Provide for easily accessible in configuration / secrets

[onobc]

Examples:

app.xxx.spring.datasource.password=k8sSecret:secretName:secretKey
app.xxx.spring.datasource.password=vault:secretName:secretKey

Router sink in stream apps may want to implement a script and reference the script: app.xxx.router.script=scripts:myStream/router.groovy

We also need a clean way to indicate that the property value is a resource. Maybe: app.xxx.spring.datasource.password=#{uri('k8sSecret:secretName:secretKey')}

This implies there will be URL handlers as part of a property configuration that are more specific than the existing of file|https|classpath and more.

This probably belongs in other projects. The dependencies should be included in scdf apps so that our users can benefit from the extra resource loaders.

[onobc]

Issue was originally created in Trello board w/ above summary/desc.

Comment from @markpollack:

improve pathway for users to figure out how to store and retrieve secrets with vault and/or config server. scdf can provide a 'script store' for easy https retrieval. Security implications... any scdf user can see code.? let's create two github issues.

[corneil]

I would suggest secretKeyRef(<secretName>,<key-name>) and configMapKeyRef(<configMapName>,<key-name>) examples:

app.xxx.spring.datasource.password=#{secrefKeyRef('scdf-datasource', 'password')}
app.xxx.spring.datasource.url=#{configMapKeyRef('scdf-datasource-info', 'url')}

There may a more standard way of describing k8s resource values or event selectors.