Hmm.. :) interesting!
Let me take a peek at it and let you know how it goes. By the way, we are kind of riding the same boat however sealed secrets is least amount of effort atm.
Have you tried anything like Vault etc?
Sealed secret solved the problem in a different way. It let you create encrypted Kubernetes secrets, which has a few downsides:
One last comment regarding Vault. Vault has 2 options:
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.