SigV4 Auth Support for Catalog Federation - Part 1: Entity Transformation System

persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/EclipseLinkPolarisMetaStoreManagerFactory.java

@@ -27,6 +27,7 @@
 import org.apache.polaris.core.PolarisDiagnostics;
 import org.apache.polaris.core.config.PolarisConfigurationStore;
 import org.apache.polaris.core.context.RealmContext;
+import org.apache.polaris.core.entity.transformation.EntityTransformationEngine;
 import org.apache.polaris.core.persistence.LocalPolarisMetaStoreManagerFactory;
 import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
 import org.apache.polaris.core.persistence.bootstrap.RootCredentialsSet;
@@ -45,15 +46,18 @@ public class EclipseLinkPolarisMetaStoreManagerFactory
 
   @Inject EclipseLinkConfiguration eclipseLinkConfiguration;
   @Inject PolarisStorageIntegrationProvider storageIntegrationProvider;
+  @Inject EntityTransformationEngine entityTransformationEngine;
 
   protected EclipseLinkPolarisMetaStoreManagerFactory() {
-    this(null, null);
+    this(null, null, null);
   }
 
   @Inject
   protected EclipseLinkPolarisMetaStoreManagerFactory(
-      PolarisDiagnostics diagnostics, PolarisConfigurationStore configurationStore) {
-    super(diagnostics, configurationStore);
+      PolarisDiagnostics diagnostics,
+      PolarisConfigurationStore configurationStore,
+      EntityTransformationEngine entityTransformationEngine) {
+    super(diagnostics, configurationStore, entityTransformationEngine);
   }
 
   @Override

persistence/eclipselink/src/test/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreManagerTest.java

@@ -39,6 +39,7 @@
 import org.apache.polaris.core.config.PolarisConfigurationStore;
 import org.apache.polaris.core.context.RealmContext;
 import org.apache.polaris.core.entity.PolarisPrincipalSecrets;
+import org.apache.polaris.core.entity.transformation.NoOpEntityTransformationEngine;
 import org.apache.polaris.core.persistence.BasePolarisMetaStoreManagerTest;
 import org.apache.polaris.core.persistence.PolarisTestMetaStoreManager;
 import org.apache.polaris.core.persistence.transactional.TransactionalMetaStoreManagerImpl;
@@ -96,6 +97,7 @@ protected PolarisTestMetaStoreManager createPolarisTestMetaStoreManager() {
             session,
             diagServices,
             new PolarisConfigurationStore() {},
+            new NoOpEntityTransformationEngine(),
             timeSource.withZone(ZoneId.systemDefault())));
   }
 

persistence/relational-jdbc/src/main/java/org/apache/polaris/persistence/relational/jdbc/JdbcMetaStoreManagerFactory.java

@@ -38,6 +38,7 @@
 import org.apache.polaris.core.entity.PolarisEntityConstants;
 import org.apache.polaris.core.entity.PolarisEntitySubType;
 import org.apache.polaris.core.entity.PolarisEntityType;
+import org.apache.polaris.core.entity.transformation.EntityTransformationEngine;
 import org.apache.polaris.core.persistence.AtomicOperationMetaStoreManager;
 import org.apache.polaris.core.persistence.BasePersistence;
 import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
@@ -75,6 +76,7 @@ public class JdbcMetaStoreManagerFactory implements MetaStoreManagerFactory {
   @Inject Instance<DataSource> dataSource;
   @Inject RelationalJdbcConfiguration relationalJdbcConfiguration;
   @Inject PolarisConfigurationStore configurationStore;
+  @Inject EntityTransformationEngine entityTransformationEngine;
 
   protected JdbcMetaStoreManagerFactory() {}
 
@@ -156,7 +158,8 @@ public Map<String, BaseResult> purgeRealms(Iterable<String> realms) {
       PolarisMetaStoreManager metaStoreManager = getOrCreateMetaStoreManager(realmContext);
       BasePersistence session = getOrCreateSessionSupplier(realmContext).get();
 
