Audit and cleanup GCP secrets in each project

[theferrit32]

There are some secrets in the GCP Secret Manager that are old and unused by anything running anymore (I created some of them), and some with duplicate values. It would be useful to go through and check each to see if it's needed, and delete it if not.

It would also be useful to combine this with an audit of the Confluent API keys we're using internally. There is probably some duplication or some created because the secret was not known and not in the secret manager.

For example the confluent stage cluster has these which are hard to tell apart:

• BG-Staging (in stage secret manager under dx-bg-staging)
• BGStaging
• staging (in stage secret manager under kafka-credentials)

And these which were both created for the bg web group but I'm not sure which they're using.

• web-stage
• BGWebStage

[sjahl]

@theferrit32 I think it makes sense to piggy back this requirement onto this issue (I can make another issue if you think that's better): We should get rid of those {dev,stage,prod}-secrets deployments, and have each app's helm chart deploy their own ExternalSecret manifests.

In cases like confluent where we want/need to conserve the number of API keys, I think you can have the same GCP secret as the source of multiple externalsecrets. But, I think it would be best from a deployment/cleanliness perspective if each app was deploying its own secrets.