Enable setting broker env vars, configMaps, and volumes in Configuration Helm templates

[kate-goldenring]

What this PR does / why we need it:
closes #477
While Akri's OPC UA demo has support for mounting certificates as Kubernetes secrets via opcua.configuration.mountCertificates=true, there is currently not a flexible way to mount secrets and ConfigMaps in broker Pods via Akri's Configurations. Instead, currently, users have to use the Helm Chart to generate a Configuration and modify it as explained in this documentation.

With these Helm chart modifications, secrets could be set like the following:

helm install akri akri-helm-charts/akri \
    --set opcua.configuration.enabled=true \
    --set opcua.discovery.enabled=true \
    --set opcua.configuration.brokerPod.image.repository=nginx \
    --set opcua.configuration.brokerPod.envFrom.secretRef[0]="db-user-pass" \
    --set opcua.configuration.brokerPod.envFrom.configMapRef[0]="special-config" \
    --set opcua.configuration.brokerPod.volumeMounts[0].name="secrets-volume" \
    --set opcua.configuration.brokerPod.volumeMounts[0].mountPath="/etc/secrets-volume" \
    --set opcua.configuration.brokerPod.volumes[0].name=secrets-volume \
    --set opcua.configuration.brokerPod.volumes[0].secret.secretName=db-user-pass

Special notes for your reviewer:
This was tested for each configuration type (opcua, onvif, udev, and custom) and broker type (brokerPod and brokerJob) with the following installation, modifying for each config and broker type:

1. Create config map: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
2. Create secret https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/#create-a-secret

helm install akri akri-helm-charts/akri \
    --set debugEcho.configuration.enabled=true \
    --set agent.allowDebugEcho=true \
    --set debugEcho.discovery.enabled=true \
    --set debugEcho.configuration.brokerJob.image.repository=busybox \
    --set debugEcho.configuration.brokerJob.command[0]="sh" \
    --set debugEcho.configuration.brokerJob.command[1]="-c" \
    --set debugEcho.configuration.brokerJob.command[2]="printenv" \
    --set debugEcho.configuration.brokerJob.command[3]="sleep 5" \
    --set debugEcho.configuration.brokerJob.envFrom.secretRef[0]="db-user-pass" \
    --set debugEcho.configuration.brokerJob.envFrom.configMapRef[0]="special-config" \
    --set debugEcho.configuration.brokerJob.volumeMounts[0].name="secrets-volume" \
    --set debugEcho.configuration.brokerJob.volumeMounts[0].mountPath="/etc/secrets-volume" \
    --set debugEcho.configuration.brokerJob.volumes[0].name=secrets-volume \
    --set debugEcho.configuration.brokerJob.volumes[0].secret.secretName=db-user-pass 
# check logs of Pod

The secrets also could have been set via an override values file called more-values.yaml:

debugEcho:
  configuration:
    brokerJob:
      envFrom:
        secretRef:
        - "db-user-pass"
        configMapRef:
        - "special-config"
      volumeMounts:
        - name: secrets-volume
          mountPath: /etc/secrets-volume
      volumes:
      - name: secrets-volume
        secret:
          secretName: db-user-pass

Then, this more-values.yaml file could be added to an installation like so:

helm template akri deployment/helm/ \
    --set debugEcho.configuration.enabled=true \
    --set agent.allowDebugEcho=true \
    --set debugEcho.discovery.enabled=true \
    --set debugEcho.configuration.brokerJob.image.repository=busybox \
   --set debugEcho.configuration.brokerJob.command[0]="sh" \
   --set debugEcho.configuration.brokerJob.command[1]="-c" \
   --set debugEcho.configuration.brokerJob.command[2]="printenv" \
   --set debugEcho.configuration.brokerJob.command[3]="sleep 5" \
   --values more-values.yaml

The charts are templated such that multiple volumes, volumeMounts, secretRefs, and configMapRefs can be added -- just continue to index i.e. --set debugEcho.configuration.brokerJob.envFrom.secretRef[1]="db-user-pass2"

If applicable:

• this PR has an associated PR with documentation in akri-docs
• all Akri tests succeed (cargo test)
• inline documentation builds (cargo doc)
• version has been updated appropriately (./version.sh)
• all commits pass the DCO bot check by being signed off -- see the failing DCO check for instructions on how to retroactively sign commits

[kate-goldenring]

@hemantkathuria do the examples in the PR description look like they fulfill your needs?

[bfjelds]

is this a breaking change? should the version update reflect that?

[kate-goldenring]

Good point. just modified it in 5d493dc to make it not breaking so you can specify mountCertificates for OPC and/or other volumes