Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
kubernetes-external-secrets
Discontinued Integrate external secret management systems with Kubernetes
Kind of like you mention though, I tend to still create a build script using gitversion then just have the GitHub Action kick off the script. I find value in being able to create artifacts on a developer machine so having a simple script to run makes that as painless as possible and when I last looked a year or so ago there wasn't a good way of running GitHub Actions on your development machine.
It also depends on the language you're using. I'm a dotnet guy but I did some quick work on a go project that was using ko and I found myself a bit jealous of go developers that day. It seems like a go project set up with ko can be really easy to build/publish.
Bootstrap Flux v2 to the cluster via Gitlab CI then deploy everything else using their multi tenant approach - https://github.com/fluxcd/flux2-multi-tenancy
We don't keep anything sensitive inside of Helm charts. We use AWS Secrets Manager and external-secrets