Allow the `spec.backend.s3.endpoint` and `spec.backend.s3.bucket` values to be taken from secrets

[akosma]

Summary

As an AppCat and K8up user I want to be able to specify the S3 endpoint and bucket name from secrets So that I can reuse the information provided by AppCat when provisioning S3 buckets.

Context

Right now the spec.backend.s3.endpoint and spec.backend.s3.bucket values must be strings. This feature would allow users to specify them as objects, getting their values from pre-existing secrets, similarly to how one can specify the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY values.

The YAML below (invalid at the time of this writing) describes how this feature would allow grabbing the S3 endpoint and bucket name values from pre-existing secrets (in this case named objectbucket-creds):

apiVersion: k8up.io/v1
kind: Backup
metadata:
  name: backup-test
spec:
  backend:
    repoPasswordSecretRef:
      name: restic-repo
      key: password
    s3:
      endpoint:
        valueFrom:
          secretKeyRef:
            name: objectbucket-creds
            key: ENDPOINT_URL
      bucket:
        valueFrom:
          secretKeyRef:
            name: objectbucket-creds
            key: BUCKET_NAME
      accessKeyIDSecretRef:
        name: objectbucket-creds
        key: AWS_ACCESS_KEY_ID
      secretAccessKeySecretRef:
        name: objectbucket-creds
        key: AWS_SECRET_ACCESS_KEY

Out of Scope

No response

Further links

AppCat: https://docs.appuio.cloud/appcat/index.html

Acceptance Criteria

No response

Implementation Ideas

No response

[gunishmatta]

@akosma I would like to work on this

[Kidswiss]

@gunishmatta Have you started working on this?

We have this in our backlog, so I'd like to avoid having two implementations for this :)

[akosma]

Any news about this one?

[M0NsTeRRR]

Hello, it would be cool if this feature is implemented for other backends too.