docs: add secure example for getting secret values

The current example showing how to decode a secret
does it in several steps which is fine but if some level
of security is required will leak the encoded secret
value in the shell history thus making it retrievable.

This patch adds an example on how to retrieve that
value without exposing it.

Author: sgaist

content/en/docs/tasks/configmap-secret/managing-secret-using-kubectl.md

@@ -130,6 +130,12 @@ The output is similar to:
 Now you can decode the `password` data:
 
 ```shell
+# This is an example for documentation purposes.
+# If you did things this way, the data 'MWYyZDFlMmU2N2Rm' could be stored in
+# your shell history.
+# Someone with access to you computer could find that remembered command
+# and base-64 decode the secret, perhaps without your knowledge.
+# It's usually better to combine the steps, as shown later in the page.
 echo 'MWYyZDFlMmU2N2Rm' | base64 --decode
 ```
 
@@ -139,6 +145,15 @@ The output is similar to:
 1f2d1e2e67df
 ```
 
+In order to avoid storing a secret encoded value in your shell history, you can
+run the following command:
+
+```shell
+kubectl get secret db-user-pass -o jsonpath='{.data.password}' | base64 --decode
+```
+
+The output shall be similar as above.
+
 ## Clean Up
 
 Delete the Secret you created: