Level up your helm deployments today! Encrypt the secrets values in the values file of the helm charts. In values.yaml you only specify the input parameters for the helm chart, so it could be the secret name, but not the secret itself (or anything that it resolved).
Glow Paradise : Mention Très Bien ! | kleo beauté
In this guide, we’ll cover the different strategies for managing secrets in helm charts, from the basic provision of kubernetes secrets to more advanced solutions such as external secrets operators.
When combined with the helm secrets plugin, you can safely store your sensitive data in git repositories and automatically decrypt them during helm deployments.
Using kubernetes secrets with helm allows you to manage sensitive information like passwords, api keys, and other confidential data in your kubernetes deployments. One workaround is, you can specify your secret in container.envfrom and all your secret keys will be converted to environment variables Then, you can use those environment variables to create your composite env (ie, couchdb_url) Fyi, to create env from another env in kubernetes, () is used
Curly braces {} won't work at this very moment. Use sops to encrypt value files and store them in git Store your secrets in a cloud native secret manager like aws secretmanager, azure keyvault or hashicorp vault and inject them inside value files or templates. With that in mind, there are two (and maybe only two) approaches to managing secrets in helm charts
Either we store sensitive information in helm charts encrypted, or we don't store them in the charts at all
