Added:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/helm-chart/values.yaml
==============================================================================
---
dev/incubator/polaris/apache-polaris-1.0.0-incubating/helm-chart/values.yaml
(added)
+++
dev/incubator/polaris/apache-polaris-1.0.0-incubating/helm-chart/values.yaml
Tue Jun 24 00:39:22 2025
@@ -0,0 +1,620 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# -- The number of replicas to deploy (horizontal scaling).
+# Beware that replicas are stateless; don't set this number > 1 when using
in-memory meta store manager.
+replicaCount: 1
+
+image:
+ # -- The image repository to pull from.
+ repository: apache/polaris
+ # -- The image pull policy.
+ pullPolicy: IfNotPresent
+ # -- The image tag.
+ tag: "latest"
+ # -- The path to the directory where the application.properties file, and
other configuration
+ # files, if any, should be mounted.
+ # Note: if you are using EclipseLink, then this value must be at least two
folders down to the
+ # root folder, e.g. `/deployments/config` is OK, whereas `/deployments` is
not.
+ configDir: /deployments/config
+
+# -- References to secrets in the same namespace to use for pulling any of the
images used by this
+# chart. Each entry is a LocalObjectReference to an existing secret in the
namespace. The secret
+# must contain a .dockerconfigjson key with a base64-encoded Docker
configuration file. See
+#
https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
for more
+# information.
+imagePullSecrets: []
+# - registry-creds
+
+
+serviceAccount:
+ # -- Specifies whether a service account should be created.
+ create: true
+ # -- Annotations to add to the service account.
+ annotations: {}
+ # -- The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname
template.
+ name: ""
+
+
+# -- Annotations to apply to polaris pods.
+podAnnotations: {}
+
+# -- Additional Labels to apply to polaris pods.
+podLabels: {}
+
+# -- Additional Labels to apply to polaris configmap.
+configMapLabels: {}
+
+# -- The number of old ReplicaSets to retain to allow rollback (if not set,
the default Kubernetes value is set to 10).
+revisionHistoryLimit: ~
+
+# -- Security context for the polaris pod. See
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/.
+podSecurityContext:
+ # -- GID 10001 is compatible with Polaris OSS default images; change this if
you are using a different image.
+ fsGroup: 10001
+ seccompProfile:
+ type: RuntimeDefault
+
+# -- Security context for the polaris container. See
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/.
+containerSecurityContext:
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ # -- UID 10000 is compatible with Polaris OSS default images; change this if
you are using a different image.
+ runAsUser: 10000
+ capabilities:
+ drop: ["ALL"]
+ seccompProfile:
+ type: RuntimeDefault
+
+# -- Polaris main service settings.
+service:
+ # -- The type of service to create. Valid values are: ExternalName,
ClusterIP, NodePort, and LoadBalancer.
+ # The default value is ClusterIP.
+ type: ClusterIP
+ # -- The ports the service will listen on.
+ # At least one port is required; the first port implicitly becomes the HTTP
port that the
+ # application will use for serving API requests. By default, it's 8181.
+ # Note: port names must be unique and no more than 15 characters long.
+ ports:
+ # -- The name of the port. Required.
+ - name: polaris-http
+ # -- The port the service listens on. By default, the HTTP port is 8181.
+ port: 8181
+ # -- Number or name of the port to access on the pods targeted by the
service.
+ # If this is a string, it will be looked up as a named port in the
target Pod's container ports.
+ # If this is not specified, the value of the 'port' field is used.
+ targetPort: ~ # polaris-service
+ # -- The port on each node on which this service is exposed when type is
NodePort or LoadBalancer.
+ # Usually assigned by the system. If not specified, a port will be
allocated if this Service requires one. If this field is specified when
creating a Service which does not need it, creation will fail.
+ nodePort: ~ # 30000
+ # -- The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".
Default is TCP.
+ protocol: ~
+ # - name: polaris-https
+ # port: 18181
+ # -- The session affinity for the service. Valid values are: None, ClientIP.
The default value is None.
+ # ClientIP enables sticky sessions based on the client's IP address.
+ # This is generally beneficial to Polaris deployments, but some testing may
be
+ # required in order to make sure that the load is distributed evenly among
the pods.
+ # Also, this setting affects only internal clients, not external ones.
+ # If Ingress is enabled, it is recommended to set sessionAffinity to None.
