Secrets as Code

by Fernando Llaca (Platform Engineer at Adhara) & Carlos Figueras (Platform Engineer at Adhara)

At Adhara we need to build very different environments every week: for sub-products internal development, for customers pilots, for phoenix environments for testing… dozens of them. Everything was nicely automated with Terraform and leveraging Kubernetes to handle the complexity of the deployments. But… the database credentials. The Kubernetes secrets were created manually, and then its content backed in somewhere like Keybase. Not pretty. This is the story on how Adhara’s Platform team moved from that situation to the current fully automated creation of databases and their passwords, following GitOps practices and using tools like Atlantis, Flux and Terraform. Now we create new deployments every day without seeing ourselves the database passwords. We don’t even have access to them!

05/02/2020Spanish
Made withby@agonzalezro