PT-2448 - Redact pgbouncer secret references in pt-k8s-debug-collector

[eslavyansky]

Redact pgbouncer secret references in pt-k8s-debug-collector

pt-k8s-debug-collector now strips volumes and volumeMounts entries that reference pgbouncer secrets from exported Kubernetes resources, preventing sensitive pgbouncer data from leaking into the diagnostic archive.

Changes:

• dumper/dumper.go - added redactPgbouncerVolumeRefs, redactPodSpec, and hasPgbouncerSecretRef functions that, during generic resource export, remove volume entries referencing pgbouncer secrets (via secret.secretName or projected.sources) from pod and pod template specs, along with the corresponding volumeMounts across all container types.

• main_test.go - added integration test TestPgBouncerSecretsNotCollected that verifies the output archive contains no pgbouncer-frontend.ca-roots entries for pgo and pgv2 namespaces.

• The contributed code is licensed under GPL v2.0

• Contributor Licence Agreement (CLA) is signed

• util/update-modules has been ran

• Documentation updated

• Test suite update

[it-percona-cla]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

Eugene seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}