[POC] Catalog Views and integration with Service Manager

[PK85]

Description

Provide new UI for BTP Operator in the Busola where users can see Service Catalog. For now it could be separate application, if installed in the Kyma cluster should already work. In the future probably it will be a part of the btp-manager module.

Reason

We want to make BTP Operator user's lives easier and more convenient where they can see all of the available services in the Busola and then just provision some of them.

AC

• 1) Direct integration with the Service Manager

  • 1.1) User can use default credentials + can select secret from any namespace (SM credentials are from different SA and then could see different instances and service offerings)
    Get Secrets for Service Manager #655 Service Manager client #674 Service Manager client ServiceOfferings test #703
  • 1.2) user can see a list of all service offerings from Service Manager from given SA (SM credentials are bound to given SA)
    Service Manager client - get Service Offering details and plans #717
  • 1.3) User can see a list of all existing instances from Service Manager from given SA (SM credentials are bound to given SA) Handle Service Instances in SM client #742, Handle Service Bindings in SM client and get Service Instances in API #735, Loading Service Instances in BTP Manager UI Backend - API #746 Service Instances API #758
  • 1.4) User can create a service binding on Service Manager side which results as a secret in the selected namespace in the Kyma environment Handle Service Bindings in SM client and get Service Instances in API #735 Service Bindings API #757
  • 1.5) User can delete a service binding on Service Manager side which invalidates given secret (probably we need to delete corresponding secret) Service Bindings API #757 Add secrets operations related to Service Bindings in API #772

• 2) New BTP Operator UI in the Busola

  • 2.1) check with Busola team, on how to embed our own web page (We should have a view in the namespace + in the overview taking into account all namespaces data)

• Think in future of making it mobile - friendly

Links

• check smctl what calls are executed
• https://github.com/Peripli/service-manager
• https://help.sap.com/docs/service-manager/sap-service-manager/sap-service-manager

[PK85]

Reference sharing:

apiVersion: services.cloud.sap.com/v1
kind: ServiceInstance
metadata:
  name: kyma-demo-instance-123
  namespace: develope
spec:
  serviceOfferingName: xsuaa
  servicePlanName: reference-instance
  parameters:
    referenced_instance_id: <shared service id>
---
apiVersion: services.cloud.sap.com/v1
kind: ServiceBinding
metadata:
  name: kyma-demo-binding-123
  namespace: develope
spec:
  serviceInstanceName: kyma-demo-instance-123

[kyma-bot]

This issue or PR has been automatically marked as stale due to the lack of recent activity.
Thank you for your contributions.

This bot triages issues and PRs according to the following rules:

• After 60d of inactivity, lifecycle/stale is applied
• After 7d of inactivity since lifecycle/stale was applied, the issue is closed

You can:

• Mark this issue or PR as fresh with /remove-lifecycle stale
• Close this issue or PR with /close

If you think that I work incorrectly, kindly raise an issue with the problem.

/lifecycle stale

[kyma-bot]

This issue or PR has been automatically closed due to the lack of activity.
Thank you for your contributions.

This bot triages issues and PRs according to the following rules:

• After 60d of inactivity, lifecycle/stale is applied
• After 7d of inactivity since lifecycle/stale was applied, the issue is closed

You can:

• Reopen this issue or PR with /reopen
• Mark this issue or PR as fresh with /remove-lifecycle stale

If you think that I work incorrectly, kindly raise an issue with the problem.

/close

[kyma-bot]

@kyma-bot: Closing this issue.

In response to this:

This issue or PR has been automatically closed due to the lack of activity.
Thank you for your contributions.

This bot triages issues and PRs according to the following rules:

• After 60d of inactivity, lifecycle/stale is applied
• After 7d of inactivity since lifecycle/stale was applied, the issue is closed

You can:

• Reopen this issue or PR with /reopen
• Mark this issue or PR as fresh with /remove-lifecycle stale

If you think that I work incorrectly, kindly raise an issue with the problem.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ukff]

Issue with UI development for embedding pages: kyma-project/busola#2762

[szwedm]

Meeting notes and current arrangements (3.04.24)

Arrangements:

• support operations as in Service Manager
• create REST API similar to Service Manager API (OSBAPI)
• allow to connect Service Instances and Service Bindings from Service Manager to the cluster (custom resources in the cluster should reflect instances and bindings in SM)

Limitations:

• Service Manager context is limited to the scope of SAP BTP service operator client provided during Kyma environment provisioning

Future ideas:

• allow update of the cluster ID
• service management as a BTP user (subaccount context)

[ukff]

early proposal of UI:

[ukff]

[szwedm]

SAP BTP service operator recognises the following secrets for service instances:

• default secret named sap-btp-service-operator in the centrally managed namespace (kyma-system)
• secret for a different subaccount mapped to a namespace in the cluster with namespace's name as a prefix in the secret's name <namespace-name>-sap-btp-service-operator in the centrally managed namespace (kyma-system)
• secrets named sap-btp-service-operator in other namespaces mapped to different subaccounts
• arbitrarily named secret in the centrally managed namespace (kyma-system) connected to a different subaccount pointed in the ServiceInstance btpAccessCredentialsSecret field in the spec

[szwedm]

PR introducing SecretProvider which fetches secrets with credentials for Service Manager:
#655

[szwedm]

UI PR: #649

[szwedm]

Adding Service Manager client: #674

[szwedm]

Unit test for SM client service offerings: #703

[ukff]

[szwedm]

I have discovered a troublesome behaviour: If a service binding with the same name binding (just an example name that does not matter in the example) for both binding and secret exists then creating another service binding with the following request fails but binding is created despite the API error:

{
name: "binding-new-name"
secret_name: "binding"
secret_namespace: "default"
service_instance_id: "872fe846-569e-4e54-98de-04983e8ea194"
}

PR with the fix: #826

[PK85]

Testing results:

• When adding new service binding, both name and secret name should have random suffix added. Right now only Secret name has it, see:
  @MarekMichali
• I added SB and secret, then kubectl delete secret, then back to UI. I was able to recreate secret. Then I changes SI to another one, and I was only able to change Secret Name. Binding name field was disabled for all instances. Even wrong Secret Name is suggested, see:
  @MarekMichali
  Hint: when I go to marketplace and back, it works again.
• When recreating secret for given Service Binding, suggest Secret Name with the same name as binding (do not add new suffix for Secret Name) @MarekMichali
• Still no way to close error windows, see:
  @ralikio Closing Message Strip #857

[PK85]

How to demo:

1. show 3 credentials in the Kyma cluster, two from SA_1 and one from SA_2 (show new UI, Busola and BTP Cockpit)

• 1.1) we use SM instance with 'service-operator-access' plan designed for SAP BTP Service Operator

2. add new entitlement to one of the SA and show new UI that marketplace is extended with new offering (classes and plans)
3. show how to create SI

• 3.1) we pass empty required "namespace" parameter when using SM 'service-operator-access' . Looks that namespace cannot be changed later on.

4. show how to create SB and secret in the given namespace
5. explain how thet looks like in the BTP Cockpit Service instances view (how to find which SM instance was used)
6. show how to restore a secret for given SB
7. Show SI created by SAP BTP Service Operator in our new UI and BTP Cockpit
8. Say what next:

• 7.1) How to bundle that into busola + authentication ([Spike] Execute UI scripts hosted in kubernetes cluster busola#3122)
• 7.2) Implement offerings view in the busola

Note: right now we do not pass CLUSTER_ID. Then in the BTP Cockpit instance we see SM instance name-serviceID