Geoffrey MUSELLI
f74e08546c
Support glob for namespaces condition in ClusterSecretStore ( #2920 )
...
* feat(ClusterSecretStore): Support glob for conditions.namespaces
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix diff
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix code smell
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): First code review
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Second code review
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Generate
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix Sonar method complexity
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* addressed comments
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* renamed namedspacesregexes because it sounded funny
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-06-17 08:36:05 +02:00
Tsubasa Nagasawa
199c9103db
feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache ( #3588 )
...
* feat: Add component labels to custom resource definitions
Prerequisite for restricting the CRDs cached by Informer
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
* feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache
The certcontroller watches CRDs and Webhook configurations, and
manages CA certificates for conversion webhooks of CRDs and Webhook
configurations. Some clusters have a large number of CRDs and Webhook
configurations installed. Additionally, some CRDs have large object sizes.
Currently, the certcontroller holds all CRDs and Webhook configurations
in the Informer cache. Since this includes CRDs not managed by the
certcontroller for CA certificates, memory usage tends to be high.
This PR adds a label to the CRDs and configures the Informer cache to hold
only the CRDs and Webhook configurations restricted by the label selector.
It assumes that the CRDs have a label. Depending on how the External Secrets
Operator is managed, it may be possible to update the External Secrets
Operator without updating the CRDs, so as a precaution, it can be turned
on/off via a startup option. It is disabled by default.
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
---------
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
2024-06-16 12:52:10 +02:00
smcavallo
d29c001d37
Add device42 provider ( #3571 )
2024-06-14 06:04:19 +02:00
Akhil Mohan
ace1ff595f
Infisical provider ( #3477 )
...
* feat: added crds for infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: implemented infisical provider logic
Signed-off-by: = <akhilmhdh@gmail.com>
* fix: resolved broken doc building due to vault doc error
Signed-off-by: = <akhilmhdh@gmail.com>
* docs: added doc for infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* docs: fixed a warning in mkdocs on link
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved all lint issues
Signed-off-by: = <akhilmhdh@gmail.com>
* doc: removed k8s auth release banner from infisical doc
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: added support for property to infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: removed auth type and made implicit ordering of authentication based on feedback
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: support for referent authentication
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: added error for tag not supported in find
Signed-off-by: = <akhilmhdh@gmail.com>
* fix: resolved failing build
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: updated doc and added stability matrix for infisical
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: switched to less error prone use and revoke token strategy and added validate interface logic
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: code lint issue fixes
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved review comments for infisical client
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: improved test cases and resolved sonar issues
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved sonar suggestions
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved sonar suggestions for test const ids
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: store changes to assertError
Signed-off-by: = <akhilmhdh@gmail.com>
---------
Signed-off-by: = <akhilmhdh@gmail.com>
2024-06-11 22:27:31 +02:00
AvivGuiser
c365cb4956
add log.level and log.encoding to all components ( #3558 )
...
* add log.level and log.encoding to all components
Signed-off-by: Aviv Guiser <avivguiser@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2024-06-08 15:37:01 +02:00
Gergely Brautigam
94c9a33a11
feat: add location to GCP push secret ( #3502 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-06-07 09:46:29 +02:00
Lucas Severo Alves
82e6a2ac5f
bump 0.9.19 ( #3553 )
2024-06-04 16:14:39 -03:00
eso-service-account-app[bot]
41057acaf2
chore: update dependencies ( #3513 )
...
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* fix: bump CRDs
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2024-05-25 21:42:52 +02:00
Gustavo Fernandes de Carvalho
b8f27d6b0a
bump 0.9.18 ( #3492 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-05-14 04:47:29 -03:00
Luis Schweigard
0abb3e9cc4
Add support for Authentication against Azure Key Vault using Client Certificate ( #3469 )
...
* Implementation of Certificate Based Authz against Azure Key Vault
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add tests for new Azure certificate auth functionality
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add documentation for Azure Cert based Auth
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Generate spec.md
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add changes from code review
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Fix naming in test error case
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
---------
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
2024-05-13 08:40:50 -03:00
Bob Du
e929a6e330
Update .helmignore ( #3472 )
...
