Support k8s helm secrets creation for logstash helm chart

[kksudo]

Describe the feature:
For convenient use of k8s secrets should add helm chart for create secrets.

Describe a specific use case for the feature:
Add secrets for using in k8s should be more convenient from the one logstash helm chart.

The helm chart for secret can looks like bellow

secret.yaml

{{- if .Values.logstashSecrets }}
{{- range .Values.logstashSecrets }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ template "logstash.fullname" $ }}-{{ .name }}
labels:
  app: "{{ template "logstash.fullname" $ }}"
  chart: "{{ $.Chart.Name }}"
  heritage: {{ $.Release.Service | quote }}
  release: {{ $.Release.Name | quote }}
  {{- range $key, $value := $.Values.labels }}
  {{ $key }}: {{ $value | quote }}
  {{- end }}
data:
{{- range $key, $val := .value }}
{{ $key }}: {{ $val | toString | b64enc | quote }}
{{- end }}
type: Opaque
{{- end }}
{{- end }}

values.yaml

logstashSecrets:
  - name: "env"
    value:
      logstash.conf: |
          input {
            exec {
              command => "uptime"
              interval => 30
            }
          }
          output { stdout { } }
      api_key: ui2CsdUadTiBasRJRkl9tvNnw
  - name: "tls"
    value:
      ca.crt: "LS0tLS1CRUdJT0K"
      cert.crt: "LS0tLS1CRUdJTiBlRJRklDQVRFLS0tLS0K"
      cert.key: "LS0tLS1CRUdJTiBgUFJJVkFURSBLRVktLS0tLQo="

[jmlrt]

Hi @kksudo, thank you for submitting this request.

The current way is to manage secrets outside of the charts (which allow using something like kube-vault-controller for the secret for example), then using secretMounts or extraEnvs to mount the secret.

You can find an example in security example values.

[kksudo]

Hello!
You can give more freedom of choice for different cases (in my case, we adding the secrets from the vault to k8s via terraform). With default k8s secrets (adding via helm chart) or via kube-vault-controller. If the logstashSecrets ( from my example under spoiler) variable will be empty, helm secrets will not deployed .
But if it's doesn't make sense, you can close this issue.

[jmlrt]

That make sense for me. It's definitely worth keeping in the bandwith, however we won't have any bandwith to work on this in short-term. Would you be interested to create a PR for it?

[kksudo]

Yes, it's easy. I'll be doing PR soon.

[jmlrt]

Done in #712