Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 53 additions & 5 deletions .github/workflows/console.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,32 +33,80 @@ on:

jobs:
build:

name: Console Build (Node ${{ matrix.node-version }})
runs-on: ubuntu-latest
permissions:
contents: read
strategy:
matrix:
node-version: ["20.19", "22.13"]

steps:
- name: Checkout Polaris Tools project
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5

- name: Set up Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'
cache-dependency-path: console/package.json

- name: Install dependencies
working-directory: console
run: make install

- name: Lint
working-directory: console
run: make lint

- name: Build
working-directory: console
run: make build

helm-tests:
name: Helm Tests (Helm ${{ matrix.helm-version }})
runs-on: ubuntu-latest
timeout-minutes: 60
permissions:
contents: read
strategy:
matrix:
include:
- helm-version: 'v3.20.0'
- helm-version: 'v4.0.5'
- helm-version: 'v4.1.1'
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0
persist-credentials: false
- name: Set up Helm
uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
with:
version: ${{ matrix.helm-version }}
- name: Set up chart-testing
run: |
CT_VERSION=3.14.0
ARCH=$(uname -m)
case "$ARCH" in
x86_64|amd64) ARCH=amd64 ;;
aarch64|arm64) ARCH=arm64 ;;
esac
curl -sSLo ct.tar.gz "https://github.com/helm/chart-testing/releases/download/v${CT_VERSION}/chart-testing_${CT_VERSION}_linux_${ARCH}.tar.gz"
sudo tar -xzf ct.tar.gz -C /usr/local/bin ct
mkdir -p .ct
tar -xzf ct.tar.gz --strip-components=1 -C .ct etc
rm ct.tar.gz
pip install yamllint yamale
- name: Install Helm plugins
run: make console-helm-install-plugins
- name: Verify Helm schema is up to date
run: make console-helm-schema-verify
- name: Run 'helm template' validation
run: |
cd console/helm
helm template --debug --namespace polaris-ns --values values.yaml .
- name: Run Helm unit tests
run: make console-helm-unittest
- name: Run chart-testing (lint)
env:
DEFAULT_BRANCH: ${{ github.base_ref || github.event.repository.default_branch }}
run: ct lint --target-branch "${DEFAULT_BRANCH}" --debug --charts ./console/helm --validate-maintainers=false
26 changes: 26 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,32 @@ console-lint-fix: ## Fix linting issues in the console project
console-version: ## Display version for console project
@$(MAKE) -C console version

##@ Console Helm

.PHONY: console-helm
console-helm: ## Run most Helm targets (schema, unittest, and lint)
@$(MAKE) -C console helm

.PHONY: console-helm-install-plugins
console-helm-install-plugins: ## Install required Helm plugins (unittest, schema)
@$(MAKE) -C console helm-install-plugins

.PHONY: console-helm-lint
console-helm-lint: ## Run Helm chart lint check
@$(MAKE) -C console helm-lint

.PHONY: console-helm-schema-generate
console-helm-schema-generate: ## Generate Helm chart JSON schema from values.yaml
@$(MAKE) -C console helm-schema-generate

.PHONY: console-helm-schema-verify
console-helm-schema-verify: ## Verify Helm chart JSON schema is up to date
@$(MAKE) -C console helm-schema-verify

.PHONY: console-helm-unittest
console-helm-unittest: ## Run Helm chart unittest
@$(MAKE) -C console helm-unittest

##@ MCP

.PHONY: mcp-build
Expand Down
13 changes: 12 additions & 1 deletion console/LICENSE
Original file line number Diff line number Diff line change
Expand Up @@ -198,4 +198,15 @@
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
limitations under the License.

--------------------------------------------------------------------------------

This product includes code from Project Nessie.
Comment thread
MonkeyCanCode marked this conversation as resolved.

* helm/templates/_helpers.tpl
* helm/templates/serviceaccount.yaml

Copyright: Copyright 2015-2025 Dremio Corporation
Home page: https://projectnessie.org/
License: https://www.apache.org/licenses/LICENSE-2.0
140 changes: 140 additions & 0 deletions console/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -89,3 +89,143 @@ lint-fix: format-fix ## Fix linting issues in the console project
@echo "--- Fixing linting issues in the console project ---"
@npm run lint -- --fix
@echo "--- Linting issues in the console project fixed ---"

