We found 2 articles tagged with "secrets"

Managing sensitive data in Kubernetes clusters is a recurring challenge, especially when configuration needs to be versioned and shared across teams. Standard Kubernetes secrets are not designed for safe storage in source control, as they are only base64-encoded (not encrypted) and can be easily decoded back to plain text. This creates a gap between secure secret handling and common GitOps workflows.

Most modern IT setups are composed of several subsystems like databases, object stores, master controller, node access, and more. To access one component from another, some form of credentials are required. Configuring and storing these secrets directly in the components is considered as an anti-pattern, since a vulnerability of one component may iteratively and transitively affect the security of the whole setup.