Rotating Github (Action) secrets
So, here’s a fun problem I ran into at work: We use Github Actions to deploy all our services to Kubernetes. And in order to do a deployment, we have kube configs (as secrets) setup to connect to a Kubernetes cluster when a workflow runs. The Kubernetes config has an expiration date and will become invalid when the Kubernetes certificates are rotated (k0s takes great care of that). When they expire, the deploys fail until we update the secret on Github Actions....