Azure: Fix azure expires at prefix for the credentials refresh#2633
Merged
singhpk234 merged 3 commits intoapache:mainfrom Sep 19, 2025
Merged
Azure: Fix azure expires at prefix for the credentials refresh#2633singhpk234 merged 3 commits intoapache:mainfrom
singhpk234 merged 3 commits intoapache:mainfrom
Conversation
dimas-b
reviewed
Sep 19, 2025
Contributor
dimas-b
left a comment
dimas-b
left a comment
There was a problem hiding this comment.
Thanks for catching this, @singhpk234 !
.../src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java
Show resolved
Hide resolved
dimas-b
previously approved these changes
Sep 19, 2025
github-project-automation
bot
moved this from PRs In Progress
to Ready to merge
in Basic Kanban Board
dimas-b
reviewed
Sep 19, 2025
Contributor
dimas-b
left a comment
dimas-b
left a comment
There was a problem hiding this comment.
Could you also add a note to CHANGELOG.md?
Contributor
Author
|
ACK, seems like we haven't frozen the CHANGELOG for 1.1, i put a PR for this here will add the CHANGELOG for this bug fix on the unreleased section so we can use this in prep of 1.2. |
sfc-gh-prsingh
force-pushed
the
feature/fix-azure-expires-at
branch
from
2d3e463 to
a9e7d43
Compare
dimas-b
approved these changes
Sep 19, 2025
github-project-automation
bot
moved this from Ready to merge
to Done
in Basic Kanban Board
Contributor
Author
|
Thank you @dimas-b ! |
snazy
added a commit
to snazy/polaris
that referenced
this pull request
Nov 20, 2025
* Suppress deprecation warnings in `PolarisSparkCatalog.createTable()` (apache#2631) Background: apache#2394 Since we have to override the deprecated `createTable` method, we suppress deprecation warnings produced by `javac`. Suppressing `RedundantSuppression` is needed for IntelliJ, which appears to consider this a normal situation and does not issue a deprecation warning. * Service: Add Events for PolarisServiceImpl APIs (apache#2482) * CHANGELOG: Freeze change log for 1.1 and clear out unreleased version (apache#2635) * Re-add CHANGELOG.md entry for apache#2197 (apache#2638) Using `git log -p apache-polaris-1.1.0-incubating..553cb06 -- CHANGELOG.md` to find changes missed in the previous CHANGELOG update (apache#2635) * Azure: Fix azure expires at prefix for the credentials refresh (apache#2633) * Remove unused LOG in SparkCatalog (apache#2639) * fix(deps): update dependency com.google.errorprone:error_prone_core to v2.42.0 (apache#2636) * fix(deps): update dependency io.smallrye.config:smallrye-config-core to v3.14.0 (apache#2637) * Fix client license check (apache#2642) * fix(deps): update dependency software.amazon.awssdk:bom to v2.34.0 (apache#2645) * fix(deps): update mockito monorepo to v5.20.0 (apache#2641) * chore(deps): update docker.io/prom/prometheus docker tag to v3.6.0 (apache#2644) * chore(events): unify in-memory buffer listeners implementations (apache#2628) * fix(deps): update quarkus platform and group (apache#2595) * Update jandex dependency to 3.5.0 (apache#2649) * Last merged commit e6796f7 --------- Co-authored-by: Dmitri Bourlatchkov <[email protected]> Co-authored-by: Adnan Hemani <[email protected]> Co-authored-by: Prashant Singh <[email protected]> Co-authored-by: Mend Renovate <[email protected]> Co-authored-by: Yong Zheng <[email protected]> Co-authored-by: Alexandre Dutra <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
About the change
For the credential refresh endpoint for the ADLS its expected the expiration time should be sent with the prefix of
AZURE_SAS_TOKEN_EXPIRES_AT_MS_PREFIXwhich presently Polaris doesn't sends as the course of that the CredentialProvider responsible for the refresh fails the assertion here https://github.com/apache/iceberg/blob/main/azure/src/main/java/org/apache/iceberg/azure/adlsv2/VendedAdlsCredentialProvider.java#L123and hence not making it usable.
P.S I think we should also use constants for iceberg SDK in the StorageAccessProperty, but this is an orthogonal discussion for now.
Testing
Add a small UT