Added support to join external noobaa system from hosted clusters

[bernerhat]

Explain the changes

1. continuation of Kaustav's PR

Issues: Fixed #xxx / Gap #xxx

Testing Instructions:

• Doc added/updated
• Tests added

[dannyzaken]

If I'm not mistaken, R.Secret is deleted automtically, since it's owned by the noobaaAccount CR. I don't think that anything is changed in this PR with respect to deletion. Can you please verify it?

[dannyzaken]

Suggested change

	if strings.ToLower(annotationValue) != strconv.FormatBool(false) {
	if strings.ToLower(annotationValue) == "true" {

[dannyzaken]

Is an empty token somthing that can be returned by noobaa-core in case there is no error? did you encounter this?

[dannyzaken]

I suggest giving clearer names to the variables. annotationVal and annotationBoolVal are too generic

[dannyzaken]

Again, unless I'm missing somthing, I don't see a reason to use strconv.FormatBool(true) and not "true"

[dannyzaken]

since you repeat this code more than once, mayb extract this to a function isRemoteClientNoobaa

[dannyzaken]

If the remote-operator annotation exist, do you need to also create access keys (r.Secret)?

Maybe just reuse the same r.Secret and populate it with the relevant values according to the annotatioin?

[bernerhat]

it's a valid point but since it was Kaustav's decision to use a new secret, i'm not sure what led to him creating a new secret.
Lets leave the new secret in place and when Kaustav returns from his leave we can change this. i'll open an issue for it as well (since changing it will most likely cause changes to code in other repos such as ocs-operator which uses this secret)

[dannyzaken]

I prefer to make the code simpler and not to create 2 secrets for a single noobaa account. I suggest that for now add an "auth_token" key on r.Secret. If there is a reason to create a separate secret than we can make this change later

[dannyzaken]

did you mean to create nbremoteAuthToken?

Suggested change

	err = r.Client.Create(r.Ctx, r.Secret)
	err = r.Client.Create(r.Ctx, nbremoteAuthToken)

[dannyzaken]

I prefer to make the code simpler and not to create 2 secrets for a single noobaa account. I suggest that for now add an "auth_token" key on r.Secret. If there is a reason to create a separate secret than we can make this change later

[dannyzaken]

I see now that the annotation is on the noobaa CR and not the noobaaAccount CR. In that case, what's the difference between remote-operator and MulticloudObjectGatewayProviderMode?

[bernerhat]

The remote-operator is an annotation which is being added to the account CR by the ocs-operator while we are on the provider side in order to indicate when we onboard a new consumer and therefore need a new auth token to be added to the account. The MulticloudObjectGatewayProviderMode annotation is being added to the Noobaa CR while we are running remotely and need to indicate that we only wish to deploy the operator and connect to a remote cluster.

[dannyzaken]

But here you check the annotaion on the noobaa CR and not the account CR (r.NooBaa.GetAnnotations())

[bernerhat]

you are correct it's a mistake, will fix.

[bernerhat]

@dannyzaken everything is done and tested can you please re-review

[dannyzaken]

trueStr instead of strconv

[bernerhat]

done

[bernerhat]

i've rebased, can we merge? i dont have permissions to merge myself. @dannyzaken