Add possibility to mount additional volumes on StatefulSet

[pauldn-wttj]

Hello, :wave:

Thanks for your work on Meilisearch and on the Helm chart ! We are currently using it on Kubernetes and we'd like to add a small feature to make it more convenient for users to add volumes on pods or specify environment variables from ConfigMap or Secret.

Description

We want to add the possibility to mount additional volumes to the StatefulSet pods to have another way to inject environment variables or mount credential files.

More specifically, we manage our secrets (including the MEILI_MASTER_KEY) on AWS Secrets and we'd like to inject it with our CSI driver. This operation requires to mount an additional volume referencing a secret provider class.

Basic example

In our use-case (detailed here)

• [Not directly related to meilisearch] We create an external SecretProviderClass on Kubernetes :

---
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: "meilisearch"
  namespace: "meilisearch"
  labels:
    name: "meilisearch"
spec:
  provider: aws
  secretObjects:
  - secretName: "meilisearch-secret"
    type: Opaque
    data:
    - objectName: meili_master_key
      key: MEILI_MASTER_KEY
  parameters:
    objects: |
        - objectName: "infra/meilisearch"
          objectType: "secretsmanager"
          jmesPath:
            - objectAlias: "meili_master_key"
              path: "MEILI_MASTER_KEY"

• We specify in the values.yaml the volume to create to access the secret store.

envFrom:
  - secretRef:
      name: meilisearch-secret
# ...
volumes:
  - name: secrets-store-inline
    csi:
      driver: secrets-store.csi.k8s.io
      readOnly: true
      volumeAttributes:
        secretProviderClass: meilisearch
volumeMounts:
  - name: secrets-store-inline
    mountPath: "/mnt/secrets-store"
    readOnly: true
# ...

• The pod is able to fetch secrets from the secret store and creates a meilisearch-secret :

$ kubectl get secret meilisearch-secret -o yaml

apiVersion: v1
data:
  MEILI_MASTER_KEY: ++++++++++++++++
kind: Secret
metadata:
  labels:
    secrets-store.csi.k8s.io/managed: "true"
  name: meilisearch-secret
  namespace: meilisearch
  ownerReferences:
  - apiVersion: apps/v1
    kind: StatefulSet
    name: meilisearch
    uid: ++++++++++++++++
  uid: ++++++++++++++++
type: Opaque

Other

I'm suggesting a PR for that. EDIT: Associated PR is #150