Current State: Kubernetes manifests (api-deployment.yaml, Helm charts) assume the injection of static secrets or variables. Native K8s Secrets are only base64 encoded and insufficient for production security.
Required Action: Implement the ExternalSecrets Operator in Kubernetes to dynamically synchronize credentials from an external manager (HashiCorp Vault, AWS Secrets Manager, Doppler) directly into the cluster.
Current State: Kubernetes manifests (
api-deployment.yaml, Helm charts) assume the injection of static secrets or variables. Native K8s Secrets are only base64 encoded and insufficient for production security.Required Action: Implement the
ExternalSecretsOperator in Kubernetes to dynamically synchronize credentials from an external manager (HashiCorp Vault, AWS Secrets Manager, Doppler) directly into the cluster.