Enable redisYmlOverride to dynamically mount secrets

What does this MR do?

This MR updates global.redis.redisYmlOverride key to dynamically mount secrets. The secrets are mounted to the same path as other existing Redis secrets as highlighted in the spec.

Background: global.redis.redisYmlOverride was introduced in !2907 (merged) but does not handle secrets since the contents are expected to be dumped into redis.yml.erb wholesale. This MR tweaks that assumptions by modifying password if it is a map and replaces it with an ERB statement.

See blocked k8s MR (gitlab-com/gl-infra/k8s-workloads/gitlab-com!2741 (comment 1397617741))

Example Usage:

global:
  redis:
    redisYmlOverride:
      chat:
        password:
          enabled: true
          secret: secretname
          key: password

Which gives

--redis.yml.erb
production:
  chat:
    password: <%= ERB::Util::url_encode(File.read("/somemountpath/redis/chat-override-password").strip) %>

Related issues

Closes #4245 (closed)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

• Merge Request Title and Description are up to date, accurate, and descriptive
• MR targeting the appropriate branch
• MR has a green pipeline on GitLab.com
• When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow

Expected (please provide an explanation if not completing)

• Test plan indicating conditions for success has been posted and passes
• Documentation created/updated
• Tests added
• Integration tests added to GitLab QA
• Equivalent MR/issue for omnibus-gitlab opened
• Validate potential values for new configuration settings. Formats such as integer 10, duration 10s, URI scheme://user:passwd@host:port may require quotation or other special handling when rendered in a template and written to a configuration file.