Platform engineering is the discipline of designing and building toolchains and workflows that enable self-service capabilities for software engineering organizations in the cloud-native era.

Platform Engineering

In my case, I've found that encrypting the doppler token with sealed secret really neat, as it allows to keep everything in git
Curious to get your opinions on this

<https://github.com/bitnami-labs/sealed-secrets> should prevent the secret to leak :sweat_smile: as it is encrypted
So the Doppler token would be encrypted, meaning if the secret is deleted by mistake, or it needs to be recreated at some point, there is no need to reran manual commands to generate the secrets

yep, still going to make everyone working in appsec have their spidey sense tingle

What would you do instead to use Doppler on Kubernetes? ^^ (In a production/secure fashion)

<https://registry.terraform.io/providers/DopplerHQ/doppler/latest/docs/resources/service_token#example-usage> + doppler operator

or CI + the doppler cli if you don't want to do TF, shouldn't ever need to store the service token

generate it when you need it and rotate often :shrug:

I see, it seems nice :ok_hand: So it never keeps the token “hardcoded” somewhere
A downside would be to let the CI or TF access the cluster, so it is not “gitops” friendly