feat: add connection string secret annotations

[limwa]

Summary

Fixes mongodb/mongodb-kubernetes-operator#1522.

This is a port of mongodb/mongodb-kubernetes-operator#1582.

In this PR, I've added the ability to add custom annotations to the generated connection string secrets in MongoDB Community Operator.

This is useful to handle more deployment scenarios, in particular, scenarios where the operator is not deployed cluster-wide, but to a specific namespace. In these scenarios, the connectionStringSecretNamespace property becomes useless because, as stated in the Kubernetes docs, cross-namespace owner references are disallowed, thus allowing for the secrets to be immediately garbage-collected, as stated in mongodb/mongodb-kubernetes-operator#1578. For the owner references to be valid, the secrets need to be generated in the namespace of the MDBC resource. However, if the user needs the secrets to be present in other namespaces, they can use reflector, for instance, which allows for the secrets to be copied to other namespaces. The problem is that reflector and other similar controllers require the source secrets to be annotated with specific properties.

As such, I've implemented a connectionStringSecretAnnotations property that allows MongoDB Community Operator users to specify per-user connection string secret annotations.

Proof of Work

I've added a unit test and an e2e test. The unit test is passing. Regarding the e2e test, it was passing in the mongodb-kubernetes-operator repository, but I couldn't figure out how to run the e2e tests in this repository.

Checklist

• Have you linked a jira ticket and/or is the ticket in the title?
  • No, should I create an issue in this repository for that?
• Have you checked whether your jira ticket required DOCSP changes?
  • What does this mean?
• Have you checked for release_note changes?

Reminder (Please remove this when merging)

• Please try to Approve or Reject Changes the PR, keep PRs in review as short as possible
• Our Short Guide for PRs: Link
  • I can't access this link
• Remember the following Communication Standards - use comment prefixes for clarity:
  • blocking: Must be addressed before approval.
  • follow-up: Can be addressed in a later PR or ticket.
  • q: Clarifying question.
  • nit: Non-blocking suggestions.
  • note: Side-note, non-actionable. Example: Praise
  • --> no prefix is considered a question

[MaciejKaras]

@limwa thanks for the contribution and migrating the change to MCK repository.

For the e2e tests to run MongoDB engineer needs to approve the CI pipeline. I did that and it seems PR needs to be updated with master and require running pre-commit again.

[limwa]

@MaciejKaras thanks! I've updated the branch with master and everything should be okay now.

I've also changed the LC_ALL variable in my Linux computer so that sort properly sorts the files, and the PR diff is now much smaller and comprehensible.

[MaciejKaras]

From my side this is a complete feature with all necessary docs and testing. Great work!

[MaciejKaras]

evergreen retry

[limwa]

Any chance I could get the logs for the failing e2e_mco_tests job?

[MaciejKaras]

@limwa It is fine, just flaky test

[lsierant]

LGTM! Thanks for contributing it!

[vinilage]

Thanks for your contribution @limwa.

[limwa]

Thanks to everyone for approving this PR 🙏🏻

[MaciejKaras]

Thanks to everyone for approving this PR 🙏🏻

@limwa np :) feel free to merge the PR (squash and merge option please).

[limwa]

I don't have write access to merge the PR haha, so I'll leave that to you! 😁