Use upstream 1.7.1 rest-catalog-open-api.yaml instead. #936
Conversation
| @@ -242,8 +236,6 @@ paths: | |||
| $ref: '#/components/responses/OAuthErrorResponse' | |||
| 5XX: | |||
| $ref: '#/components/responses/OAuthErrorResponse' | |||
| security: | |||
| - BearerAuth: [] | |||
There was a problem hiding this comment.
It seems in Polaris the /v1/oauth/tokens has this additional security scheme override. This change is included in the original commit of Polaris.
To ensure this PR does not change anything unexpectedly, I extracted this one to polaris-catalog-apis/oauth-tokens-api.yaml. We will likely remove or update this soon anyway according to: #12
There was a problem hiding this comment.
Now the /v1/oauth/tokens endpoint is defined in twp files, right? What controls which of the definitions is the one used in runtime?
There was a problem hiding this comment.
Hi @dimas-b, thanks for reviewing. Currently we have polaris-catalog-service.yaml as the root yaml for building catalog api service
polaris/spec/polaris-catalog-service.yaml
Lines 76 to 79 in 84ee2e8
It uses $ref to control the one used in the runtime. This PR updates the $ref so that it will point to the oauth-tokens-api.yaml
HonahX
requested review from
ashvina,
dennishuo,
eric-maynard,
jbonofre,
vvcephei,
collado-mike,
snazy,
RussellSpitzer,
takidau,
MonkeyCanCode,
flyrain and
ebyhr
as code owners
|
This PR is ready for review since #953 and #935 are in. @jackye1995 @dimas-b @adutra Could you please take another look at this when you have a chance? Thanks! |
LICENSE
Outdated
| @@ -215,7 +215,10 @@ License: https://www.apache.org/licenses/LICENSE-2.0 | |||
|
|
|||
| This product includes code from Apache Iceberg. | |||
|
|
|||
| * spec/rest-catalog-open-api.yaml | |||
| * spec/iceberg-rest-catalog-open-api.yaml | |||
| * spec/polaris-catalog-service.yaml | |||
There was a problem hiding this comment.
no, this is Polaris' own file, it is NOT from Apache Iceberg, right?
There was a problem hiding this comment.
Thanks for all the great catch here! It seems I have misunderstood the intended use of the CODE_COPIED_TO_POLARIS flag and the corresponding licensing requirements. My current understanding is that this flag should only be applied to files where all content is copied from another project. Could you please confirm if that’s correct?
Based on this understanding, here’s the current status:
iceberg-rest-catalog-open-api.yaml: identical to upstream released spec. NeedCODE_COPIED_TO_POLARISpolaris-catalog-apis/oauth-tokens-api.yaml: everything is copied from IRC spec's token endpoint definition. NeedCODE_COPIED_TO_POLARISpolaris-catalog-service.yaml- only the server and security definition are copied from IRC spec, while the rest are not. Do Not NeedCODE_COPIED_TO_POLARISbundled-polaris-catalog-service.yaml- generated yaml that contains both IRC spec and polaris defined ones. Do Not NeedCODE_COPIED_TO_POLARIS
There was a problem hiding this comment.
My current understanding is that this flag should only be applied to files where all content is copied from another project. Could you please confirm if that’s correct?
That's my understanding too :)
There was a problem hiding this comment.
polaris-catalog-service.yaml - only the server and security definition are copied from IRC spec, while the rest are not. Do Not Need CODE_COPIED_TO_POLARIS
I agree. Plus we have a general notice with Iceberg attribution. I think that's fine.
@jbonofre WDYT?
HonahX
force-pushed
the
honahx_use_upstream_released_iceberg_spec_instead
branch
from
95a57cf to
c1be23b
Compare
Make rest-catalog-open-api.yaml identical to 1.7.1 released version of rest-catalog-open-api.yaml Commit added new files add not implemented endpoint as comments Add code copied to Polaris make oauth-tokens-api standalone fix COPIED code issue rename iceberg upstream copied spec add upstream version note Fix lint Fix LICENSE Remove incorrect LICENSE mention Fix style
HonahX
force-pushed
the
honahx_use_upstream_released_iceberg_spec_instead
branch
from
c1be23b to
d98d4c5
Compare
|
@snazy @RussellSpitzer @jackye1995 @collado-mike : This PR LGTM, but since it's an API change - please also have a look :) |
| --- | ||
| paths: | ||
| # The /v1/oauth/tokens endpoint is sourced from iceberg-rest-catalog-open-api.yaml | ||
| /v1/oauth/tokens: |
There was a problem hiding this comment.
Sorry to miss the context, why do we copy this from iceberg-rest-catalog-open-api.yaml?
There was a problem hiding this comment.
The original related discussion is here: #906 (comment), #936 (comment).
Since the token endpoint is deprecated and will soon be removed from the upstream IRC spec, we want to extract it from the spec. This allows us to control its removal timeline, update the endpoint as needed, or continue supporting it temporarily for compatibility. Issue #12.
| # under the License. | ||
| # | ||
|
|
||
| # CODE_COPIED_TO_POLARIS |
There was a problem hiding this comment.
Should we also give a version like this? Given that future Iceberg rest spec may not even have it.
# CODE_COPIED_TO_POLARIS
# From Apache Iceberg Version: 1.7.1
There was a problem hiding this comment.
I agree that in the current form CODE_COPIED_TO_POLARIS is too vague.
I'd argue for dependency-specific labels, e.g. CODE_COPIED_FROM_ICEBERG: 1.7.1
Certainly not for this PR, but for follow-up change.. if people are in agreement :)
There was a problem hiding this comment.
Thanks for the suggestions! I've added the comment but I will leave this thread open to continue the discussion on dependency-specific labels : )
|
Thanks everyone for reviewing! I've updated the PR. I saw currently Merging is blocked because but I've cleaned up/rebased commits. Does it mean I have to close and re-open this one or open a new PR? |
Depends on #935
This is a second follow-up of #906. This PR makes the
rest-catalog-open-api.yamlidentical to the upstream released version (1.7.1)