Time for Álvaro Neira and #SealedSecrets, working with K8s secrets and GitOps easily at the #VMware office Seville

GitLab stack on #Kubernetes on-prem. Started initially with #FluxCD but it all got messy in no-time. #SealedSecrets being pushed in 2 clusters, configuration drifts between environments popped-up and suddenly it all gone out of control. #GitLab recommends deploying external PostgreSQL, MinIO and Redis clusters for production, Bitnami helm charts are so far the best choices here.

Decided to move all that stuff to kapitan and suddenly all those problems vanished.

You wrap everything into 🧵

TIL that #bitnami offers two #helm charts for #sealedSecrets - that contain (slightly) different CRDs 🤯
Be careful not to mix them up!

https://artifacthub.io/packages/helm/bitnami/sealed-secrets
https://github.com/bitnami/charts/blob/main/bitnami/sealed-secrets/crds/sealed-secrets.yaml
vs
https://artifacthub.io/packages/helm/bitnami-labs/sealed-secrets
https://github.com/bitnami-labs/sealed-secrets/blob/main/helm/sealed-secrets/crds/bitnami.com_sealedsecrets.yaml

Sealed Secrets is a Kubernetes controller and tool for one-way encrypted Secrets.

https://github.com/bitnami-labs/sealed-secrets

#Secrets #SealedSecrets #Kubernetes #tools #DevOps #infra #security