diff --git a/helm/polaris/.helmignore b/helm/polaris/.helmignore
new file mode 100644
index 000000000..809fca806
--- /dev/null
+++ b/helm/polaris/.helmignore
@@ -0,0 +1,42 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/helm/polaris/Chart.yaml b/helm/polaris/Chart.yaml
new file mode 100644
index 000000000..f62e5d39a
--- /dev/null
+++ b/helm/polaris/Chart.yaml
@@ -0,0 +1,31 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+apiVersion: v2
+name: polaris
+description: A Helm chart for Polaris
+type: application
+version: 0.1.0
+home: https://polaris.io/
+icon: https://raw.githubusercontent.com/apache/polaris/main/docs/img/logos/polaris-brandmark.png
+sources:
+ - https://github.com/apache/polaris
+keywords:
+ - polaris
+ - iceberg
diff --git a/helm/polaris/LICENSE b/helm/polaris/LICENSE
new file mode 120000
index 000000000..30cff7403
--- /dev/null
+++ b/helm/polaris/LICENSE
@@ -0,0 +1 @@
+../../LICENSE
\ No newline at end of file
diff --git a/helm/polaris/README.md b/helm/polaris/README.md
new file mode 100644
index 000000000..d34a92ad2
--- /dev/null
+++ b/helm/polaris/README.md
@@ -0,0 +1,119 @@
+
+
+
+
+# Polaris Helm chart
+
+ 
+
+A Helm chart for Polaris.
+
+**Homepage:**
+
+## Maintainers
+
+## Source Code
+
+*
+
+## Installation
+
+### Optional
+
+When using a custom `persistence.xml`, a Kubernetes Secret must be created for `.persistenceConfigSecret`. Below is a sample command:
+```bash
+kubectl create secret generic polaris-secret -n polaris --from-file=persistence.xml
+```
+
+### From local directory (for development purposes)
+
+From Polaris repo root:
+
+```bash
+$ helm install polaris helm/polaris --namespace polaris --create-namespace
+```
+
+### Uninstalling the chart
+
+```bash
+$ helm uninstall --namespace polaris polaris
+```
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` | Affinity and anti-affinity for polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. |
+| autoscaling.enabled | bool | `false` | Specifies whether automatic horizontal scaling should be enabled. Do not enable this when using in-memory version store type. |
+| autoscaling.maxReplicas | int | `3` | The maximum number of replicas to maintain. |
+| autoscaling.minReplicas | int | `1` | The minimum number of replicas to maintain. |
+| autoscaling.targetCPUUtilizationPercentage | int | `80` | Optional; set to zero or empty to disable. |
+| autoscaling.targetMemoryUtilizationPercentage | string | `nil` | Optional; set to zero or empty to disable. |
+| bootstrapMetastoreManager | bool | `false` | Configures whether to enable the bootstrap metastore manager job |
+| configMapLabels | object | `{}` | Additional Labels to apply to polaris configmap. |
+| extraEnv | list | `[]` | Advanced configuration via Environment Variables. Extra environment variables to add to the Polaris server container. You can pass here any valid EnvVar object: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core This can be useful to get configuration values from Kubernetes secrets or config maps. |
+| image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. |
+| image.repository | string | `"localhost:5001/polaris"` | The image repository to pull from. |
+| image.tag | string | `"latest"` | The image tag. |
+| imagePullSecrets | list | `[]` | References to secrets in the same namespace to use for pulling any of the images used by this chart. Each entry is a LocalObjectReference to an existing secret in the namespace. The secret must contain a .dockerconfigjson key with a base64-encoded Docker configuration file. See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ for more information. |
+| ingress.annotations | object | `{}` | Annotations to add to the ingress. |
+| ingress.className | string | `""` | Specifies the ingressClassName; leave empty if you don't want to customize it |
+| ingress.enabled | bool | `false` | Specifies whether an ingress should be created. |
+| ingress.hosts | list | `[{"host":"chart-example.local","paths":[]}]` | A list of host paths used to configure the ingress. |
+| ingress.tls | list | `[]` | A list of TLS certificates; each entry has a list of hosts in the certificate, along with the secret name used to terminate TLS traffic on port 443. |
+| livenessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"terminationGracePeriodSeconds":30,"timeoutSeconds":10}` | Configures the liveness probe for polaris pods. |
+| livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. |
+| livenessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0. |
+| livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the probe. Minimum value is 1. |
+| livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1. |
+| livenessProbe.terminationGracePeriodSeconds | int | `30` | Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1. |
+| livenessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. |
