CRDs should allow references to kubernetes secrets. Helm allows secret injection at runtime, this controller breaks that safety net because of convenience.
@ipedrazas what exactly do you mean by secret injection at runtime? AFAIK Helm will store the values in plaintext in a ConfigMap. Anyway, I do think HelmRelease should support a valueSecretName field.
CRDs should allow references to kubernetes secrets. Helm allows secret injection at runtime, this controller breaks that safety net because of convenience.