provide instructions to retrieve the password

Allow kubernetes/kubectl to reveal the password instead of embedding
it in NOTEs.txt (which is available in `helm get notes <release name>`).

This works for both values provided in values.yaml and anything
that is auto-generated. Helm templates all of the files at once,
before applying the resources, so we cannot lookup in NOTES what
was generated in another file.

Author: cognifloyd

templates/NOTES.txt

@@ -39,11 +39,13 @@ Ingress is enabled. You may access following endpoints:
 {{- end }}
 {{- end }}
 
-2. Login with the following credentials:
+2. Get the password needed to login:
+kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.data.password}" secret {{ .Release.Name }}-st2-auth | base64 --decode
+
+3. Login with this username and the password retrieved above:
 username: {{ .Values.st2.username }}
-password: {{ with lookup "v1" "Secret" .Release.Namespace (print .Release.Name "-st2-auth") }}{{ index . "data" "password" }}{{ end }}
 
-3. Use st2 CLI:
+4. Use st2 CLI:
 export ST2CLIENT=$(kubectl get --namespace {{ .Release.Namespace }} pod -l app=st2client,release={{ .Release.Name }} -o jsonpath="{.items[0].metadata.name}")
 kubectl exec -it ${ST2CLIENT} --namespace {{ .Release.Namespace }} -- st2 --version