Add cloud command for sealing secrets

Adds new command to seal a secret for use in OpenFaaS Cloud with
new subcommand "cloud". A sealed secret can be pushed into a
public Git repo without others being able to decrypt it.

The `kubeseal` CLI provides the implementation of the sealing
via exec - this is much less code and bloat than vendoring since
the kubeseal client API includes the Kubernetes Go client.

Command tested with SealedSecrets running on Kubernetes with
kubeadm and the faas-cli running on MacOS.

See README.md for usage and more instructions.

Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>

schema/secret.go

@@ -0,0 +1,13 @@
+package schema
+
+type KubernetesSecret struct {
+	Kind       string                   `json:"kind"`
+	ApiVersion string                   `json:"apiVersion"`
+	Metadata   KubernetesSecretMetadata `json:"metadata"`
+	Data       map[string]string        `json:"data"`
+}
+
+type KubernetesSecretMetadata struct {
+	Name      string `json:"name"`
+	Namespace string `json:"namespace"`
+}