Adds feature to fetch release values and secret values from remote

[dol]

The releases and environment section allow for values files on the local
disk.
This enhancement allows for referencing remote (go-getter) files to be
fetched, cached and referenced.

Example:

repositories:
  - name: "incubator"
    url: "https://charts.helm.sh/incubator/"

releases:
  - name: "test"
    namespace: "test"
    chart: "incubator/raw"
    version: "0.1.0"
    missingFileHandler: Debug
    values:
      # Reference a remote source file
      - "git::https://github.com/helm/charts.git@raw/ci/values.yaml"

In addition when fetching a remote git source with a ssh key the ssh key
will not be part of the caching folder name. This avoids two problems:

1. Don't leak sensitive information in the name of the caching folder
2. Base64 encoded SSH keys are very long. On some file systems the max
   lenght of the directory name is hit when using the full base64
   information in the path name.

The sshkey informations are reducted. Because of this fixed string
there is a change of colloding cache names. The likelihood of this
collision is very low. The git repo and git reference need to be the
same, but the sshkey can change. This will result in the same source to
be checkout out and referenced.

[dol]

According to https://github.com/hashicorp/go-getter/blob/4553965d9c4a8d99bd0d381c1180c08e07eff5fd/README.md#protocol-specific-options-1 there are multiple supported protocols like git, http, s3 and gcs. All this protocols can include some sensitive information in any URL part.
Instead of redacting ever possible query parameter the whole URL could be hashed with sha256. This will fix the two problems mentioned in this pull request.

1. Don't leak sensitive information
2. Avoid hitting the max length of a folder name

[kuzaxak]

This enhancement allows for referencing remote (go-getter) files to be
fetched, cached and referenced.

Loading env values from remote already supported, link. Here is a code that is responsible for that.

Does it mean that you propose to trait any file link as a potentially remote file? In that I think LoadEnvironmentValues function should be adjusted as well.

[dol]

Thank you for pointing out. The PR solves the same issues ( roboll/helmfile#1838 / roboll/helmfile#1499 ) as your RP #42. The title of the PR was misleading and I changed it from environment to release. I also added a basic example to illustrate the enhancement.

The difference of the two implementations is, that this PR also fetches secret values files. Since your PR only patches generateVanillaValuesFiles.
Maybe we find a middle ground and we can combine the two options.

[kuzaxak]

Yes, thanks for the additional input!

Yeah, what I'm pointing is that in your case resolving happens twice. Maybe it is better to patch vanilla values and secrets fletcher separately. Not the base function.

Or, as a common solution better than repeating solution 3 times it makes sense to remove env vars loader and just use your patch everywhere.

[mumoshu]

in your case resolving happens twice

If we're going to support this remote file loading universally within helmlfile, it might make sense to patch resolveFile this way. Let's merge this and see how it goes.

I'm unsure if I'm aware of all the consequences of doing it though. I'd appreciate it if you could submit follow-up PRs to de-duplicate the remote file fetching steps if that makes sense 🙇

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[mumoshu]

LGTM. Thanks for your contribution @dol ☺️