No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

you need to base64 encode it, or use `stringData`

Ah I see. I figured kubernetes automatically encoded plain text into base64 as a secret?

not everyone wants to have k8s encode the data, often people want to encode it themselves :slightly_smiling_face:

I see. So you're suggesting you could use a different encoding scheme or people want to trust their own base64 encoding?

hi <@U01TTG4G6KA>, I highly suggest you, to use a secret controller like `external-secrets` for Kubernetes secret management. Depending on where you run your k8s cluster you may have a managed service for that.

<@U01TTG4G6KA> you must use base64 encoding for any value in `data`.  The `stringData` field is provided for convenience, to have the API server perform the encoding for you.  Same result.
<https://kubernetes.io/docs/concepts/configuration/secret/#restriction-names-data>