Add Secrets to store and manage sensitive information

[jgwerner]

Add Secrets.yaml to the template manifests to manage sensitive information such as passwords and keys.

This feature replaces some settings that are currently in place with string values so this does require some refactoring.

[jgwerner]

Some research is required on how we could circumvent exposing secrets with the custom config file that requires environment variable values since the Python code fetches these values with the os.environ.get() method.

[jgwerner]

@Abhi94N let's go with your idea and create a PoC of a dumbed-down manifest to manage Postgres ourselves to see if this resolves the issues you were having with passing in passwords and secrets. We can make a decision based on the results of your PoC.

[Abhi94N]

@jgwerner Tests with using manifests instead of the Postgres helm chart dependency led to the same issue where POSTGRES_NBGRADER_PASSWORD fails to be set as an envar in the hub pod when using a kubernetes secret.

[Abhi94N]

Plan of action

1. Create manifests for Postgres nbgrader to configure all containers
2. A kubernetes secret can be created for everything except for POSTGRES_NBGRADER_PASSWORD
3. Pass values in as envars but we can also mount the secret as well and reference it in the code itself

[jgwerner]

@jgwerner Tests with using manifests instead of the Postgres helm chart dependency led to the same issue where POSTGRES_NBGRADER_PASSWORD fails to be set as an envar in the hub pod when using a kubernetes secret.

That makes sense, since the JupyterHub code is managing how the secrets are fetched.