The security and storage of secrets is one of the most controversial subjects when it comes to GitOps deployments. Some teams want to go “by the book” and use Git as the storage medium (in an encrypted form of course) while others accept the fact that secrets must be handled in a different way (outside of GitOps). There is no right or wrong answer here and depending on the organization requirements, either solution might be a great fit.