Ability to reference and make available a Kubernetes Secret in task container

[donovanmuller]

Some tasks might require credentials, tokens or other sensitive information, available as a Kubernetes Secret, that should be made available in the task's Kubernetes Job container.

Therefore, it would be great to able to reference the Secret(s) by name and making them available as:

• Secret volume mounts
• environment variables using valueFrom.secretKeyRef

[botchk]

Thanks for the idea @donovanmuller. I guess making them available as environment variables should cover most of the use-cases that should arise.

Currently the env block of a task looks like this:

env:
  - name: HOST
    value: "$.data.deployment.deploymentURIsLocal[0]"

The configuration for secrets could look something like this:

env:
  - name: HOST
    value: "$.data.deployment.deploymentURIsLocal[0]"
    valueFrom: event
  - name: K8sSecret  # in case of a secret the name would serve no purpose
    value: "locust-secret"
    valueFrom: secret

Introduce a valueFrom property, that can be either event, behaving the same way as currently, resolve the value from the incoming keptn event. Or it can be secret, in that case lookup the secret, iterate over its key/value pairs and provide them as environment variables in the job.

If the need arises for secret volume mounts we could cover this at a later point.

[donovanmuller]

@yeahservice sounds good 👍