(#5522) Enhance environment trait to include values from secrets/conf…

[tdiesler]

No description provided.

[github-actions]

⚠️ Unit test coverage report - coverage decreased from 39.9% to 39.8% (-0.1%)

[squakez]

Thanks for the work. However, I think this is going too deep in introspecting the value provided by the user. The operator should not peek at any config or secret for a matter of sensitive data. In fact, the goal of the feature is to let the user only provide the configuration and the goal of the operator should be syntactic sugar, transforming the trait parameter into the env container format. We should not worry if the user has provided a missing value, this should be an error that the rest of kubernetes logic should worry about.

Also, it would be better to have some unit test and increase coverage. E2E are fine, but, they must be in conjunction with unit test.

[squakez]

You need to perform make generate to regen the spec and documentation.

[tdiesler]

I unfortunately get an NPE when running this on my Mac as well as on some Linux server

[squakez]

Okey, we have an auto regen in the nightly so it will be eventually sync-ed, but you should report this to get it sorted.

[tdiesler]

Thanks for the work. However, I think this is going too deep in introspecting the value provided by the user. The operator should not peek at any config or secret for a matter of sensitive data. In fact, the goal of the feature is to let the user only provide the configuration and the goal of the operator should be syntactic sugar, transforming the trait parameter into the env container format. We should not worry if the user has provided a missing value, this should be an error that the rest of kubernetes logic should worry about.

Of course, I should have thought about that and read the issue description properly. I'll have something alternative to look at later today.

[github-actions]

⚠️ Unit test coverage report - coverage decreased from 39.9% to 39.8% (-0.1%)

[squakez]

Okey, we have an auto regen in the nightly so it will be eventually sync-ed, but you should report this to get it sorted.

[squakez]

Sorry, I only gave you the link to the struct without explaining how I was thinking to use it. If you see, the object is already in charge to decode a string of type configmap|secret:my-val. The idea is to leverage such an abstraction by passing the user value without worrying about the type. Then, we can iterate over such objects and again, just setting corev1.ConfigMapKeySelector if such value is not nil, or corev1.SecretMapKeySelector accordingly. This would reduce the need to have these setValFromXYZKeySelector funcs

[tdiesler]

Can this really be optimised without loosing specific error messages and the override of potentially existing EnvVarSource for a given key? I don't really understand why the if envVar := envvar.Get(*vars, envName); envVar != nil check is necessary. Should we get rid of that?

These setValFromXYZKeySelector funcs are mainly there for better readability. I could put the code in the above switch but there isn't any redundant duplication here afaict.

[squakez]

You don't need to provide specialized error messages. This can be much more compacted (hence more maintainable and less error prone) by:

1. If not configmap/secret, just do the normal logic
2. if configmap/secret, decode the parameter (note that it returns an error we can bubble up, the operator would know what to do with it)
3. if the decoded value is a configmap (check its decoded struct is not nil), add it as a configmap, otherwise add as a secret
   I don't see the need to verify if the env var already exists either. If it exists by any chance, we are just setting it again.

[tdiesler]

Failed (unrelated) in ...
❌ TestOLMOperatorUpgrade

[squakez]

Superseded by #5754