Mega Feature: Add support for external references

[candonov]

Add ability to reference fields from external to the ResourceGroups resources that exist in the cluster.

For example, reference data from an existing ConfigMap:

Sample ConfigMap:

❯ k get configmap this -o yaml
apiVersion: v1
kind: ConfigMap
data:
  awsAccountID: "111122223333"
  clusterName: test-cluster
  eksOIDC: oidc.eks.us-east-1.amazonaws.com/id/EXAMPLE0123456789
  region: us-east-1
  subnetIDs: subnet-1111aaaa2222bbbbb,subnet-1111aaaa2222bbbbb,subnet-1111aaaa2222bbbbb
  vpcID: <vpc-1111aaaa2222bbbbb>

Option 1: Import an external resource explicitly without taking over control of it and reference values from other resources. Import by one of three options 1/ name, 2/ labels, 3/ annotations

spec:
  schema:
    apiVersion: v1alpha1
    kind: s3podidentity
    spec:
...
  resources: 
  - name: externalConfigmap
    externalRef: 
      apiVersion: v1
      kind: ConfigMap
      metadata:
          namespace: default
          name: my-config-map-name
          labels:
             prod: my-prod-label
          annotations:
             prod: my-prod-annotation
....
  - name: anyResource
    var: ${externalConfigmap.data.region}

Option 2: just reference it inline.

...
spec:
  schema:
    apiVersion: v1alpha1
    kind: s3podidentity
    spec:
      name: string
      namespace: string | default="default"
      region: string | default=${externalref.configmap.default.this.data.region}
      clusterName: string | default=${externalref.configmap.default.this.data.clusterName}

Option 1 contains more lines of yaml but is readable and easier to implement hence it is the preferred option.

[rahtr]

Great idea! This approach can also streamline creating roles and policies. Instead of duplicating the same IAM policy or role, we can use a centralized ConfigMap and reference it across kro applications object and only override the values that are distinct.