| 15 Jul 2025 |
 @n4ch723hr3r:nope.chat | i'd still caution against it since you might set up a cache in the future for example and accidentialy upload some credentials | 17:18:13 |
 Zhaofeng Li | but I guess the more important issue is that reading config.age.secrets.x.path is semantically incorrect | 17:18:37 |
| Zhaofeng Li | (the path is on the target host after activation, not your host running the evaluation) | 17:18:41 |
 Daniel Ramos | I guess I'm going with sealed secrets in the end. | 17:19:00 |
| Daniel Ramos | thanks for the help 🫶🏽 | 17:19:08 |
| Daniel Ramos | Another question: does anyone know if it's possible to inject helm chart values via YAML? reading the docs, it seems that it only supports nix attribute sets? | 20:08:19 |
| Daniel Ramos | (sorry, I don't know if this is the right channel for this kind of questions) | 20:26:05 |
| Zhaofeng Li | Doesn't look easy, but you could use a derivation to parse yaml into json and then read it from Nix (import from derivation). But anyways, personally I don't like the HelmChart CRD in k3s and render everything locally so I can easily patch and check diffs before applying. I've been having fun with tanka which I recently switched to from kustomize | 20:40:34 |
| Zhaofeng Li | You don't have to use nix and k3s all the way, and half-baked abstractions can be counterproductive | 20:41:34 |
