Value Statement

As a policy consumer, I want to be able to generate policies using Kustomize that points to Helm resources.

Existing PR: https://github.com/open-cluster-management-io/policy-generator-plugin/pull/109

However, rather than an option in the PolicyGenerator object as with the current PR, this will be implemented as an environment variable for the generator to pick up when it is run.

An integration test will need to added to ensure that the Helm lookup function is not able to fetch secrets and other secure objects on the cluster (i.e. that the ServiceAccount attached to it does not have unexpected permissions).

Definition of Done for Engineering Story Owner (Checklist)

Development Complete

• The code is complete.
• Functionality is working.
• Any required downstream Docker file changes are made.

Tests Automated

• [ ] Unit/function tests have been automated and incorporated into the
  build.
• [ ] 100% automated unit/function test coverage for new or changed APIs.

Secure Design

• [ ] Security has been assessed and incorporated into your threat model.

Multidisciplinary Teams Readiness

• [ ] Create an informative documentation issue using the [Customer
  Portal_doc_issue template](
  https://github.com/stolostron/backlog/issues/new?assignees=&labels=squad%3Adoc&template=doc_issue.md&title=),
  and ensure doc acceptance criteria is met. Link the development issue to
  the doc issue.
• [ ] Provide input to the QE team, and ensure QE acceptance criteria
  (established between story owner and QE focal) are met.

Support Readiness

• [ ] The must-gather script has been updated.