adutra commented on code in PR #2104:
URL: https://github.com/apache/polaris/pull/2104#discussion_r2211046504
##########
helm/polaris/values.yaml:
##########
@@ -560,15 +560,19 @@ storage:
# -- Polaris authentication configuration.
authentication:
- # -- The type of authentication to use. Two built-in types are supported:
default and test;
- # test is not recommended for production.
+ # -- The type of authentication to use. Three built-in types are supported:
internal, external, and mixed.
+ type: internal
+ # -- The `Authenticator` implementation to use. Only one built-in type is
supported: default.
authenticator:
type: default
- # -- The type of token service to use. Two built-in types are supported:
default and test;
- # test is not recommended for production.
+ # -- The `ActiveRolesProvider` implementation to use. Only one built-in type
is supported: default.
+ activeRolesProvider:
+ type: default
+ # -- The token service (`IcebergRestOAuth2ApiService`) implementation to
use. Two built-in types are supported: default and disabled.
+ # The disabled type is always used when `authentication.type` is set to
external.
tokenService:
type: default
- # -- The type of token broker to use. Two built-in types are supported:
rsa-key-pair and symmetric-key.
+ # -- The `TokenBroker` implementation to use. Two built-in types are
supported: rsa-key-pair and symmetric-key.
Review Comment:
`tokenBroker` and `tokenService` are indeed only relevant when using
internal (or mixed) authentication.
Setting these options when using external auth doesn't hurt, but in
practice, the configmap won't even contain those config options if the
authentication type is `external`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