##@ Helm

.PHONY: helm
helm: helm-schema-generate helm-lint helm-unittest ## Run most Helm targets (schema, unittest, and lint)

helm-install-plugins: DEPENDENCIES := helm
.PHONY: helm-install-plugins
helm-install-plugins: check-dependencies ## Install required Helm plugins (unittest, schema)
@echo "--- Installing Helm plugins ---"
@HELM_MAJOR_VERSION=$$(helm version --short | sed 's/^v//' | cut -d. -f1); \
if [ "$$HELM_MAJOR_VERSION" -ge 4 ] 2>/dev/null; then \
HELM_PLUGIN_FLAGS="--verify=false"; \
Comment thread
MonkeyCanCode marked this conversation as resolved.
else \
HELM_PLUGIN_FLAGS=""; \
fi; \
if helm plugin list | grep -q "^unittest"; then \
echo "Plugin 'unittest' is already installed."; \
else \
echo "Installing 'unittest' plugin..."; \
helm plugin install $$HELM_PLUGIN_FLAGS https://github.com/helm-unittest/helm-unittest.git; \
fi; \
if helm plugin list | grep -q "^schema"; then \
echo "Plugin 'schema' is already installed."; \
else \
echo "Installing 'schema' plugin..."; \
helm plugin install $$HELM_PLUGIN_FLAGS https://github.com/losisin/helm-values-schema-json.git; \
fi
@echo "--- Helm plugins installed ---"

helm-lint: DEPENDENCIES := ct yamllint
.PHONY: helm-lint
helm-lint: check-dependencies ## Run Helm chart lint check
@echo "--- Running Helm chart linting ---"
@ct lint --charts helm/ --validate-maintainers=false
@echo "--- Helm chart linting complete ---"

helm-schema-generate: DEPENDENCIES := helm
.PHONY: helm-schema-generate
helm-schema-generate: helm-install-plugins ## Generate Helm chart JSON schema from values.yaml
@echo "--- Generating Helm values schema ---"
@helm schema -f helm/values.yaml -o helm/values.schema.json --use-helm-docs --draft 7
@echo "--- Helm values schema generated ---"

helm-schema-verify: DEPENDENCIES := helm git
.PHONY: helm-schema-verify
helm-schema-verify: helm-schema-generate ## Verify Helm chart JSON schema is up to date
@echo "--- Verifying Helm values schema is up to date ---"
@if ! git diff --exit-code helm/values.schema.json; then \
echo "ERROR: Helm schema is out of date. Please run 'make helm-schema-generate' and commit the changes."; \
exit 1; \
fi
@echo "--- Helm values schema is up to date ---"

helm-unittest: DEPENDENCIES := helm
.PHONY: helm-unittest
helm-unittest: helm-install-plugins ## Run Helm chart unittest
@echo "--- Running Helm chart unittest ---"
@helm unittest helm/
@echo "--- Helm chart unittest complete ---"

##@ Dependencies

.PHONY: check-dependencies
check-dependencies: ## Check if all requested dependencies are present
@echo "--- Checking for requested dependencies ---"
@for dependency in $(DEPENDENCIES); do \
echo "Checking for $$dependency..."; \
if [ "$$dependency" = "java21" ]; then \
if java --version | head -n1 | cut -d' ' -f2 | grep -q '^21\.'; then \
echo "Java 21 is installed."; \
else \
echo "Java 21 is NOT installed."; \
echo "--- ERROR: Dependency 'Java 21' is missing. Please install it to proceed. Exiting. ---"; \
exit 1; \
fi ; \
elif command -v $$dependency >/dev/null 2>&1; then \
echo "$$dependency is installed."; \
else \
echo "$$dependency is NOT installed."; \
echo "--- ERROR: Dependency '$$dependency' is missing. Please install it to proceed. Exiting. ---"; \
exit 1; \
fi; \
done
@echo "--- All checks complete. ---"

.PHONY: check-brew
check-brew:
@echo "--- Checking Homebrew installation ---"
@if command -v brew >/dev/null 2>&1; then \
echo "--- Homebrew is installed ---"; \
else \
echo "--- Homebrew is not installed. Aborting ---"; \
exit 1; \
fi

.PHONY: install-dependencies-brew
install-dependencies-brew: check-brew ## Install dependencies if not present via Brew
@echo "--- Checking and installing dependencies for this target ---"
@for dependency in $(DEPENDENCIES); do \
case $$dependency in \
java21) \
if java -version 2>&1 | grep -q '21'; then \
:; \
else \
echo "Java 21 is not installed. Installing openjdk@21 and jenv..."; \
brew install openjdk@21 jenv; \
$(shell brew --prefix jenv)/bin/jenv add $(shell brew --prefix openjdk@21); \
jenv local 21; \
echo "Java 21 installed."; \
fi ;; \
docker|podman) \
if command -v $$dependency >/dev/null 2>&1; then \
:; \
else \
echo "$$dependency is not installed. Manual installation required"; \
fi ;; \
ct) \
if command -v ct >/dev/null 2>&1; then \
:; \
else \
echo "ct is not installed. Installing with Homebrew..."; \
brew install chart-testing; \
echo "ct installed."; \
fi ;; \
*) \
if command -v $$dependency >/dev/null 2>&1; then \
:; \
else \
echo "$$dependency is not installed. Installing with Homebrew..."; \
brew install $$dependency; \
echo "$$dependency installed."; \
fi ;; \
esac; \
done
@echo "--- All requested dependencies checked/installed ---"

install-optional-dependencies-brew: DEPENDENCIES := $(OPTIONAL_DEPENDENCIES)
.PHONY: install-optional-dependencies-brew
install-optional-dependencies-brew: install-dependencies-brew ## Install optional dependencies if not present via Brew
10 changes: 9 additions & 1 deletion console/NOTICE
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,12 @@ Apache Polaris
Copyright 2026 The Apache Software Foundation

This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
The Apache Software Foundation (http://www.apache.org/).

