feat templater: Add 'pass' lookup function

This introduces support for looking up secret values in the 'pass' command line
tool (https://www.passwordstore.org/).

Values like passwords can be interpolated from pass and even more complex
structures like certificates for Kubernetes Secrets can be retrieved and base64-
encoded as necessary.

Fixes #2

example/some-api/some-api.yaml

@@ -1,4 +1,11 @@
 ---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: secret-certificate
+data:
+  cert.pem: {{ passLookup "my/secret/certificate" | b64enc }}
+---
 apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:

templater/pass.go

@@ -0,0 +1,32 @@
+// This file contains the implementation of a template function for retrieving variables from 'pass', the standard UNIX
+// password manager.
+package templater
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+
+	"github.com/polydawn/meep"
+)
+
+type PassError struct {
+	meep.TraitAutodescribing
+	meep.TraitCausable
+	Output string
+}
+
+func GetFromPass(key string) (string, error) {
+	fmt.Fprintf(os.Stderr, "Attempting to look up %s in pass\n", key)
+	pass := exec.Command("pass", "show", key)
+
+	output, err := pass.CombinedOutput()
+	if err != nil {
+		return "", meep.New(
+			&PassError{Output: string(output)},
+			meep.Cause(err),
+		)
+	}
+
+	return string(output), nil
+}

templater/templater.go

@@ -158,6 +158,7 @@ func templateFuncs() template.FuncMap {
 		b, _ := json.Marshal(data)
 		return string(b)
 	}
+	m["passLookup"] = GetFromPass
 
 	return m
 }