# This YAML file defines a Kubernetes Secret.
# Secrets are used to store sensitive information, such as passwords, API keys, and tokens.
# It's crucial to handle Secrets securely to protect your application.

apiVersion: v1
kind: Secret
metadata:
  name: REPLACE_ME-secret # Replace with a descriptive name for your secret
  namespace: default # Consider using a specific namespace for your application
  labels:
    app: REPLACE_ME-app # Replace with your application name
    tier: backend # Optional: Add a tier label if applicable
  annotations:
    # Optional: Add annotations for documentation or automation
    description: "Secret for REPLACE_ME application"

type: Opaque # Use Opaque for generic key-value secrets

data:
  # Each key-value pair represents a secret.
  # The values should be base64 encoded.
  # Example:
  # my_password: $(echo -n "mysecretpassword" | base64)
  #
  # IMPORTANT: Never store plaintext secrets in your YAML file.
  # Use a secure method to generate and encode the values.
  #
  # Example using environment variables:
  # my_api_key: $(echo -n "$MY_API_KEY" | base64)

  # Add your secrets here:
  api_key: YOUR_VALUE_HERE # Replace with your base64 encoded API key
  database_password: YOUR_VALUE_HERE # Replace with your base64 encoded database password

# Optional: You can use 'stringData' instead of 'data' to provide plaintext values.
# Kubernetes will automatically encode them to base64.
# However, it's generally recommended to encode the values beforehand for security.
#
# stringData:
#   username: myuser
#   password: mysecretpassword