allow secrets and variables to use valueFrom

Usecase: I have an operator that creates PostgreSQL databases (i.e. CrunchyData PGO, CNPG, etc) and creates a secret with the authentication info. I would like to reference this secret in `TFE_DATABASE_PASSWORD` and `TFE_DATABASE_USER`, but prior to this patch, cannot.

Author: USA-RedDragon

templates/_helpers.tpl

@@ -124,3 +124,24 @@ Obtains the agent namespace as configured
 {{- .Release.Namespace }}-agents
 {{- end }}
 {{- end }}
+
+{{/*
+Prints the key-value pairs from the 'env.secretKeyRefs' and 'env.configMapKeyRefs'
+entries as `valueFrom` environment variables in the Values file.
+*/}}
+{{- define "helpers.list-valueFrom-variables"}}
+{{- range $val := .Values.env.secretKeyRefs }}
+- name: {{ $val.name }}
+  valueFrom:
+    secretKeyRef:
+      name: {{ $val.secretName }}
+      key: {{ $val.key }}
+{{- end }}
+{{- range $val := .Values.env.configMapKeyRefs }}
+- name: {{ $val.name }}
+  valueFrom:
+    configMapKeyRef:
+      name: {{ $val.configMapName }}
+      key: {{ $val.key }}
+{{- end }}
+{{- end }}

templates/deployment.yaml

@@ -99,6 +99,10 @@ spec:
         {{- else }}
         {{- toYaml .Values.container.securityContext | nindent 10 }}
         {{- end }}
+        {{- with (include "helpers.list-valueFrom-variables" .) }}
+        env:
+          {{- . | indent 10 }}
+        {{- end }}
         envFrom:
           - configMapRef:
               name: terraform-enterprise-env-config

values.yaml

@@ -283,6 +283,14 @@ env:
     # TFE_VAULT_ROLE_ID: ""
     # TFE_IACT_SUBNETS: ""
     # TFE_IACT_TIME_LIMIT: ""
+  secretKeyRefs:
+    # - name: SECRET_ENV_VAR
+    #   secretName: my-secret
+    #   key: secret-key
+  configMapKeyRefs:
+    # - name: CONFIG_ENV_VAR
+    #   configMapName: my-configmap
+    #   key: config-key
 
 agents:
   rbac: