Howdy! We have 3 kubernetes clusters that our 3 dagster cloud deployments are pointed to (dev, test, prod) running on AKS. The docs (https://docs.dagster.cloud/agents/kubernetes/configuring) mention that you can add image pull secrets to the workspace manifest in the helm repo in order to handle auth with the CR (ours is through ACR). If we take this route it appears that we would then need to update the secret in the manifest every time there is a dagster cloud update? We can also use a direct-attach between the clusters and the target ACR which would prevent the need to do this with the slight drawback that the link between dagster and the ACR is a bit less concrete. Any best practices to note here? Thanks!!

Hi Austin - apologies for missing this yesterday. I'm not totally following why you would need to update the secret whenever there's a dagster cloud update. I was imagining the list of secrets to use would be included in your values.yaml file and you would pass that file to the helm upgrade every time (something like helm upgrade -f values.yaml). I may be missing something though