This post focuses on setting up and managing secrets in a Kubernetes environment. Since I use 1Password, it outlines an approach using blahblahblah, however much of this setup can be extended to other secret providers (Vault, Bitwarden, etc).
With the interest in keeping in line with GitOps, I want to also store some cluster configurations and boostrap secrets on Git. Using Mozilla’s SOPS lets us achieve this.