Plain Kubernetes Secrets are fine

from blog Mac's Tech Blog, | ↗ original
↗ original
It's no secret that Kubernetes Secrets are just base64-encoded strings stored in etcd alongside the rest of the cluster's state. Ever since the introduction of Secrets in 2015, armchair security experts have been scoffing at this decision and seeking alternatives. I think those people are missing the point. The design of the Secrets API dates...