TableIdentifier identifier, CallContext callContext) {
@@ -62,14 +62,14 @@ public FileIO apply(TaskEntity task, TableIdentifier identifier, CallContext cal
new ResolvedPolarisEntity(task, List.of(), List.of());
PolarisResolvedPathWrapper resolvedPath =
new PolarisResolvedPathWrapper(List.of(resolvedTaskEntity));
- AccessConfig accessConfig =
- accessConfigProvider.getAccessConfig(
+ StorageAccessConfig storageAccessConfig =
+ accessConfigProvider.getStorageAccessConfig(
callContext, identifier, locations, storageActions, Optional.empty(), resolvedPath);
String ioImpl =
properties.getOrDefault(
CatalogProperties.FILE_IO_IMPL, "org.apache.iceberg.io.ResolvingFileIO");
- return fileIOFactory.loadFileIO(accessConfig, ioImpl, properties);
+ return fileIOFactory.loadFileIO(storageAccessConfig, ioImpl, properties);
}
}
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/admin/PolarisAuthzTestBase.java b/runtime/service/src/test/java/org/apache/polaris/service/admin/PolarisAuthzTestBase.java
index 4b1799d8cf..0bb4856eb2 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/admin/PolarisAuthzTestBase.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/admin/PolarisAuthzTestBase.java
@@ -87,8 +87,8 @@
import org.apache.polaris.service.catalog.generic.PolarisGenericTableCatalog;
import org.apache.polaris.service.catalog.iceberg.CatalogHandlerUtils;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.catalog.policy.PolicyCatalog;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.context.catalog.CallContextCatalogFactory;
@@ -203,7 +203,7 @@ public Map getConfigOverrides() {
@Inject protected PolarisConfigurationStore configurationStore;
@Inject protected StorageCredentialCache storageCredentialCache;
@Inject protected ResolverFactory resolverFactory;
- @Inject protected AccessConfigProvider accessConfigProvider;
+ @Inject protected StorageAccessConfigProvider storageAccessConfigProvider;
protected IcebergCatalog baseCatalog;
protected PolarisGenericTableCatalog genericTableCatalog;
@@ -499,7 +499,7 @@ private void initBaseCatalog() {
passthroughView,
authenticatedRoot,
Mockito.mock(),
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener);
this.baseCatalog.initialize(
@@ -527,7 +527,7 @@ public TestPolarisCallContextCatalogFactory(
PolarisDiagnostics diagnostics,
ResolverFactory resolverFactory,
TaskExecutor taskExecutor,
- AccessConfigProvider accessConfigProvider,
+ StorageAccessConfigProvider accessConfigProvider,
FileIOFactory fileIOFactory,
PolarisEventListener polarisEventListener,
PolarisMetaStoreManager metaStoreManager,
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/catalog/generic/AbstractPolarisGenericTableCatalogTest.java b/runtime/service/src/test/java/org/apache/polaris/service/catalog/generic/AbstractPolarisGenericTableCatalogTest.java
index f4dceffe62..5cda9c7981 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/catalog/generic/AbstractPolarisGenericTableCatalogTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/catalog/generic/AbstractPolarisGenericTableCatalogTest.java
@@ -66,9 +66,9 @@
import org.apache.polaris.service.admin.PolarisAdminService;
import org.apache.polaris.service.catalog.PolarisPassthroughResolutionView;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.DefaultFileIOFactory;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.events.listeners.NoOpPolarisEventListener;
import org.apache.polaris.service.storage.PolarisStorageIntegrationProviderImpl;
@@ -119,7 +119,7 @@ public abstract class AbstractPolarisGenericTableCatalogTest {
private FileIOFactory fileIOFactory;
private PolarisPrincipal authenticatedRoot;
private PolarisEntity catalogEntity;
- private AccessConfigProvider accessConfigProvider;
+ private StorageAccessConfigProvider storageAccessConfigProvider;
protected static final Schema SCHEMA =
new Schema(
@@ -156,8 +156,8 @@ public void before(TestInfo testInfo) {
metaStoreManagerFactory.getOrCreateSession(realmContext),
