Level up your helm deployments today! In values.yaml you only specify the input parameters for the helm chart, so it could be the secret name, but not the secret itself (or anything that it resolved). In this guide, we’ll cover the different strategies for managing secrets in helm charts, from the basic provision of kubernetes secrets to more advanced solutions such as external secrets operators. When combined with the helm secrets plugin, you can safely store your sensitive data in git repositories and automatically decrypt them during helm deployments. Using kubernetes secrets with helm allows you to manage sensitive information like passwords, api keys, and other confidential data in your kubernetes deployments. One workaround is, you can specify your secret in container.envfrom and all your secret keys will be converted to environment variables
Then, you can use those environment variables to create your composite env (ie, couchdb_url) Fyi, to create env from another env in kubernetes, () is used Curly braces {} won't work at this very moment. Use sops to encrypt value files and store them in git Store your secrets in a cloud native secret manager like aws secretmanager, azure keyvault or hashicorp vault and inject them inside value files or templates. With that in mind, there are two (and maybe only two) approaches to managing secrets in helm charts
Encrypt the secrets values in the values file of the helm charts. By leveraging helm, you can simplify the process of managing secrets while ensuring a high level of security and ease of use
WATCH
