external-secrets

mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

Author	SHA1	Message	Date
Steven Bressey	7416a84b2a	Add flag to set CRD names in cert controller (#1811 ) * added new crd-names flag to reconcile only installed CRDs in cert controller Signed-off-by: Steven Bressey <sbressey@bressey.me> * add guide to disable cluster features Signed-off-by: Steven Bressey <sbressey@bressey.me> * fix fmt Signed-off-by: Steven Bressey <sbressey@bressey.me> Co-authored-by: Steven Bressey <sbressey@bressey.me>	2022-12-13 20:56:30 +01:00
Gustavo Fernandes de Carvalho	29996fade2	🧹chore:bump 0.7.0 (#1800 ) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2022-12-11 09:44:44 -03:00
Pedro Parra Ortega	97f325466e	Allow chart to configure metrics-addr flag based on metric port values (#1764 ) * add cmd option to configure metrics port Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * 🧹chore: bumps (#1758) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * ✨Feature/push secret (#1315) Introduces Push Secret feature with implementations for the following providers: * GCP Secret Manager * AWS Secrets Manager * AWS Parameter Store * Hashicorp Vault KV Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * Fixing release pipeline for boringssl (#1763) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com> Co-authored-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2022-12-05 21:58:29 +01:00
Gustavo Fernandes de Carvalho	0e8f963e36	chore: bump 0.7.0-rc1 (#1765 ) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2022-11-29 20:07:58 -03:00
Gustavo Fernandes de Carvalho	0cb799b5cf	✨Feature/push secret (#1315 ) Introduces Push Secret feature with implementations for the following providers: * GCP Secret Manager * AWS Secrets Manager * AWS Parameter Store * Hashicorp Vault KV Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com>	2022-11-29 16:04:46 -03:00
Dominik Zeiger	f38f40a2b4	gitlab: support for CI/CD group variables (#1692 ) * gitlab: support for ci/cd group variables Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * gitlab: support for ci/cd group variables (automatically discover project groups) Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * gitlab: support for ci/cd group variables (documentation) Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>	2022-11-21 22:26:34 +01:00
Moritz Johner	dabfa5a589	Feature: initial generator implementation + Github Actions OIDC/AWS (#1539 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2022-10-29 20:15:50 +02:00
Moritz Johner	2d5cb1b28c	chore: bump 0.6.1 (#1678 ) * chore: bump 0.6.1 Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: increase timeout for azure/e2e test Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-10-28 21:18:14 +02:00
Moritz Johner	411f03ffe1	fix: allow controller to `delete` delete externalsecrets (#1670 ) When using ClusterExternalSecret the controller needs to delete external-secret resources Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-10-26 23:23:15 +02:00
Yannay Hammer	14f5ddf198	Added namespace condition to ClusterSecretStore (#1635 ) * Added namespace condition to ClusterSecretStore Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Added the new conditions field to the docs Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Added tests to ClusterSecretStore namespace conditions Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Added some comments to explain tests better Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Fixed a testcase Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Increased golangci timeout to 10m Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Fixed test to use fakeProvider correctly Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Removed hardcoded timeout from make lint Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Improved error message on non matching namespace Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Modified testCase to use GenericStore interface Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Attempt at generalizing the testcase and reducing code duplication Signed-off-by: Yannay Hammer <yannayha@gmail.com> * Reduced some diff Signed-off-by: Yannay Hammer <yannayha@gmail.com> * fix: tidy e2e mod Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Yannay Hammer <yannayha@gmail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Docs <docs@external-secrets.io> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2022-10-17 16:40:18 +02:00
