runtime: provide credentials to services (#1817)

* runtime: inject credentials into service

* util/auth: self generate accounts (needed for jwt)

* runtime/kubernetes: add logging for creds

* runtime/kubernetes: serialize secret name

* runtime/kubernetes: remove unused code

* runtime/kubernetes: base64 encode secret

* runtime/kubernetes: remove metadata from secret

* util/kubernetes/client: omit empty secret metadata

* util/kubernetes/client: fix secret template

* util/kubernetes/client: fix secrets

* web: update auth util

* util/auth: fix missing arg

* extend token expiry

* extend token expiry

config/cmd/cmd.go

@@ -667,10 +667,8 @@ func (c *cmd) Before(ctx *cli.Context) error {
 		(*c.opts.Auth).Init(authOpts...)
 	}
 
-	// generate the services auth account.
-	// todo: move this so it only runs for new services
-	serverID := (*c.opts.Server).Options().Id
-	if err := authutil.Generate(serverID, c.App().Name, (*c.opts.Auth)); err != nil {
+	// verify the auth's service account
+	if err := authutil.Verify(*c.opts.Auth); err != nil {
 		return err
 	}