* Update .helmignore
Signed-off-by: Bob Du <i@bobdu.cc>
* Update .helmignore
Signed-off-by: Bob Du <i@bobdu.cc>
---------
Signed-off-by: Bob Du <i@bobdu.cc>
2024-05-10 07:35:53 -03:00
Halil Kaya
10362430be
fix: add dnsPolicy to Deployment ( #3457 )
...
Signed-off-by: Halil Kaya <halil.kaya@sendcloud.com>
Co-authored-by: Halil Kaya <halil.kaya@sendcloud.com>
2024-05-10 05:14:20 -03:00
Gaston Festari
e7dc3a7cb6
fix(helm): remove git merge pointers ( #3467 )
...
The Helm function helper file contains a couple of merge pointers from #3420 .
Signed-off-by: Gaston Festari <cilindrox@gmail.com>
2024-05-10 04:56:42 -03:00
Gustavo Fernandes de Carvalho
c54974ba63
bump helm charts ( #3439 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-05-01 14:57:09 -03:00
eso-service-account-app[bot]
34b4ff10da
chore: update dependencies ( #3433 )
...
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* bump alibaba
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* bump kube to 0.30
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-04-30 14:52:59 -03:00
Shuhei Kitagawa
9d17e34942
Refactor the SecretStore client manager ( #3419 )
...
* Refactor the SecretStore client manager
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
* Fix ineffectual assignment to err
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
* Update docs
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
---------
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2024-04-29 05:15:21 -03:00
Andrew Block
07dabc4b25
Methods for managing securityContext and OpenShift support ( #3420 )
...
Signed-off-by: Andrew Block <andy.block@gmail.com>
2024-04-29 05:14:55 -03:00
Mahamed Ali
e32bc39425
add extra manifests support ( #3421 )
...
Signed-off-by: upodroid <upodroid@users.noreply.github.com>
Co-authored-by: upodroid <upodroid@users.noreply.github.com>
2024-04-28 17:00:07 -03:00
Gustavo Fernandes de Carvalho
630416dbab
bump 0.9.16 ( #3385 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-04-18 09:06:01 -03:00
Mykhailo Zahlada
47cc50a9ed
Workloadidentity clientid from secret ref ( #3367 )
...
* updates documentation: extends workloadIdentity auth configuration
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
* adds and updates tests
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
* extends provider configuration to accept clientId and tenantId as auth SecretRef
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
* updates service account example
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
* updates docs
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
---------
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
Co-authored-by: Mykhailo Zahlada <myzahlad@microsoft.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-04-18 05:09:53 -03:00
Thorben Below
432c6bf9ab
Feat: Add Passbolt Provider ( #3334 )
...
* add passbolt provider
Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>
* Fix: return err for unimplemented methods
Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>
---------
Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>
2024-04-18 09:58:25 +02:00
David Corrigan
2269b465dd
Fix webhook role ( #3233 )
...
Signed-off-by: David Corrigan <david.corrigan@ni.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-04-17 06:57:42 +02:00
Lucas Severo Alves
d26987bea7
bump 0.9.15-2 ( #3359 )
2024-04-11 12:40:20 -03:00
Ludovic Ortega
57521cd87e
feat: add support for dual stack clusters ( #3356 )
...
Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr>
2024-04-11 09:27:40 +02:00
Shuhei Kitagawa
120fedf841
Add NamespaceSelectors field to ClusterExternalSecret ( #3268 )
...
https://github.com/external-secrets/external-secrets/issues/3257
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2024-04-05 08:35:08 +09:00
Rodrigo Fior Kuntzer
9ff2354213
fix: introducing support for conversion strategy for PushSecret. ( #3292 )
...
* fix: introducing support for conversion strategy for PushSecret.
Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
* fix: unit tests code quality.
Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
---------
Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
2024-04-04 16:31:28 +02:00
Michael Serchenia
84731616f4
GitHub provider (supersedes #3014 ) ( #3115 )
...
