Sops guide: Add note that only encrypted yaml files are supported

[mapster]

The formulation of the Mozilla Sops guide doesn't make it clear that the Kustomize-controller can only (?) decrypt sops-encrypted yaml files included in a kustomization.yaml. For instance a sops-encrypted env-file included through the secretGenerator-field in a kustomization.yaml won't be decrypted.

[davinkevin]

I leverage all the capacity of the secretGenerator, and especially files and envs. Thank to that, we can modify files in their native format (and not embedded in yaml). With sops, we ensure those secrets are encrypted. This is the same problem for helm charts with some values sops encrypted used inside an helmCharts generator.

So, this is the main case why I can't use flux, in pro an perso context. @stefanprodan, do you think something could be done for this, especially because kustomize way to managed secret will lead to this case a lot now.

Thank you 👍

[davinkevin]

Thank you @stefanprodan. Can’t wait to test it !