+ sessionAffinity: ~
+ # -- You can specify your own cluster IP address
+ # If you define a Service that has the .spec.clusterIP set to "None" then
Kubernetes does not assign an IP address.
+ # Instead, DNS records for the service will return the IP addresses of each
pod targeted by the server. This is
+ # called a headless service.
+ # See
https://kubernetes.io/docs/concepts/services-networking/service/#headless-services
+ clusterIP: ~
+ # -- Controls how traffic from internal sources is routed.
+ # Valid values are Cluster and Local. The default value is Cluster.
+ # Set the field to Cluster to route traffic to all ready endpoints.
+ # Set the field to Local to only route to ready node-local endpoints.
+ # If the traffic policy is Local and there are no node-local endpoints,
traffic is dropped by kube-proxy.
+ internalTrafficPolicy: ~
+ # -- Controls how traffic from external sources is routed.
+ # Valid values are Cluster and Local. The default value is Cluster.
+ # Set the field to Cluster to route traffic to all ready endpoints.
+ # Set the field to Local to only route to ready node-local endpoints.
+ # If the traffic policy is Local and there are no node-local endpoints,
traffic is dropped by kube-proxy.
+ externalTrafficPolicy: ~
+ # -- The traffic distribution field provides another way to influence
traffic routing within a Kubernetes Service.
+ # While traffic policies focus on strict semantic guarantees, traffic
distribution allows you to express preferences
+ # such as routing to topologically closer endpoints.
+ # The only valid value is: PreferClose. The default value is
implementation-specific.
+ trafficDistribution: ~
+ # -- Annotations to add to the service.
+ annotations: {}
+
+# -- Management service settings. These settings are used to configure
liveness and readiness probes,
+# and to configure the dedicated headless service that will expose health
checks and metrics, e.g.
+# for metrics scraping and service monitoring.
+managementService:
+ # -- The type of service to create. Valid values are: ExternalName,
ClusterIP, NodePort, and LoadBalancer.
+ # The default value is ClusterIP.
+ type: ClusterIP
+ # -- The ports the management service will listen on.
+ # At least one port is required; the first port implicitly becomes the HTTP
port that the
+ # application will use for serving management requests. By default, it's
8182.
+ # Note: port names must be unique and no more than 15 characters long.
+ ports:
+ # -- The name of the management port. Required.
+ - name: polaris-mgmt
+ # -- The port the management service listens on. By default, the
management interface is exposed
+ # on HTTP port 8182.
+ port: 8182
+ # -- Number or name of the port to access on the pods targeted by the
service.
+ # If this is a string, it will be looked up as a named port in the
target Pod's container ports.
+ # If this is not specified, the value of the 'port' field is used.
+ targetPort: ~ # polaris-service
+ # -- The port on each node on which this service is exposed when type is
NodePort or LoadBalancer.
+ # Usually assigned by the system. If not specified, a port will be
allocated if this Service requires one. If this field is specified when
creating a Service which does not need it, creation will fail.
+ nodePort: ~ # 30000
+ # -- The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".
Default is TCP.
+ protocol: ~
+ # -- By default, the management service is headless, i.e. it does not have a
cluster IP.
+ # This is generally the right option for exposing health checks and metrics,
e.g. for metrics
+ # scraping and service monitoring.
+ clusterIP: None
+ sessionAffinity: ~
+ internalTrafficPolicy: ~
+ externalTrafficPolicy: ~
+ trafficDistribution: ~
+ # -- Annotations to add to the service.
+ annotations: {}
+
+# -- Additional service definitions. All service definitions always select all
Polaris pods. Use
+# this if you need to expose specific ports with different configurations,
e.g. expose polaris-http
+# with an alternate LoadBalancer service instead of ClusterIP.
+extraServices: []
+ # - # -- The suffix to append to the service name. Required. It must be
unique. If it does not
+ # # start with a hyphen, a hyphen will be inserted between the base
service name and the suffix.
+ # nameSuffix: "ext"
+ # # -- The type of service to create.
+ # type: LoadBalancer
+ # # -- The ports the service will listen on.