* github provider signed, supersedes #3014
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* tests pass, + crd + docs
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* fix sonarLint alert
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* refactoring, replace secretStore with generator
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* cosmetics + tst + lint pass
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* docs
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* clean-up + lint + test
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* small refactor, fix issues left in comments
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
---------
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
2024-04-03 09:19:57 +02:00
Roger
5bec6360a8
bump014 ( #3316 )
2024-03-30 14:14:26 +01:00
Yurii Liaskovets
6b23512814
Global scheduling parameters ( #3306 )
...
* Add global values for nodeSelector, tolerations, topologySpreadConstraints & affinity
Signed-off-by: Yurii Liaskovets <yurii.liaskovets@gmail.com>
* Update README.md
Signed-off-by: Yurii Liaskovets <yurii.liaskovets@gmail.com>
---------
Signed-off-by: Yurii Liaskovets <yurii.liaskovets@gmail.com>
2024-03-27 07:25:13 +01:00
Blair Drummond
731c0ed736
feat: add vault auth namespace option ( #3157 )
...
* feat: add vault auth namespace option
Signed-off-by: Blair Drummond <blaird@liatrio.com>
* fix: appease the linter
Signed-off-by: Blair Drummond <blaird@liatrio.com>
* feat: add tests for auth namespace
Signed-off-by: Blair Drummond <blaird@liatrio.com>
* fix: add make reviewable output
Signed-off-by: Blair Drummond <blaird@liatrio.com>
---------
Signed-off-by: Blair Drummond <blaird@liatrio.com>
2024-03-27 07:23:34 +01:00
Benjamin Walterscheid
8e25480ca2
issue/3262 - updated helm.tests with latest crds changes for passworddepot ( #3263 )
...
Signed-off-by: Benjamin Walterscheid <52604859+fdberlking@users.noreply.github.com>
2024-03-15 08:44:27 +09:00
Sulfixx
e57e4b72ca
Integrate Passworddepot ( #2799 )
...
* PLAT-1179 | updated to beta1
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Updating External Secrets fixes
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Fix to Passworddepots-crds-generation
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | apiextensionsv1 removal
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
* Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
* Update apis/externalsecrets/v1beta1/secretstore_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
* PLAT-1179 | Removed insecureverify and other fixes
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Fixed Linter and Sonar Issues
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Fixed Typo in Passworddepot_api.go
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Resolved go.mod Conflict
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Resolved go.mod conflict typo
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | admission.Warnings error fix
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Added nolint:bodyclose // linters bug
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Removed <= Head arrow from mkdocs.yml
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Added Make Check-Diff Changes
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Changed Error Package, Added Context, API Refactor
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Added const DoRequestError to reduce Codesmell
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Moved defer body close func into ReadAndUnmarshal
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Moved Status Check into ReadAndUnmarshal
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Removed Response.body from ReadAndUnmarshal
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* Update apis/externalsecrets/v1alpha1/secretstore_passworddepot_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
* PLAT-1179 | Go mod tidy and Make generate
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Added empty SecretExists Method
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Renamed unsed ctx to _
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
---------
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
Co-authored-by: Sören Rohweder <soeren.rohweder@fastleansmart.com>
Co-authored-by: Simon Becker <simon.becker@fastleansmart.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-03-12 13:33:08 +01:00
Carolin Dohmen
29e5f71d8b
Add PushSecret UpdatePolicy (to replace PR #3100 ) ( #3117 )
...
* Add PushSecret UpdatePolicy
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
* Adjust description of UpdatePolicy in PushSecret Spec
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
* Restructure PushSecret Status
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
* Refactor PushSecret controller method
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
* Add missing methods for new providers
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
* Add missing method to onboardbase client
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
* Add docs on PushSecret UpdatePolicy
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
* Use constant for error message
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
---------
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
2024-03-08 11:17:31 +01:00
Volodymyr Starodubov
1f498c83f8
Add 'namespaceOverride' value for helm chart ( #3082 )
...
