Merge bitnami-labs#228

228: Strip strategic merge patch annotations r=mkmik a=mkmik

Closes bitnami-labs#227

Co-authored-by: Marko Mikulicic <mkm@bitnami.com>

Merge bitnami-labs#216

216: Handle items sealed with different keys r=mkmik a=mkmik

Ref bitnami-labs#185

This is not the best implementation, but it technically unblocks bitnami-labs#185 and lets us incrementally implement a better solution (the current plan is to make kubeseal encode the fingerprint of the public key used to seal the secret in each item).

Co-authored-by: Marko Mikulicic <mkm@bitnami.com>

Merge bitnami-labs#188

188: Upgrade client-go to v12.0.0 r=mkmik a=mkmik

Minor API changes (some helpers functions disappeared upstream probably because they were deemed to be trivial to write explicitly).

Sore point: a roundtrip test is broken since the reflection based test trips over some non-semantic changes while comparing empty slices (nil != []foo{} in Go)
Will address that ASAP but I'd like to unblock this in the meantime.

Closes bitnami-labs#183

Co-authored-by: Marko Mikulicic <mkm@bitnami.com>

Merge bitnami-labs#194

194: Ensure image pull policy is not Never r=mkmik a=mkmik

In bitnami-labs#181 we made sure the CI was always testing the rigth code during integration tests, but that involved materializing yaml deployment templates that are not suitable for distribution.

This PR rebuilds the yaml files from jsonnet, without the image policy = Never override.

This is what would happen if we released without this PR:
```
NAME                                        READY   STATUS              RESTARTS   AGE
sealed-secrets-controller-b85b85fd5-27f82   0/1     ErrImageNeverPull   0          21m
```

Co-authored-by: Marko Mikulicic <mkm@bitnami.com>

Merge bitnami-labs#194

194: Ensure image pull policy is not Never r=mkmik a=mkmik

In bitnami-labs#181 we made sure the CI was always testing the rigth code during integration tests, but that involved materializing yaml deployment templates that are not suitable for distribution.

This PR rebuilds the yaml files from jsonnet, without the image policy = Never override.

This is what would happen if we released without this PR:
```
NAME                                        READY   STATUS              RESTARTS   AGE
sealed-secrets-controller-b85b85fd5-27f82   0/1     ErrImageNeverPull   0          21m
```

Co-authored-by: Marko Mikulicic <mkm@bitnami.com>

Update github deployment key

Merge bitnami-labs#192

192: Import legacy key r=mkmik a=mkmik

Closes bitnami-labs#189

Co-authored-by: Marko Mikulicic <mkm@bitnami.com>

Omit empty spec.data, and improve integration test coverage

Improve integration test coverage to exercise both negative
paths (various types of invalid SealedSecrets), and new per-key
encryption.

Add `omitempty` to spec.data, fixing an issue when Spec.Data was
`nil` (yay for tests).

Also: bump version of kubecfg used to generate manifest YAML.

Merge pull request bitnami-labs#76 from anguslees/integrationtest

Add integration framework and tests