+| nodeSelector | object | `{}` | Node labels which must match for the polaris pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. |
+| persistenceConfigSecret | string | `nil` | The secret name to pull persistence.xml from (ensure the key name is 'persistence.xml') |
+| podAnnotations | object | `{}` | Annotations to apply to polaris pods. |
+| podLabels | object | `{}` | Additional Labels to apply to polaris pods. |
+| podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. |
+| polarisServerConfig | object | `{"authenticator":{"class":"org.apache.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS":true,"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"}],"level":"INFO","loggers":{"io.polaris":"DEBUG","org.apache.iceberg.rest":"DEBUG"}},"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"}]}}}` | Configures for polaris-server.yml |
+| readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":10}` | Configures the readiness probe for polaris pods. |
+| readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. |
+| readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. |
+| readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the probe. Minimum value is 1. |
+| readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1. |
+| readinessProbe.timeoutSeconds | int | `10` | Number of seconds after which the probe times out. Minimum value is 1. |
+| replicaCount | int | `1` | The number of replicas to deploy (horizontal scaling). Beware that replicas are stateless; don't set this number > 1 when using in-memory meta store manager. |
+| resources | object | `{}` | Configures the resources requests and limits for polaris pods. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. |
+| securityContext | object | `{}` | Security context for the polaris container. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. |
+| service.annotations | object | `{}` | Annotations to add to the service. |
+| service.ports | object | `{"polaris-metrics":8182,"polaris-service":8181}` | The ports the service will listen on. Two ports are required: one for the Polaris service and one for the metrics API. Note: port names must be unique and no more than 15 characters long. |
+| service.sessionAffinity | string | `"None"` | The session affinity for the service. Valid values are: None, ClientIP. ClientIP enables sticky sessions based on the client's IP address. This is generally beneficial to Polaris deployments, but some testing may be required in order to make sure that the load is distributed evenly among the pods. Also, this setting affects only internal clients, not external ones. If Ingress is enabled, it is recommended to set sessionAffinity to None. |
+| service.type | string | `"ClusterIP"` | The type of service to create. |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account. |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created. |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. |
+| tolerations | list | `[]` | A list of tolerations to apply to polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/. |
+| toolsImage.pullPolicy | string | `"IfNotPresent"` | The image pull policy. |
+| toolsImage.repository | string | `"registry.access.redhat.com/ubi9/openjdk-21"` | The image repository to pull from (must have jar binary included). |
+| toolsImage.tag | string | `"latest"` | The image tag. |
\ No newline at end of file
diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl
new file mode 100644
index 000000000..196517700
--- /dev/null
+++ b/helm/polaris/README.md.gotmpl
@@ -0,0 +1,71 @@
+
+
+
+
+# Polaris Helm chart
+
+{{ template "chart.deprecationWarning" . }}
+
+{{ template "chart.badgesSection" . }}
+
+{{ template "chart.description" . }}.
+
+{{ template "chart.homepageLine" . }}
+
+{{ template "chart.maintainersHeader" . }}
+
+{{- range .Maintainers }}
+* [{{ .Name }}]({{ if .Url }}{{ .Url }}{{ else }}https://github.com/{{ .Name }}{{ end }})
+{{- end }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+## Installation
+
+### Optional
+
+When using a custom `persistence.xml`, a Kubernetes Secret must be created for `.persistenceConfigSecret`. Below is a sample command:
+```bash
+kubectl create secret generic polaris-secret -n polaris --from-file=persistence.xml
+```
+
+### From local directory (for development purposes)
+
+From Polaris repo root:
+
+```bash
+$ helm install polaris helm/polaris --namespace polaris --create-namespace
+```
+
+### Uninstalling the chart
+
+```bash
+$ helm uninstall --namespace polaris polaris
+```
+
+{{ template "chart.valuesSection" . }}
\ No newline at end of file
diff --git a/helm/polaris/templates/_helpers.tpl b/helm/polaris/templates/_helpers.tpl
new file mode 100644
index 000000000..3514deb61
--- /dev/null
+++ b/helm/polaris/templates/_helpers.tpl
@@ -0,0 +1,81 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+{{/*
+ Expand the name of the chart.
