Generated secret should support arbitrary format.

[mcavoyk]

The idea here is that the fetched secret data could be placed within the context of a larger config which is not a secreet. This would avoid having to place the entire configuration into the secret store.

An example secret:

{
  "data": {
      "serviceBapiKey": "foo-123",
      "serviceCapiKey": "bar-456"
  }
}

Would allow for a secret like:

apiVerson: secret-manager.itscontained.io/v1alpha1
kind: ExternalSecret
metadata:
  name: hello-service-config
  namespace: example-ns
spec:
  storeRef:
    name: vault
  data:
  - secretKey: password
    remoteRef:
      path: teamA/hello-service
      property: serviceBapiKey
  template:
    data:
      config.json: |
      {
        "apiUrl": "http://localhost:12345",
        "apiKey": {{ .data.password | quote }}
      }

Which produces:

apiVersion: v1
kind: Secret
metadata:
  name: hello-service-config
  namespace: example-ns
type: Opaque
data:
  config.json: "ewogICJhcGlVcmwiOiAiaHR0cDovL2xvY2FsaG9zdDoxMjM0NSIsCiAgImFwaUtleSI6ICJmb28tMTIzIgp9"
# config.json: |
# {
#   "apiUrl": "http://localhost:12345"
#   "apiKey": "foo-123"
# }

[mcavoyk]

Based on discussion and feedback this should support a target field with template/templateFrom external-secrets/kubernetes-external-secrets#477