[Helm Chart] Allow external secret for secretFiles
#1721
loicalbertin
started this conversation in
Ideas
Replies: 1 comment 3 replies
-
@loicalbertin, cc: @Andreea-Lupu |
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi 👋
Context: I want to deploy Zot using a GitOps tool (I'm using Rancher Fleet).
Issue: The Helm config will be stored into Git. With the current Zot Helm chart I should store the
secretFiles
unencrypted into my git repo. This is problematic to me.Having secrets into Git repo is a well-known issue when dealing with GitOps.
Personally I use Sops + a Kubernetes Operator to deal with it and store my secrets encrypted in the Git repo.
So I will be able to pre-generate a secret similar to the one generated by the Helm chart using the value of
secretFiles
prior to the chart deployment.What is missing for me in the Zot Helm is either:
secretFiles
if a secret of the same name already exits (I will manage to create a secret with the correct name)What do you think about this?
Beta Was this translation helpful? Give feedback.
All reactions