Managing secrets and configurations in containers environments

Our platform is based around a Kubernetes / Container based micro-service architecture.

One area we have struggled with is managing environment configs and secrets. Currently we simply have a repository that has three folders for each environment: /staging, /development, /production. Inside each folder we have config .yaml files that define the secrets and configs for that environment.

The issue is our workflow is exposed to mistakes:

  1. Developer needs to update a config / secret
  2. Opens folder with specific config
  3. Pulls any changes from ops-repo
  4. Updates the config values
  5. Apply them to the environment
  6. Commits and pushes changes to ops-repo

Are there tooling / workflows that can take the manual/human side of this away?

Source: StackOverflow