configurationStore);
realmConfig = polarisContext.getRealmConfig();
- accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
+ storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
PrincipalEntity rootPrincipal =
metaStoreManager.findRootPrincipal(polarisContext).orElseThrow();
@@ -242,7 +242,7 @@ public void before(TestInfo testInfo) {
passthroughView,
authenticatedRoot,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
new NoOpPolarisEventListener());
this.icebergCatalog.initialize(
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogTest.java b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogTest.java
index fa05af7efd..3e7cc19850 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogTest.java
@@ -126,9 +126,9 @@
import org.apache.polaris.core.persistence.resolver.ResolverFactory;
import org.apache.polaris.core.secrets.UserSecretsManager;
import org.apache.polaris.core.secrets.UserSecretsManagerFactory;
-import org.apache.polaris.core.storage.AccessConfig;
import org.apache.polaris.core.storage.PolarisStorageIntegration;
import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.core.storage.StorageAccessProperty;
import org.apache.polaris.core.storage.aws.AwsCredentialsStorageIntegration;
import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo;
@@ -136,11 +136,11 @@
import org.apache.polaris.service.admin.PolarisAdminService;
import org.apache.polaris.service.catalog.PolarisPassthroughResolutionView;
import org.apache.polaris.service.catalog.Profiles;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.DefaultFileIOFactory;
import org.apache.polaris.service.catalog.io.ExceptionMappingFileIO;
import org.apache.polaris.service.catalog.io.FileIOFactory;
import org.apache.polaris.service.catalog.io.MeasuredFileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.events.IcebergRestCatalogEvents;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -252,7 +252,7 @@ public Map getConfigOverrides() {
private PolarisPrincipal authenticatedRoot;
private TestPolarisEventListener testPolarisEventListener;
private ReservedProperties reservedProperties;
- private AccessConfigProvider accessConfigProvider;
+ private StorageAccessConfigProvider storageAccessConfigProvider;
@BeforeAll
public static void setUpMocks() {
@@ -290,8 +290,8 @@ public void before(TestInfo testInfo) {
metaStoreManagerFactory.getOrCreateSession(realmContext),
configurationStore);
realmConfig = polarisContext.getRealmConfig();
- accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
+ storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
EntityCache entityCache = createEntityCache(diagServices, realmConfig, metaStoreManager);
resolverFactory =
(principal, referenceCatalogName) ->
@@ -454,7 +454,7 @@ protected IcebergCatalog newIcebergCatalog(
passthroughView,
authenticatedRoot,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener);
}
@@ -1905,7 +1905,7 @@ public void testDropTableWithPurge() {
Set.of(tableMetadata.location()),
Set.of(tableMetadata.location()),
Optional.empty())
- .getAccessConfig()
+ .getStorageAccessConfig()
.credentials();
Assertions.assertThat(credentials)
.isNotNull()
@@ -1914,7 +1914,7 @@ public void testDropTableWithPurge() {
.containsEntry(StorageAccessProperty.AWS_SECRET_KEY.getPropertyName(), SECRET_ACCESS_KEY)
.containsEntry(StorageAccessProperty.AWS_TOKEN.getPropertyName(), SESSION_TOKEN);
FileIO fileIO =
- new TaskFileIOSupplier(new DefaultFileIOFactory(), accessConfigProvider)
+ new TaskFileIOSupplier(new DefaultFileIOFactory(), storageAccessConfigProvider)
.apply(taskEntity, TABLE, polarisContext);
Assertions.assertThat(fileIO).isNotNull().isInstanceOf(ExceptionMappingFileIO.class);
Assertions.assertThat(((ExceptionMappingFileIO) fileIO).getInnerIo())
@@ -2083,14 +2083,14 @@ public void testFileIOWrapper() {
new FileIOFactory() {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig accessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map properties) {
return measured.loadFileIO(
accessConfig, "org.apache.iceberg.inmemory.InMemoryFileIO", Map.of());
}
},
- accessConfigProvider);
+ storageAccessConfigProvider);
TableCleanupTaskHandler handler =
new TableCleanupTaskHandler(
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogViewTest.java b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogViewTest.java
index 2406108abb..f8468d6bf1 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogViewTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/AbstractIcebergCatalogViewTest.java
@@ -57,9 +57,9 @@
import org.apache.polaris.service.admin.PolarisAdminService;
import org.apache.polaris.service.catalog.PolarisPassthroughResolutionView;
import org.apache.polaris.service.catalog.Profiles;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.DefaultFileIOFactory;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.events.IcebergRestCatalogEvents;
import org.apache.polaris.service.events.listeners.PolarisEventListener;
@@ -121,7 +121,7 @@ public Map getConfigOverrides() {
private UserSecretsManager userSecretsManager;
private PolarisCallContext polarisContext;
private RealmConfig realmConfig;
- private AccessConfigProvider accessConfigProvider;
+ private StorageAccessConfigProvider storageAccessConfigProvider;
private TestPolarisEventListener testPolarisEventListener;
@@ -162,8 +162,8 @@ public void before(TestInfo testInfo) {
metaStoreManagerFactory.getOrCreateSession(realmContext),
configurationStore);
realmConfig = polarisContext.getRealmConfig();
- accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
+ storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
PrincipalEntity rootPrincipal =
metaStoreManager.findRootPrincipal(polarisContext).orElseThrow();
PolarisPrincipal authenticatedRoot = PolarisPrincipal.of(rootPrincipal, Set.of());
@@ -215,7 +215,7 @@ public void before(TestInfo testInfo) {
passthroughView,
authenticatedRoot,
Mockito.mock(),
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener);
Map properties =
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerAuthzTest.java b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerAuthzTest.java
index 924e376e4b..34118d6a71 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerAuthzTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerAuthzTest.java
@@ -134,7 +134,7 @@ private IcebergCatalogHandler newWrapper(
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
protected void doTestInsufficientPrivileges(
@@ -274,7 +274,7 @@ public void testInsufficientPermissionsPriorToSecretRotation() {
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
// a variety of actions are all disallowed because the principal's credentials must be rotated
doTestInsufficientPrivileges(
@@ -312,7 +312,7 @@ public void testInsufficientPermissionsPriorToSecretRotation() {
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
doTestSufficientPrivilegeSets(
List.of(Set.of(PolarisPrivilege.NAMESPACE_LIST)),
@@ -1189,7 +1189,7 @@ public T getConfig(PolarisConfiguration config, CatalogEntity catalogEnti
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
@Test
@@ -1894,7 +1894,7 @@ public void testSendNotificationSufficientPrivileges() {
diagServices,
resolverFactory,
Mockito.mock(),
- accessConfigProvider,
+ storageAccessConfigProvider,
new DefaultFileIOFactory(),
polarisEventListener,
metaStoreManager,
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerFineGrainedDisabledTest.java b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerFineGrainedDisabledTest.java
index 7c5ae41b61..0b4fcc910e 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerFineGrainedDisabledTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerFineGrainedDisabledTest.java
@@ -71,7 +71,7 @@ private IcebergCatalogHandler newWrapper() {
catalogHandlerUtils,
emptyExternalCatalogFactory(),
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
public static class Profile extends PolarisAuthzTestBase.Profile {
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/catalog/io/FileIOFactoryTest.java b/runtime/service/src/test/java/org/apache/polaris/service/catalog/io/FileIOFactoryTest.java
index 731ab6f071..673e0f2923 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/catalog/io/FileIOFactoryTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/catalog/io/FileIOFactoryTest.java
@@ -169,7 +169,8 @@ public void testLoadFileIOForCleanupTask(String scheme) {
Assertions.assertThat(tasks).hasSize(1);
TaskEntity taskEntity = TaskEntity.of(tasks.get(0));
FileIO fileIO =
- new TaskFileIOSupplier(testServices.fileIOFactory(), testServices.accessConfigProvider())
+ new TaskFileIOSupplier(
+ testServices.fileIOFactory(), testServices.storageAccessConfigProvider())
.apply(taskEntity, TABLE, callContext);
Assertions.assertThat(fileIO).isNotNull().isInstanceOf(ExceptionMappingFileIO.class);
Assertions.assertThat(((ExceptionMappingFileIO) fileIO).getInnerIo())
@@ -216,7 +217,7 @@ IcebergCatalog createCatalog(TestServices services, String scheme) {
passthroughView,
services.principal(),
services.taskExecutor(),
- services.accessConfigProvider(),
+ services.storageAccessConfigProvider(),
services.fileIOFactory(),
services.polarisEventListener());
polarisCatalog.initialize(
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/catalog/policy/AbstractPolicyCatalogTest.java b/runtime/service/src/test/java/org/apache/polaris/service/catalog/policy/AbstractPolicyCatalogTest.java
index 69b9cde7b6..3ee2faf340 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/catalog/policy/AbstractPolicyCatalogTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/catalog/policy/AbstractPolicyCatalogTest.java
@@ -78,9 +78,9 @@
import org.apache.polaris.service.admin.PolarisAdminService;
import org.apache.polaris.service.catalog.PolarisPassthroughResolutionView;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalog;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.DefaultFileIOFactory;
import org.apache.polaris.service.catalog.io.FileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.events.listeners.NoOpPolarisEventListener;
import org.apache.polaris.service.storage.PolarisStorageIntegrationProviderImpl;
@@ -145,7 +145,7 @@ public abstract class AbstractPolicyCatalogTest {
private FileIOFactory fileIOFactory;
private PolarisPrincipal authenticatedRoot;
private PolarisEntity catalogEntity;
- private AccessConfigProvider accessConfigProvider;
+ private StorageAccessConfigProvider storageAccessConfigProvider;
@BeforeAll
public static void setUpMocks() {
@@ -177,8 +177,8 @@ public void before(TestInfo testInfo) {
metaStoreManagerFactory.getOrCreateSession(realmContext),
configurationStore);
realmConfig = polarisContext.getRealmConfig();
- accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
+ storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
PrincipalEntity rootPrincipal =
metaStoreManager.findRootPrincipal(polarisContext).orElseThrow();
@@ -259,7 +259,7 @@ public void before(TestInfo testInfo) {
passthroughView,
authenticatedRoot,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
new NoOpPolarisEventListener());
this.icebergCatalog.initialize(
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/task/BatchFileCleanupTaskHandlerTest.java b/runtime/service/src/test/java/org/apache/polaris/service/task/BatchFileCleanupTaskHandlerTest.java
index 28db39376e..b984ea8239 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/task/BatchFileCleanupTaskHandlerTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/task/BatchFileCleanupTaskHandlerTest.java
@@ -49,7 +49,7 @@
import org.apache.polaris.core.persistence.BasePersistence;
import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.service.TestFileIOFactory;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
@@ -60,7 +60,7 @@ public class BatchFileCleanupTaskHandlerTest {
private TaskFileIOSupplier buildTaskFileIOSupplier(FileIO fileIO) {
