Support application variables provider config

[vdice]

Add support for application variables provider config via a runtime config file. Specifically, the two current supported providers besides the env var provider: Vault and Azure Key Vault.

[endocrimes]

We probably wouldn't have "explicit" types for them, but something like

type RuntimeConfig struct {
...
    // ExtraVariableProviders configures additional variable providers to pull secrets from.
    // external sources like Vault.
    ExtraVariableProviders []VariableProvider `json:"extraVariableProviders,omitempty"`
...
}

type VariableProvider struct {
    Name    string                `json:"name"`
    Type    string                `json:"type"`
    Options []RuntimeConfigOption `json:"options,omitempty"`
}

should work for the API design

[vdice]

I just uncovered the generic loadFromSecret option, which I hadn't noticed before. Wanted to mention here as an alternative way to inject variable provider config in the meantime. It's even easier when the Spin kube plugin does it all for you:

$ cat runtime-config.toml
[[config_provider]]
type = "vault"
url = "https://my-vault-server:8200"
token = "my_token"
mount = "admin/secret"

$ spin kube scaffold -f vdice/vault-provider:latest -c runtime-config.toml -o scaffold.yaml

$ cat scaffold.yaml
apiVersion: core.spinoperator.dev/v1alpha1
kind: SpinApp
metadata:
  name: vault-provider
spec:
  image: "vdice/vault-provider:latest"
  executor: containerd-shim-spin
  replicas: 2
  runtimeConfig:
    loadFromSecret: vault-provider-runtime-config
---
apiVersion: v1
kind: Secret
metadata:
  name: vault-provider-runtime-config
type: Opaque
data:
  runtime-config.toml: W1tjb25maWdfcHJvdmlkZXJdXQp0eXBlID0gInZhdWx0Igp1cmwgPSAiaHR0cHM6Ly9teS12YXVsdC1zZXJ2ZXI6ODIwMCIKdG9rZW4gPSAibXlfdG9rZW4iCm1vdW50ID0gImFkbWluL3NlY3JldCIK

I'll work on adding a topic around this and the other runtime config options to the spinkube.dev docs...