Secret provider plugin timeout of 10 seconds is insufficient for 1Password integration

[ubiquitousbyte]

I maintain the nomad-1password (https://github.com/ubiquitousbyte/nomad-1password) plugin, a community secret provider plugin that integrates with 1Password using their official Go SDK.

Problem

The 10-second timeout specified in the plugin authoring documentation is insufficient. When the plugin takes longer than 10 seconds to fetch a secret, Nomad terminates it with "signal: terminated".

Why it's slow:

1. Each secret fetch spawns a new plugin process (by design in Nomad's plugin architecture)
2. The 1Password SDK must authenticate with 1Password's servers on each invocation.
3. Authentication + API calls can exceed 10 seconds, especially with network latency to 1Password's cloud.
   This is not unique to my plugin - any secret provider that requires authentication and network calls will face the same issue.

Requested enhancement

Make the secret provider plugin timeout configurable at the Nomad agent level.

Example config:

plugin {
  secret {
    timeout = "30s"  # or some reasonable default
  }
}

This would allow operators to adjust the timeout based on their secret backend's latency requirements.
Alternative suggestions welcome if there's a better architectural approach to solve this.

[tehut]

@ubiquitousbyte Thanks for raising this issue. This seems like a reasonable improvement so I've gone ahead and added it to our backlog.

[ubiquitousbyte]

@tehut I found some time to try and implement this. Do check my PR if you can! :)