Hello everyone. Thanks Alex for reviving the discussion.
I see this PR is struggling a bit with ongoing conflicts, and I'd like
to offer my help and share my thought on it.
If we decide this feature should move forward, I suggest splitting the
PR into 3 smaller parts:
**Introduce the API and scaffolding**
Add a new s3-sign-service module with the required interfaces/DTOs, but
without wiring it into the build/runtime yet. This provides a clean
contract for further work.
Deliver:
- api/s3-sign-service
- specs
- put s3-sign-service build under a feature flag
**Add core changes (config + auth)**
Deliver the polaris-core updates needed for storage configuration and
authorization, keeping the feature fully opt-in (e.g.,
storage.s3.signing.enabled=false). No functional signing yet.
Deliver:
- polaris-core
**Add the actual implementation**
Provide the concrete S3 signing implementation, register it, and add
integration/e2e tests. Enable it only when the feature flag is turned on.
Deliver:
- runtime
- and rest of the tests
- weak a feature flag
What do you think about splitting the delivery process this way?
Do you have alternative suggestions, or do you see this feature being
delivered more effectively as a single PR instead?
I'd be glad to hear your thoughts.
On 12/12/2025 21:20, Alexandre Dutra wrote:
Hi all,
I'm reviving the discussion regarding remote S3 signing because the PR
[1] is now more than 4 months old, and it's been quite a pain to
rebase it regularly.
I would like to thank Prashant for his thorough review of the PR so
far; his feedback did uncover a few issues around table locations that
led to [2], but the resulting PR now aligns with Milestone 1 (M1). And
by the way, Milestone 2 is already underway. As a reminder, in the M1
PR, remote signing is clearly labeled as beta and disabled by default.
What is the community's interest and appetite for this, and what is
the desired timeline? Do we have any outstanding blockers? I know the
PR is big, but maybe it could benefit from more reviews as well.
Anyways, let me know what's the best way to move forward with remote signing.
Thanks,
Alex
[1]: https://github.com/apache/polaris/pull/2280
[2]: https://github.com/apache/polaris/pull/3226
On Tue, Aug 26, 2025 at 3:42 AM Alexandre Dutra <[email protected]> wrote:
Hi all,
I'm starting a new thread on S3 remote signing to avoid hijacking the
existing one [1].
To summarize our current progress: we have a design document [2], a
Github issue [3] and an initial PR [4].
This initial PR establishes the foundation for the feature. In that
PR, remote signing is marked experimental, due to suboptimal
authorization checks and potential performance bottlenecks. However, a
clear path for improvements in both areas has been identified.
How should we proceed? Is the community in agreement with the general
implementation guidelines and the current PR?
Thanks,
Alex
[1]: https://lists.apache.org/thread/qvzwc3qxlfrk9vr7yfbx6zxfhz9lhlbc
[2]:
https://docs.google.com/document/d/1ygdia7u4bUHUt6n8XhZo48aKoIyyrCvKqan3XP25iB8/edit?usp=sharing
[3]: https://github.com/apache/polaris/issues/32
[4]: https://github.com/apache/polaris/pull/2280