Add 'namespaceOverride' value for helm chart
Signed-off-by: Volodymyr Starodubov <volodymyr.starodubov@alpacked.io>
2024-03-06 13:29:28 +01:00
Benjamin Walterscheid
37ea19b831
issue/3231 - updated helm.tests with latest crds changes for JWT authentication ( #3232 )
...
* issue/3231 - updated helm.tests with latest crds changes for JWT authentication
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3231 - minor helm.docs adjustment
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
---------
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
Co-authored-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
2024-03-06 09:05:31 +01:00
Shlomo Zalman Heigh
1d3209da59
Conjur E2E Tests for K8s JWT Authentication ( #3217 )
...
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
2024-03-01 17:36:19 +01:00
Benjamin Walterscheid
91139d07f4
issue/3214 - running make helm.test-update to deploy new test crds ( #3215 )
...
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
Co-authored-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
2024-03-01 14:21:15 +01:00
Gergely Brautigam
02f941b0a0
Revert "3012 - Probes for external-secrets ( #3131 )" ( #3213 )
...
This reverts commit 7eebfa027c
.
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-03-01 13:22:35 +01:00
Benjamin Walterscheid
7eebfa027c
3012 - Probes for external-secrets ( #3131 )
...
* issue/3012 - introduced livenessProbe for core controller
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3012 - updated livenessprobe for core controller
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3012 - updated failing tests for controller_test.yaml
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3012 - liveness probes with missing LivenessEndpointName and liveAddr flag
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3012 - added missing live-addr core controller flag
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3012 - removed obsolete align
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3012 - added missing livenessProbe to README
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3012 - updated docu for livenessProbes
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
* issue/3012 - corrected description within values.yaml for check-diff
Signed-off-by: Benjamin Walterscheid <git@berlking.io>
* issue/3012 - minor README corrections
Signed-off-by: Benjamin Walterscheid <git@berlking.io>
* issue/3012 - updated snapshots for fortanix and onboardbase
Signed-off-by: Benjamin Walterscheid <git@berlking.io>
---------
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
Signed-off-by: Benjamin Walterscheid <52604859+fdberlking@users.noreply.github.com>
Signed-off-by: Benjamin Walterscheid <git@berlking.io>
Co-authored-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
2024-03-01 08:57:45 +01:00
Aleem Isiaka
52f6655345
Onboardbase ( #2697 )
...
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Run decrypt with error
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Install deps
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Improved docs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Improved docs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Update hack/crd.generate.sh
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com>
* address issues with running the code
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* decrypt library into code
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* add docs to onboardbase provider
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* refactor duplicates
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Address Issues with tests
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Address issues with delete policy and json secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Fix lint errors
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* error out when there is tags in the find field
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* execute delete request with the right data
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* ignore deletion policy
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* improve lint errors
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* remove cryptojs decrypt libs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Get secret value if property is set
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* run obb operator
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* 👌 IMPROVE: supports request deadline, esv1beta1 api updates
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* use same timeout
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* fix sonar cloud issues
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* fix sonar cloud issues
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* fix sonar cloud issues
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* fix failing test
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* add improve docs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* add improve docs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
---------
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
Signed-off-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com>
Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com>
Co-authored-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-02-29 21:28:17 +01:00
David Recuenco
af38fc68d5
ADD sdkms base implementation ( #3180 )
...
* ADD sdkms base implementation
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* FIX get secret object by name, unmarshalling error formatting
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* ADD suport for fortanix secret security objects
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* ADD more tests for opaque, secret, new client
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* FIX changes required by make reviewable
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* ADD missing provider registration
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* FIX remove unused error string, add generated assets
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
---------
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
2024-02-28 10:59:47 +01:00
Gustavo Fernandes de Carvalho
162c115d37
bump 0.9.13 ( #3162 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-02-17 11:08:08 -03:00
Benjamin Walterscheid
79b42bde4b
issue/3153 - added missing snapshot for Pulumi and Chef crd tests ( #3154 )
...