+*/}}
+{{- define "polaris.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+ Create a default fully qualified app name.
+ We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+ If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "polaris.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+ Create chart name and version as used by the chart label.
+*/}}
+{{- define "polaris.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+ Common labels
+*/}}
+{{- define "polaris.labels" -}}
+helm.sh/chart: {{ include "polaris.chart" . }}
+{{ include "polaris.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+ Selector labels
+*/}}
+{{- define "polaris.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "polaris.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+ Create the name of the service account to use
+*/}}
+{{- define "polaris.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "polaris.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/helm/polaris/templates/configmap.yaml b/helm/polaris/templates/configmap.yaml
new file mode 100644
index 000000000..358e2edfb
--- /dev/null
+++ b/helm/polaris/templates/configmap.yaml
@@ -0,0 +1,31 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "polaris.fullname" . }}
+ labels:
+ {{- include "polaris.labels" . | nindent 4 }}
+ {{- if .Values.configMapLabels }}
+ {{- tpl (toYaml .Values.configMapLabels) . | nindent 4 }}
+ {{- end }}
+data:
+ polaris-server.yml: |-
+{{ toYaml .Values.polarisServerConfig | indent 4 }}
\ No newline at end of file
diff --git a/helm/polaris/templates/deployment.yaml b/helm/polaris/templates/deployment.yaml
new file mode 100644
index 000000000..b36b03a54
--- /dev/null
+++ b/helm/polaris/templates/deployment.yaml
@@ -0,0 +1,141 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "polaris.fullname" . }}
+ labels:
+ {{- include "polaris.labels" . | nindent 4 }}
+ {{- if .Values.podLabels }}
+ {{- tpl (toYaml .Values.podLabels) . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if not .Values.autoscaling.enabled }}
+ replicas: {{ .Values.replicaCount }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "polaris.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ {{- if .Values.podAnnotations }}
+ {{- tpl (toYaml .Values.podAnnotations) . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "polaris.selectorLabels" . | nindent 8 }}
+ {{- if .Values.podLabels }}
+ {{- tpl (toYaml .Values.podLabels) . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }}
+ initContainers:
+ - name: init-config
+ image: "{{ tpl .Values.toolsImage.repository . }}:{{ tpl .Values.toolsImage.tag . }}"
+ imagePullPolicy: {{ tpl .Values.toolsImage.pullPolicy . }}
+ command: ["jar"]
+ args: ["-cf", "/eclipselink-config/conf.jar", "-C", "/secret", "persistence.xml"]
+ volumeMounts:
+ - name: eclipselink-config-volume
+ mountPath: /eclipselink-config
+ - name: secret-volume
+ mountPath: /secret
+ {{- end }}
+ {{- if .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- range .Values.imagePullSecrets }}
+ - name: {{ . | quote }}
+ {{- end }}
+ {{- end }}
+ serviceAccountName: {{ include "polaris.serviceAccountName" . }}
+ securityContext:
+ {{- tpl (toYaml .Values.podSecurityContext) . | nindent 8 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- tpl (toYaml .Values.securityContext) . | nindent 12 }}
+ image: "{{ tpl .Values.image.repository . }}:{{ tpl .Values.image.tag . | default .Chart.Version }}"
+ imagePullPolicy: {{ tpl .Values.image.pullPolicy . }}
+ command: ["/app/bin/polaris-service"]
+ args: ["server", "/app/config/polaris-server.yml"]
+ env:
+ {{- if .Values.extraEnv }}
+ {{- tpl (toYaml .Values.extraEnv) . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - name: config-volume
+ mountPath: /app/config/polaris-server.yml
+ subPath: polaris-server.yml
+ {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }}
+ - name: eclipselink-config-volume
+ mountPath: /eclipselink-config
+ {{- end }}
+ ports:
+ {{- range $portName, $portNumber := .Values.service.ports }}
+ - name: {{ $portName }}
+ containerPort: {{ $portNumber }}
+ protocol: TCP
+ {{- end }}
+ livenessProbe:
+ httpGet:
+ path: /healthcheck
+ port: "polaris-metrics"
+ scheme: HTTP
+ initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+ successThreshold: {{ .Values.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+ timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+ terminationGracePeriodSeconds: {{ .Values.livenessProbe.terminationGracePeriodSeconds }}
