Let DbUsers use ConfigMap data in templates

api/v1beta1/webhook.go

@@ -27,20 +27,17 @@ import (
 
 var (
 	helpers       []string = []string{"Protocol", "Hostname", "Port", "Password", "Username", "Password", "Database"}
-	functions     []string = []string{"Secret", "ConfigMap", "Query"}
-	userFunctions []string = []string{"ConfigMap"}
+	allowedFunctions     []string = []string{"Secret", "ConfigMap", "Query"}
 )
 
 // Make sure that credentials.templates are correct
 // ConfigMaps templating is not allowed for DbUser, that's why we have
 //
-//	the second argument: cmAllowed. It should be set to false when
-//	validation is called by dbuser_webhook.
+// the second argument: cmAllowed. It should be set to false when
+// validation is called by dbuser_webhook.
 func ValidateTemplates(templates Templates, cmAllowed bool) error {
 	for _, template := range templates {
-		allowedFunctions := functions
 		if !cmAllowed {
-			allowedFunctions = userFunctions
 			if !template.Secret {
 				err := errors.New("ConfigMap templating is not allowed for that kind. Please set .secret to true")
 				return err
@@ -74,7 +71,7 @@ func validHelperField(field string) bool {
 }
 
 func validFunctionField(field string) bool {
-	return slices.Contains(functions, field)
+	return slices.Contains(allowedFunctions, field)
 }
 
 func validFunctionArg(field string) bool {

api/v1beta1/webhook_test.go

@@ -40,10 +40,4 @@ func TestUnitTemplatesValidator(t *testing.T) {
 	assert.NoErrorf(t, err, "expected no error: %v", err)
 	err = v1beta1.ValidateTemplates(cmTemplates, false)
 	assert.ErrorContains(t, err, "ConfigMap templating is not allowed for that kind. Please set .secret to true")
-
-	cmTemplates = v1beta1.Templates{
-		{Name: "TEMPLATE_1", Template: "{{ .ConfigMap \"test\" }}", Secret: false},
-	}
-	err = v1beta1.ValidateTemplates(cmTemplates, false)
-	assert.ErrorContains(t, err, "ConfigMap templating is not allowed for that kind. Please set .secret to true")
 }