Recently we are considering to introduce spinnaker for CD. But after some investigation, I got a few questions that were merely answered.
Can anyone give me some hints on following topics?
We want to set up a shared spinnaker for several teams (10+), how do I secure the provider secrets (aws accounts, kubeconfigs, etc)? I think in most of the keys are mounted as kubernetes secrets, which are not so secret, is there any example to integrate secret servers to load these accounts?
Another problem is, besides using
hal config, is there a way to add a new cloud provider (with UI or something)? Currently we consider to build a website that triggers
hal config & applyon user submit. But I wonder if there is any recommended practice on this purpose.