+ readinessProbe:
+ httpGet:
+ path: /healthcheck
+ port: "polaris-metrics"
+ scheme: HTTP
+ initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+ successThreshold: {{ .Values.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+ timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+ resources:
+ {{- tpl (toYaml .Values.resources) . | nindent 12 }}
+ volumes:
+ - name: config-volume
+ configMap:
+ name: {{ include "polaris.fullname" . }}
+ {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }}
+ - name: eclipselink-config-volume
+ emptyDir: {}
+ - name: secret-volume
+ secret:
+ secretName: {{ .Values.persistenceConfigSecret }}
+ {{- end }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+ {{- tpl (toYaml .Values.nodeSelector) . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.affinity }}
+ affinity:
+ {{- tpl (toYaml .Values.affinity) . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.tolerations }}
+ tolerations:
+ {{- tpl (toYaml .Values.tolerations) . | nindent 8 }}
+ {{- end }}
diff --git a/helm/polaris/templates/hpa.yaml b/helm/polaris/templates/hpa.yaml
new file mode 100644
index 000000000..96e44f982
--- /dev/null
+++ b/helm/polaris/templates/hpa.yaml
@@ -0,0 +1,51 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "polaris.fullname" . }}
+ labels:
+ {{- include "polaris.labels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "polaris.fullname" . }}
+ minReplicas: {{ .Values.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ target:
+ type: Utilization
+ averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ target:
+ type: Utilization
+ averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
diff --git a/helm/polaris/templates/ingress.yaml b/helm/polaris/templates/ingress.yaml
new file mode 100644
index 000000000..f16c04f91
--- /dev/null
+++ b/helm/polaris/templates/ingress.yaml
@@ -0,0 +1,63 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+# {{- $kubeVersion := .Capabilities.KubeVersion.Version -}}
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "polaris.fullname" . -}}
+{{- $svcPort := coalesce .Values.service.port (index .Values.service.ports "polaris-service") -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: {{ $fullName }}
+ labels:
+ {{- include "polaris.labels" . | nindent 4 }}
+ annotations:
+ {{- if .Values.ingress.annotations }}
+ {{- tpl (toYaml .Values.ingress.annotations) . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if .Values.ingress.className }}
+ ingressClassName: {{ .Values.ingress.className | quote }}
+ {{- end }}
+ {{- if .Values.ingress.tls }}
+ tls:
+ {{- range .Values.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
+ rules:
+ {{- range .Values.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
+ paths:
+ {{- range .paths }}
+ - path: {{ .path }}
+ pathType: {{ .pathType }}
+ backend:
+ service:
+ name: {{ $fullName }}
+ port:
+ number: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
\ No newline at end of file
diff --git a/helm/polaris/templates/job.yaml b/helm/polaris/templates/job.yaml
new file mode 100644
index 000000000..4abff14b5
--- /dev/null
+++ b/helm/polaris/templates/job.yaml
@@ -0,0 +1,109 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+{{- if .Values.bootstrapMetastoreManager }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "polaris.fullname" . }}
+ labels:
+ {{- include "polaris.labels" . | nindent 4 }}
+ {{- if .Values.podLabels }}
+ {{- tpl (toYaml .Values.podLabels) . | nindent 4 }}
+ {{- end }}
+ annotations:
+ "helm.sh/hook": post-install
+spec:
+ template:
+ metadata:
+ annotations:
+ {{- if .Values.podAnnotations }}
+ {{- tpl (toYaml .Values.podAnnotations) . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "polaris.selectorLabels" . | nindent 8 }}
+ {{- if .Values.podLabels }}
+ {{- tpl (toYaml .Values.podLabels) . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }}
+ initContainers:
+ - name: init-config
+ image: "{{ tpl .Values.toolsImage.repository . }}:{{ tpl .Values.toolsImage.tag . }}"
+ imagePullPolicy: {{ tpl .Values.toolsImage.pullPolicy . }}
+ command: ["jar"]
+ args: ["-cf", "/eclipselink-config/conf.jar", "-C", "/secret", "persistence.xml"]
+ volumeMounts:
+ - name: eclipselink-config-volume