-      PolarisCallContext callContext = new PolarisCallContext(realmContext, session, diagServices);
+      PolarisCallContext callContext =
+          new PolarisCallContext(realmContext, session, diagServices, entityTransformationEngine);
       BaseResult result = metaStoreManager.purge(callContext);
       results.put(realm, result);
 
@@ -229,7 +232,8 @@ private PrincipalSecretsResult bootstrapServiceAndCreatePolarisPrincipalForRealm
         new PolarisCallContext(
             realmContext,
             sessionSupplierMap.get(realmContext.getRealmIdentifier()).get(),
-            diagServices);
+            diagServices,
+            entityTransformationEngine);
     if (CallContext.getCurrentContext() == null) {
       CallContext.setCurrentContext(polarisContext);
     }
@@ -280,7 +284,8 @@ private void checkPolarisServiceBootstrappedForRealm(
         new PolarisCallContext(
             realmContext,
             sessionSupplierMap.get(realmContext.getRealmIdentifier()).get(),
-            diagServices);
+            diagServices,
+            entityTransformationEngine);
     if (CallContext.getCurrentContext() == null) {
       CallContext.setCurrentContext(polarisContext);
     }

persistence/relational-jdbc/src/test/java/org/apache/polaris/persistence/relational/jdbc/AtomicMetastoreManagerWithJdbcBasePersistenceImplTest.java

@@ -29,6 +29,7 @@
 import org.apache.polaris.core.PolarisDiagnostics;
 import org.apache.polaris.core.config.PolarisConfigurationStore;
 import org.apache.polaris.core.context.RealmContext;
+import org.apache.polaris.core.entity.transformation.NoOpEntityTransformationEngine;
 import org.apache.polaris.core.persistence.AtomicOperationMetaStoreManager;
 import org.apache.polaris.core.persistence.BasePolarisMetaStoreManagerTest;
 import org.apache.polaris.core.persistence.PolarisTestMetaStoreManager;
@@ -72,6 +73,7 @@ protected PolarisTestMetaStoreManager createPolarisTestMetaStoreManager() {
             basePersistence,
             diagServices,
             new PolarisConfigurationStore() {},
+            new NoOpEntityTransformationEngine(),
             timeSource.withZone(ZoneId.systemDefault())));
   }
 

polaris-core/src/main/java/org/apache/polaris/core/PolarisCallContext.java

@@ -24,6 +24,7 @@
 import org.apache.polaris.core.config.PolarisConfigurationStore;
 import org.apache.polaris.core.context.CallContext;
 import org.apache.polaris.core.context.RealmContext;
+import org.apache.polaris.core.entity.transformation.EntityTransformationEngine;
 import org.apache.polaris.core.persistence.BasePersistence;
 
 /**
@@ -40,6 +41,8 @@ public class PolarisCallContext implements CallContext {
 
   private final PolarisConfigurationStore configurationStore;
 
+  private final EntityTransformationEngine entityTransformationEngine;
+
   private final Clock clock;
 
   // will make it final once we remove deprecated constructor
@@ -50,22 +53,26 @@ public PolarisCallContext(
       @Nonnull BasePersistence metaStore,
       @Nonnull PolarisDiagnostics diagServices,
       @Nonnull PolarisConfigurationStore configurationStore,
+      @Nonnull EntityTransformationEngine entityTransformationEngine,
       @Nonnull Clock clock) {
     this.realmContext = realmContext;
     this.metaStore = metaStore;
     this.diagServices = diagServices;
     this.configurationStore = configurationStore;
+    this.entityTransformationEngine = entityTransformationEngine;
     this.clock = clock;
   }
 
   public PolarisCallContext(
       @Nonnull RealmContext realmContext,
       @Nonnull BasePersistence metaStore,
-      @Nonnull PolarisDiagnostics diagServices) {
+      @Nonnull PolarisDiagnostics diagServices,
+      @Nonnull EntityTransformationEngine entityTransformationEngine) {
     this.realmContext = realmContext;
     this.metaStore = metaStore;
     this.diagServices = diagServices;
     this.configurationStore = new PolarisConfigurationStore() {};
+    this.entityTransformationEngine = entityTransformationEngine;
     this.clock = Clock.system(ZoneId.systemDefault());
   }
 
