Add an option to exit on success

[kfox1111]

This PR allows the spiffe-helper to exit 0 after certificates have been retrieved. This can be used in conjunction with Kubernetes initContainers to ensure certificates are retrieved before running the spiffe-helper as a sidecar container.

Partially implements: #115

[faisal-memon]

Hi @kfox1111 Thanks for the submission. This covers the x509 case. Should the jwt path also have the exit on success?

[kfox1111]

Hi @kfox1111 Thanks for the submission. This covers the x509 case. Should the jwt path also have the exit on success?

Oh, that would be useful too, yeah. I'll see if I can find the other path and update it.

[kfox1111]

Actually, I'm confused by how the jwt stuff is working...

I only see one exec.Command used:

$ grep -r exec.Command
pkg/sidecar/sidecar.go:			cmd := exec.Command(s.config.Cmd, cmdArgs...) // #nosec

In the signalProcess method. Which seems to only ever be called in method:

func (s *Sidecar) updateCertificates(svidResponse *workloadapi.X509Context) {

Does the jwt support not support cmds/signals?

[keeganwitt]

Maybe we should have separate exit configs (one for JWT and one for X509) for now?

[keeganwitt]

Maybe we should have separate exit configs (one for JWT and one for X509) for now?

It was decided in discussions not to hold this MR up for this and handle separately. Created #121 for this.

[keeganwitt]

The README never got updated for this feature.