I'm pretty new to all this so I am trying to get my bearings a bit. The 12Factor app states that all config should be done by environment variables - this includes secrets. I've seen various back and forths about if it is safe to store secrets in environment variables, but I do see it as the most portable way to do it and you won't be tied to a specific secrets manager.
But this is where I feel a bit lost as I want to use Azure Key Vault in my .Net Core app but nowhere do I see how to inject these secrets as env vars, only making code changes to add Azure Key Vault to the configuration of the app. I can see the benefit of the secrets being more secure as you can't just view the environment variables but also now you will be tied to Azure Key Vault and you have to have code changes (even if they are minimal).
So I feel like I'm getting mix messages about how secrets should be accessed. Is it just in theory secrets should be env vars but in practice no one actually does that and just uses the code integrations. Or is this just a problem with not using kubernetes, and in kubernetes AKV just integrates with the secrets seamlessly (and so the secrets are just env vars) so no one really talks about it?
