For our purposes, we would like to install the grafana k8s-monitoring-helm chart into our Kubernetes cluster. This chart connects to our cloud SaaS grafana. We deploy such resources through tools like ArgoCD, so we would like the helm chart to be present in a git repository.
This chart however expects a policy token in its “password” field, which normally is provided plaintext. Since we however will be putting the chart in our repository, we really would like this token to not be publicly visible. Is there anything we can do to hide this token? SealedSecrets, secrets, configmaps, environment variables and everything is fine, we just don’t want someone who sees the repo be able to read our authentication token.
Is there any way we can achieve this? Or alternatively, is there any reason why we don’t need to be concerned that people can read this access token?