As a DevOps Engineer, you need to create a CI/CD pipeline that incorporates secret management for a service deployed on Google Kubernetes Engine (GKE). The pipeline should minimize the risk of exposing sensitive information during the build and deployment process. Which of the following approaches should you implement to securely manage secrets in the CI/CD pipeline?