This helm chart has taken much inspiration from https://github.com/decyjphr-org/charts/tree/main/helm-charts/safe-settings, but it differs in one main way. It don't force the user to put any secrets directly in the values files. Instead, I make it possible to either set the environment variables or point to any Kubernetes secret you want. I assume that the secret already exists, how this secret is up to the user of the helm chart.
In a GitOps world, I would suggest something like
sealed secrets
external-secrets
etc.
Or if you want, you can still add the secret through Kubernetes.
This of course makes it harder to use the helm chart, but it will help to enforce best practices. We can of course extend this PR to support a similar Kubernetes secret injection that the current helm chart supports. But it needs to be able to disable this feature.
I have created a helm chart so you can try it out if you want helm upgrade -i safe-settings oci://ghcr.io/nissessenap/helm-charts/safe-settings --version 2.1.0
This helm chart has taken much inspiration from https://github.com/decyjphr-org/charts/tree/main/helm-charts/safe-settings, but it differs in one main way. It don't force the user to put any secrets directly in the values files. Instead, I make it possible to either set the environment variables or point to any Kubernetes secret you want. I assume that the secret already exists, how this secret is up to the user of the helm chart.
In a GitOps world, I would suggest something like
Or if you want, you can still add the secret through Kubernetes.
This of course makes it harder to use the helm chart, but it will help to enforce best practices. We can of course extend this PR to support a similar Kubernetes secret injection that the current helm chart supports. But it needs to be able to disable this feature.
I have created a helm chart so you can try it out if you want
helm upgrade -i safe-settings oci://ghcr.io/nissessenap/helm-charts/safe-settings --version 2.1.0
TODO
Partly fixes #578
Looking forward to your feedback.