[Draft] CSPL-4186: Support splunk secret and make it available to Ansible via mount

[minjieqiu]

Description

Support splunk.secret and make it available to Ansible via mount.

Key Changes

1. Include a new secret token type "splunk_secret" to the existing supported secret token types
2. Remove the auto secret generation except for "password".

Testing and Verification

Tested the change with the latest Ansible which reads the splunk_secret from mount and copied it to /etc/auth.

Related Issues

CSPL-4186.

PR Checklist

• [✅ ] Code changes adhere to the project's coding standards.
• [ ✅ ] Relevant unit and integration tests are included.
• Documentation has been updated accordingly.
• [ ✅ ] All tests pass locally.
• [ ✅ ] The PR description follows the project's guidelines.
• [ ]

[coveralls]

Pull Request Test Coverage Report for Build 22699314688

Details

• 26 of 38 (68.42%) changed or added relevant lines in 2 files are covered.
• 2 unchanged lines in 1 file lost coverage.
• Overall coverage decreased (-0.09%) to 83.845%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
pkg/splunk/util/secrets.go	25	37	67.57%

Files with Coverage Reduction	New Missed Lines	%
pkg/splunk/util/secrets.go	2	96.4%

Totals
Change from base Build 22574097150:	-0.09%
Covered Lines:	11828
Relevant Lines:	14107

---

💛 - Coveralls

[vivekr-splunk]

why this change?

[minjieqiu]

It's a mistake. I was trying to test with the docker splunk which was pushed to internal registry so I made this temporary change. I have reverted all changes in this file.

[vivekr-splunk]

We need to find a way to validate the fields within the secret to ensure they are valid. There is no built-in way to do this in Docker. If the configuration is incorrect and something fails, Docker does not return clear errors, which makes it difficult for the operator to interpret the issue. It would be better to add validation on both sides to catch these problems earlier.