+ mountPath: /eclipselink-config
+ - name: secret-volume
+ mountPath: /secret
+ {{- end }}
+ {{- if .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- range .Values.imagePullSecrets }}
+ - name: {{ . | quote }}
+ {{- end }}
+ {{- end }}
+ serviceAccountName: {{ include "polaris.serviceAccountName" . }}
+ securityContext:
+ {{- tpl (toYaml .Values.podSecurityContext) . | nindent 8 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- tpl (toYaml .Values.securityContext) . | nindent 12 }}
+ image: "{{ tpl .Values.image.repository . }}:{{ tpl .Values.image.tag . | default .Chart.Version }}"
+ imagePullPolicy: {{ tpl .Values.image.pullPolicy . }}
+ command: ["/app/bin/polaris-service"]
+ args: ["bootstrap", "/app/config/polaris-server.yml"]
+ volumeMounts:
+ - name: config-volume
+ mountPath: /app/config/polaris-server.yml
+ subPath: polaris-server.yml
+ {{- if .Values.persistenceConfigSecret }}
+ - name: eclipselink-config-volume
+ mountPath: /eclipselink-config
+ {{- end }}
+ resources:
+ {{- tpl (toYaml .Values.resources) . | nindent 12 }}
+ restartPolicy: Never
+ volumes:
+ - name: config-volume
+ configMap:
+ name: {{ include "polaris.fullname" . }}
+ {{- if and .Values.persistenceConfigSecret (index .Values.polarisServerConfig.metaStoreManager "conf-file") }}
+ - name: eclipselink-config-volume
+ emptyDir: {}
+ - name: secret-volume
+ secret:
+ secretName: {{ .Values.persistenceConfigSecret }}
+ {{- end }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+ {{- tpl (toYaml .Values.nodeSelector) . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.affinity }}
+ affinity:
+ {{- tpl (toYaml .Values.affinity) . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.tolerations }}
+ tolerations:
+ {{- tpl (toYaml .Values.tolerations) . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/helm/polaris/templates/service.yaml b/helm/polaris/templates/service.yaml
new file mode 100644
index 000000000..3055bcdd3
--- /dev/null
+++ b/helm/polaris/templates/service.yaml
@@ -0,0 +1,41 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "polaris.fullname" . }}
+ labels:
+ {{- include "polaris.labels" . | nindent 4 }}
+ annotations:
+ {{- if .Values.service.annotations }}
+ {{- tpl (toYaml .Values.service.annotations) . | nindent 4 }}
+ {{- end }}
+spec:
+ type: {{ .Values.service.type }}
+ selector:
+ {{- include "polaris.selectorLabels" . | nindent 4 }}
+ ports:
+ {{- range $portName, $portNumber := .Values.service.ports }}
+ - port: {{ $portNumber }}
+ targetPort: {{ $portNumber }}
+ protocol: TCP
+ name: {{ $portName }}
+ {{- end }}
+ sessionAffinity: {{ .Values.service.sessionAffinity }}
diff --git a/helm/polaris/templates/serviceaccount.yaml b/helm/polaris/templates/serviceaccount.yaml
new file mode 100644
index 000000000..7cc8bacc9
--- /dev/null
+++ b/helm/polaris/templates/serviceaccount.yaml
@@ -0,0 +1,31 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "polaris.serviceAccountName" . }}
+ labels:
+ {{- include "polaris.labels" . | nindent 4 }}
+ annotations:
+ {{- if .Values.serviceAccount.annotations }}
+ {{- tpl (toYaml .Values.serviceAccount.annotations) . | nindent 4 }}
+ {{- end }}
+{{- end }}
diff --git a/helm/polaris/templates/tests/test-connection.yaml b/helm/polaris/templates/tests/test-connection.yaml
new file mode 100644
index 000000000..e7a243f09
--- /dev/null
+++ b/helm/polaris/templates/tests/test-connection.yaml
@@ -0,0 +1,38 @@
+{{/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+*/}}
+
+apiVersion: v1
+kind: Pod
+metadata:
+ name: "{{ include "polaris.fullname" . }}-test-connection"
+ labels:
+ helm.sh/chart: {{ include "polaris.chart" . }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ {{- if .Chart.AppVersion }}
+ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+ {{- end }}
+ annotations:
+ "helm.sh/hook": test
+spec:
+ containers:
+ - name: wget
+ image: busybox
+ command: ['wget']
+ args: ['{{ include "polaris.fullname" . }}:{{ index .Values.service.ports "polaris-metrics" }}/healthcheck']
+ restartPolicy: Never
\ No newline at end of file
diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml
new file mode 100644
index 000000000..cedaf8216
--- /dev/null
+++ b/helm/polaris/values.yaml
@@ -0,0 +1,391 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# -- The number of replicas to deploy (horizontal scaling).
