this post was submitted on 10 Feb 2024
85 points (100.0% liked)

DevOps

1652 readers
1 users here now

DevOps integrates and automates the work of software development (Dev) and IT operations (Ops) as a means for improving and shortening the systems development life cycle.

Rules:

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] z3r0_Geek@lemmy.zip 2 points 8 months ago (1 children)

What do you think about storing your encrypted secrets in your repos using Sops?

[–] RandomDevOpsDude@programming.dev 1 points 8 months ago (1 children)

I prefer Sealed Secrets over sops since it has the namespace scoping element and can also be stored in repo (once encrypted). I also generally prefer having a controller deployed rather than forcing devs to learn kustomize (which we don't widely use yet) so I guess less of a support burden for me.

[–] z3r0_Geek@lemmy.zip 2 points 8 months ago (1 children)

I understand your point. Anyway, if your devs are using Helm they can still use Sops with the helm-secrets plugin. Just create a separated values file (can be named as secrets.yaml) contaning all sensitive values and encrypt it with Sops.

[–] RandomDevOpsDude@programming.dev 1 points 8 months ago (1 children)

Thanks for sharing! I definitely hadn't seen that plugin. We definitely use helm, even though I hate it lol. I will take a look when I get around to looking at external secrets since I still haven't had a chance to (you know how it goes... priorities made up by some random PM or whatever)

[–] z3r0_Geek@lemmy.zip 2 points 8 months ago

If you still want more you can use Helmfile. Take care of your PMs 😁