+ # ports:
+ # - name: polaris-http
+ # number: 8181
+ # targetPort: 8181
+ # nodePort: 30000
+ # protocol: TCP
+ # sessionAffinity: None
+ # clusterIP: ""
+ # internalTrafficPolicy: Cluster
+ # externalTrafficPolicy: Cluster
+ # trafficDistribution: PreferClose
+ # annotations: {}
+
+# Polaris Ingress settings.
+# These settings generate an Ingress resource that routes external traffic to
the Polaris service
+# using the "polaris-service" port described above.
+# Consider enabling sticky sessions based on the remote client's IP address;
+# this is generally beneficial to Polaris deployments, but some testing may be
+# required in order to make sure that the load is distributed evenly among the
pods.
+# Check your ingress controller's documentation.
+ingress:
+ # -- Specifies the ingressClassName; leave empty if you don't want to
customize it
+ className: ""
+ # -- Specifies whether an ingress should be created.
+ enabled: false
+ # -- Annotations to add to the ingress.
+ annotations: {
+ # nginx.ingress.kubernetes.io/upstream-hash-by: "$binary_remote_addr"
+ }
+ # -- A list of host paths used to configure the ingress.
+ hosts:
+ - host: chart-example.local
+ paths: []
+ # -- A list of TLS certificates; each entry has a list of hosts in the
certificate,
+ # along with the secret name used to terminate TLS traffic on port 443.
+ tls: []
+# - hosts:
+# - chart-example1.local
+# - chart-example2.local
+# secretName: secret1
+
+# -- Configures the resources requests and limits for polaris pods.
+# We usually recommend not to specify default resources and to leave this as a
conscious
+# choice for the user. This also increases chances charts run on environments
with little
+# resources, such as Minikube. If you do want to specify resources, uncomment
the following
+# lines, adjust them as necessary, and remove the curly braces after
'resources:'.
+resources:
+ {}
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+autoscaling:
+ # -- Specifies whether automatic horizontal scaling should be enabled.
+ # Do not enable this when using in-memory version store type.
+ enabled: false
+ # -- The minimum number of replicas to maintain.
+ minReplicas: 1
+ # -- The maximum number of replicas to maintain.
+ maxReplicas: 3
+ # -- Optional; set to zero or empty to disable.
+ targetCPUUtilizationPercentage: 80
+ # -- Optional; set to zero or empty to disable.
+ targetMemoryUtilizationPercentage:
+
+# -- Node labels which must match for the polaris pod to be scheduled on that
node. See
https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector.
+nodeSelector:
+ {}
+ # kubernetes.io/os: linux
+
+# -- A list of tolerations to apply to polaris pods. See
https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/.
+tolerations: []
+# - key: "node-role.kubernetes.io/control-plane"
+# operator: "Exists"
+# effect: "NoSchedule"
+
+# -- Affinity and anti-affinity for polaris pods. See
https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity.
+affinity: {}
+# podAffinity:
+# preferredDuringSchedulingIgnoredDuringExecution:
+# - weight: 100
+# podAffinityTerm:
+# topologyKey: kubernetes.io/hostname
+# labelSelector:
+# matchExpressions:
+# - key: app.kubernetes.io/name
+# operator: In
+# values:
+# - polaris
+
+# -- Configures the liveness probe for polaris pods.
+livenessProbe:
+ # -- Number of seconds after the container has started before liveness
probes are initiated. Minimum value is 0.
+ initialDelaySeconds: 5
+ # -- How often (in seconds) to perform the probe. Minimum value is 1.
+ periodSeconds: 10
+ # -- Minimum consecutive successes for the probe to be considered successful
after having failed. Minimum value is 1.
+ successThreshold: 1
+ # -- Minimum consecutive failures for the probe to be considered failed
after having succeeded. Minimum value is 1.
+ failureThreshold: 3
+ # -- Number of seconds after which the probe times out. Minimum value is 1.
+ timeoutSeconds: 10
+ # -- Optional duration in seconds the pod needs to terminate gracefully upon
probe failure. Minimum value is 1.
+ terminationGracePeriodSeconds: 30
+
+# -- Configures the readiness probe for polaris pods.
+readinessProbe:
+ # -- Number of seconds after the container has started before readiness
probes are initiated. Minimum value is 0.
+ initialDelaySeconds: 5
+ # -- How often (in seconds) to perform the probe. Minimum value is 1.
+ periodSeconds: 10
+ # -- Minimum consecutive successes for the probe to be considered successful
after having failed. Minimum value is 1.
