For the last few years I have been working on a suite of Heroku applications (previously Azure had similar functionality).
One of the beauty of these is the separation of config and build. This allows the only difference between environments (for secrets such as db connection strings or feature toggle environment variables) to be a versioned secure set of configuration. Importantly these configs can be changed without rebuilding the code.
Here is an article that discusses the capability of running kubernetes as a 12 factor application.