The "secure" flag breaks deployments in OpenShift

[exhuma]

The "secure" flag to "get_config" enforces the permissions 0x600 for a config file. But in OpenShift the most secure a file can be is 0x640 because any mounted secrets will be owned by root:<app-user>.

This means that in its current state, config_resolver cannot be used for OpenShift apps.

A backwards compatible change would be to allow to pass in an octal value of the "expected" mode of a file, and use 0x600 if a user passes in True. This way each call could be adapted apropriately.