+# Beware that replicas are stateless; don't set this number > 1 when using in-memory meta store manager.
+replicaCount: 1
+
+image:
+ # -- The image repository to pull from.
+ repository: localhost:5001/polaris
+ # -- The image pull policy.
+ pullPolicy: IfNotPresent
+ # -- The image tag.
+ tag: "latest"
+
+toolsImage:
+ # -- The image repository to pull from (must have jar binary included).
+ repository: registry.access.redhat.com/ubi9/openjdk-21
+ # -- The image pull policy.
+ pullPolicy: IfNotPresent
+ # -- The image tag.
+ tag: "latest"
+
+# -- References to secrets in the same namespace to use for pulling any of the images used by this
+# chart. Each entry is a LocalObjectReference to an existing secret in the namespace. The secret
+# must contain a .dockerconfigjson key with a base64-encoded Docker configuration file. See
+# https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ for more
+# information.
+imagePullSecrets: []
+# - registry-creds
+
+
+serviceAccount:
+ # -- Specifies whether a service account should be created.
+ create: true
+ # -- Annotations to add to the service account.
+ annotations: {}
+ # -- The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template.
+ name: ""
+
+
+# -- Annotations to apply to polaris pods.
+podAnnotations: {}
+
+# -- Additional Labels to apply to polaris pods.
+podLabels: {}
+
+# -- Additional Labels to apply to polaris configmap.
+configMapLabels: {}
+
+# -- Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/.
+podSecurityContext:
+ {}
+ # fsGroup: 2000
+
+# -- Security context for the polaris container. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/.
+securityContext:
+ {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+# Polaris service settings.
+service:
+ # -- The type of service to create.
+ type: ClusterIP
+ # -- The ports the service will listen on. Two ports are required: one for the Polaris service and
+ # one for the metrics API.
+ # Note: port names must be unique and no more than 15 characters long.
+ ports:
+ # polaris-server: The port the Polaris server listens on for API requests.
+ polaris-service: 8181
+ # polaris-metrics: The port the Polaris server listens on for metrics API requests (health checks, metrics, etc.).
+ polaris-metrics: 8182
+ # -- The session affinity for the service. Valid values are: None, ClientIP.
+ # ClientIP enables sticky sessions based on the client's IP address.
+ # This is generally beneficial to Polaris deployments, but some testing may be
+ # required in order to make sure that the load is distributed evenly among the pods.
+ # Also, this setting affects only internal clients, not external ones.
+ # If Ingress is enabled, it is recommended to set sessionAffinity to None.
+ sessionAffinity: None
+ # -- Annotations to add to the service.
+ annotations: {}
+
+# Polaris Ingress settings.
+# These settings generate an Ingress resource that routes external traffic to the Polaris service
+# using the "polaris-service" port described above.
+# Consider enabling sticky sessions based on the remote client's IP address;
+# this is generally beneficial to Polaris deployments, but some testing may be
+# required in order to make sure that the load is distributed evenly among the pods.
+# Check your ingress controller's documentation.
+ingress:
+ # -- Specifies the ingressClassName; leave empty if you don't want to customize it
+ className: ""
+ # -- Specifies whether an ingress should be created.
+ enabled: false
+ # -- Annotations to add to the ingress.
+ annotations: {
+ # nginx.ingress.kubernetes.io/upstream-hash-by: "$binary_remote_addr"
+ }
+ # -- A list of host paths used to configure the ingress.
+ hosts:
+ - host: chart-example.local
+ paths: []
+ # -- A list of TLS certificates; each entry has a list of hosts in the certificate,
+ # along with the secret name used to terminate TLS traffic on port 443.