+ successThreshold: 1
+ # -- Minimum consecutive failures for the probe to be considered failed
after having succeeded. Minimum value is 1.
+ failureThreshold: 3
+ # -- Number of seconds after which the probe times out. Minimum value is 1.
+ timeoutSeconds: 10
+
+# -- Advanced configuration.
+# You can pass here any valid Polaris or Quarkus configuration property.
+# Any property that is defined here takes precedence over all the other
configuration values generated by this chart.
+# Properties can be passed "flattened" or as nested YAML objects (see examples
below).
+# Note: values should be strings; avoid using numbers, booleans, or other
types.
+advancedConfig:
+# # Disable access log:
+# quarkus.http.access-log.enabled: "true"
+# # Reverse Proxy Settings
+# # ----------------------
+# #
+# # These config options are mentioned only for documentation purposes.
Consult the
+# # Quarkus documentation for "Running behind a reverse proxy" and configure
those
+# # depending on your actual needs.
+#
+# # See https://quarkus.io/guides/http-reference#reverse-proxy
+#
+# # Do NOT enable these option unless your reverse proxy (for example istio or
nginx)
+# # is properly setup to set these headers but also filter those from incoming
requests.
+#
+# quarkus:
+# http:
+# proxy:
+# proxy-address-forwarding: "true"
+# allow-x-forwarded: "true"
+# enable-forwarded-host: "true"
+# enable-forwarded-prefix: "true"
+# trusted-proxies: "127.0.0.1"
+ {}
+
+# -- Advanced configuration via Environment Variables.
+# Extra environment variables to add to the Polaris server container.
+# You can pass here any valid EnvVar object:
+#
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core
+# This can be useful to get configuration values from Kubernetes secrets or
config maps.
+extraEnv:
+ []
+# - name: AWS_STORAGE_BUCKET
+# value: s3://xxxxx/
+# - name: AWS_ACCESS_KEY_ID
+# valueFrom:
+# secretKeyRef:
+# name: aws-secret
+# key: access_key_id
+# - name: AWS_SECRET_ACCESS_KEY
+# valueFrom:
+# secretKeyRef:
+# name: aws-secret
+# key: secret_access_key
+
+# -- Extra volumes to add to the polaris pod. See
https://kubernetes.io/docs/concepts/storage/volumes/.
+extraVolumes: []
+ # - name: extra-volume
+ # emptyDir: {}
+
+# -- Extra volume mounts to add to the polaris container. See
https://kubernetes.io/docs/concepts/storage/volumes/.
+extraVolumeMounts: []
+ # - name: extra-volume
+ # mountPath: /usr/share/extra-volume
+
+# -- Add additional init containers to the polaris pod(s) See
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/.
+extraInitContainers: []
+ # - name: your-image-name
+ # image: your-image
+ # imagePullPolicy: Always
+ # command: ['sh', '-c', 'echo "hello world"']
+
+tracing:
+ # -- Specifies whether tracing for the polaris server should be enabled.
+ enabled: false
+ # -- The collector endpoint URL to connect to (required).
+ # The endpoint URL must have either the http:// or the https:// scheme.
+ # The collector must talk the OpenTelemetry protocol (OTLP) and the port
must be its gRPC port (by default 4317).
+ # See https://quarkus.io/guides/opentelemetry for more information.
+ endpoint: "http://otlp-collector:4317";
+ # -- Which requests should be sampled. Valid values are: "all", "none", or a
ratio between 0.0 and
+ # "1.0d" (inclusive). E.g. "0.5d" means that 50% of the requests will be
sampled.
+ # Note: avoid entering numbers here, always prefer a string representation
of the ratio.
+ sample: "1.0d"
+ # -- Resource attributes to identify the polaris service among other tracing
sources.
+ # See
https://opentelemetry.io/docs/reference/specification/resource/semantic_conventions/#service.
+ # If left empty, traces will be attached to a service named "Apache
Polaris"; to change this,
+ # provide a service.name attribute here.
+ attributes:
+ {}
+ # service.name: my-polaris
+
+metrics:
+ # -- Specifies whether metrics for the polaris server should be enabled.
+ enabled: true
+ # -- Additional tags (dimensional labels) to add to the metrics.
