Use secrets instead of helm parameters

[cep21]

When you run kubectl get pod -o yaml XYZ you see all the environment variables of the pod. It is better to keep them inside secrets, for things like slack tokens. Here is what I did to my deployment.yaml file.

            - name: KW_SLACK_TOKEN
              valueFrom:
                secretKeyRef:
                  name: kubewise
                  key: slack-token

An alternative is to use envFrom in k8s and inject into ENV all the keys of a secret. Either work, but maybe standardizing on the existence of a secret kubewise is reasonable.

[cep21]

I kept things like the slack channel as just environment variables like you have them: only the slack token was in a secret.

[dtuite]

This makes sense. Happy to accept a PR for this if you can do it. If not, I will try to get it done over the next few days.

[dtuite]

@cep21 I believe I fixed this today. It's already merged to master but if you can take a look to ensure I did the right thing I would appreciate it.