Moritz Johner	ad80b15725	chore: bump 0.6.0 (#1618 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-10-09 00:44:54 +02:00
Tanat Lokejaroenlarb	2caea38f9d	Allow specifying the webhook's readiness probe port (#1593 ) * Parameterize the readiness probe port and add a default address since `healthz-address` is an address not a port Signed-off-by: insomniacoder <tanatloke@gmail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-10-07 00:06:28 +02:00
Moritz Johner	1672dfd556	feat: test UBI image build (#1574 ) * feat: test UBI image build Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-Authored-By: Idan Adar <iadar@il.ibm.com> Co-Authored-By: mrgadgil	2022-10-06 19:14:13 +02:00
dependabot[bot]	e9cc6b3d79	chore(deps): bump sigs.k8s.io/controller-tools from 0.9.2 to 0.10.0 (#1581 ) * chore(deps): bump sigs.k8s.io/controller-tools from 0.9.2 to 0.10.0 Bumps [sigs.k8s.io/controller-tools](https://github.com/kubernetes-sigs/controller-tools) from 0.9.2 to 0.10.0. - [Release notes](https://github.com/kubernetes-sigs/controller-tools/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-tools/blob/master/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-tools/compare/v0.9.2...v0.10.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-tools dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix: re-generate CRDs Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2022-09-27 22:09:21 +02:00
Dominik Zeiger	fa38fe1e60	enable configuration of environment_scope for gitlab provider (#1565 ) * enable configuration of environment_scope for gitlab provider Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>	2022-09-27 22:08:38 +02:00
Ryan Blunden	f01e13f21b	Add Doppler provider (#1573 ) * Add Doppler provider Signed-off-by: Ryan Blunden <ryan.blunden@doppler.com>	2022-09-23 22:47:25 +02:00
renanaAkeyless	ed59520674	added akeyless k8s auth option (#1531 ) * added akeyless k8s auth option Signed-off-by: Docs <renana@akeyless.io>	2022-09-11 13:25:29 +02:00
Moritz Johner	3110c5c6ca	chore: bump 0.6.0-rc1 (#1538 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-09-09 21:32:47 +02:00
oddy	735f3e7e69	Remove unnecessary space before a colon (#1494 ) Signed-off-by: dubs11kt <dubs11kt@gmail.com> Signed-off-by: dubs11kt <dubs11kt@gmail.com>	2022-08-30 16:15:43 +02:00
dependabot[bot]	67fedc840e	✨ Kubernetes v1.24 upgrade (#1345 ) * build(deps): bump sigs.k8s.io/controller-runtime from 0.11.2 to 0.12.3 Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.11.2 to 0.12.3. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.11.2...v0.12.3) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * feat: bump kubernetes 1.24 Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: backwards-compatible vault implementation Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: add audiences field to serviceAccountRef This will be used by aws, azure, gcp, kubernetes & vault providers in combination with TokenRequest API: it will _append_ audience claims to provider-specific audiences. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: refactor kubernetes client to match provider/client interfaces the kubernetes provider mixed up provider and client interfaces which made it really hard to reason about. This commit separates into two structs, each implements one interface. The client struct fields have been renamed and annotated so their use and scope is clear. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: deprecate expirationSeconds expirationSeconds is not needed because we generate a service account token on the fly for a single use. There will be no replacement for this. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: rename token fetch audiences field Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: generate CRDs Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2022-08-19 17:32:06 +02:00
Moritz Johner	2d20b5488e	feat: add azkv.environmentType (#1469 ) users of USGovCloud, ChinaCloud, GermanCloud need slightly different configuration for AADEndpoint and keyvault resource. This is based on CSI Secret Store Azure KV driver, Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-08-18 00:12:44 +02:00
Helena Steck	2b5710d8d5	add missing default values for spec.target (#1431 ) Add missing default values for ExternalSecretTarget on CRD definition Fixes #1233 Signed-off-by: Helena Steck <steckhelena@gmail.com>	2022-08-08 21:27:13 +02:00
Moritz Johner	dfb5c9419b	chore: bump helm release (#1432 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-08-05 08:36:49 +02:00
