First step of AddPackageRepository - Package Repository API for Helm

[castelblanque]

Description of the change

Adds a basic implementation of AddPackageRepository method from package repository API for the Helm plugin (#3496). With basic I mean:

• No Docker credentials supported yet
• No TLS config with secret ref (it is, though, the TLS CA)
• No custom fields for Helm repos (e.g. template for cronjobs)

Package repositories for Helm plugin can be created now with the common repository API definition, e.g.

{
  "context": { "namespace": "example-ns" },
  "name": "example-repo",
  "type": "helm",
  "namespace_scoped": true,
  "url": "https://charts.bitnami.com/bitnami"
}

The above example will create a repository in the namespace example-ns.

Benefits

Repositories can be created meeting the new Package Repository API definition.

Possible drawbacks

None that I know. Outcome of this implementation should be the same AppRepository CRD created by the already existing API.
Don't see a problem with both APIs coexisting.

Applicable issues

Partially implements #4662.

Additional information

Following the example above, the one below will have the repo created in the global namespace, even if there is a namespace specified:

{
  "context": { "namespace": "example-ns" },
  "name": "example-repo",
  "type": "helm",
  "namespace_scoped": false,
  "url": "https://charts.bitnami.com/bitnami"
}

That does not seem very consistent to me, should we return failure in this case?

[netlify]

✅ Deploy Preview for kubeapps-dev canceled.

Name	Link
🔨 Latest commit	cff7999
🔍 Latest deploy log	https://app.netlify.com/sites/kubeapps-dev/deploys/628f914d7fbfe00008a04f16

[absoludity]

Hey @castelblanque . Did you check with @dlaloue-vmware about reviewing each other work? I can jump in and review if needed, but I think since you're both working on similar aspects for different plugins, it'd be a great chance to review each others and learn together?

[castelblanque]

You are totally right @absoludity. Will do!

[dlaloue-vmware]

logging the whole request may leak credentials. it would be better to abstract only what is necessary (see how it is done in the method CreateInstalledPackage)

[castelblanque]

It is a line copied from Flux plugin here.
If it is just to locate the operation in the logs, I would say that name and URL should suffice.
@gfichtenholt what do you think?

[gfichtenholt]

I needed more than name and URL when I was working on flux as some point. I debugged and found and fixed the problem, whatever it was, then and this just kind of remained. I think @dlaloue-vmware is right, could you fix it and also fix one in flux as well if you have the bandwidth. Thanks in advance

[dlaloue-vmware]

i think we have agreed to validate that the namespace and scope were consistent (e.g. if scope is global but namespace is not the global namespace, then it should be a validation error)

[castelblanque]

Ok, added the check.

[dlaloue-vmware]

this is just a suggestion, but if the namespace is not provided, we could default it to the global namespace.
this makes it easier for users as the global namespace is not required to be known

[castelblanque]

Yep, it makes sense. Will add it.

[castelblanque]

@dlaloue-vmware Thanks for the review!

[antgamdia]

Thanks for the changes! LGTM
I wanted to get into the UI revamp to refresh my knowledge regarding repos before looking at the PR.

Minor side coment:

• Have a look at remove un-needed .../plugin/... from URL paths in flux2.proto #4708 (comment) where Greg commented about the file: cmd/apprepository-controller/vendor/k8s.io/code-generator

[antgamdia]

No action required in this PR, but just mentioning it for all us to be aware: the openapi.yaml file (which is the doc used for the interactive REST API portal) will get out of sync.

Also, but unrelated: I don't know why my generator is different (meaning worse) than yours haha.

[antgamdia]

Didn't we have a shared /pkg/ folder share code across plugins?
I'm not sure, but I'd rather remove any dup code if possible, no?
(mentioning this bc I saw a similar fn in the flux plg)

[castelblanque]

Some code here is copied from Greg's Flux.
Most of the times due to Flux-specific structs it isn't possible to make it generic. I tried at the beginning but had to undo down the road.
We could do some refactoring in a later iteration if needed.

[antgamdia]

Correct me if I'm wrong here, @absoludity , but I'd rather say we weren't so fans of globals in the tests, preferring instead each test case being defining (and customizing with a given set of test-case properties) the object.

So, what about replacing those globals with just functions creating each struct based upon a set of params (where you foresee the variability, I mean).

[castelblanque]

Ok, I didn't know about that decision. I've used functions to generate structs at some points, but didn't want to convert tests in another set of complex code 😄

[absoludity]

Not so much a decision as a recommendation - global vars create shared state that is then used by different tests. Can lead to one test updating that shared state causing hard to debug failures in other tests etc. See https://dave.cheney.net/2017/06/11/go-without-package-scoped-variables for a good discussion.

[antgamdia]

Why unimplemented if invalid cluster?

[castelblanque]

Mmm yes, probably InvalidArgument makes more sense. Thanks!

[antgamdia]

nitpick (same in the rest of ocurrences)

Suggested change

	"CN": "fluxv2plugin-testdata-ssl-svc.default.svc.cluster.local CA",
	"CN": "helmplugin-testdata-ssl-svc.default.svc.cluster.local CA",

[castelblanque]

Will change it in the following PR that is based in this branch, if you don't mind.