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
Co-authored-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
2024-02-17 07:06:10 -03:00
Gustavo Fernandes de Carvalho
1cf8f68276
Implements Webhook Generator ( #3121 )
...
* adding webhook generators
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* bumping bundle
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* linting
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* fixing copy-paste error
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* common webhook functions
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* removing duplicates. Adding tests for generator
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* docs
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
---------
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-02-17 06:49:31 -03:00
Engin Diri
dc9b5b7207
feat: add support for Pulumi ESC ( #2997 )
...
Signed-off-by: Engin Diri <engin.diri@ediri.de>
2024-02-14 19:56:06 +01:00
Sourav Patnaik
a012f4829c
Implementation of Chef External Secrets Provider ( #3127 )
...
* Adding the details for chef provider secret store.
Issue: https://github.com/external-secrets/external-secrets/issues/2905
This commit intends to add the chef provider structure to the existing list of external-secrets providers.
It defines the structure of the SecretStore and ClusterSecretStore for chef Provider.
The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are:
1. serverurl: This is the URL to the chef server.
2. username: The username to connect to the chef server.
3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password.
This commit also contains the auto generated CRDs using the `make generate` command.
Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
* Implementation for Chef ESO provided
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
* - implemented Chef eso, added required methods
- added unit test cases
- added sample documentation
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* Added Documentation for Authentication
Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
* added documentation for Chef eso
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* Updated chef ESO documentation
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
* updated ValidateStore method signature
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* made changes in chef provider to satisfy 'make docs'
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* - updated code as per review comment, make reviewable suggestions
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* modified chef provider code as per review comment
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
---------
Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
Co-authored-by: Subroto Roy <subrotoroy007@gmail.com>
Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
2024-02-14 09:54:08 +01:00
Roger
8b2e244911
bump 0.9.12 ( #3125 )
...
Signed-off-by: rogertuma <tumaroger@gmail.com>
2024-02-08 04:47:36 -03:00
eso-service-account-app[bot]
41cd1d36a4
chore: update dependencies ( #3065 )
...
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* fix: re-generate CRDs with new controller-runtime version
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2024-01-22 20:56:06 +01:00
Rodrigo Fior Kuntzer
31cecaa62b
feat: add support for Hashicorp Vault mTLS ( #3018 )
...
* feat: adding support for mTLS to the Vault provider
Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
2024-01-19 00:43:28 +01:00
Allen Conlon
0fbc4a8340
feat: add ability to define flavour for tag ( #2881 )
...
Signed-off-by: Allen Conlon <allen@conlon.dev>
2024-01-03 23:19:31 +01:00
Aran Shavit
bfc158aaa0
Fix value name ( #2985 )
2024-01-03 17:19:32 +01:00
Thibault Gérondal
97a51b50f4
fix: chart: update cert-manager cert. duration ( #2986 )
...
Update cert-manager certificate duration to 1 year in the Helm chart.
This commit resolves a timing issue in the external-secrets Helm chart,
where the default certificate duration was previously not explicitly
set. This lack of specification led to conflicts with the cert-manager's
lookahead interval. By setting the `webhook.certManager.cert.duration`
to "8760h" (one year), we ensure that cert-manager will renew the
certificate before the external-secrets webhook starts to report issues,
and restarts, due to the certificate nearing expiration (as per the
lookahead interval).
This solution has been discussed in
external-secrets/external-secrets#2519 .
Signed-off-by: Thibault Gérondal <tgerondal@emasphere.com>
2023-12-27 18:33:18 +01:00
Moritz Johner
47874c0b55
chore: bump 0.9.11 ( #2982 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-12-25 14:34:43 +02:00
Nate Kaldor
371b18fd08
do not deploy certController when certManager is enabled by webhook ( #2952 )
...
Signed-off-by: kaldorn <nate.kaldor@outreach.io>
2023-12-22 22:23:12 +01:00
Gergely Brautigam
d6e24a82bd
feat: add templating to PushSecret ( #2926 )
...
