review: rename to StorageAccessProperty

Author: dimas-b

polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java

@@ -66,9 +66,9 @@
 import org.apache.polaris.core.policy.PolicyEntity;
 import org.apache.polaris.core.policy.PolicyMappingUtil;
 import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.IcebergStorageAccessProperty;
 import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
 import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessProperty;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -1605,7 +1605,7 @@ private void revokeGrantRecord(
     PolarisStorageConfigurationInfo storageConfigurationInfo =
         BaseMetaStoreManager.extractStorageConfiguration(callCtx, reloadedEntity.getEntity());
     try {
-      EnumMap<IcebergStorageAccessProperty, String> creds =
+      EnumMap<StorageAccessProperty, String> creds =
           storageIntegration.getSubscopedCreds(
               callCtx.getDiagServices(),
               storageConfigurationInfo,

polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java

@@ -24,13 +24,13 @@
 import jakarta.annotation.Nullable;
 import java.util.EnumMap;
 import java.util.Map;
-import org.apache.polaris.core.storage.IcebergStorageAccessProperty;
+import org.apache.polaris.core.storage.StorageAccessProperty;
 
 /** Result of a getSubscopedCredsForEntity() call */
 public class ScopedCredentialsResult extends BaseResult {
 
   // null if not success. Else, set of name/value pairs for the credentials
-  private final EnumMap<IcebergStorageAccessProperty, String> credentials;
+  private final EnumMap<StorageAccessProperty, String> credentials;
 
   /**
    * Constructor for an error
@@ -49,8 +49,7 @@ public ScopedCredentialsResult(
    *
    * @param credentials credentials
    */
-  public ScopedCredentialsResult(
-      @Nonnull EnumMap<IcebergStorageAccessProperty, String> credentials) {
+  public ScopedCredentialsResult(@Nonnull EnumMap<StorageAccessProperty, String> credentials) {
     super(ReturnStatus.SUCCESS);
     this.credentials = credentials;
   }
@@ -61,14 +60,13 @@ private ScopedCredentialsResult(
       @JsonProperty("extraInformation") String extraInformation,
       @JsonProperty("credentials") Map<String, String> credentials) {
     super(returnStatus, extraInformation);
-    this.credentials = new EnumMap<>(IcebergStorageAccessProperty.class);
+    this.credentials = new EnumMap<>(StorageAccessProperty.class);
     if (credentials != null) {
-      credentials.forEach(
-          (k, v) -> this.credentials.put(IcebergStorageAccessProperty.valueOf(k), v));
+      credentials.forEach((k, v) -> this.credentials.put(StorageAccessProperty.valueOf(k), v));
     }
   }
 
-  public EnumMap<IcebergStorageAccessProperty, String> getCredentials() {
+  public EnumMap<StorageAccessProperty, String> getCredentials() {
     return credentials;
   }
 }

polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java

@@ -67,9 +67,9 @@
 import org.apache.polaris.core.policy.PolicyEntity;
 import org.apache.polaris.core.policy.PolicyMappingUtil;
 import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.IcebergStorageAccessProperty;
 import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
 import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessProperty;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -2035,7 +2035,7 @@ private PolarisEntityResolver resolveSecurableToRoleGrant(
     PolarisStorageConfigurationInfo storageConfigurationInfo =
         BaseMetaStoreManager.extractStorageConfiguration(callCtx, reloadedEntity.getEntity());
     try {
-      EnumMap<IcebergStorageAccessProperty, String> creds =
+      EnumMap<StorageAccessProperty, String> creds =
           storageIntegration.getSubscopedCreds(
               callCtx.getDiagServices(),
               storageConfigurationInfo,

polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java

@@ -54,7 +54,7 @@ public String getStorageIdentifierOrId() {
    * @param allowedWriteLocations a set of allowed to write locations
    * @return An enum map including the scoped credentials
    */
-  public abstract EnumMap<IcebergStorageAccessProperty, String> getSubscopedCreds(
+  public abstract EnumMap<StorageAccessProperty, String> getSubscopedCreds(
       @Nonnull PolarisDiagnostics diagnostics,
       @Nonnull T storageConfig,
       boolean allowListOperation,

polaris-core/src/main/java/org/apache/polaris/core/storage/IcebergStorageAccessProperty.java renamed to polaris-core/src/main/java/org/apache/polaris/core/storage/StorageAccessProperty.java