+ tags:
+ {}
+ # service: polaris
+ # environment: production
+
+serviceMonitor:
+ # -- Specifies whether a ServiceMonitor for Prometheus operator should be
created.
+ enabled: true
+ # -- The scrape interval; leave empty to let Prometheus decide. Must be a
valid duration, e.g. 1d, 1h30m, 5m, 10s.
+ interval: ""
+ # -- Labels for the created ServiceMonitor so that Prometheus operator can
properly pick it up.
+ labels:
+ {}
+ # release: prometheus
+ # -- Relabeling rules to apply to metrics. Ref
https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config.
+ metricRelabelings: []
+ # - source_labels: [ __meta_kubernetes_namespace ]
+ # separator: ;
+ # regex: (.*)
+ # target_label: namespace
+ # replacement: $1
+ # action: replace
+
+# -- Logging configuration.
+logging:
+ # -- The log level of the root category, which is used as the default log
level for all categories.
+ level: INFO
+ # -- The header name to use for the request ID.
+ requestIdHeaderName: Polaris-Request-Id
+ # -- Configuration for the console appender.
+ console:
+ # -- Whether to enable the console appender.
+ enabled: true
+ # -- The log level of the console appender.
+ threshold: ALL
+ # -- Whether to log in JSON format.
+ json: false
+ # -- The log format to use. Ignored if JSON format is enabled. See
+ # https://quarkus.io/guides/logging#logging-format for details.
+ format: "%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}]
[%X{requestId},%X{realmId}] [%X{traceId},%X{parentId},%X{spanId},%X{sampled}]
(%t) %s%e%n"
+ # -- Configuration for the file appender.
+ file:
+ # -- Whether to enable the file appender.
+ enabled: false
+ # -- The log level of the file appender.
+ threshold: ALL
+ # -- Whether to log in JSON format.
+ json: false
+ # -- The log format to use. Ignored if JSON format is enabled. See
+ # https://quarkus.io/guides/logging#logging-format for details.
+ format: "%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}]
[%X{requestId},%X{realmId}] [%X{traceId},%X{parentId},%X{spanId},%X{sampled}]
(%t) %s%e%n"
+ # -- The local directory where log files are stored. The persistent volume
claim will be mounted
+ # here.
+ logsDir: /deployments/logs
+ # -- The log file name.
+ fileName: polaris.log
+ # -- Log rotation configuration.
+ rotation:
+ # -- The maximum size of the log file before it is rotated. Should be
expressed as a Kubernetes quantity.
+ maxFileSize: 100Mi
+ # -- The maximum number of backup files to keep.
+ maxBackupIndex: 5
+ # -- An optional suffix to append to the rotated log files. If present,
the rotated log files
+ # will be grouped in time buckets, and each bucket will contain at most
maxBackupIndex files.
+ # The suffix must be in a date-time format that is understood by
DateTimeFormatter. If the
+ # suffix ends with .gz or .zip, the rotated files will also be
compressed using the
+ # corresponding algorithm.
+ fileSuffix: ~ # .yyyy-MM-dd.gz
+ # -- The log storage configuration. A persistent volume claim will be
created using these
+ # settings.
+ storage:
+ # -- The storage class name of the persistent volume claim to create.
+ className: standard
+ # -- The size of the persistent volume claim to create.
+ size: 512Gi
+ # -- Labels to add to the persistent volume claim spec selector; a
persistent volume with
+ # matching labels must exist. Leave empty if using dynamic provisioning.
+ selectorLabels: {}
+ # app.kubernetes.io/name: polaris
+ # app.kubernetes.io/instance: RELEASE-NAME
+ # -- Configuration for specific log categories.
+ categories:
+ org.apache.polaris: INFO
+ org.apache.iceberg.rest: INFO
+ # Useful to debug configuration issues:
+ # io.smallrye.config: DEBUG
+ # -- Configuration for MDC (Mapped Diagnostic Context). Values specified
here will be added to the
+ # log context of all incoming requests and can be used in log patterns.
+ mdc:
+ # aid=polaris
+ # sid=polaris-service
+ {}
+
+# -- Realm context resolver configuration.
+realmContext:
+ # -- The type of realm context resolver to use. Two built-in types are
supported: default and test;
+ # test is not recommended for production as it does not perform any realm
validation.
+ type: default
+ # -- List of valid realms, for use with the default realm context resolver.
The first realm in
+ # the list is the default realm. Realms not in this list will be rejected.
+ realms:
+ - POLARIS
+
+# -- Polaris features configuration.
+features:
+ # -- Features to enable or disable globally. If a feature is not present in
the map, the default
+ # built-in value is used.
+ # ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING: false
+ # SUPPORTED_CATALOG_STORAGE_TYPES:
+ # - S3
+ # - GCS
+ # - AZURE
+ # - FILE
+ # -- Features to enable or disable per realm. This field is a map of maps.
The realm name is the key, and the value is a map of
+ # feature names to values. If a feature is not present in the map, the
default value from the 'defaults' field is used.
+ realmOverrides: {}
+ # my-realm:
+ # ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING: true
+
+# -- Polaris persistence configuration.
+persistence:
+ # -- The type of persistence to use. Two built-in types are supported:
in-memory and eclipse-link.
+ type: eclipse-link # in-memory
+ # -- The configuration for the eclipse-link persistence manager.
+ eclipseLink:
+ # -- The secret name to pull persistence.xml from.
+ secret:
+ # -- The name of the secret to pull persistence.xml from.
+ # If not provided, the default built-in persistence.xml will be used.
This is probably not what you want.
+ name: ~
+ # -- The key in the secret to pull persistence.xml from.
+ key: persistence.xml
+ # -- The persistence unit name to use.
+ persistenceUnit: polaris
+
+# -- Polaris FileIO configuration.
+fileIo:
+ # -- The type of file IO to use. Two built-in types are supported: default
and wasb. The wasb one translates WASB paths to ABFS ones.
+ type: default
+
+# -- Storage credentials for the server. If the following properties are
unset, default
+# credentials will be used, in which case the pod must have the necessary
permissions to access the storage.
+storage:
+ # -- The secret to pull storage credentials from.
+ secret:
+ # -- The name of the secret to pull storage credentials from.
+ name: ~
+ # -- The key in the secret to pull the AWS access key ID from. Only
required when using AWS.
+ awsAccessKeyId: ~
+ # -- The key in the secret to pull the AWS secret access key from. Only
required when using AWS.
+ awsSecretAccessKey: ~
+ # -- The key in the secret to pull the GCP token from. Only required when
using GCP.
+ gcpToken: ~
+ # -- The key in the secret to pull the GCP token expiration time from.
Only required when using GCP. Must be a valid ISO 8601 duration. The default is
PT1H (1 hour).
+ gcpTokenLifespan: ~
+
+# -- Polaris authentication configuration.
+authentication:
+ # -- The type of authentication to use. Two built-in types are supported:
default and test;
+ # test is not recommended for production.
+ authenticator:
+ type: default
+ # -- The type of token service to use. Two built-in types are supported:
default and test;
+ # test is not recommended for production.
+ tokenService:
+ type: default
+ # -- The type of token broker to use. Two built-in types are supported:
rsa-key-pair and symmetric-key.
+ tokenBroker:
+ type: rsa-key-pair # symmetric-key
+ maxTokenGeneration: PT1H
+ # -- The secret name to pull the public and private keys, or the symmetric
key secret from.
+ secret:
+ # -- The name of the secret to pull the keys from. If not provided, a
key pair will be generated.
+ # This is not recommended for production.
+ name: ~
+ # -- The public key file to use for RSA key pair token broker. Only
required when using rsa-key-pair.
+ publicKey: public.pem
+ # -- The private key file to use for RSA key pair token broker. Only
required when using rsa-key-pair.
+ privateKey: private.pem
+ # -- The symmetric key file to use for symmetric key token broker. Only
required when using symmetric-key.
+ secretKey: secret
+
+# -- Polaris CORS configuration.
+cors:
+ # -- Origins allowed for CORS, e.g. http://polaris.apache.org,
http://localhost:8181. In case an entry of the list is surrounded by forward
slashes, it is interpreted as a regular expression.
+ allowedOrigins: []
+ # -- HTTP methods allowed for CORS, ex: GET, PUT, POST. If this is not set
or empty, all requested methods are considered allowed.
+ allowedMethods: []
+ # -- HTTP headers allowed for CORS, ex: X-Custom, Content-Disposition. If
this is not set or empty, all requested headers are considered allowed.
