fix(prometheus): fix Grafana auth and set pod security standards

prometheus/grafana-oidc-external-secret.gomplate.yaml

@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: grafana-oidc-credentials
+  namespace: {{ .Env.PROMETHEUS_NAMESPACE }}
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-secret-store
+    kind: ClusterSecretStore
+  target:
+    name: grafana-oidc-credentials
+    creationPolicy: Owner
+    template:
+      data:
+        client-secret: "{{ `{{ .client_secret }}` }}"
+  data:
+    - secretKey: client_secret
+      remoteRef:
+        key: grafana/oidc
+        property: client_secret