• How to retrieve a github actions secret

    2 min read

    github action get secret

    When using Github Actions secrets, it won't show any secrets on the action's logs: It is going to replace any string that matches with an existing secret with ***

    24/08/2022

    Read more...
  • Import files into objects using helm

    2 min read

    helm ConfigMap Secret file

    When writing helm charts being able to specify the files to use for ConfigMap or a Secret objects is way more convenient than having the object already rendered. Using .Files.Glob we can tell help to import a set of files into the object

    08/07/2022

    Read more...
  • Keeping the terraform state in a Kubernetes Secret

    2 min read

    terraform state Kubernetes Secret

    Storing the terraform state into a S3 bucket with dynamoDB for locking has become the de facto standard for being able to share the state across an organization. Nevertheless, there are interesting alternatives: We can use a Kubernetes Secret

    19/04/2022

    Read more...
  • Managing (safely) Secrets as Code with sops and terraform

    3 min read

    Terraform Secret as code sops git

    If you are using Infrastructure as Code you've realized there is something it shouldn't be on a git repository: That's the secrets, we should never store clear-text secrets on a git repository, not even if it's a private repository: Anyone with access to that repository could get them.

    How can we securely create secrets as code into the AWS Secrets Manager using terraform?

    15/02/2022

    Read more...
  • Using AWS Secrets Manager secrets and Systems Manager parameters in Kubernetes with KES

    4 min read

    By using the Kubernetes External Secrets we can use external secret management systems, like AWS Secrets Manager or Vault, to securely add secrets in Kubernetes.

    This is achieved by by using the ExternalSecret object which declares how to fetch the secret data, while the KES controller converts the ExternalSecrets to Secrets. The conversion is completely transparent to Pods that can access Secrets normally.

    29/11/2021

    Read more...

More recent...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets