Secret store examples for data connectors (#154)

Author: ewgenius

spiceaidocs/docs/data-connectors/databricks.md

@@ -4,18 +4,107 @@ sidebar_label: 'Databricks Data Connector'
 description: 'Databricks Data Connector Documentation'
 ---
 
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
 Databricks as a connector for federated SQL query against Databrick's [Delta Lake](https://docs.databricks.com/en/delta/index.html). 
 
 ## Configuration
-### Secrets
-- `token`: An active personal access token for the Databricks instance (equivalent to `DATABRICKS_TOKEN`). 
-- Other keys provided in the secret are directly passed to the underlying object store (e.g. `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` if backed by AWS S3).
 
 `spice login databricks` can be used to configure secrets for the Spice runtime (including AWS object store keys). 
 
 ### Parameters
 - `endpoint`: The HTTPS endpoint of the Databricks host storing the desired tables.
 
+### Auth
+
+An active personal access token for the Databricks instance is required (equivalent to `DATABRICKS_TOKEN`). 
+Other keys provided in the secret are directly passed to the underlying secret store (e.g. `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` if backed by AWS S3).
+
+By default Databricks connector will look for a secret named `databricks` with keys `token` and `AWS_DEFAULT_REGION`, 
+`AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`.
+
+Check [Secrets Stores](/secret-stores) for more details.
+
+<Tabs>
+  <TabItem value="local" label="Local" default>
+    ```bash
+    spice login databricks --token <access-token> --aws-region <aws-region> --aws-access-key-id <aws-access-key-id> --aws-secret-access-key <aws-secret-access-key>
+    ```
+
+    Learn more about [File Secret Store](/secret-stores/file).
+  </TabItem>
+  <TabItem value="env" label="Env">
+    ```bash
+    SPICE_SECRET_DATABRICKS_TOKEN=<access-token> \
+    SPICE_SECRET_DATABRICKS_AWS_DEFAULT_REGION=<aws-region> \
+    SPICE_SECRET_DATABRICKS_AWS_ACCESS_KEY_ID=<aws-access-key-id> \
+    SPICE_SECRET_DATABRICKS_AWS_SECRET_ACCESS_KEY=<aws-secret-access-key> \
+    spice run
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
+
+    secrets:
+      store: env
+    
+    # <...>
+    ```
+
+    Learn more about [Env Secret Store](/secret-stores/env).
+  </TabItem>
+  <TabItem value="k8s" label="Kubernetes">
+    ```bash
+    kubectl create secret generic databricks \
+      --from-literal=token='<access-token>' \
+      --from-literal=AWS_DEFAULT_REGION='<aws-region>' \
+      --from-literal=AWS_ACCESS_KEY_ID='<aws-access-key-id>' \
+      --from-literal=AWS_SECRET_ACCESS_KEY='<aws-secret-access-key>'
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
+
+    secrets:
+      store: kubernetes
+    
+    # <...>
+    ```
+
+    Learn more about [Kubernetes Secret Store](/secret-stores/kubernetes).
+  </TabItem>
+  <TabItem value="keyring" label="Keyring">
+    Add new keychain entry (macOS), with user and password in JSON string
+
+    ```bash
+    security add-generic-password -l "Databricks Secret" \
+    -a spiced -s spice_secret_databricks \
+    -w $(echo -n '{"token": "<access-token>", "AWS_DEFAULT_REGION": "<aws-region>", "AWS_ACCESS_KEY_ID": "<aws-access-key-id>", "AWS_SECRET_ACCESS_KEY": "<aws-secret-access-key>"}')
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
+
+    secrets:
+      store: keyring
+    
+    # <...>
+    ```
+
+    Learn more about [Keyring Secret Store](/secret-stores/keyring).
+  </TabItem>
+</Tabs>
+
 ## Example
 
 ```yaml

spiceaidocs/docs/data-connectors/dremio.md

@@ -4,22 +4,104 @@ sidebar_label: 'Dremio Data Connector'
 description: 'Dremio Data Connector Documentation'
 ---
 
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
 [Dremio](https://www.dremio.com/) server as a connector for federated SQL queries.
 
+By default Dremio connector will look for a secret named `dremio` with 
+
 ## `params`
 
 - `endpoint`: The endpoint used to connect to the Dremio server.
 
-## `auth`
+## Auth
+
+Username and password credentials are required to log into the Dremio Server.
+By default Dremio connector will look for a secret named `dremio` with keys `username` and `password`.
+
+Check [Secrets Stores](/secret-stores) for more details.
+
+<Tabs>
+  <TabItem value="local" label="Local" default>
+    ```bash
+    spice login dremio -u demo -p demo1234
+    ```
+
+    Learn more about [File Secret Store](/secret-stores/file).
+  </TabItem>
+  <TabItem value="env" label="Env">
+    ```bash
+    SPICE_SECRET_DREMIO_USERNAME=demo \
+    SPICE_SECRET_DREMIO_PASSWORD=demo1234 \
+    spice run
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
+
+    secrets:
+      store: env
+    
+    # <...>
+    ```
+
+    Learn more about [Env Secret Store](/secret-stores/env).
+  </TabItem>
+  <TabItem value="k8s" label="Kubernetes">
+    ```bash
+    kubectl create secret generic dremio \
+      --from-literal=username='demo' \
+      --from-literal=password='demo1234'
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
+
+    secrets:
+      store: kubernetes
+    
+    # <...>
+    ```
+
+    Learn more about [Kubernetes Secret Store](/secret-stores/kubernetes).
+  </TabItem>
+  <TabItem value="keyring" label="Keyring">
+    Add new keychain entry (macOS), with user and password in JSON string
+
+    ```bash
+    security add-generic-password -l "Dremio Secret" \
+    -a spiced -s spice_secret_dremio \
+    -w $(echo -n '{"username": "demo", "password": "demo1234"}')
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
 
