Pre Authenticated Datasource using JDBC in Kubernetes/Docker Containers
If an application developer can access the production tomcat/weblogic, he can gather the credentials as well, so there is no difference with kubernetes.If you want to prevent developers from getting data from production environments, appropriate access restrictions must be in place.
A kubernetes secret could be used to provide credentials, for more elaborate scenarios a special service like hashicorp vault could be used.