81
you are viewing a single comment's thread
view the rest of the comments
[-] RandomDevOpsDude@programming.dev 2 points 9 months ago

I can't believe I haven't seen external secrets before. Sealed secrets are cool, but such a pain as you described. Gonna be setting up external secrets next week sounds like. Thanks for the great post

[-] z3r0_Geek@lemmy.zip 2 points 9 months ago

What do you think about storing your encrypted secrets in your repos using Sops?

[-] RandomDevOpsDude@programming.dev 1 points 8 months ago

I prefer Sealed Secrets over sops since it has the namespace scoping element and can also be stored in repo (once encrypted). I also generally prefer having a controller deployed rather than forcing devs to learn kustomize (which we don't widely use yet) so I guess less of a support burden for me.

[-] z3r0_Geek@lemmy.zip 2 points 8 months ago

I understand your point. Anyway, if your devs are using Helm they can still use Sops with the helm-secrets plugin. Just create a separated values file (can be named as secrets.yaml) contaning all sensitive values and encrypt it with Sops.

[-] RandomDevOpsDude@programming.dev 1 points 8 months ago

Thanks for sharing! I definitely hadn't seen that plugin. We definitely use helm, even though I hate it lol. I will take a look when I get around to looking at external secrets since I still haven't had a chance to (you know how it goes... priorities made up by some random PM or whatever)

[-] z3r0_Geek@lemmy.zip 2 points 8 months ago

If you still want more you can use Helmfile. Take care of your PMs 😁

this post was submitted on 10 Feb 2024
81 points (100.0% liked)

DevOps

1670 readers
1 users here now

DevOps integrates and automates the work of software development (Dev) and IT operations (Ops) as a means for improving and shortening the systems development life cycle.

Rules:

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS