Add support for LDAP authentication

[sbernauer]

Description

For #5
Integration-Tests: https://github.com/stackabletech/integration-tests/pull/175
Use ./create_test_cluster.py --kind --operator superset=0.4.0-pr145 before running the tests

Review Checklist

• Code contains useful comments
• (Integration-)Test cases added (or not applicable)
• Documentation added (or not applicable)
• Changelog updated (or not applicable)
• Cargo.toml only contains references to git tags (not specific commits or branches)
• Helm chart can be installed and deployed operator works (or not applicable)

Once the review is done, comment bors r+ (or bors merge) to merge. Further information

[nightkr]

Nit: Is it worth pulling this out into a file that we include_str!?

[sbernauer]

If you take a look at the current config.rs it now has a lot more format strings and i think i would make it difficult to read if we pull all of them out into separate files

[nightkr]

Yeah.. those are all currently completely unescaped (https://github.com/stackabletech/superset-operator/pull/145/files/e54c1406da7ca2eb76db0f1558750c8d3e67d656#r826035108). I'd much rather stick them in through a secondary channel (either env vars or a JSON file we deploy next to the config.py perhaps?) and deploy the same config.py everywhere which then reads that secondary channel.

[sbernauer]

I would like to establish like a "common pattern" of how to do that in all the products supporting LDAP.
And not all products support executing arbitrary code to collect the Env/Json i guess. Maybe we should do a proper validation/escaping in the AuthenticationClass so that we validate all properties in a single place and the operators can behave all the same way? (I'm afraid we need proper validation/escaping anyhow)

[nightkr]

Most product operators that don't support turing-complete configuration languages already use a common and well-defined configuration format where this isn't a problem anyway (JSON, XML, Java properties, whatever). This is just adapting Superset to follow the same convention.

[sbernauer]

Hmm would be ok for me to put this into env vars and than read them with Python

[nightkr]

That should be fine.

[sbernauer]

I think this is fine for now because @siegfriedweber is working on an overhaul of the configuration for Superset and escaping Python-Strings and so on

[nightkr]

Is there any value in piping through the product-config machinery if we don't actually use it anyway?

[sbernauer]

That's a good question which came also to my mind. Maybe I'm doing it wrong but i haven't understand the benefit of the product-config machinery yet.

[sbernauer]

I think we can ignore this for now as @siegfriedweber is working on an overhaul of the product machinery for Superset and we focus on getting the feature in at the moment

[sbernauer]

Thanks for your review @teozkr!
Only open issue is to create a release of the commons-operator so that we can reference a fixed tag version.
I will work on that but requires some time (we decided to move the common structs into operator-rs - see Architecture meeting notes)

[sbernauer]

@teozkr I added the needed common structures to operator-rs 0.16 and upgraded to it.
So everything should be finally done™

[sbernauer]

Thanks again for another round of feedback, it should be addressed by now.
integration-tests run successfully.

[sbernauer]

Thanks for approving @teozkr!
As we already merged the new config validation mechanism by @siegfriedweber in #173 i need to adopt the implementation to use the new approach.
I created #180 for this, i will request review when it is ready to be reviewed. The actual implementation should not change, only using the new validation mechanism.

[sbernauer]

Closed in favor of #180