Howdy! We have 3 kubernetes clusters that our 3 dagster cloud deployments are pointed to (dev, test, prod) running on AKS. The docs (
https://docs.dagster.cloud/agents/kubernetes/configuring) mention that you can add image pull secrets to the workspace manifest in the helm repo in order to handle auth with the CR (ours is through ACR). If we take this route it appears that we would then need to update the secret in the manifest every time there is a dagster cloud update? We can also use a direct-attach between the clusters and the target ACR which would prevent the need to do this with the slight drawback that the link between dagster and the ACR is a bit less concrete.
Any best practices to note here?
Thanks!!