Declarative secret management for GitOps with Kapitan

In this post I would like to compare different ways to manage secrets in code, especially relevant to Kubernetes but also in general with a more broad reach.