Add support for users groups

charts/trino/templates/configmap-coordinator.yaml

@@ -96,6 +96,14 @@ data:
   password-authenticator.properties: |
     password-authenticator.name=file
     file.password-file={{ .Values.server.config.path }}/auth/password.db
+  {{- if .Values.auth.groups }}
+  group-provider.properties: |
+    group-provider.name=file
+    file.group-file={{ .Values.server.config.path }}/auth/group.db
+    {{- if .Values.auth.refreshPeriod }}
+    file.refresh-period={{ .Values.auth.refreshPeriod }}
+    {{- end }}
+  {{- end }}
   {{- end }}
 
 {{ if .Values.eventListenerProperties }}

charts/trino/templates/deployment-coordinator.yaml

@@ -59,6 +59,13 @@ spec:
         - name: password-volume
           secret:
             secretName: trino-password-authentication
+            items:
+              - key: password.db
+                path: password.db
+              {{- if .Values.auth.groups }}
+              - key: group.db
+                path: group.db
+              {{- end }}
         {{- end }}
       {{- if .Values.initContainers.coordinator }}
       initContainers:

charts/trino/templates/secret.yaml

@@ -7,4 +7,7 @@ metadata:
     {{- include "trino.labels" . | nindent 4 }}
 data:
   password.db: {{ .Values.auth.passwordAuth | b64enc }}
+  {{- if .Values.auth.groups}}
+  group.db: {{ .Values.auth.groups | b64enc }}
+  {{- end }}
 {{- end }}

charts/trino/values.yaml

@@ -137,6 +137,10 @@ auth: {}
   # Set username and password
   # https://trino.io/docs/current/security/password-file.html#file-format
   # passwordAuth: "username:encrypted-password-with-htpasswd"
+  # Set users' groups
+  # https://trino.io/docs/current/security/group-file.html#file-format
+  # refreshPeriod: 5s
+  # groups: "group_name:user_1,user_2,user_3"
 
 serviceAccount:
   # Specifies whether a service account should be created