Our platform is based around a Kubernetes / Container based micro-service architecture.
One area we have struggled with is managing environment configs and secrets. Currently we simply have a repository that has three folders for each environment:
/staging, /development, /production. Inside each folder we have config
.yaml files that define the secrets and configs for that environment.
The issue is our workflow is exposed to mistakes:
- Developer needs to update a config / secret
- Opens folder with specific config
- Pulls any changes from ops-repo
- Updates the config values
- Apply them to the environment
- Commits and pushes changes to ops-repo
Are there tooling / workflows that can take the manual/human side of this away?