Kubernetes CRD: bitnami.com/SealedSecret

"A Kubernetes controller and tool for one-way encrypted secrets." (github.com/bitnami-labs/sealed-secrets)

Secrets lie at the core of many infrastructure deployments, and securing them while taking advantage of "GitOps"-friendly workflows can be challenging. Users of the "SealedSecret" CRD aim to solve this problem by delegating secret handling to a controller that's the only place they can be decrypted. Use this module to validate that manifests sent to a Kubernetes cluster's bitnami.com/SealedSecret controller are structurally sound before deploying them.

To use this module, first import it into your CUE:

import (
    secrets "cue.dev/x/crd/bitnami.com/sealed-secrets/v1alpha1"
)

Learn more with:

• Checking SealedSecret CRD manifests using CUE
• The Central Registry's module documentation