@@ -81,6 +88,10 @@ public PolarisConfigurationStore getConfigurationStore() {
     return configurationStore;
   }
 
+  public EntityTransformationEngine getEntityTransformationEngine() {
+    return entityTransformationEngine;
+  }
+
   public Clock getClock() {
     return clock;
   }
@@ -105,6 +116,11 @@ public PolarisCallContext copy() {
     String realmId = this.realmContext.getRealmIdentifier();
     RealmContext realmContext = () -> realmId;
     return new PolarisCallContext(
-        realmContext, this.metaStore, this.diagServices, this.configurationStore, this.clock);
+        realmContext,
+        this.metaStore,
+        this.diagServices,
+        this.configurationStore,
+        this.entityTransformationEngine,
+        this.clock);
   }
 }

polaris-core/src/main/java/org/apache/polaris/core/entity/transformation/EntityTransformationEngine.java

@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.polaris.core.entity.transformation;
+
+import org.apache.polaris.core.entity.PolarisBaseEntity;
+
+/**
+ * Engine responsible for applying a sequence of {@link EntityTransformer} transformations to a
+ * {@link PolarisBaseEntity}.
+ *
+ * <p>This abstraction allows Polaris to customize or enrich entities during runtime or persistence,
+ * based on configured or contextual logic (e.g., injecting service identity info, computing derived
+ * fields).
+ */
+public interface EntityTransformationEngine {
+  /**
+   * Applies all registered entity transformers to the provided entity, in order.
+   *
+   * @param transformationPoint The point in the entity lifecycle where transformers should be
+   *     applied.
+   * @param entity The original Polaris entity to mutate.
+   * @return A new transformed copy of the entity of {@link PolarisBaseEntity} after all
+   *     transformers are applied.
+   */
+  PolarisBaseEntity applyTransformers(
+      TransformationPoint transformationPoint, PolarisBaseEntity entity);
+}

polaris-core/src/main/java/org/apache/polaris/core/entity/transformation/EntityTransformer.java

@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.polaris.core.entity.transformation;
+
+import org.apache.polaris.core.entity.PolarisBaseEntity;
+
+/**
+ * A transformation hook that transforms a Polaris entity. The transformer must create a new copy of
+ * the entity rather than updating them in-place.
+ *
+ * <p>Implementations of this interface apply custom logic to modify or enrich a {@link
+ * PolarisBaseEntity}.
+ */
+public interface EntityTransformer {
+
+  /**
+   * Applies the transformation logic to the given entity. It can be also used to add custom logic
+   * around the transformation point.
+   *
+   * @param entity the entity to be transformed
+   * @return the transformed entity
+   */
+  PolarisBaseEntity apply(PolarisBaseEntity entity);
+}

polaris-core/src/main/java/org/apache/polaris/core/entity/transformation/NoOpEntityTransformationEngine.java

@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.polaris.core.entity.transformation;
+
+import org.apache.polaris.core.entity.PolarisBaseEntity;
+
+/**
+ * A no-op implementation of {@link EntityTransformationEngine} that returns the input entity
+ * unchanged.
+ *
+ * <p>This can be used in environments where entity transformation is disabled or unnecessary.
+ */
+public class NoOpEntityTransformationEngine implements EntityTransformationEngine {
+
+  @Override
+  public PolarisBaseEntity applyTransformers(
+      TransformationPoint transformationPoint, final PolarisBaseEntity entity) {
+    return entity;
+  }
+}

polaris-core/src/main/java/org/apache/polaris/core/entity/transformation/TransformationPoint.java

@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.polaris.core.entity.transformation;
+
+/**
+ * Defines points in the entity lifecycle where {@link EntityTransformer} can be applied.
+ *
+ * <p>Each transformation point corresponds to a specific hook where transformers may be executed.
+ * Transformers can declare which points they support, allowing the engine to invoke only the
+ * relevant ones.
+ */
+public enum TransformationPoint {
+
+  /** Applied before a catalog entity is persisted. */
+  CATALOG_PRE_PERSIST(0),
+  ;
+
+  private final int id;
+
+  TransformationPoint(int id) {
+    this.id = id;
+  }
+
+  public int id() {
+    return id;
+  }
+}