Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
csunbird
on Oct 14, 2020
|
parent
|
context
|
favorite
| on:
Dockerfile Security Best Practices
> 1. OpenShift/Kubernetes Secrets mounted into the Pod at runtime.
Do you recommend mounting secrets as environment variables to the kubernetes pods instead of files?
freedomben
on Oct 14, 2020
|
next
[–]
Yes, that is by far my preference. Much more 12 factor app-ish and framework independent. A lot of Java apps will want files though, so sometimes it isn't possible.
auspex
on Oct 15, 2020
|
prev
[–]
Files should be used over environment variables. The file system at least as some form of RBAC through file permissions.
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Do you recommend mounting secrets as environment variables to the kubernetes pods instead of files?