Add support for populating secrets with keyvault resource #2587
Description
Today the key vault resource doesn't support adding secrets and it should. Bonus points if we can support referencing those secrets from projects.
From #2398 (comment)
Scenario 1: Pushing connection strings and secrets into keyvault.
var builder = DistributedApplication.CreateBuilder();
var db = builder.AddAzureCosmos("cosmos")
.AddDatabase("db");
var sendgrid = builder.AddConnectionString("sendgrid");
var kv = builder.AddAzureKeyVault("kv")
.AddSecret(db) // Add the secret to keyvault called connectionstrings--cosmos
.AddSecret(sendgrid); // Add a connection string from config and push it into keyvault.
builder.AddProject<Projects.Api>("api").WithReference(kv); // Only need a keyvault referenceScenario 2: Referencing Secrets from keyvault
var builder = DistributedApplication.CreateBuilder();
var kv = builder.AddAzureKeyVault("kv");
var cosmos = kv.GetConnectionString("cosmos"); // Get a secret called connectionstrings--cosmos
var secret = kv.GetSecret("secretstuff");
builder.AddProject<Projects.Api>("api")
.WithReference(cosmos) // Push the connection string from keyvault into an environment variable
.WithEnvironment("SomeEnv", secret); // Reference the secret from an env variable.In scenario 2, the application doesn't have a reference to keyvault, the compute environment will pull from keyvault and push it into the application.
Scenario 3: Referencing Secrets from KeyVault already provisioned and using the KeyVault SDK in the service projects
var builder = DistributedApplication.CreateBuilder();
var kv = builder.AddAzureKeyVault("kv");
builder.AddProject<Projects.Api>("api")
.WithReference(kv);