Using ConfigMaps for credentials is an anti-pattern.
roncemer opened this issue · comments
You shouldn't be posting examples publicly of putting secrets in a ConfigMap. You're supposed to use a Kubernetes Secret for anything which should be kept secret. By showing an example of using a ConfigMap containing API keys, you're teaching people to deploy on K8s in an incredibly insecure way. You should re-work this, and your original article, to use secrets instead. Additionally, secret credentials should never be checked into a git repository or included in any source code. They can be kept separately in encrypted password storage, such as Keeper or even a password-protected keyring. There are also services which are designed specifically for keeping corporate credentials secure. You shouldn't be posting examples online of mis-handling credentials by carelessly putting them into a ConfigMap.
?!?!
I do not use a ConfigMap. I use a secret