A QuarksSecret allows the developers to deal with the management of credentials.
QuarksSecret can be used to generate passwords, certificates and keys. It uses the cfssl package to generate these. The generated values are stored in kubernetes secrets.
The generated credentials can be rotated by specifying its quarkssecret's name in a configmap. The configmap must have the following label:
quarks.cloudfoundry.org/secret-rotation
In the case, where a certificate is generated, the QuarksSecret ensures that a certificate signing request is generated and is approved by the Kubernetes API server.
See https://github.com/cloudfoundry-incubator/quarks-secret/tree/master/docs/examples