--------------------------------------------------------------------------------

This project includes code from Project Nessie, developed at Dremio,
with the following copyright notice:

| Nessie
| Copyright 2015-2025 Dremio Corporation
37 changes: 20 additions & 17 deletions console/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ The console supports OpenID Connect (OIDC) authentication with PKCE flow. When c
Set these environment variables to enable OIDC:

```env
VITE_OIDC_ISSUER_URL=http://localhost:8080/realms/EXTERNAL
VITE_OIDC_ISSUER_URL=http://keycloak:18080/realms/EXTERNAL
VITE_OIDC_CLIENT_ID=polaris-console
VITE_OIDC_REDIRECT_URI=http://localhost:5173/auth/callback
VITE_OIDC_SCOPE=openid profile email
Expand All @@ -162,7 +162,7 @@ VITE_OIDC_SCOPE=openid profile email
5. Enable **Standard Flow** (Authorization Code Flow)
6. Configure token claims to include user principal information

**Note:** Both the console and Polaris server must use the same OIDC provider.
**Note:** Both the console and Polaris server must use the same OIDC provider. Also, use port `18080` for Keycloak, as port `8080` is being used by the Polaris console.

## Project Structure

Expand Down Expand Up @@ -238,7 +238,7 @@ make build-docker
Then, you run Polaris Console using:

```bash
docker run -p 4000:4000 \
docker run -p 8080:8080 \
-e VITE_POLARIS_API_URL=http://polaris:8181 \
-e VITE_POLARIS_REALM=POLARIS \
-e VITE_POLARIS_PRINCIPAL_SCOPE=PRINCIPAL_ROLE:ALL \
Expand All @@ -248,11 +248,11 @@ docker run -p 4000:4000 \
To enable OIDC authentication, add OIDC environment variables:

```bash
docker run -p 4000:4000 \
docker run -p 8080:8080 \
-e VITE_POLARIS_API_URL=http://polaris:8181 \
-e VITE_POLARIS_REALM=POLARIS \
-e VITE_POLARIS_PRINCIPAL_SCOPE=PRINCIPAL_ROLE:ALL \
-e VITE_OIDC_ISSUER_URL=http://keycloak:8080/realms/EXTERNAL \
-e VITE_OIDC_ISSUER_URL=http://keycloak:18080/realms/EXTERNAL \
-e VITE_OIDC_CLIENT_ID=polaris-console \
-e VITE_OIDC_REDIRECT_URI=http://localhost:8080/auth/callback \
-e VITE_OIDC_SCOPE="openid profile email" \
Expand Down Expand Up @@ -286,29 +286,32 @@ and start Polaris instance in `polaris` namespace via helm.

4. **Access the console:**
```bash
kubectl port-forward svc/polaris-console 4000:4000 -n polaris
kubectl port-forward svc/polaris-console 8080:8080 -n polaris
```
Open http://localhost:4000 in your browser.
Open http://localhost:8080 in your browser.

### Configuration

Customize the deployment by creating a `values.yaml` file:

```yaml
env:
polarisApiUrl: "http://polaris:8181"
polarisRealm: "POLARIS"
oauthTokenUrl: "http://polaris:8181/api/catalog/v1/oauth/tokens"

config:
api:
polarisApiUrl: "http://polaris:8181"
polarisRealm: "POLARIS"
oauthTokenUrl: "http://polaris:8181/api/catalog/v1/oauth/tokens"
# OIDC Configuration (optional)
oidcIssuerUrl: "http://keycloak:8080/realms/EXTERNAL"
oidcClientId: "polaris-console"
oidcRedirectUri: "http://localhost:4000/auth/callback"
oidcScope: "openid profile email"
oidc:
issuerUrl: "http://keycloak:18080/realms/EXTERNAL"
clientId: "polaris-console"
redirectUri: "http://localhost:8080/auth/callback"
scope: "openid profile email"

service:
type: ClusterIP
port: 4000
ports:
- name: http
port: 8080

replicaCount: 1
```
Expand Down
4 changes: 2 additions & 2 deletions console/docker/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,8 @@ COPY --chown=10000:10001 --chmod=744 docker/generate-config.sh /generate-config.
COPY --from=builder /app/dist /opt/app-root/src

RUN chown -R polaris:polaris /opt/app-root
# Expose port 4040
EXPOSE 4040
# Expose port 8080
EXPOSE 8080
RUN chown -R polaris:polaris /var/log/nginx \
&& chown -R polaris:polaris /etc/nginx/conf.d \
&& chown -R polaris:polaris /var/lib/nginx \
Expand Down
Loading
Loading