Resolve "Transition all BB values to Secret objects parsed by `HelmRelease`"

Summary

• Removes all inline HelmRelease values and replaces with {{ .Release.Name }}-<package>-values secret loaded via valuesFrom
  • These values are loaded before the values passthroughs so they get overridden by any customer defined values
  • the secret creation is handled by a named template values-secret
• refactors all customer overlay values into the same secret with bb defaults but using a different overlays key
• introduces common values that are set in the values-secret named template that all charts can use (currently empty)
• Refactors haproxy-sso helmrelease into it's own file (instead of with the authservice namespace.yaml)
• ensure istiooperator components are tied to .Values.istiooperator.enabled (instead of .Values.istio.enabled)

Closes #223 (closed)

chart/templates/anchore/anchore-helmrelease.yaml

@@ -35,66 +35,12 @@ spec:
   {{- end }}
 
   valuesFrom:
-    - name: values
+    - name: {{ .Release.Name }}-anchore-values
       kind: Secret
-      valuesKey: "anchore.yaml"
-  values:
-    hostname: {{ .Values.hostname }}
-    istio:
-      enabled: {{ .Values.istio.enabled }}
-    monitoring:
-      enabled: {{ .Values.monitoring.enabled }}
-    {{- if and .Values.addons.anchore.enterprise.enabled .Values.addons.anchore.enterprise.licenseYaml }}
-    enterpriseLicenseYaml: |
-      {{ .Values.addons.anchore.enterprise.licenseYaml | nindent 6 }}
-    {{- end }}
-    {{- if .Values.addons.anchore.enterprise.enabled }}
-    sso:
-      enabled: {{ .Values.addons.anchore.sso.enabled }}
-      spEntityId: {{ .Values.addons.anchore.sso.client_id }}
-      acsUrl: "https://anchore.{{ .Values.hostname }}/service/sso/auth/keycloak"
-      idpMetadataUrl: "https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/saml/descriptor"
-      roleAttribute: {{ .Values.addons.anchore.sso.role_attribute }}
-    {{- end }}
-    anchoreEnterpriseGlobal:
-      enabled: {{ .Values.addons.anchore.enterprise.enabled }}
-      imagePullSecretName: private-registry
-    postgresql:
-      imagePullSecrets: private-registry
-      {{- if and .Values.addons.anchore.database.host .Values.addons.anchore.database.port .Values.addons.anchore.database.username .Values.addons.anchore.database.password .Values.addons.anchore.database.database }}
-      enabled: false
-      postgresUser: {{ .Values.addons.anchore.database.username }}
-      postgresPassword: {{ .Values.addons.anchore.database.password }}
-      postgresDatabase: {{ .Values.addons.anchore.database.database }}
-      externalEndpoint: "{{ .Values.addons.anchore.database.host }}:{{ .Values.addons.anchore.database.port }}"
-      {{- end }}
-    anchoreGlobal:
-      {{- if .Values.addons.anchore.adminPassword }}
-      defaultAdminPassword: {{ .Values.addons.anchore.adminPassword }}
-      {{- end }}
-      imagePullSecretName: private-registry
-    {{- if .Values.addons.anchore.enterprise.enabled }}
-    anchore-feeds-db:
-      imagePullSecrets: private-registry
-      {{- if and .Values.addons.anchore.database.host .Values.addons.anchore.database.port .Values.addons.anchore.database.username .Values.addons.anchore.database.password .Values.addons.anchore.database.feeds_database }}
-      enabled: false
-      postgresUser: {{ .Values.addons.anchore.database.username }}
-      postgresPassword: {{ .Values.addons.anchore.database.password }}
-      postgresDatabase: {{ .Values.addons.anchore.database.feeds_database }}
-      externalEndpoint: "{{ .Values.addons.anchore.database.host }}:{{ .Values.addons.anchore.database.port }}"
-      {{- end }}
-    anchoreEnterpriseUi:
-      imagePullSecretName: private-registry
-    anchore-ui-redis:
-      {{- if and .Values.addons.anchore.redis.host .Values.addons.anchore.redis.port .Values.addons.anchore.redis.password }}
-      enabled: false
-      externalEndpoint: "redis://:{{ .Values.addons.anchore.redis.password }}@{{ .Values.addons.anchore.redis.host }}:{{ .Values.addons.anchore.redis.port }}"
-      password: {{ .Values.addons.anchore.redis.password }}
-      {{- end }}
-      image:
-        pullSecrets:
-        - private-registry
-    {{- end }}
+      valuesKey: "values.yaml"
+    - name: {{ .Release.Name }}-anchore-values
+      kind: Secret
+      valuesKey: "overlays"
 
   {{- if or .Values.istio.enabled .Values.monitoring.enabled }}
   dependsOn: