feat: add value for supplying an existing secret containing the GPG server keypair

[Kuruyia]

This adds a new value, gpgExistingSecret, to allow providing an existing secret containing the serverkey.asc and serverkey_private.asc keys instead of generating those when installing the chart. My use case for this is migrating Passbolt from an old environment to Kubernetes, while keeping the contents of the database and the GPG keypair.

When an existing GPG secret is supplied, the GPG keypair creation job does not run, and the GPG secret is not created by the chart.

Everything (?) has been modified to use the existing secret in place of the normally generated one if one was supplied.

Some ideas for the future:

• Would this also be useful for the JWT keypair?
• The gpgX keys (and by extension, the jwtX keys too) should be moved to their own sections, such as:

  
  gpg:
  path: /etc/passbolt/gpg
  existingSecret: ""
  serverPrivateKey: ""
  serverPublicKey: ""
  createJob:
  extraPodLabels: {}

jwt: path: /etc/passbolt/jwt existingSecret: "" forceKeyCreation: false serverPrivateKey: "" serverPublicKey: "" createJob: extraPodLabels: {}

Please tell me if those ideas seem good.

[dlen]

Hello @Kuruyia!

Thanks for your all your submissions, we'll review them shortly. About your questions:

Would this also be useful for the JWT keypair?

Yes, absolutely. Feel free to add it if you want to this PR.

The gpgX keys (and by extension, the jwtX keys too) should be moved to their own sections, such as:

We are not very keen to modify the values as of now.

[Kuruyia]

Hi, thanks for your reply!

I'll do another PR for the modifications on the JWT keypair, to avoid overloading this one.