🦜 add a tip 🦜

eformat · eformat · commit 3019f638cc4f · 2022-01-28T09:13:08.000+10:00
diff --git a/docs/3-revenge-of-the-automated-testing/8-image-signing.md b/docs/3-revenge-of-the-automated-testing/8-image-signing.md
@@ -27,6 +27,11 @@
 
     You just generated two keys (one private key, one public key). Private key is used to sign the images and it is automatically saved as a secret in your `ci-cd` namespace alongside the password you choose. Public key is used to verify the signed images. You can share your public key for people to verify your images but private one should not be shared or at least sealed before storing publicly.
 
+    <p class="tip">
+    🐌 THIS IS NOT GITOPS - The generated private key is stored in a Kubernetes secret in you <TEAM_NAME>-ci-cd project. We'll leave it as an exercise to the reader to extract and store this as a SealedSecret instead! 🐎
+    </p>
+
+
 Now let's proceed to extend the pipelines with image signing step.
 
 _This step makes more sense when you use an external image registry and share images across clusters or publicly._
