Utilize Secret Auth Header

[alewitt2]

As part of its operation, ClusterSubscription renders a RemoteResource template. https://github.com/razee-io/ClusterSubscription/blob/master/lib/remoteResource.js#L13-L20

In this template it is injecting the orgKey in plain text as a request header. We shouldn't display keys in plain text, so we need to utilize the secret auth header feature defined in RemoteResource https://github.com/razee-io/RemoteResource#request-options (see Note about secretKeyRef)

ie:

const requestsTemplate = `{
  "options": {
    "url": "{{{url}}}",
    "headers": {
      "razee-org-key":
        "valueFrom":
          "secretKeyRef":
            "name": "clustersubscription-{{subscriptionUuid}}-secret"
            "namespace": "razeedeploy"
            "key": "razee-api-org-key"
    }
  }
}`;

in order to reference a secret like the above example, we need to first create a secret.

ie:

const resourceTemplate = {
  'apiVersion': v1,
  'kind': Secret,
  'metadata': {
    'namespace': NAMESPACE,
    'name': resourceName,
    'annotations': {
      'deploy.razee.io/clustersubscription': sub.subscriptionUuid,
      'deploy.razee.io/clusterid': clusterId
    },
    'labels': {
      'razee/watch-resource': 'lite'
    }
  },
  'data': {
    'razee-api-org-key': apiKey
  }
};

the createRemoteResource function should be broken up in such a way as to utilize the code that applies the resource to the cluster for both the remoteResource and the secret. https://github.com/razee-io/ClusterSubscription/blob/master/lib/remoteResource.js#L22-L87

similarly, when a remoteResource gets deleted, the corresponding secret should also be deleted. You will need to break up this function to handle both secrets and remote resources too https://github.com/razee-io/ClusterSubscription/blob/master/lib/remoteResource.js#L89-L111