* feat: add templating to PushSecret
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* adding unit tests around templating basic concepts and verifying output
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* extracting some of the common functions of the parser
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* remove some more duplication
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* removed commented out code segment
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* added documentation for templating feature
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* simplified the templating for annotations and labels
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-12-22 21:45:34 +01:00
fadecore
9130719b20
fix processpushsecret activation ( #2968 )
...
make it possible do deactivate processpushsecret when installing namespaced
Signed-off-by: fadecore <outbreak86@hotmail.com>
2023-12-21 23:03:26 +01:00
Adrián Robotka
25b217a60f
Helm pod spec extra ( #2930 )
...
* extra pod spec option added to helm deployment
Signed-off-by: Adrian Robotka <robotka.adrian@gmail.com>
* output of make helm.docs
Signed-off-by: Adrian Robotka <robotka.adrian@gmail.com>
---------
Signed-off-by: Adrian Robotka <robotka.adrian@gmail.com>
2023-12-18 14:33:30 +01:00
Roger
97ffefb5a5
bump 0.9.10 ( #2958 )
...
Signed-off-by: rogertuma <tumaroger@gmail.com>
2023-12-16 14:49:37 -03:00
Leonardo
bf1793488b
fix: update Helm snapshot so 'make helm.test' stops failing ( #2935 )
...
Signed-off-by: Leonardo M. Miranda <leonardomichalskim@gmail.com>
2023-12-08 08:26:39 +09:00
Victor Santos
3599384660
feat(fake): deprecate ValueMap to use Value instead ( #2884 )
2023-12-02 06:57:48 +09:00
Sebastián Gómez
15b68cc722
chore: remove references to Prometheus in Helm chart ( #2814 )
...
Remove references to deprecated prometheus values.
Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-29 23:46:55 +01:00
Gergely Brautigam
3fbe318582
feat: allow pushing the whole secret to the provider ( #2862 )
...
* feat: allow pushing the whole secret to the provider
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* add documentation about pushing a whole secret
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* disabling this feature for the rest of the providers for now
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* added scenario for update with existing property
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-11-21 22:00:21 +01:00
Lakhan Jindam
325f36e47d
add validations for the remaining enum values ( #2860 )
...
* add validations for the remaining enum values
Signed-off-by: lakhan jindam <lakhanj569@gmail.com>
* generate crd configs using make reviewable cmd and address review comments
Signed-off-by: lakhan jindam <lakhanj569@gmail.com>
---------
Signed-off-by: lakhan jindam <lakhanj569@gmail.com>
2023-11-18 19:55:39 -03:00
Yonatan Koren
d42e19dc70
feat: AWS SecretsManager Config (allow ForceDeleteWithoutRecovery for PushSecret) ( #2854 )
...
* Add secretsmanager config.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
* Fix unit tests.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
* Update docs, fix validation, tests.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
* Fix grammatical error in attribute descriptions.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
* Improve API docs for SecretsManager.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
---------
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
2023-11-14 18:44:22 -03:00
Roger
80f780a8fa
bump 0.9.9 ( #2872 )
...
Signed-off-by: rogertuma <tumaroger@gmail.com>
2023-11-13 16:05:17 -03:00
Anders Swanson
f4a7c95b54
feat: Oracle PushSecret & find implementation ( #2840 )
...
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2023-11-03 21:42:27 +01:00
Moritz Johner
9ff86eab51
fix: remove sourceRef.generatorRef from .data[] ( #2735 )
...
fix: deprecate sourceRef.generatorRef from .data[]
A generator is supposed to be used via .dataFrom[]. Usage in .data[]
is not implemented and doesn't make sense, see #2720 .
This commit splits the SourceRef into two types:
- one that only defines a secretStoreRef
- one that allows to define either secretStoreRef or generatorRef
The former is used in .data[] and the latter is used in .dataFrom[].
The Deprecated field is going to be removed with v1.
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-02 14:37:59 +01:00
Anders Swanson
8dd934ceed
feat: Oracle provider service account masquerade ( #2817 )
...