@@ -24,7 +24,7 @@
  * <p>Most of these properties are meant to configure Iceberg FileIO objects for accessing data in
  * storage.
  */
-public enum IcebergStorageAccessProperty {
+public enum StorageAccessProperty {
   AWS_KEY_ID(String.class, "s3.access-key-id", "the aws access key id"),
   AWS_SECRET_KEY(String.class, "s3.secret-access-key", "the aws access key secret"),
   AWS_TOKEN(String.class, "s3.session-token", "the aws scoped access token"),
@@ -65,11 +65,11 @@ public enum IcebergStorageAccessProperty {
            - `s3.secret-access-key`: secret for credentials that provide access to data in S3
            - `s3.session-token
    */
-  IcebergStorageAccessProperty(Class valueType, String propertyName, String description) {
+  StorageAccessProperty(Class valueType, String propertyName, String description) {
     this(valueType, propertyName, description, true);
   }
 
-  IcebergStorageAccessProperty(
+  StorageAccessProperty(
       Class valueType, String propertyName, String description, boolean isCredential) {
     this.valueType = valueType;
     this.propertyName = propertyName;

polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java

@@ -30,8 +30,8 @@
 import java.util.Set;
 import java.util.stream.Stream;
 import org.apache.polaris.core.PolarisDiagnostics;
-import org.apache.polaris.core.storage.IcebergStorageAccessProperty;
 import org.apache.polaris.core.storage.InMemoryStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessProperty;
 import org.apache.polaris.core.storage.StorageUtil;
 import software.amazon.awssdk.policybuilder.iam.IamConditionOperator;
 import software.amazon.awssdk.policybuilder.iam.IamEffect;
@@ -54,7 +54,7 @@ public AwsCredentialsStorageIntegration(StsClient stsClient) {
 
   /** {@inheritDoc} */
   @Override
-  public EnumMap<IcebergStorageAccessProperty, String> getSubscopedCreds(
+  public EnumMap<StorageAccessProperty, String> getSubscopedCreds(
       @Nonnull PolarisDiagnostics diagnostics,
       @Nonnull AwsStorageConfigurationInfo storageConfig,
       boolean allowListOperation,
@@ -75,30 +75,28 @@ public EnumMap<IcebergStorageAccessProperty, String> getSubscopedCreds(
                         .toJson())
                 .durationSeconds(loadConfig(STORAGE_CREDENTIAL_DURATION_SECONDS))
                 .build());
-    EnumMap<IcebergStorageAccessProperty, String> credentialMap =
-        new EnumMap<>(IcebergStorageAccessProperty.class);
+    EnumMap<StorageAccessProperty, String> credentialMap =
+        new EnumMap<>(StorageAccessProperty.class);
+    credentialMap.put(StorageAccessProperty.AWS_KEY_ID, response.credentials().accessKeyId());
     credentialMap.put(
-        IcebergStorageAccessProperty.AWS_KEY_ID, response.credentials().accessKeyId());
-    credentialMap.put(
-        IcebergStorageAccessProperty.AWS_SECRET_KEY, response.credentials().secretAccessKey());
-    credentialMap.put(
-        IcebergStorageAccessProperty.AWS_TOKEN, response.credentials().sessionToken());
+        StorageAccessProperty.AWS_SECRET_KEY, response.credentials().secretAccessKey());
+    credentialMap.put(StorageAccessProperty.AWS_TOKEN, response.credentials().sessionToken());
     Optional.ofNullable(response.credentials().expiration())
         .ifPresent(
             i -> {
               credentialMap.put(
-                  IcebergStorageAccessProperty.EXPIRATION_TIME, String.valueOf(i.toEpochMilli()));
+                  StorageAccessProperty.EXPIRATION_TIME, String.valueOf(i.toEpochMilli()));
               credentialMap.put(
-                  IcebergStorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS,
+                  StorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS,
                   String.valueOf(i.toEpochMilli()));
             });
 
     if (storageConfig.getRegion() != null) {
-      credentialMap.put(IcebergStorageAccessProperty.CLIENT_REGION, storageConfig.getRegion());
+      credentialMap.put(StorageAccessProperty.CLIENT_REGION, storageConfig.getRegion());
     }
 
