From 1732bd8fc0a08b128b8c69250c15a59d9242d4c5 Mon Sep 17 00:00:00 2001
From: Vilsol <me@vil.so>
Date: Sun, 25 Jun 2023 22:01:39 +0300
Subject: [PATCH 1/2] A secret type must be used for pull secret to work

---
 content/en/docs/concepts/configuration/secret.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/en/docs/concepts/configuration/secret.md b/content/en/docs/concepts/configuration/secret.md
index fa45f3e017..774dc9a38b 100644
--- a/content/en/docs/concepts/configuration/secret.md
+++ b/content/en/docs/concepts/configuration/secret.md
@@ -684,7 +684,7 @@ for information on referencing service account credentials from within Pods.
 
 ### Docker config Secrets
 
-You can use one of the following `type` values to create a Secret to
+You **MUST** use one of the following `type` values to create a Secret to
 store the credentials for accessing a container image registry:
 
 - `kubernetes.io/dockercfg`

From d3fc857138aa9c53d425791f7297abf1a5fe41fd Mon Sep 17 00:00:00 2001
From: Vilsol <me@vil.so>
Date: Tue, 22 Aug 2023 18:19:00 +0300
Subject: [PATCH 2/2] Reword secret message and add credential provider caution
 message.

---
 content/en/docs/concepts/configuration/secret.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/content/en/docs/concepts/configuration/secret.md b/content/en/docs/concepts/configuration/secret.md
index 774dc9a38b..58242921f6 100644
--- a/content/en/docs/concepts/configuration/secret.md
+++ b/content/en/docs/concepts/configuration/secret.md
@@ -684,8 +684,8 @@ for information on referencing service account credentials from within Pods.
 
 ### Docker config Secrets
 
-You **MUST** use one of the following `type` values to create a Secret to
-store the credentials for accessing a container image registry:
+If you are creating a Secret to store credentials for accessing a container image registry,
+you must use one of the following `type` values for that Secret:
 
 - `kubernetes.io/dockercfg`
 - `kubernetes.io/dockerconfigjson`
@@ -761,10 +761,12 @@ Docker configuration file):
 }
 ```
 
-{{< note >}}
+{{< caution >}}
 The `auth` value there is base64 encoded; it is obscured but not secret.
 Anyone who can read that Secret can learn the registry access bearer token.
-{{< /note >}}
+
+It is suggested to use [credential providers](/docs/tasks/administer-cluster/kubelet-credential-provider/) to dynamically and securely provide pull secrets on-demand.
+{{< /caution >}}
 
 ### Basic authentication Secret