helm charts not having secretKeyRef usage

[mrwormhole]

ideally, helm charts that have sensitive information uses secretKeyRef to decode base64 k8s secret and takes the name of the secret, this improves the usage of helm charts in public gitops based repos which use helm charts.

Can this be added to helm charts?

The best example of it is given here which allows both plain information or secret key reference https://github.com/minio/minio/blob/master/helm/minio/values.yaml#L344-L348

[joshuaganger]

I'm looking at this same issue for both kubewatch and kubernetes-event-exporter https://github.com/resmoio/kubernetes-event-exporter/issues/48 . In both cases the API token (or user/pass etc) is intended to be stored in a ConfigMap.

One strategy I've come across is to store the secrets in CI/CD and pass it in during deployment with envsubst but that's not ideal either.

[aantn]

Hey, we don’t support this yet. Would you be interested in opening a PR for it?