0

I plan to make secret in k8s from appsetting.json but how to store the file before using by devops pipelines

I want to store the appsettings.json and pipeline can fetch it to make a secret

1 Answers1

3

Is your k8s cluster hosted in a cloud? If so, you should be using AWS Secret Manager or Azure Key Vault to store secret settings.

If that is not an option, create an encrypted configuration provider that would allow encrypting data inside the appsettings.json. Here are some examples: Encrypted configuration in ASP.NET Core

Kubernetes secrets are not really secrets and are accessible to anyone who has access to the infrastructure. https://auth0.com/blog/kubernetes-secrets-management/

Dmitry S.
  • 8,373
  • 2
  • 39
  • 49
  • Thanks for the answer, I probably will use Azure Key Vault direct access from Program.cs. The current challenge is to keep the AKV credential. What I plan because is to use env in the pod and the env source from secret k8s. – agungardiyanta Feb 22 '23 at 02:27