Feature request: Read Azure blob storage credentials from existing kubernetes secret

[ole-kaas]

Hello,

The way that credentials for azure blob storage is stored inside the objstoreConfig secret does not work well for us.
Credentails for our Azure blob storage are provided for us and stored in a secret in the cluster:

apiVersion: v1
kind: Secret
metadata:
  name: azure-private-storage-account-credentials
data:
  accountKey: c3VwZXJzZWNyZXRhenVyZWJsb2JzdG9yYWdla2V5Cg==
  accountName: YXp1cmVibG9ic3RvcmFnZWFjY291bnQK
type: Opaque

The accountKey in the secret is periodically rotated.

This poses a problem with both specifying the credentials and keeping them in sync in the objstoreConfig secret. It would be so much nicer and clean if you could just reference the credentials in the existing secret.

Preferable we would like to reference the secret above in the objstoreConfig configuration. Something like this:

type: AZURE
config:
  storage_account_secret:
    name: azure-private-storage-account-credentials
    key: accountName
  storage_account_key_secret:
    name: azure-private-storage-account-credentials
    key: accountKey
  container: 'metrics'

Alternatively specify files from a secret mouted as a volume:

type: AZURE
config:
  storage_account_file: /etc/azure/accountName
  storage_account_key_file: /etc/azure/accountKey
  container: 'metrics'  

Where the volume mount looks something like this in helm values:

          volumes:
            - name: azurecredentials
              secret:
                secretName: azure-private-storage-account-credentials
          volumeMounts:
            - mountPath: /etc/azure/
              name: azurecredentials
              readOnly: true