From 5d7e237d314d2808dd0a65a27e56e0a57829a122 Mon Sep 17 00:00:00 2001
From: Honah J <honahx@apache.org>
Date: Sun, 26 Jan 2025 01:26:22 -0600
Subject: [PATCH 1/2] update after #804 is merged

---
 getting-started/trino/README.md                |  4 ++--
 .../trino/create-polaris-catalog.sh            | 18 +++++++++++++++++-
 getting-started/trino/docker-compose.yml       | 10 ++--------
 .../trino-config/catalog/iceberg.properties    |  3 ++-
 4 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/getting-started/trino/README.md b/getting-started/trino/README.md
index 26804a77aa..267f4020d2 100644
--- a/getting-started/trino/README.md
+++ b/getting-started/trino/README.md
@@ -24,7 +24,7 @@ This getting started guide provides a `docker-compose` file to set up [Trino](ht
 ## Build Polaris Image
 Build Polaris Image while Docker is running
 ```
-./gradlew :polaris-quarkus-server:assemble -Dquarkus.container-image.build=true
+./gradlew clean :polaris-quarkus-server:assemble -Dquarkus.container-image.build=true
 ```
 
 ## Run the `docker-compose` file
@@ -53,6 +53,6 @@ SELECT * FROM iceberg.tpch.test_polaris;
 ```
 
 ## Note
-The Polaris catalog setup script uses the credential `principal:root;realm:default-realm`. This credential is used so users do not need to fetch credentials from Apache Polaris' console output.
+The Polaris in this example is started with realm `default-realm` and root credentials: `root:s3cr3t`.
 
 An example catalog is created in Apache Polaris using the `curl` command. See `create-polaris-catalog.sh` for details.
diff --git a/getting-started/trino/create-polaris-catalog.sh b/getting-started/trino/create-polaris-catalog.sh
index 20b007a821..e08e1c5f88 100644
--- a/getting-started/trino/create-polaris-catalog.sh
+++ b/getting-started/trino/create-polaris-catalog.sh
@@ -17,7 +17,23 @@
 # under the License.
 #
 
-PRINCIPAL_TOKEN="principal:root;realm:default-realm"
+if ! output=$(curl -X POST -H "Polaris-Realm: default-realm" "http://polaris:8181/api/catalog/v1/oauth/tokens" \
+  -d "grant_type=client_credentials" \
+  -d "client_id=root" \
+  -d "client_secret=s3cr3t" \
+  -d "scope=PRINCIPAL_ROLE:ALL"); then
+  logred "Error: Failed to retrieve bearer token"
+  exit 1
+fi
+
+token=$(echo "$output" | awk -F\" '{print $4}')
+
+if [ "$token" == "unauthorized_client" ]; then
+  logred "Error: Failed to retrieve bearer token"
+  exit 1
+fi
+
+PRINCIPAL_TOKEN=$token
 
 # Use local filesystem by default
 curl -i -X POST -H "Authorization: Bearer $PRINCIPAL_TOKEN" -H 'Accept: application/json' -H 'Content-Type: application/json' \
diff --git a/getting-started/trino/docker-compose.yml b/getting-started/trino/docker-compose.yml
index 5ea31fb41d..fd438f0094 100644
--- a/getting-started/trino/docker-compose.yml
+++ b/getting-started/trino/docker-compose.yml
@@ -31,14 +31,8 @@ services:
       AZURE_TENANT_ID: $AZURE_TENANT_ID
       AZURE_CLIENT_ID: $AZURE_CLIENT_ID
       AZURE_CLIENT_SECRET: $AZURE_CLIENT_SECRET
-      polaris.persistence.type: in-memory
-      polaris.authentication.authenticator.type: test
-      polaris.authentication.token-service.type: test
-      polaris.authentication.token-broker.type: symmetric-key
-      polaris.authentication.token-broker.symmetric-key.secret: polaris
-      polaris.features.defaults."SUPPORTED_CATALOG_STORAGE_TYPES": '["FILE","S3","GCS","AZURE"]'
-      polaris.realm-context.realms: default-realm,realm1
-      quarkus.log.file.enable: false
+      POLARIS_BOOTSTRAP_CREDENTIALS: default-realm,root,s3cr3t
+      polaris.realm-context.realms: default-realm
       quarkus.otel.sdk.disabled: "true"
 
     healthcheck:
diff --git a/getting-started/trino/trino-config/catalog/iceberg.properties b/getting-started/trino/trino-config/catalog/iceberg.properties
index 94b8b489e5..1cd0a0e7a2 100644
--- a/getting-started/trino/trino-config/catalog/iceberg.properties
+++ b/getting-started/trino/trino-config/catalog/iceberg.properties
@@ -21,7 +21,8 @@ connector.name=iceberg
 iceberg.catalog.type=rest
 iceberg.rest-catalog.uri=http://polaris:8181/api/catalog
 iceberg.rest-catalog.security=OAUTH2
-iceberg.rest-catalog.oauth2.token=principal:root;realm:default-realm
+iceberg.rest-catalog.oauth2.credential=root:s3cr3t
+iceberg.rest-catalog.oauth2.scope=PRINCIPAL_ROLE:ALL
 iceberg.rest-catalog.warehouse=polaris
 # Required to support local filesystem: https://trino.io/docs/current/object-storage.html#configuration
 fs.hadoop.enabled=true

From ba0c77b124f4e95da5a2d3402cafbd8a88726246 Mon Sep 17 00:00:00 2001
From: Honah J <honahx@apache.org>
Date: Mon, 27 Jan 2025 01:45:52 -0800
Subject: [PATCH 2/2] remove "clean"

---
 getting-started/trino/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/getting-started/trino/README.md b/getting-started/trino/README.md
index 267f4020d2..957604b369 100644
--- a/getting-started/trino/README.md
+++ b/getting-started/trino/README.md
@@ -24,7 +24,7 @@ This getting started guide provides a `docker-compose` file to set up [Trino](ht
 ## Build Polaris Image
 Build Polaris Image while Docker is running
 ```
-./gradlew clean :polaris-quarkus-server:assemble -Dquarkus.container-image.build=true
+./gradlew :polaris-quarkus-server:assemble -Dquarkus.container-image.build=true
 ```
 
 ## Run the `docker-compose` file