-Username and password credentials are required to log into the Dremio Server. `spice login dremio` can be used to configure secrets for the Spice runtime. 
+    secrets:
+      store: keyring
+    
+    # <...>
+    ```
 
-Check [Secrets Stores](/secret-stores) for details on configuring secrets.
+    Learn more about [Keyring Secret Store](/secret-stores/keyring).
+  </TabItem>
+</Tabs>
 
 ## Example
 
 ```yaml
 - from: dremio:datasets.dremio_dataset
   name: dremio_dataset
   params:
-    endpoint: grpc://127.0.0.1:32010
+    endpoint: grpc://127.0.0.1:32010
+```

spiceaidocs/docs/data-connectors/flightsql.md

@@ -4,20 +4,94 @@ sidebar_label: 'FlightSql Data Connector'
 description: 'FlightSQL Data Connector Documentation'
 ---
 
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
 Connect to any FlightSQL compatible server (e.g. Influx 3.0, CnosDB, other Spice runtimes!) as a connector for federated SQL queries.
 
 ## `params`
 
 - `endpoint`: The Apache Flight endpoint used to connect to the FlightSQL server. 
 
-## `auth`
+## Auth
 
-Check [Secrets Stores](/secret-stores) for details on how to configure.
+Username and password credentials can be specified to connect to the FlightSQL server:
 
-Attributes:
 - `username` (optional): The username to use in the underlying Apache flight Handshake Request to authenticate to the server (see [reference](https://arrow.apache.org/docs/format/Flight.html#authentication)). 
 - `password` (optional): The password to use in the underlying Apache flight Handshake Request to authenticate to the server (see [reference](https://arrow.apache.org/docs/format/Flight.html#authentication)). 
 
+By default FlightSQL connector will look for a secret named `flightsql` with keys `username` and `password`.
+
+Check [Secrets Stores](/secret-stores) for more details.
+
+<Tabs>
+  <TabItem value="env" label="Env">
+    ```bash
+    SPICE_SECRET_FLIGHTSQL_USERNAME=<flight_username> \
+    SPICE_SECRET_FLIGHTSQL_PASSWORD=<flight_password> \
+    spice run
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
+
+    secrets:
+      store: env
+    
+    # <...>
+    ```
+
+    Learn more about [Env Secret Store](/secret-stores/env).
+  </TabItem>
+  <TabItem value="k8s" label="Kubernetes">
+    ```bash
+    kubectl create secret generic flightsql \
+      --from-literal=username='<flight_username>' \
+      --from-literal=password='<flight_password>'
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
+
+    secrets:
+      store: kubernetes
+    
+    # <...>
+    ```
+
+    Learn more about [Kubernetes Secret Store](/secret-stores/kubernetes).
+  </TabItem>
+  <TabItem value="keyring" label="Keyring">
+    Add new keychain entry (macOS), with user and password in JSON string
+
+    ```bash
+    security add-generic-password -l "FlightSQL Secret" \
+    -a spiced -s spice_secret_flightsql \
+    -w $(echo -n '{"username": "<flight_username>", "password": "<flight_password>"}')
+    ```
+
+    `spicepod.yaml`
+    ```yaml
+    version: v1beta1
+    kind: Spicepod
+    name: spice-app
+
+    secrets:
+      store: keyring
+    
+    # <...>
+    ```
+
+    Learn more about [Keyring Secret Store](/secret-stores/keyring).
+  </TabItem>
+</Tabs>
+
 ## Example
 
 ```yaml