[ServiceCatalog] Bindings are hardcoded to the Azure Mysql parameters and output

[arapulido]

I tried to create a binding for an instance of Google Cloud Pub/Sub service (instance provisioning works fine), but the binding requires some parameters that you cannot pass with Kubeapps, so the binding fails:

ServiceBroker returned failure; bind operation will not be retried: Status: 422; ErrorMessage: <nil>; Description: This request requires client support for asynchronous service operations.; ResponseError: <nil>

Also the output of the binding is hardcoded to Azure Mysql, so even if it worked, the output woudn't make sense for the pubsub case:

The binding create OSB definition also has an optional JSON schema. For example, in the case of the Google PubSub this is:

Binding Create Parameter Schema:
  $schema: http://json-schema.org/draft-04/schema#
  form:
  - roles
  - serviceAccount
  - createServiceAccount
  properties:
    createServiceAccount:
      default: false
      description: Create a new service account for MySQL binding.
      title: Create service account
      type: boolean
    roles:
      default:
      - roles/cloudsql.client
      description: The list of CloudSQL roles for this binding. Affects the level of
        access granted to the service account.
      items:
        enum:
        - roles/cloudsql.client
        type: string
      title: Roles
      type: array
      uniqueItems: true
    serviceAccount:
      description: The GCP service account to which access will be granted. For example
        <storage-service-account> or <storage-service-account>@<project-id>.iam.gserviceaccount.com
      title: Service account ID
      type: string
  required:
  - serviceAccount
  - roles
  type: object

We should implement the equivalent of #239 for Binding Creation as well

[prydonius]

Interesting, I was not aware of the bindingCreateParameterSchema, we should definitely implement this and generalise the secret output. Thanks for spotting this @arapulido!

[prydonius]

I implemented the bindingCreateParameterSchema and was still seeing the error you were getting above @arapulido. After asking in the #sig-service-catalog channel in Slack, it turns out an alpha feature needs to be enabled to allow asynchronous provisioning of bindings: https://github.com/kubernetes-incubator/service-catalog/blob/87a5db0e1e0359ce372037a235ce4448944c8611/charts/catalog/values.yaml#L127.

After enabling that, I was got a step further and got another error:

\"ResourceErrorCode\":\"403\",\"ResourceErrorMessage\":{\"code\":403,\"message\":\"User not authorized to perform this action.\",\"status\":\"PERMISSION_DENIED\"

Though I do see the subscription get created, as well as the service account (ticked the create service account option in the binding parameters). Not sure how to fix the permissions to get this working on the GCP side, but getting closer.