Question: Can we avoid putting secrets in values.yaml during installation?


Answer: Yes. We have a pre-processor that inserts the secret-values from kubernetes secrets. The procedure for doing this is as follows:

a) Create kubernetes secret(s) with the key/value pairs for the secerts in the namespace where you want to install ISD

b) In the values.yaml, put encrypted:SECRET-NAME:KEY instead of the actual value


Full instructions and the script that replaced the above string with real values is available here:

https://github.com/OpsMx/standard-gitops-repo/blob/3.9/SAMPLES/secret-decoder.sh