1. JWT_SECRET handling:
   - By default, the chart creates a secret with the value from `values.yaml: secretEnv.JWT_SECRET`.
   - To generate a random JWT_SECRET at install, set `generateJwtSecret: true`.
   - To use an existing Kubernetes secret, set `existingSecret` to the secret name. The secret must have a key matching `existingSecretKey` (defaults to `JWT_SECRET`).

2. Example usage:
   - Set a custom secret: `--set secretEnv.JWT_SECRET=your_secret`
   - Generate a random secret: `--set generateJwtSecret=true`
   - Use an existing secret: `--set existingSecret=my-k8s-secret`
   - Use a custom key in the existing secret: `--set existingSecret=my-k8s-secret --set existingSecretKey=MY_KEY`

3. Only one method should be used at a time. If both `generateJwtSecret` and `existingSecret` are set, `existingSecret` takes precedence.
   If using `existingSecret`, ensure the referenced secret and key exist in the target namespace.