UPSTREAM: <carry>: add ns scoped s3 support.

[HumairAK]

Resolve RHOAIENG-1707 from dsp side

Description of your changes:

Adds the ability to specify pipeline root based on prefix within a namespace. This pr allows users to:

1. provide different credentials for different paths
2. configure non aws s3 compatible artifact stores
3. allow tls configuration for artifact store connection
4. adds a new custom property to mlmd bucket_session_info, this is added by the root driver container, so we read the kfp-launcher configmap once per pipeline

I would have preferred to organize this very differently but as this is a carried patch I've tried to minimize code deletions to make it easy to merge in upstream changes and minimize conflicts.

Testing changes

Deploy a kfp-launcher configmap that points to your minio/s3/etc:

kfp-launcher-configmap.yaml

apiVersion: v1
data:
  defaultPipelineRoot: s3://my-bucket/v2/artifacts/path/1
  providers: |-
    s3:
      # if non us-east-1, region is required
      endpoint: https://s3.us-east-2.amazonaws.com 
      region: us-east-2
      defaultProviderSecretRef:
        secretName: "secret-1"
        accessKeyKey: "access_key_1"
        secretKeyKey: "secret_key_1"
    minio:
      endpoint: http://minio-dspa.apps.hukhan-3.dev.datahub.redhat.com
      region: minio
      defaultProviderSecretRef:
        secretName: "secret-2"
        accessKeyKey: "access_key_2"
        secretKeyKey: "secret_key_2"
      authConfigs:
        - bucketName: "my-bucket"
          keyPrefix: "v2/artifacts/path/1/"
          secretRef:
            secretName: "secret-3"
            accessKeyKey: "access_key_3"
            secretKeyKey: "secret_key_3"
        - bucketName: "my-bucket"
          keyPrefix: "v2/artifacts/path/2/"
          secretRef:
            secretName: "secret-4"
            accessKeyKey: "access_key_4"
            secretKeyKey: "secret_key_4"
kind: ConfigMap
metadata:
  name: kfp-launcher
  namespace: dspa

Then deploy a dspa in a non kubeflow namespace:

dspa.yaml

apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1
kind: DataSciencePipelinesApplication
metadata:
  name: sample
spec:
  dspVersion: v2
  apiServer:
    deploy: true
    image: quay.io/hukhan/ds-pipelines-api-server:pr-4
    argoLauncherImage: quay.io/hukhan/kfp-launcher:pr-4
    argoDriverImage: quay.io/hukhan/kfp-driver:pr-4
  persistenceAgent:
    deploy: true
    image: gcr.io/ml-pipeline/persistenceagent:2.0.2
  scheduledWorkflow:
    deploy: true
    image: gcr.io/ml-pipeline/scheduledworkflow:2.0.2
  mlmd:
    deploy: true
    grpc:
      image: gcr.io/tfx-oss-public/ml_metadata_store_server:1.14.0
    envoy:
      image: gcr.io/ml-pipeline/metadata-envoy:2.0.2
  database:
    disableHealthCheck: true
    mariaDB:
      deploy: true
  objectStorage:
    minio:
      deploy: true
      image: 'quay.io/opendatahub/minio:RELEASE.2019-08-14T20-37-41Z-license-compliance'
  mlpipelineUI:
    image: gcr.io/ml-pipeline/frontend:2.0.2
  workflowController:
    deploy: true
    image: gcr.io/ml-pipeline/workflow-controller:v3.3.10-license-compliance

[HumairAK]

Note this follows option 2 as described here, with the addition of some new fields to specify different s3 providers.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hbelmiro, HumairAK

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [HumairAK]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[hbelmiro]

/lgtm