Enable volume mounted secret bindings in Kyma Functions

[gecko17]

Description

In order to use BTP service instances natively with @sap/xsenv, you need to create a "volume" from the secret (automatically created by the ServiceBinding resource) in the Pod template spec and then mount the volume to a specific path via a "volumeMount" in the container spec. This is described here: https://blogs.sap.com/2022/07/12/the-new-way-to-consume-service-bindings-on-kyma-runtime/.

In order to use BTP service instances also in Kyma serverless Functions, the Function CR would need to support the same:

• support a volume spec
• support a volumeMount spec

Technically a function also creates a Pod and a Container, so it should be possible to allow volumes and volumeMounts. Under the hood, the function even uses a "tmp-dir" volume mounted to the path "tmp". So it should be a quite simple addition to allow custom volumes and volumeMounts in the Function spec?

Serverless function from the nature should be stateless... and not needing persistance.
Limit the volume mounts to secrets and config maps (Read only ).

**Related **

• depends on the spec changes - Design the API enabling advanced templating of function's managed resources #15233

Reasons

This is required in order to use BTP Service Instances (which are supported on Kyma) in serverless Functions.

Attachments
Proposal for secretMounts
https://github.com/kyma-project/kyma/blob/main/components/function-controller/design/extend_function_spec_proposal.md#final-version---the-compromise

[kwiatekus]

Blocked by #15233

[kwiatekus]

Waits for decision #15862

[anoipm]

Scenario from manual test:
test-14998-202211222150.txt

[anoipm]

Task parts:

• function api + building pod + detecting changes by controller' s reconciliator - PR-16108
• kubectl explain function.spec.secretMounts - PR-16183
• doc on website - PR-16212