[Azure marketplace] Allow user to choose UI password in installation wizard

[foot]

From the meeting Darryl noted:

To set the cluster_user_auth, we should take the input as a password field from the configuration form and use that to set the admin password. Madhav/MSFT will also see if he can find an example to send us as well.

Madhav followed up with

For passing cluster-user-auth secret you could use PasswordBox UI element - Azure Managed Applications | Microsoft Learn as required field in UI Definition. Microsoft.Common.PasswordBox and securestring in ArmTemplate Data types in templates - Azure Resource Manager | Microsoft Learn Passing this password variable into ConfigurationProtectedSettings{}, so that it will be set in helmchart values securely.

Notes

Is this an okay way forward? It sounds like we'd adapt the azure helm chart to take an optional plaintext secret, if provided then we generate the cluster-user-auth secret too..

Possible Tasks

• The most recent code that changed the wizard flow was:
  • https://github.com/weaveworks/weave-gitops-enterprise/issues/3117 that links to the commit https://github.com/weaveworks/weave-gitops-enterprise/commit/c068558c784428d9c9498aa41307ea8fce80fb2f
  • Can be used as a template of what we need to do here.
• Checkout the aws-marketplace (bad name), branch of EE
• Edit the createUIDefinition.json file adding a Microsoft.Common.PasswordBox
• Copy and paste the createUIDefinition.json into https://portal.azure.com/#view/Microsoft_Azure_CreateUIDef/SandboxBlade to test it out
• Change the mainTemplate.json to map the passwordbox onto some path in the values.yaml (clusterUserAuth?)
• add a ./hack/azure-marketplace/mccp/templates/cluster-user-auth-secret.yaml that conditionally renders a secret w/ the password if .Values.clusterUserAuth is set?
• https://helm.sh/docs/chart_template_guide/function_list/#htpasswd would allow us to take a plain-text secret and bcrypt it before

[LappleApple]

This is a Microsoft request and part of the "Weave GitOps with Flux add-on in AKS" initiative.

Notion has instructions for getting an Azure cluster/demo env.