+ allowedHeaders: []
+ # -- HTTP headers exposed to the client, ex: X-Custom, Content-Disposition.
The default is an empty list.
+ exposedHeaders: []
+ # -- The `Access-Control-Max-Age` response header value indicating how long
the results of a pre-flight request can be cached. Must be a valid duration.
+ accessControlMaxAge: ~ # PT10M
+ # -- The `Access-Control-Allow-Credentials` response header.
+ # The value of this header will default to `true` if `allowedOrigins`
property is set and there is a match with the precise `Origin` header.
+ accessControlAllowCredentials: ~ # true
+
+# -- Polaris rate limiter configuration.
+rateLimiter:
+ # -- The type of rate limiter filter to use. Two built-in types are
supported: default and no-op.
+ type: no-op
+ # -- The configuration for the default rate limiter, which uses the token
bucket algorithm with
+ # one bucket per realm.
+ tokenBucket:
+ # -- The type of the token bucket rate limiter. Only the default type is
supported out of the box.
+ type: default
+ # -- The maximum number of requests per second allowed for each realm.
+ requestsPerSecond: 9999
+ # -- The time window.
+ window: PT10S
+
+# -- Polaris asynchronous task executor configuration.
+tasks:
+ # -- The maximum number of concurrent tasks that can be executed at the same
time. The default is the number of available cores.
+ maxConcurrentTasks: ~ # 100
+ # -- The maximum number of tasks that can be queued up for execution. The
default is Integer.MAX_VALUE.
+ maxQueuedTasks: ~ # 1000
Added:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.tgz
==============================================================================
Binary file - no diff available.
Propchange:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.tgz
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.tgz.asc
==============================================================================
---
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.tgz.asc
(added)
+++
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.tgz.asc
Tue Jun 24 00:39:22 2025
@@ -0,0 +1,8 @@
+-----BEGIN PGP SIGNATURE-----
+Version: BCPG v@RELEASE_NAME@
+
+iHUEABYKAB0WIQTcYAx2mtD+gwCUcCNHHQMWEU5bZAUCaFntpAAKCRBHHQMWEU5b
+ZDGhAP0Z9QUO+9hoxnEEAIXhb7ns51mlyO95idbWvBET3BekrAD9GSwUNwcN1xrf
+wah7y2bG0QCvncCp2GknktvO97Wb3As=
+=Jc2/
+-----END PGP SIGNATURE-----
Added:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.tgz.sha512
==============================================================================
---
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.tgz.sha512
(added)
+++
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.tgz.sha512
Tue Jun 24 00:39:22 2025
@@ -0,0 +1 @@
+eca5bf0508da4d9d81ca3199f952c6ed8f712761d212833a9120e36fb65b69b7c740c0bfb228c272f6ab94c178918b8c7c56d5b245383c9e7a1ceacb68cc0930
polaris-bin-1.0.0-incubating.tgz
\ No newline at end of file
Added:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.zip
==============================================================================
Binary file - no diff available.
Propchange:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.zip
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.zip.asc
==============================================================================
---
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.zip.asc
(added)
+++
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.zip.asc
Tue Jun 24 00:39:22 2025
@@ -0,0 +1,8 @@
+-----BEGIN PGP SIGNATURE-----
+Version: BCPG v@RELEASE_NAME@
+
+iHUEABYKAB0WIQTcYAx2mtD+gwCUcCNHHQMWEU5bZAUCaFntqAAKCRBHHQMWEU5b
+ZLNaAQCCHUWo73i+EjPmQh7TRDQF8IPXDS2WZfO97TFWsSeCxQEA8HxOWeFvZG75
+iijo2lDJW3GTvNzn06SnROkJHLvyxgs=
+=hDN0
+-----END PGP SIGNATURE-----
Added:
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.zip.sha512
==============================================================================
---
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.zip.sha512
(added)
+++
dev/incubator/polaris/apache-polaris-1.0.0-incubating/polaris-bin-1.0.0-incubating.zip.sha512
Tue Jun 24 00:39:22 2025
@@ -0,0 +1 @@
+5273cde2c70fb1ce512f943262fd3fb355b79ae54fea5012f191848b50e6abc8747bdebdb0d21214b891a9638da86195d423179ac92409695c3340aa6f010b96
polaris-bin-1.0.0-incubating.zip
\ No newline at end of file