+ tls: []
+# - hosts:
+# - chart-example1.local
+# - chart-example2.local
+# secretName: secret1
+
+# -- Configures the resources requests and limits for polaris pods.
+# We usually recommend not to specify default resources and to leave this as a conscious
+# choice for the user. This also increases chances charts run on environments with little
+# resources, such as Minikube. If you do want to specify resources, uncomment the following
+# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+resources:
+ {}
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+autoscaling:
+ # -- Specifies whether automatic horizontal scaling should be enabled.
+ # Do not enable this when using in-memory version store type.
+ enabled: false
+ # -- The minimum number of replicas to maintain.
+ minReplicas: 1
+ # -- The maximum number of replicas to maintain.
+ maxReplicas: 3
+ # -- Optional; set to zero or empty to disable.
+ targetCPUUtilizationPercentage: 80
+ # -- Optional; set to zero or empty to disable.
+ targetMemoryUtilizationPercentage:
+
+# -- Node labels which must match for the polaris pod to be scheduled on that node. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector.
+nodeSelector:
+ {}
+ # kubernetes.io/os: linux
+
+# -- A list of tolerations to apply to polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/.
+tolerations: []
+# - key: "node-role.kubernetes.io/control-plane"
+# operator: "Exists"
+# effect: "NoSchedule"
+
+# -- Affinity and anti-affinity for polaris pods. See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity.
+affinity: {}
+# podAffinity:
+# preferredDuringSchedulingIgnoredDuringExecution:
+# - weight: 100
+# podAffinityTerm:
+# topologyKey: kubernetes.io/hostname
+# labelSelector:
+# matchExpressions:
+# - key: app.kubernetes.io/name
+# operator: In
+# values:
+# - polaris
+
+# -- Configures the liveness probe for polaris pods.
+livenessProbe:
+ # -- Number of seconds after the container has started before liveness probes are initiated. Minimum value is 0.
+ initialDelaySeconds: 5
+ # -- How often (in seconds) to perform the probe. Minimum value is 1.
+ periodSeconds: 10
+ # -- Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
+ successThreshold: 1
+ # -- Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1.
+ failureThreshold: 3
+ # -- Number of seconds after which the probe times out. Minimum value is 1.
+ timeoutSeconds: 10
+ # -- Optional duration in seconds the pod needs to terminate gracefully upon probe failure. Minimum value is 1.
+ terminationGracePeriodSeconds: 30
+
+# -- Configures the readiness probe for polaris pods.
+readinessProbe:
+ # -- Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0.
+ initialDelaySeconds: 5
+ # -- How often (in seconds) to perform the probe. Minimum value is 1.
+ periodSeconds: 10
+ # -- Minimum consecutive successes for the probe to be considered successful after having failed. Minimum value is 1.
+ successThreshold: 1
+ # -- Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1.
+ failureThreshold: 3
+ # -- Number of seconds after which the probe times out. Minimum value is 1.
+ timeoutSeconds: 10
+
+# -- Advanced configuration via Environment Variables.
+# Extra environment variables to add to the Polaris server container.
+# You can pass here any valid EnvVar object:
+# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core
+# This can be useful to get configuration values from Kubernetes secrets or config maps.
+extraEnv:
+ []
+# - name: AWS_STORAGE_BUCKET
+# value: s3://xxxxx/
+# - name: AWS_ACCESS_KEY_ID
+# valueFrom:
+# secretKeyRef:
+# name: aws-secret
+# key: access_key_id
+# - name: AWS_SECRET_ACCESS_KEY
+# valueFrom:
+# secretKeyRef:
+# name: aws-secret
+# key: secret_access_key
+
+# -- Configures whether to enable the bootstrap metastore manager job
+bootstrapMetastoreManager: false
+
+# -- The secret name to pull persistence.xml from (ensure the key name is 'persistence.xml')
+persistenceConfigSecret: ~
+
+# -- Configures for polaris-server.yml
+polarisServerConfig:
+ server:
+ # Maximum number of threads.
+ maxThreads: 200
+
+ # Minimum number of thread to keep alive.
+ minThreads: 10
+ applicationConnectors:
+ # HTTP-specific options.
+ - type: http
+
+ # The port on which the HTTP server listens for service requests.
