A/C: mailgun secret should be rotated
This needs to be performed on production and staging. Tom would recommend you do them separately, staging first, this will also give an idea of if there is downtime associated with this action.
Probable steps:
- Login to mailgun UI
- Copy new token
- Paste into your tfvars file
- run make apply
- This will create new secrets in k8s. However! it will not restart the workloads that are still running using the old secrets
- gracefully restart relevant workloads (api/mw works) (https://linuxhint.com/kubectl-rollout-restart/)
- check all is working