feat: detect & decode url-encoded placeholders, reencode after replacement

[sea-gull-diana]

Description

This PR enables plugin to detect and replace specific path placeholders that were url-encoded to look like %3Cpath%3Asome%2Fpath%23secret%3E (for example, by Helm urlquery function).

The code finds such escaped placeholders, decodes them, replaces with the secret value and re-encodes the values again.

Example workflow:

A Helm chart creates a ConfigMap with the following url using a placeholder value for password from values.yaml file:

_REDIS_URL_CORE: >-
    redis://:%3Cpath%3Akv%2Fdata%2Fconfig%2Fharbor%2Fredis-pwd%23password%[email protected]/0?idle_timeout_seconds=30

The placeholder %3Cpath%3Akv%2Fdata%2Fconfig%2Fharbor%2Fredis-pwd%23password%3E is detected and decoded into <path:kv/data/config/harbor/redis-pwd#password>.

The decoded placeholder is used to obtain password value "redis@123", which is then URL-encoded again into "redis%40123".

The resulting data in the ConfigMap is:

_REDIS_URL_CORE: >-
    redis://:redis%[email protected]/0?idle_timeout_seconds=30

Fixes #701

Checklist

Please make sure that your PR fulfills the following requirements:

• Reviewed the guidelines for contributing to this repository
• The commit message follows the Conventional Commits Guidelines.
• Tests for the changes have been updated
• Are you adding dependencies? If so, please run go mod tidy -compat=1.22.7 to ensure only the minimum is pulled in.
• Docs have been added / updated
• Optional. My organization is added to USERS.md.

Type of Change

• Bugfix
• Feature
• Code style update (formatting, local variables)
• Refactoring (no functional changes, no api changes)
• New tests
• Build/CI related changes
• Documentation content changes
• Other (please describe)