Model Spin RuntimeConfig in the Spin App custom resource

[calebschoepp]

It is Hard to integrate with other Kubernetes Operators if the Spin RuntimeConfig is a toml file in a secret. Partially because TOML, partially because various operators may be populating and updating different parts of the secret that we'd want to pull for different fields.

This means we likely want something like: (that we then render and turn into a secret for the pod)

runtimeConfig:
  keyValueStores:
    default:
      type: "azure_cosmos"
      account: "<cosmos-account>"
      database: "<cosmos-database>"
      container: "<cosmos-container>"
      key:
        secret: # secret is specified here bc we want to use a k8s secret, we might also wanna integrate with service accounts and stuff over time
          secretName: "my-cosmos-key"
          secretPath: ".key" # optional

[calebschoepp]

Previous Discussion

@calebschoepp

A concern I have with directly pushing the runtime config into the spec is that we will constantly have to work to keep the spec up to date with changes made to Spin runtime config. Based off what I've heard from others experiences this kind of churn in the spec can be hard to deal with. Something to consider.

@lann

It seems kind of reasonable to expect people to upgrade the operator if they want to support a new version of Spin...

@macolso

Are we aligned with the approach @endocrimes suggested above (turning runtimeconfig into secret for pod)? If so, what would we consider success criteria for closing this issue? Are any modifications needed for how we're handling runtime config today?

@endocrimes

We need to add structured runtimeConfig to the CRD, then implement rendering it into a secret. This has a few tricky things to solve (specifically how do we handle a dependency of the config not being available yet) - but I'm tentatively hoping to tackle this the week after Cancun.