First we will create a Kubernetes Cluster and all the requirements for doing thAT.
Now we have to install ArgoCD to our kubernetes cluster
Use the link below to install argoCd in your cluster
---
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
---
Next we would have to install the argoCD CLI
Use the command below to install ArgoCD CLI in Linux
---
curl -sSL -o argocd-linux-amd64 https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
sudo install -m 555 argocd-linux-amd64 /usr/local/bin/argocd
rm argocd-linux-amd64
---
If you want to connect to your ArgoCD GUI(Optional)
Use the command below to generate ArgoCD initial Password
---
argocd admin initial-password -n argocd
---
For port fowarding, Use the command below
---
kubectl port-forward svc/argocd-server -n argocd 8080:443
use the command below to change argocd-server service to NodePort Service. Note, you can only do this if you have a public Ip attached to the kubernetes node.
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'
---
Now you can sign up with admin as the username and the password generated earlier
The next step is to install Bitnami Kubeseal Client
Use the command below for the installation
---
wget https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.18.0/kubeseal-0.18.0-linux-amd64.tar.gz
tar xfz kubeseal-0.18.0-linux-amd64.tar.gz
sudo install -m 755 kubeseal /usr/local/bin/kubeseal
---
To check if kubeseal installed you can use the command below to see if the directory shows up
---
which kubeseal
---
The next step is Installing the Custom Controller and CRD for SealedSecret
Install the SealedSecret CRD, controller and RBAC artifacts on your EKS cluster as follows:
---
wget https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.18.0/controller.yaml
kubectl apply -f controller.yaml
---
After this step, A sealed secret controller Pod and a sealed secret key (secret) should be created in the kube-system namespace
After this, you have to fetch a key with the command below, thus generate a public key.
---
 kubeseal --fetch-cert >mycert.pem
---
this key is generated by sealed secret in the cluster
Now Create a Secret
---
 echo -n nnamdi | kubectl create secret generic postgres-secret --dry-run=client --from-file=password=/dev/stdin -o json >mysecret.json
---
the secret tag is password: nnamdi and has been saved to a json file as shown above.
After this you will have to seal the secret, thus creating a sealed secret from the original secret json created earlier.
and you can seal it with the public key generated earlier also
---
kubeseal --cert mycert.pem <mysecret.json >mysealedsecret.json
---
Other developers can use this key to seal a secret aslo. all they have to do is have a copy of the key and of course have kubeseal installed in thier environment
Now a new file mysealedsecret.json is created. 
This file is what you will then commit to your source of truth.
For more info, visit https://github.com/bitnami-labs/sealed-secrets
or check out the youtube video in the link below
https://www.youtube.com/watch?v=FJBmovA2Ej4&t=284s