return new TaskFileIOSupplier(
- new TestFileIOFactory(fileIO), Mockito.mock(AccessConfigProvider.class));
+ new TestFileIOFactory(fileIO), Mockito.mock(StorageAccessConfigProvider.class));
}
private PolarisCallContext newCallContext() {
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandlerTest.java b/runtime/service/src/test/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandlerTest.java
index d9ca54fac4..5db3d78622 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandlerTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandlerTest.java
@@ -45,7 +45,7 @@
import org.apache.polaris.core.persistence.BasePersistence;
import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.service.TestFileIOFactory;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
@@ -57,7 +57,7 @@ class ManifestFileCleanupTaskHandlerTest {
private TaskFileIOSupplier buildTaskFileIOSupplier(FileIO fileIO) {
return new TaskFileIOSupplier(
- new TestFileIOFactory(fileIO), Mockito.mock(AccessConfigProvider.class));
+ new TestFileIOFactory(fileIO), Mockito.mock(StorageAccessConfigProvider.class));
}
private PolarisCallContext newCallContext() {
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/task/TableCleanupTaskHandlerTest.java b/runtime/service/src/test/java/org/apache/polaris/service/task/TableCleanupTaskHandlerTest.java
index 8ebb96a421..c2569847f5 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/task/TableCleanupTaskHandlerTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/task/TableCleanupTaskHandlerTest.java
@@ -51,7 +51,7 @@
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.pagination.PageToken;
import org.apache.polaris.service.TestFileIOFactory;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -72,7 +72,7 @@ class TableCleanupTaskHandlerTest {
private TableCleanupTaskHandler newTableCleanupTaskHandler(FileIO fileIO) {
TaskFileIOSupplier taskFileIOSupplier =
new TaskFileIOSupplier(
- new TestFileIOFactory(fileIO), Mockito.mock(AccessConfigProvider.class));
+ new TestFileIOFactory(fileIO), Mockito.mock(StorageAccessConfigProvider.class));
return new TableCleanupTaskHandler(
Mockito.mock(), clock, metaStoreManagerFactory, taskFileIOSupplier);
}
diff --git a/runtime/service/src/test/java/org/apache/polaris/service/task/TaskExecutorImplTest.java b/runtime/service/src/test/java/org/apache/polaris/service/task/TaskExecutorImplTest.java
index d6743a3720..0c6061e5a1 100644
--- a/runtime/service/src/test/java/org/apache/polaris/service/task/TaskExecutorImplTest.java
+++ b/runtime/service/src/test/java/org/apache/polaris/service/task/TaskExecutorImplTest.java
@@ -64,7 +64,7 @@ void testEventsAreEmitted() {
testServices.clock(),
testServices.metaStoreManagerFactory(),
new TaskFileIOSupplier(
- testServices.fileIOFactory(), testServices.accessConfigProvider()),
+ testServices.fileIOFactory(), testServices.storageAccessConfigProvider()),
testServices.polarisEventListener(),
null);
diff --git a/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestFileIOFactory.java b/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestFileIOFactory.java
index 74f2fbc4cf..faffe363b9 100644
--- a/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestFileIOFactory.java
+++ b/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestFileIOFactory.java
@@ -22,7 +22,7 @@
import jakarta.annotation.Nonnull;
import java.util.Map;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
import org.apache.polaris.service.catalog.io.FileIOFactory;
/** A FileIOFactory that always returns the same FileIO instance. */
@@ -36,7 +36,7 @@ public TestFileIOFactory(@Nonnull FileIO fileIO) {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig accessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map properties) {
return fileIO;
diff --git a/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestServices.java b/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestServices.java
