u/Physical_Growth7566

When discussing secrets management in Argo CD, there are two important questions every team should ask:

• Should changing a secret require an Argo CD sync?
• Should your secrets solution be coupled to Argo CD?

The answer to both is: definitely not.

Tomorrow on Argo Unpacked we’re having an open discussion about secrets management best practices in Argo CD: (https://www.linkedin.com/events/7454090384584118272)

• different approaches and tradeoffs
• decoupling secrets from deployment workflows
• operational considerations
• what works well in real environments (and what usually doesn’t)

Curious how others here think about this too:
How are you handling secrets with Argo CD today?

Recording a podcast tonight and I’m curious how people here think about this:

How are you managing Kubernetes manifests these days?

There are so many tools now—Helm, Kustomize, Crossplane, cdk8s, Cue, etc.—and I’m not sure it’s getting easier.

A couple things I keep running into:

• In-cluster tools: powerful, but hard to debug (no easy local rendering?)
• “Kubernetes way” (controllers, reconciliation) feels like overkill for templating sometimes
• Health checks are messy—“Ready” doesn’t mean the same thing across CRDs

Curious:

• What are you actually using?
• In-cluster or out-of-cluster?
• Do you trust your health signals?

If you want to join the discussion -> https://www.linkedin.com/events/7443938870234284032