From the course: Automating Kubernetes with GitOps

Unlock this course with a free trial

Join today to access over 24,700 courses taught by industry experts.

Secrets in GitOps

Secrets in GitOps

- So, I know that we have reviewed how to use Secrets. Let's talk about using Secrets in GitOps. The thing is that Secrets are not so very Secret, and for that reason, they deserve a special treatment in GitOps. You should never store them in Git repositories because they are easily decoded, as we have seen. But if you don't store them in Git repositories, how are you ever going to deal with them in a fully automated GitHub's environment? That's a problem. So, building Secrets in a container image is not a very good idea. That would keep them secure, but inflexible. Also, it will make the container image sensitive, and imagine that you put the Secret in your container image and next you publish it on the public registry. That's not very smart. Also, it would take away the separation of configuration and code, and that is a bad idea. Manual application, we can see overall GitHub's performance. So, you can have a person entering the value, but that takes away from your GitHub's level of…

Contents