index 030e00b731..6041d2c489 100644
--- a/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestServices.java
+++ b/runtime/service/src/testFixtures/java/org/apache/polaris/service/TestServices.java
@@ -70,9 +70,9 @@
import org.apache.polaris.service.catalog.api.IcebergRestConfigurationApi;
import org.apache.polaris.service.catalog.iceberg.CatalogHandlerUtils;
import org.apache.polaris.service.catalog.iceberg.IcebergCatalogAdapter;
-import org.apache.polaris.service.catalog.io.AccessConfigProvider;
import org.apache.polaris.service.catalog.io.FileIOFactory;
import org.apache.polaris.service.catalog.io.MeasuredFileIOFactory;
+import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider;
import org.apache.polaris.service.config.ReservedProperties;
import org.apache.polaris.service.context.catalog.CallContextCatalogFactory;
import org.apache.polaris.service.context.catalog.PolarisCallContextCatalogFactory;
@@ -112,7 +112,7 @@ public record TestServices(
FileIOFactory fileIOFactory,
TaskExecutor taskExecutor,
PolarisEventListener polarisEventListener,
- AccessConfigProvider accessConfigProvider) {
+ StorageAccessConfigProvider storageAccessConfigProvider) {
private static final RealmContext TEST_REALM = () -> "test-realm";
private static final String GCP_ACCESS_TOKEN = "abc";
@@ -273,8 +273,8 @@ public String getAuthenticationScheme() {
PolarisCredentialManager credentialManager =
new DefaultPolarisCredentialManager(realmContext, mockCredentialVendors);
- AccessConfigProvider accessConfigProvider =
- new AccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
+ StorageAccessConfigProvider storageAccessConfigProvider =
+ new StorageAccessConfigProvider(storageCredentialCache, metaStoreManagerFactory);
FileIOFactory fileIOFactory = fileIOFactorySupplier.get();
TaskExecutor taskExecutor = Mockito.mock(TaskExecutor.class);
@@ -285,7 +285,7 @@ public String getAuthenticationScheme() {
diagnostics,
resolverFactory,
taskExecutor,
- accessConfigProvider,
+ storageAccessConfigProvider,
fileIOFactory,
polarisEventListener,
metaStoreManager,
@@ -317,7 +317,7 @@ public String getAuthenticationScheme() {
catalogHandlerUtils,
externalCatalogFactory,
polarisEventListener,
- accessConfigProvider,
+ storageAccessConfigProvider,
new DefaultMetricsReporter());
IcebergRestCatalogApi restApi = new IcebergRestCatalogApi(catalogService);
@@ -359,7 +359,7 @@ public String getAuthenticationScheme() {
fileIOFactory,
taskExecutor,
polarisEventListener,
- accessConfigProvider);
+ storageAccessConfigProvider);
}
}
diff --git a/runtime/service/src/testFixtures/java/org/apache/polaris/service/catalog/io/MeasuredFileIOFactory.java b/runtime/service/src/testFixtures/java/org/apache/polaris/service/catalog/io/MeasuredFileIOFactory.java
index 1d5668d0fc..9d18f6a8ea 100644
--- a/runtime/service/src/testFixtures/java/org/apache/polaris/service/catalog/io/MeasuredFileIOFactory.java
+++ b/runtime/service/src/testFixtures/java/org/apache/polaris/service/catalog/io/MeasuredFileIOFactory.java
@@ -27,7 +27,7 @@
import java.util.Optional;
import java.util.function.Supplier;
import org.apache.iceberg.io.FileIO;
-import org.apache.polaris.core.storage.AccessConfig;
+import org.apache.polaris.core.storage.StorageAccessConfig;
/**
* A FileIOFactory that measures the number of bytes read, files written, and files deleted. It can
@@ -52,7 +52,7 @@ public MeasuredFileIOFactory() {
@Override
public FileIO loadFileIO(
- @Nonnull AccessConfig accessConfig,
+ @Nonnull StorageAccessConfig storageAccessConfig,
@Nonnull String ioImplClassName,
@Nonnull Map properties) {
loadFileIOExceptionSupplier.ifPresent(
@@ -62,7 +62,7 @@ public FileIO loadFileIO(
MeasuredFileIO wrapped =
new MeasuredFileIO(
- defaultFileIOFactory.loadFileIO(accessConfig, ioImplClassName, properties),
+ defaultFileIOFactory.loadFileIO(storageAccessConfig, ioImplClassName, properties),
newInputFileExceptionSupplier,
newOutputFileExceptionSupplier,
getLengthExceptionSupplier);