+ port: 8181
+
+ adminConnectors:
+ - type: http
+ port: 8182
+
+ # The hostname of the interface to which the HTTP server socket wil be found. If omitted, the
+ # socket will listen on all interfaces.
+ #bindHost: localhost
+
+ # ssl:
+ # keyStore: ./example.keystore
+ # keyStorePassword: example
+ #
+ # keyStoreType: JKS # (optional, JKS is default)
+
+ # HTTP request log settings
+ requestLog:
+ appenders:
+ # Settings for logging to stdout.
+ - type: console
+
+ # # Settings for logging to a file.
+ # - type: file
+
+ # # The file to which statements will be logged.
+ # currentLogFilename: ./logs/request.log
+
+ # # When the log file rolls over, the file will be archived to requests-2012-03-15.log.gz,
+ # # requests.log will be truncated, and new statements written to it.
+ # archivedLogFilenamePattern: ./logs/requests-%d.log.gz
+
+ # # The maximum number of log files to archive.
+ # archivedFileCount: 14
+
+ # # Enable archiving if the request log entries go to the their own file
+ # archive: true
+
+ featureConfiguration:
+ ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING: false
+ DISABLE_TOKEN_GENERATION_FOR_USER_PRINCIPALS: true
+ SUPPORTED_CATALOG_STORAGE_TYPES:
+ - S3
+ - GCS
+ - AZURE
+ - FILE
+
+
+ # Whether we want to enable Snowflake OAuth locally. Setting this to true requires
+ # that you go through the setup outlined in the `README.md` file, specifically the
+ # `OAuth + Snowflake: Local Testing And Then Some` section
+ callContextResolver:
+ type: default
+
+ realmContextResolver:
+ type: default
+
+ defaultRealms:
+ - default-realm
+
+ metaStoreManager:
+ type: in-memory
+ # type: eclipse-link # uncomment to use eclipse-link as metastore
+ # persistence-unit: polaris
+ # conf-file: /eclipselink-config/conf.jar!/persistence.xml # Don't change this value when using custom persistence.xml via '.persistenceConfigSecret'
+
+
+ # TODO - avoid duplicating token broker config
+ oauth2:
+ type: test
+ # type: default # - uncomment to support Auth0 JWT tokens
+ # tokenBroker:
+ # type: symmetric-key
+ # secret: polaris
+
+ authenticator:
+ class: org.apache.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator
+ # class: io.polaris.service.auth.DefaultPolarisAuthenticator # - uncomment to support Auth0 JWT tokens
+ # tokenBroker:
+ # type: symmetric-key
+ # secret: polaris
+
+ cors:
+ allowed-origins:
+ - http://localhost:8080
+ allowed-timing-origins:
+ - http://localhost:8080
+ allowed-methods:
+ - PATCH
+ - POST
+ - DELETE
+ - GET
+ - PUT
+ allowed-headers:
+ - "*"
+ exposed-headers:
+ - "*"
+ preflight-max-age: 600
+ allowed-credentials: true
+
+ # Logging settings.
+
+ logging:
+
+ # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL.
+ level: INFO
+
+ # Logger-specific levels.
+ loggers:
+ org.apache.iceberg.rest: DEBUG
+ io.polaris: DEBUG
+
+ appenders:
+
+ - type: console
+ # If true, write log statements to stdout.
+ # enabled: true
+ # Do not display log statements below this threshold to stdout.
+ threshold: ALL
+ # Custom Logback PatternLayout with threadname.
+ logFormat: "%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex"
+
+ # # Settings for logging to a file.
+ # - type: file
+ # # If true, write log statements to a file.
+ # # enabled: true
+ # # Do not write log statements below this threshold to the file.
+ # threshold: ALL
+ # layout:
+ # type: polaris
+ # flattenKeyValues: false
+ # includeKeyValues: true
+
+ # # The file to which statements will be logged.
+ # currentLogFilename: ./logs/polaris.log
+ # # When the log file rolls over, the file will be archived to snowflake-2012-03-15.log.gz,
+ # # snowflake.log will be truncated, and new statements written to it.
+ # archivedLogFilenamePattern: ./logs/polaris-%d.log.gz
+ # # The maximum number of log files to archive.
+ # archivedFileCount: 14
\ No newline at end of file