This is an automated email from the ASF dual-hosted git repository.
adutra pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git
The following commit(s) were added to refs/heads/main by this push:
new e64040f79 Do not rotate bootstrapped root credentials (#1414)
e64040f79 is described below
commit e64040f793a502d4aadd6b566d50374d1ce6c563
Author: Alexandre Dutra <[email protected]>
AuthorDate: Mon Apr 21 19:59:54 2025 +0200
Do not rotate bootstrapped root credentials (#1414)
---
.../LocalPolarisMetaStoreManagerFactory.java | 22 +++++-----------------
.../InMemoryPolarisMetaStoreManagerFactory.java | 6 +++---
2 files changed, 8 insertions(+), 20 deletions(-)
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java
index 7350b6b53..b005d411f 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java
@@ -32,7 +32,6 @@ import org.apache.polaris.core.entity.PolarisEntity;
import org.apache.polaris.core.entity.PolarisEntityConstants;
import org.apache.polaris.core.entity.PolarisEntitySubType;
import org.apache.polaris.core.entity.PolarisEntityType;
-import org.apache.polaris.core.entity.PolarisPrincipalSecrets;
import org.apache.polaris.core.persistence.bootstrap.RootCredentialsSet;
import org.apache.polaris.core.persistence.cache.EntityCache;
import org.apache.polaris.core.persistence.dao.entity.BaseResult;
@@ -237,22 +236,11 @@ public abstract class
LocalPolarisMetaStoreManagerFactory<StoreType>
PolarisEntityType.PRINCIPAL,
PolarisEntitySubType.NULL_SUBTYPE,
PolarisEntityConstants.getRootPrincipalName());
- PolarisPrincipalSecrets secrets =
- metaStoreManager
- .loadPrincipalSecrets(
- polarisContext,
- PolarisEntity.of(rootPrincipalLookup.getEntity())
- .getInternalPropertiesAsMap()
- .get(PolarisEntityConstants.getClientIdPropertyName()))
- .getPrincipalSecrets();
- PrincipalSecretsResult rotatedSecrets =
- metaStoreManager.rotatePrincipalSecrets(
- polarisContext,
- secrets.getPrincipalClientId(),
- secrets.getPrincipalId(),
- false,
- secrets.getMainSecretHash());
- return rotatedSecrets;
+ return metaStoreManager.loadPrincipalSecrets(
+ polarisContext,
+ PolarisEntity.of(rootPrincipalLookup.getEntity())
+ .getInternalPropertiesAsMap()
+ .get(PolarisEntityConstants.getClientIdPropertyName()));
}
/**
diff --git
a/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java
b/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java
index 4122285b0..59fe20053 100644
---
a/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java
+++
b/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java
@@ -79,7 +79,7 @@ public class InMemoryPolarisMetaStoreManagerFactory
RealmContext realmContext) {
String realmId = realmContext.getRealmIdentifier();
if (!bootstrappedRealms.contains(realmId)) {
- bootstrapRealmsAndPrintCredentials(List.of(realmId));
+ bootstrapRealmsFromEnvironment(List.of(realmId));
}
return super.getOrCreateMetaStoreManager(realmContext);
}
@@ -89,12 +89,12 @@ public class InMemoryPolarisMetaStoreManagerFactory
RealmContext realmContext) {
String realmId = realmContext.getRealmIdentifier();
if (!bootstrappedRealms.contains(realmId)) {
- bootstrapRealmsAndPrintCredentials(List.of(realmId));
+ bootstrapRealmsFromEnvironment(List.of(realmId));
}
return super.getOrCreateSessionSupplier(realmContext);
}
- private void bootstrapRealmsAndPrintCredentials(List<String> realms) {
+ private void bootstrapRealmsFromEnvironment(List<String> realms) {
RootCredentialsSet rootCredentialsSet =
RootCredentialsSet.fromEnvironment();
this.bootstrapRealms(realms, rootCredentialsSet);
}
