Stop managing namespaces and external secrets
What it does
As described in workload-cluster-operator!251 (merged), the SylvaWorkloadCluster (SWC) resource should be in charge of Sylva opiniated naming, namespaces management and security with respect to user provided values. The SylvaUnitsRelease (SUR) is only focusing on creating a Sylva-units Helm Release (HR).
In addition, The SWC will enable user to refer to secrets, configmap and external secret in the valuesFrom field. The valuesFrom type is shared with SUR valuesFrom type. Referring to externalsecret directly enables us to remove the secretValues field. In furutre MR, SWC and SUR valuesFrom may have different validation behaviors
- It remove the management of external secret from the operator scope
- It enables one to rely on non Sylva secret store
- It is more standardized
Hence the present MR is
- Adding a possible type in the SUR valuesFrom type. The type is externalSecret
- Since the SUR is not yet managing externalSecret, an explicit error will be triggered if an external secret is referred in a valuesFrom
- Remove the secretValues from the CRD
- Remove management of namespaces. The SUR is now in the same namespace than the HR it manages
- Remove management external secret life cycle management from the operator
Tests
- Operator tests:
✅ - Local deployment in Rocket:
✅
References
- Closes #32 (closed)
- Closes #33 (closed)
- Required for workload-cluster-operator!251 (merged)
Edited by vladimir braquet