* feat: Oracle provider service account masquerade
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2023-11-02 08:34:18 +01:00
Moritz Johner
22bb26cfa1
chore: release 0.9.8 ( #2826 )
...
also downgrade `chart-testing-action`: CI pipeline [1] fails with "Unable to validate cosign version v2.0.0".
That is because the v2.0.0 bootstrap version [2] is not accessible any more, it
either got deleted or permissions got changed.
[1] https://github.com/external-secrets/external-secrets/actions/runs/6705828636/job/18221053949?pr=2826
[2] https://storage.googleapis.com/cosign-releases/v2.0.0/cosign-linux-amd64
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-10-31 13:42:55 +01:00
Shuhei Kitagawa
ff0ef2e6d9
Add validations for the enum values ( #2819 )
...
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-10-30 13:30:04 +01:00
Gergely Brautigam
7fbae000d6
feat: add namespace list selector to ClusterExternalSecrets ( #2803 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-10-25 13:58:05 +02:00
Sonny Alves Dias
0a0fd050c0
add directive to apply template on secret names ( #2802 )
...
Signed-off-by: Sonny Alves Dias <sonny.dias@superevilmegacorp.com>
2023-10-25 13:45:38 +02:00
Anders Swanson
b1bad77eb3
Oracle: Workload Identity authentication ( #2781 )
...
* Oracle: Workload Identity authentication
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Merge main
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Cleanup go.mod
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Lint
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Use mutex for environment variables
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
---------
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
Signed-off-by: Anders Swanson <91502735+anders-swanson@users.noreply.github.com>
2023-10-24 21:48:25 +02:00
Lucas Severo Alves
5639d26f9f
bump 0.9.7 chart ( #2796 )
2023-10-22 15:53:51 +02:00
Lucas Severo Alves
7b8f36b2f0
bump chart to 0.9.6 ( #2786 )
...
* bump chart to 0.9.6
Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com>
2023-10-15 16:43:26 +02:00
Shuhei Kitagawa
953af0d1a2
Reflect certController.readinessProbe.port to readinessProbe ( #2732 )
...
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-09-26 12:21:19 +02:00
Shuhei Kitagawa
a8eff34d49
Fix helm.test by reflecting recent changes ( #2733 )
...
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-09-26 08:58:34 +02:00
Kieran Bristow
d9eaeb40dc
Conjur JWT support ( #2591 )
...
* Add JWT Auth to Conjur Provider
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Update docs for Cyberark Conjur Provider
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Update test suite to cover new functionality
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Run make reviewable
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Set MinVersion for tls.Config to satisfy linting
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Move ca bundle config example to a yaml snippet
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* fix: consolidate naming
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: consolidate naming
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* docs: make it a working example
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* Remove JWT expiration handling logic
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Run make fmt
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
---------
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-25 10:05:17 +02:00
Moritz Johner
e56c9867f0
chore: bump version ( #2725 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-21 23:29:11 +02:00
Parth Patel
d44dde95ed
Fix: Replaced selectorLabels with labels ( #2672 )
...
* Fix: Replaced selectorLabels with labels
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
* Fix: Updated snapshot labels
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
---------
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
2023-09-11 12:03:38 +02:00
Parth Patel
0a490f9181
feat: Updated check ServiceMontior check to include APIVersions check for helm charts ( #2683 )
...
* feat: Added check for APIVersions
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
* test: unit test for the APIVersions check
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
---------
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
2023-09-08 22:41:41 +02:00
Shuhei Kitagawa
da85f80d97
Support PushSecret metadata ( #2600 )
...
* Support PushSecret metadata
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
* Refactor GCP PushSecret
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
---------
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-08-28 23:50:21 +02:00
Moritz Johner
97df83b518
chore: bump dependencies ( #2654 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-08-28 11:50:46 +02:00
Shuhei Kitagawa
d5271d0dab
Delete old ClusterExternalSecrets when name changed ( #2601 )
...
