K8SPSMDB-1359 control the disabling of the authorization through mongo config

[gkech]

CHANGE DESCRIPTION

Problem:

The operator does not respect the configuration of the authentication when we pass it as conf, since it is hardcoding the option on the container arguments.

We need to be able to configure the --auth option through the following configuration.

security:
  authorization: "disabled"

In order for the authorization to be disabled, TLS and more specifically clusterAuthMode should be disabled. This requires pausing and unpausing the cluster.

Cause:
Short explanation of the root cause of the issue if applicable.

Solution:

properly handle the provided configuration so that the --auth option is controlled. Also update the unit and e2e tests so that we can ensure that everything is working without problems.

CHECKLIST

Jira

• Is the Jira ticket created and referenced properly?
• Does the Jira ticket have the proper statuses for documentation (Needs Doc) and QA (Needs QA)?
• Does the Jira ticket link to the proper milestone (Fix Version field)?

Tests

• Is an E2E test/test case added for the new feature/change?
• Are unit tests added where appropriate?
• Are OpenShift compare files changed for E2E tests (compare/*-oc.yml)?

Config/Logging/Testability

• Are all needed new/changed options added to default YAML files?
• Are all needed new/changed options added to the Helm Chart?
• Did we add proper logging messages for operator actions?
• Did we ensure compatibility with the previous version or cluster upgrade process?
• Does the change support oldest and newest supported MongoDB version?
• Does the change support oldest and newest supported Kubernetes version?

[it-percona-cla]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[egegunes]

are sleeps in this file really necessary? if yes, please use sleep_with_log and add a descriptive message about what we are waiting for

[gkech]

the test is passing locally without the sleeps, let's hope that with jenkins is alright!

[egegunes]

I don't see the changes required to run handleReplsetInit with auth disabled, weren't they necessary?

[gkech]

Yeap noticed that both in main and in this branch, we are getting the exact same error message when trying to create the mongo client for triggering the init logic. The issue that I observed that we didnt run the init processe mainly happened because of some other changes that I tried. I confirmed that the userAdmin is created in mongo by using mongosh.

[JNKPercona]

Test Name	Result	Time
arbiter	passed	00:11:50
balancer	passed	00:17:57
cross-site-sharded	passed	00:18:16
custom-replset-name	passed	00:10:22
custom-tls	passed	00:14:22
custom-users-roles	passed	00:10:53
custom-users-roles-sharded	passed	00:12:09
data-at-rest-encryption	passed	00:13:16
data-sharded	passed	00:22:59
demand-backup	passed	00:16:05
demand-backup-eks-credentials-irsa	passed	00:00:07
demand-backup-fs	passed	00:22:59
demand-backup-if-unhealthy	passed	00:08:35
demand-backup-incremental	passed	00:43:47
demand-backup-incremental-sharded	passed	00:59:42
demand-backup-physical-parallel	passed	00:08:27
demand-backup-physical-aws	passed	00:11:59
demand-backup-physical-azure	passed	00:12:10
demand-backup-physical-gcp-s3	passed	00:11:54
demand-backup-physical-gcp-native	passed	00:11:14
demand-backup-physical-minio	passed	00:20:21
demand-backup-physical-minio-native	passed	00:19:26
demand-backup-physical-sharded-parallel	passed	00:10:54
demand-backup-physical-sharded-aws	passed	00:18:54
demand-backup-physical-sharded-azure	passed	00:17:57
demand-backup-physical-sharded-gcp-native	passed	00:17:45
demand-backup-physical-sharded-minio	passed	00:17:10
demand-backup-physical-sharded-minio-native	passed	00:17:56
demand-backup-sharded	passed	00:25:19
disabled-auth	passed	00:16:12
expose-sharded	passed	00:34:21
finalizer	passed	00:10:25
ignore-labels-annotations	passed	00:07:46
init-deploy	passed	00:12:50
ldap	passed	00:09:06
ldap-tls	passed	00:13:36
limits	passed	00:06:28
liveness	passed	00:09:19
mongod-major-upgrade	passed	00:13:32
mongod-major-upgrade-sharded	passed	00:22:06
monitoring-2-0	passed	00:25:44
monitoring-pmm3	passed	00:28:57
multi-cluster-service	passed	00:11:15
multi-storage	passed	00:19:25
non-voting-and-hidden	passed	00:16:03
one-pod	passed	00:07:47
operator-self-healing-chaos	passed	00:12:53
pitr	passed	00:31:59
pitr-physical	passed	01:01:55
pitr-sharded	passed	00:21:39
pitr-to-new-cluster	passed	00:25:38
pitr-physical-backup-source	passed	00:54:21
preinit-updates	passed	00:05:31
pvc-resize	passed	00:12:53
recover-no-primary	passed	00:28:34
replset-overrides	passed	00:16:40
replset-remapping	passed	00:08:56
replset-remapping-sharded	passed	00:16:55
rs-shard-migration	passed	00:13:53
scaling	passed	00:11:15
scheduled-backup	passed	00:18:34
security-context	passed	00:07:09
self-healing-chaos	passed	00:15:23
service-per-pod	passed	00:19:49
serviceless-external-nodes	passed	00:07:37
smart-update	passed	00:08:42
split-horizon	passed	00:14:24
stable-resource-version	passed	00:04:50
storage	passed	00:08:13
tls-issue-cert-manager	passed	00:29:54
unsafe-psa	passed	00:07:25
upgrade	passed	00:10:09
upgrade-consistency	passed	00:06:52
upgrade-consistency-sharded-tls	passed	00:53:14
upgrade-sharded	passed	00:19:52
upgrade-partial-backup	passed	00:16:44
users	passed	00:17:23
users-vault	passed	00:13:36
version-service	passed	00:24:52

Summary	Value
Tests Run	79/79
Job Duration	03:25:20
Total Test Time	23:18:03

commit: 1145f7a
image: perconalab/percona-server-mongodb-operator:PR-2144-1145f7ac