Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
csunbird
on Oct 14, 2020
|
parent
|
context
|
favorite
| on:
Dockerfile Security Best Practices
> 1. OpenShift/Kubernetes Secrets mounted into the Pod at runtime.
Do you recommend mounting secrets as environment variables to the kubernetes pods instead of files?
freedomben
on Oct 14, 2020
|
next
[–]
Yes, that is by far my preference. Much more 12 factor app-ish and framework independent. A lot of Java apps will want files though, so sometimes it isn't possible.
auspex
on Oct 15, 2020
|
prev
[–]
Files should be used over environment variables. The file system at least as some form of RBAC through file permissions.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Do you recommend mounting secrets as environment variables to the kubernetes pods instead of files?