Merge pull request #506 from chanwit/sops-doc

Add a note not to apply SOPS encrypted secrets directly
2026-03-15 15:56:56 +00:00 · 2020-11-25 17:49:49 +02:00
parent 0db06c8962 99f5dbf16b
commit 371db07108
1 changed files with 3 additions and 0 deletions
--- a/docs/guides/mozilla-sops.md
+++ b/docs/guides/mozilla-sops.md
@@ -78,6 +78,9 @@ sops --encrypt \

 You can now commit the encrypted secret to your Git repository.

+!!! hint
+    Note that you shouldn't apply the encrypted secrets onto the cluster with kubectl. SOPS encrypted secrets are designed to be consumed by kustomize-controller.
+
 ## Configure secrets decryption

 Registry the Git repository on your cluster: