Additional documentation on kustomize patches with sops#1394
Additional documentation on kustomize patches with sops#1394nagygergo wants to merge 1 commit intofluxcd:mainfrom
Conversation
nagygergo
force-pushed
the
sops-patch-docs
branch
from
047cc37 to
a70b30c
Compare
|
Hey @vlasov-y would you have time to review this PR? 🙏 I think it's a bit related to what you worked on recently? Thanks!!! 🙏 |
There was a problem hiding this comment.
Once these comments are changed, it is clear to go and merge. Thanks @nagygergo!
matheuscscp
left a comment
matheuscscp
left a comment
There was a problem hiding this comment.
Thanks very much you both!!! 🙏
Signed-off-by: Gergely Nagy <gergely.l.nagy@ericsson.com>
nagygergo
force-pushed
the
sops-patch-docs
branch
from
88f9a21 to
8470ddf
Compare
| metadata: | ||
| name: secret | ||
| stringData: | ||
| publicConifg: "my-public-config" |
There was a problem hiding this comment.
I don't think Flux docs should tell users to leave Secrets in plain text in the repo. I think the base Secret should contain no keys.
There was a problem hiding this comment.
Does that apply to the "Kustomize secretGenerator" chapter as well?
There was a problem hiding this comment.
Do we tell people to leave secrets in plain text in that chapter?
There was a problem hiding this comment.
Sorry, put the comment in the wrong place... My question was directed at this comment.
A better place for this documentation is here: https://fluxcd.io/flux/guides/mozilla-sops/
@nagygergo please copy the section from this PR into https://github.com/fluxcd/website/edit/main/content/en/flux/guides/mozilla-sops.md
|
A better place for this documentation is here: https://fluxcd.io/flux/guides/mozilla-sops/ @nagygergo please copy the section from this PR into https://github.com/fluxcd/website/edit/main/content/en/flux/guides/mozilla-sops.md |
Does that apply to the "Kustomize secretGenerator" chapter as well? |
This applies to what's in this PR. I'm not suggesting deleting anything from the current docs. |
|
Closing in favor of fluxcd/website#2200 as @stefanprodan asked. |
5 participants
Adding some documentation on how Kustomize controller works with patch files and sops decryption. There is a mention of something like this in the SOPS user guide (https://fluxcd.io/flux/guides/mozilla-sops/#sops-encrypted_regex-conflict), but probably it is also good to describe both cases (secretsGenerator and patchfiles) in the kustomize controller, besides each other.