     if (storageConfig.getAwsPartition().equals("aws-us-gov")
-        && credentialMap.get(IcebergStorageAccessProperty.CLIENT_REGION) == null) {
+        && credentialMap.get(StorageAccessProperty.CLIENT_REGION) == null) {
       throw new IllegalArgumentException(
           String.format(
               "AWS region must be set when using partition %s", storageConfig.getAwsPartition()));

polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java

@@ -47,8 +47,8 @@
 import java.util.Set;
 import org.apache.polaris.core.PolarisDiagnostics;
 import org.apache.polaris.core.config.FeatureConfiguration;
-import org.apache.polaris.core.storage.IcebergStorageAccessProperty;
 import org.apache.polaris.core.storage.InMemoryStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessProperty;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import reactor.core.publisher.Mono;
@@ -70,14 +70,14 @@ public AzureCredentialsStorageIntegration() {
   }
 
   @Override
-  public EnumMap<IcebergStorageAccessProperty, String> getSubscopedCreds(
+  public EnumMap<StorageAccessProperty, String> getSubscopedCreds(
       @Nonnull PolarisDiagnostics diagnostics,
       @Nonnull AzureStorageConfigurationInfo storageConfig,
       boolean allowListOperation,
       @Nonnull Set<String> allowedReadLocations,
       @Nonnull Set<String> allowedWriteLocations) {
-    EnumMap<IcebergStorageAccessProperty, String> credentialMap =
-        new EnumMap<>(IcebergStorageAccessProperty.class);
+    EnumMap<StorageAccessProperty, String> credentialMap =
+        new EnumMap<>(StorageAccessProperty.class);
     String loc =
         !allowedWriteLocations.isEmpty()
             ? allowedWriteLocations.stream().findAny().orElse(null)
@@ -170,10 +170,10 @@ public EnumMap<IcebergStorageAccessProperty, String> getSubscopedCreds(
       throw new RuntimeException(
           String.format("Endpoint %s not supported", location.getEndpoint()));
     }
-    credentialMap.put(IcebergStorageAccessProperty.AZURE_SAS_TOKEN, sasToken);
-    credentialMap.put(IcebergStorageAccessProperty.AZURE_ACCOUNT_HOST, storageDnsName);
+    credentialMap.put(StorageAccessProperty.AZURE_SAS_TOKEN, sasToken);
+    credentialMap.put(StorageAccessProperty.AZURE_ACCOUNT_HOST, storageDnsName);
     credentialMap.put(
-        IcebergStorageAccessProperty.EXPIRATION_TIME,
+        StorageAccessProperty.EXPIRATION_TIME,
         String.valueOf(sanitizedEndTime.toInstant().toEpochMilli()));
     return credentialMap;
   }

polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java

@@ -22,14 +22,14 @@
 import java.util.function.BiConsumer;
 import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
 import org.apache.polaris.core.storage.AccessConfig;
-import org.apache.polaris.core.storage.IcebergStorageAccessProperty;
 import org.apache.polaris.core.storage.ImmutableAccessConfig;
+import org.apache.polaris.core.storage.StorageAccessProperty;
 import org.apache.polaris.core.storage.azure.AzureLocation;
 
 /** A storage credential cached entry. */
 public class StorageCredentialCacheEntry {
   /** The scoped creds map that is fetched from a creds vending service */
-  public final EnumMap<IcebergStorageAccessProperty, String> credsMap;
+  public final EnumMap<StorageAccessProperty, String> credsMap;
 
   private final ScopedCredentialsResult scopedCredentialsResult;
 
@@ -40,15 +40,14 @@ public StorageCredentialCacheEntry(ScopedCredentialsResult scopedCredentialsResu
 
   /** Get the expiration time in millisecond for the cached entry */
   public long getExpirationTime() {
-    if (credsMap.containsKey(IcebergStorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT)) {
-      return Long.parseLong(credsMap.get(IcebergStorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT));
+    if (credsMap.containsKey(StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT)) {
+      return Long.parseLong(credsMap.get(StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT));
     }
-    if (credsMap.containsKey(IcebergStorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS)) {
-      return Long.parseLong(
-          credsMap.get(IcebergStorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS));
+    if (credsMap.containsKey(StorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS)) {
+      return Long.parseLong(credsMap.get(StorageAccessProperty.AWS_SESSION_TOKEN_EXPIRES_AT_MS));
     }
-    if (credsMap.containsKey(IcebergStorageAccessProperty.EXPIRATION_TIME)) {
-      return Long.parseLong(credsMap.get(IcebergStorageAccessProperty.EXPIRATION_TIME));
+    if (credsMap.containsKey(StorageAccessProperty.EXPIRATION_TIME)) {
+      return Long.parseLong(credsMap.get(StorageAccessProperty.EXPIRATION_TIME));
     }
     return Long.MAX_VALUE;
   }
@@ -58,11 +57,9 @@ public long getExpirationTime() {
    * account endpoint
    */
   private void handleAzureCredential(
-      BiConsumer<String, String> results,
-      IcebergStorageAccessProperty credentialProperty,
-      String value) {
-    if (credentialProperty.equals(IcebergStorageAccessProperty.AZURE_SAS_TOKEN)) {
-      String host = credsMap.get(IcebergStorageAccessProperty.AZURE_ACCOUNT_HOST);
+      BiConsumer<String, String> results, StorageAccessProperty credentialProperty, String value) {
+    if (credentialProperty.equals(StorageAccessProperty.AZURE_SAS_TOKEN)) {
+      String host = credsMap.get(StorageAccessProperty.AZURE_ACCOUNT_HOST);
       results.accept(credentialProperty.getPropertyName() + host, value);
 
       // Iceberg 1.7.x may expect the credential key to _not_ be suffixed with endpoint
@@ -99,9 +96,9 @@ AccessConfig toAccessConfig() {
               return;
             }
 
-            if (key.equals(IcebergStorageAccessProperty.AZURE_SAS_TOKEN)) {
+            if (key.equals(StorageAccessProperty.AZURE_SAS_TOKEN)) {
               handleAzureCredential(config::putCredential, key, value);
-            } else if (!key.equals(IcebergStorageAccessProperty.AZURE_ACCOUNT_HOST)) {
+            } else if (!key.equals(StorageAccessProperty.AZURE_ACCOUNT_HOST)) {
               config.putCredential(key.getPropertyName(), value);
             }
           });

polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java

@@ -39,9 +39,9 @@
 import java.util.Set;
 import java.util.stream.Stream;
 import org.apache.polaris.core.PolarisDiagnostics;
-import org.apache.polaris.core.storage.IcebergStorageAccessProperty;
 import org.apache.polaris.core.storage.InMemoryStorageIntegration;
 import org.apache.polaris.core.storage.PolarisStorageIntegration;
+import org.apache.polaris.core.storage.StorageAccessProperty;
 import org.apache.polaris.core.storage.StorageUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -69,7 +69,7 @@ public GcpCredentialsStorageIntegration(
   }
 
   @Override
-  public EnumMap<IcebergStorageAccessProperty, String> getSubscopedCreds(
+  public EnumMap<StorageAccessProperty, String> getSubscopedCreds(
       @Nonnull PolarisDiagnostics diagnostics,
       @Nonnull GcpStorageConfigurationInfo storageConfig,
       boolean allowListOperation,
@@ -106,11 +106,10 @@ public EnumMap<IcebergStorageAccessProperty, String> getSubscopedCreds(
 
     // If expires_in missing, use source credential's expire time, which require another api call to
     // get.
-    EnumMap<IcebergStorageAccessProperty, String> propertyMap =
-        new EnumMap<>(IcebergStorageAccessProperty.class);
-    propertyMap.put(IcebergStorageAccessProperty.GCS_ACCESS_TOKEN, token.getTokenValue());
+    EnumMap<StorageAccessProperty, String> propertyMap = new EnumMap<>(StorageAccessProperty.class);
+    propertyMap.put(StorageAccessProperty.GCS_ACCESS_TOKEN, token.getTokenValue());
     propertyMap.put(
-        IcebergStorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT,
+        StorageAccessProperty.GCS_ACCESS_TOKEN_EXPIRES_AT,
         String.valueOf(token.getExpirationTime().getTime()));
     return propertyMap;
   }

polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java

@@ -207,7 +207,7 @@ public MockInMemoryStorageIntegration() {
     }
 
     @Override
-    public EnumMap<IcebergStorageAccessProperty, String> getSubscopedCreds(
+    public EnumMap<StorageAccessProperty, String> getSubscopedCreds(
         @Nonnull PolarisDiagnostics diagnostics,
         @Nonnull PolarisStorageConfigurationInfo storageConfig,
         boolean allowListOperation,