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-08-25 20:44:01 +02:00
Moritz Johner
d1c5595248
chore: bump 0.9.4 ( #2649 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-08-24 11:10:34 +02:00
Gustavo Fernandes de Carvalho
e5fd5a90a9
release 0.9.3 ( #2612 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2023-08-15 10:28:54 -03:00
Gustavo Fernandes de Carvalho
86d39971b7
Bumping 0.9.2 ( #2574 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2023-08-03 13:43:59 -03:00
Moritz Johner
416deb3303
chore: bump dependencies ( #2568 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-08-02 21:42:03 +02:00
Martin Schuessler
f777a85156
added userPass authentication to the hashicorp vault provider ( #2539 )
...
Signed-off-by: Martin Schuessler <1407812+c0ffee@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-08-01 14:16:19 +02:00
Thomas Colomb
c8b93b6d51
helm: Add certController readiness port configuration and link prometheus.service.port to args ( #2529 )
...
Signed-off-by: Thomas Colomb <noony@users.noreply.github.com>
2023-07-28 20:47:48 +02:00
Valentin Torikian
7c17023924
Fixed potential linting issue on webhook pdb manifest ( #2551 )
...
Signed-off-by: Valentin Torikian <vtorikian@upgrade.com>
2023-07-26 20:41:58 +02:00
Alex Souslik
c08ef00c79
add processPushSecret key ( #2479 )
...
Signed-off-by: alex-souslik-hs <alex.s@hiredscore.com>
2023-07-14 22:35:09 +02:00
Moritz Johner
48d754db16
chore: bump helm chart ( #2476 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-07-07 21:25:36 +02:00
Michael Sauter
bdf437c2e1
Add support for Delinea DevOps Secrets Vault ( #2415 )
...
* Add support for Delinea DevOps Secrets Vault
Closes #1709 .
Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>
* fix: remove merge conflict
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* Improve documentation
Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>
---------
Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-07-06 18:01:43 +02:00
blexikaner
45aa382fc5
Remove unused values from helm chart ( #2470 )
...
* chore: remove unused servicemonitor-values from helm-chart
The templates for the servicemonitors of the webhook-deployment and the
certController have been removed in
https://github.com/external-secrets/external-secrets/pull/2136 . This
commit removes the corresponding values in the values.yaml which are now
obsolete.
Signed-off-by: alexanderwoehler <alexander@woehler.org>
* docs: remove references to deleted servicemonitor-values from docs
Signed-off-by: alexanderwoehler <alexander@woehler.org>
---------
Signed-off-by: alexanderwoehler <alexander@woehler.org>
2023-07-06 07:57:39 +02:00
Shuhei Kitagawa
2fc277236d
Fix ClusterExternalSecret printcolumns ( #2451 )
...
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-06-27 11:06:05 +02:00
Moritz Johner
6ac427fa28
chore: bump helm chart ( #2442 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-06-22 23:33:06 +02:00
Eric
86aad7d8ab
Add support for cert-manager managed webhook certs ( #2394 )
...
* Add support for cert-manager managed webhook certs
Signed-off-by: Eric Stokes <fernferret@gmail.com>
* Ran make helm.docs to update README.md
Signed-off-by: Eric Stokes <fernferret@gmail.com>
* Added unittests for chart
Signed-off-by: Eric Stokes <fernferret@gmail.com>
* tidy: Fixed trailing whitespace
Signed-off-by: Eric Stokes <fernferret@gmail.com>
---------
Signed-off-by: Eric Stokes <fernferret@gmail.com>
2023-06-21 22:07:24 +02:00
David Hisel
de491a2790
Add Conjur provider ( #2412 )
...
* Add Conjur provider
Signed-off-by: David Hisel <David.Hisel@CyberArk.com>
* fix: lint
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: unit tests
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: David Hisel <David.Hisel@CyberArk.com>
Signed-off-by: David Hisel <132942678+davidh-cyberark@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-06-21 11:17:00 +02:00
Joel Watson
6a32b982f0
Add lower-kebab name transformer to Doppler provider ( #2418 )
...
Signed-off-by: Joel Watson <joel.watson@doppler.com>
2023-06-15 08:16:21 +02:00