helm lookup support in helm operator

[holyspectral]

Feature Request

Describe the problem you need a feature to resolve.

This is related to #5728

Our use case is that we'd like to use helm's built-in genSelfSignedCert() to generate certificates combined with lookup() to make the certificate persistent across each helm upgrade. For example:

{{- $secretData := (lookup "v1" "Secret" .namespace .secret).data  -}} 
{{- if and $secretData (hasKey $secretData .key) -}} 
  {{- $value = index $secretData .key -}} 
{{- else if .defaultValue -}} 
  {{- $value = .defaultValue | toString | b64enc -}} 
{{- end -}} 

While this works well most of time, helm-operator keeps detecting non-existing changes and run helm upgrade in each reconcile cycle. This is because in helm operator, --dry-run is used to check if there is a change. Since lookup() always return nil, helm --dry-run always generates new certificate and results in a helm upgrade.

Describe the solution you'd like.

In helm v3.13, a new option is added, so users can optionally contact API server and make --dry-run support lookup(). (helm/helm#9426). ArgoCD also has plan to support lookup(). argoproj/argo-cd#5202

We'd love to contribute to make this happen in helm operator.

[varshaprasad96]

@holyspectral Would you be willing to submit a PR to add the --dry-run option introduced in helm? Closing this issue here, and tracking the changes in #5728. Please feel free to assign the previous issue to yourself. We appreciate any contributions.