Add valuesFrom field in the SWC CRD (!251) · Merge requests · Sylva-projects / sylva-elements / workload-cluster-operator

What it does

Move several features from SylvaUnitsRelease (SUR) Operator to SylvaWorkloadCluster (SWC) Operator
- The SUR is created in the same namespace that the final HelmRelease (HR). The SWCO is responsible for creating this namespace
- The main purpose of a SUR is to create a Sylva-units HR
- All Sylva opinated naming / resource mapping are handled by the SWC
Enable valuesFrom field in the SWC
- valuesFrom type is mutualized with the one declared in the SUR Operator to avoid duplication. Further MR may modify this behavior to make both operators having different validation rules
- ExternalSecret is a new supported type. It is the usual external secret from the external secret operator
- The SWCO is responsible for creating a ConfigMap from SURT values and adding a reference to it in the SUR valuesFrom when SURT valuesFrom are merged. It prevents SURT values to have higher priority compared to user provided valuesFrom
- The SWCO is in charge of detecting invalid parameter in valuesFrom objects
- The SWCO is in charge of deploying / copying valuesFrom items in the HR namespace
  - valuesFrom secrets are validated then copied in the SUR namespace
  - valuesFrom configmaps are validated then copied in the SUR namespace
  - valuesFrom external secrets are validated then their binded secret is copied in the SUR namespace
- Add tests about valuesFrom
Add several pkg folders to isolate code
Add a testhelpers package gathering functions used by xxx_test.go of other packages

See

and

Operator tests are ✅
- External secrets are well managed.
- An external secret referring to secret in Vault with {{ }} leads to error as expected
Local installation for capo is ✅ on going
- Security: An external secret trying to get secret in teamb from the team ClusterSecretStore will fail due to Vault policy

Edited Mar 25, 2025 by vladimir braquet