[feature request] Opt-in for automated service broker update

[gberche-orange]

Issue

Every changes to a [global] service broker catalog currently requires an execution of cf update-service-broker which requires admin permissions

Context

As a CF admin

• in order to enable 3rd party service providers to update their service catalog (such as new plans, documentation fixes) in a self-service manner without giving them cloudcontroller.admin permissions
• I need to be able to opt-in for automated service broker update in cf create-service-broker and cf update-service-broker commands

This feature request aims at feature parity with K8S service catalog broker registration

A broker may resynchronize automatically or may need to be resynchronized manually. By default, brokers are resynchronized automatically based on the brokerRelistInterval global setting in Service Catalog. If a broker must be resynchronized immediately or if .spec.relistBehavior on the broker has been set to manual, then it can be resynchronized manually by incrementing .spec.relistRequests

https://github.com/kubernetes-sigs/service-catalog/blob/a204c0d26c60b42121aa608c39a179680e499d2a/pkg/apis/servicecatalog/v1beta1/types.go#L105-L123

// RelistBehavior specifies the type of relist behavior the catalog should // exhibit when relisting ServiceClasses available from a broker. // +optional RelistBehavior ServiceBrokerRelistBehavior json:"relistBehavior"

// RelistDuration is the frequency by which a controller will relist the // broker when the RelistBehavior is set to ServiceBrokerRelistBehaviorDuration. // Users are cautioned against configuring low values for the RelistDuration, // as this can easily overload the controller manager in an environment with // many brokers. The actual interval is intrinsically governed by the // configured resync interval of the controller, which acts as a minimum bound. // For example, with a resync interval of 5m and a RelistDuration of 2m, relists // will occur at the resync interval of 5m. RelistDuration *metav1.Duration json:"relistDuration,omitempty"

// RelistRequests is a strictly increasing, non-negative integer counter that // can be manually incremented by a user to manually trigger a relist. // +optional RelistRequests int64 json:"relistRequests"

https://hub.kubeapps.com/charts/svc-cat/catalog

Parameter	Description	Default
controllerManager.brokerRelistInterval	How often the controller should relist the catalogs of ready brokers; duration format (20m, 1h, etc)	24h
controllerManager.brokerRelistIntervalActivated	Whether or not the controller supports a --broker-relist-interval flag. If this is set to true, brokerRelistInterval will be used as the value for that flag.	true

Considered alternatives

Future support for CF permissions could allow for a specific user to be granted service broker update permission on a given service broker entity.

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/173078886

The labels on this github issue will be updated when the story is started.