Gustavo Fernandes de Carvalho	b4e7acfaa9	✨Implements dataFrom key rewrite (#1381 ) * Implements dataFrom key rewrite Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * docs: add example to remove invalid characters Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2022-08-04 15:24:02 -03:00
Daniel Quackenbush	b441112587	📚 update references to select "main" instead of "master" (#1346 ) * 📝 update references to select "main" instead of "master" * Remove unused variable	2022-07-29 14:34:25 -03:00
dependabot[bot]	9c09b936b1	build(deps): bump sigs.k8s.io/controller-tools from 0.9.0 to 0.9.2 (#1322 ) * build(deps): bump sigs.k8s.io/controller-tools from 0.9.0 to 0.9.2 Bumps [sigs.k8s.io/controller-tools](https://github.com/kubernetes-sigs/controller-tools) from 0.9.0 to 0.9.2. - [Release notes](https://github.com/kubernetes-sigs/controller-tools/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-tools/blob/master/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-tools/compare/v0.9.0...v0.9.2) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-tools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * fix: re-gen CRDs Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2022-07-28 22:39:24 +02:00
cebidhem	39a51fbead	feat(helm): adds new flags to create metrics services for other scrapers (#1392 ) * adds new flag and docs for other metrics scrapers than Prometheus Signed-off-by: cebidhem <cebidhem@pm.me> * Update deploy/charts/external-secrets/templates/webhook-service.yaml Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2022-07-28 08:09:47 +02:00
Moritz Johner	4affcb7345	🐛Clarify CAProvider usage in struct annotations (#1397 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-07-27 18:44:23 -03:00
Mike	fdf1f9ce6f	feat: Add support for container auth to IBM provider. (#1177 )	2022-07-26 22:48:07 +02:00
Emir Özbir	83c2d2214f	feat: Helm chart dns options (#1377 ) Adds dnsConfig to allow configuration of custom dns options for the eso deployment	2022-07-25 12:05:04 +02:00
Gareth Evans	7eff8db532	feat: additional columns for kubectl output (#1359 )	2022-07-19 20:48:37 +02:00
cebidhem	3245951003	✨[helm] - Adds variables to configure extra labels to the serviceAccounts (#1357 ) Signed-off-by: cebidhem <cebidhem@pm.me>	2022-07-15 06:10:48 -03:00
Gustavo Fernandes de Carvalho	6f1d30079a	⬆️chore: bump version 0.5.8 (#1353 ) Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-07-12 10:42:07 -03:00
Gustavo Fernandes de Carvalho	fa91ba0f6c	✨ Adds DecodingStrategy to ExternalSecrets (#1294 ) Fixes #920 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-07-12 09:18:00 -03:00
Gustavo Fernandes de Carvalho	ccea3d532f	🐛 Adds ability to configure cert lookahead interval for webhook pod. (#1304 ) Fixes #1249 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-07-12 06:25:16 -03:00
Kratik Jain	acdd9d7c67	📚 corrected helm install command (#1330 )	2022-07-08 09:07:08 -03:00
Mark Hahl	03da357171	fix invalid YAML error when using extraVolumeMounts (#1311 )	2022-07-08 07:57:08 -03:00
Moritz Johner	5d451d9e2d	chore: bump helm	2022-06-22 17:16:19 +02:00
Django Cass	bd536016f3	Fixed some minor syntax issues	2022-06-22 20:08:50 +10:00
Django Cass	09bda1abc7	Added support for custom volume mounts for all 3 deployments	2022-06-22 20:04:55 +10:00
Moritz Johner	cff9be1664	feat(kubernetes): allow service account auth (#1201 ) * feat(kubernetes): allow service account auth Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-06-13 21:49:05 +02:00
Gustavo Carvalho	a2f265861a	bump 0.5.6 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-06-01 13:48:45 -03:00
Moritz Johner	39234ad186	fix: bump 0.5.5	2022-05-31 19:31:43 +02:00
Docs	dec887e733	chore: bump 0.5.4	2022-05-31 11:18:52 +02:00
Gustavo Carvalho	e3e7acb153	bump controller-tools,google-golang-api,google-golang-grpc versions Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-05-25 07:39:22 -03:00
paul-the-alien[bot]	1829399a8d	Merge pull request #1163 from msolimans/main Add support for PodDisruptionBudget	2022-05-21 05:51:57 +00:00
Docs	32869bfccf	added certController.replicaCount	2022-05-20 17:31:46 -04:00
Docs	4ec2caa183	fixed indentation	2022-05-20 17:25:06 -04:00
Docs	f230ebc831	missing and in cert-controller-pdb	2022-05-20 12:37:19 -04:00
Docs	aa3e47df97	added missing and	2022-05-20 12:32:37 -04:00
Docs	5325ed10f9	linting fix: removed trailing spaces	2022-05-20 12:19:20 -04:00
paul-the-alien[bot]	1a6579b876	Merge pull request #1062 from dreadful-dragon/feature/azkv-tags-sync azkv tag feature	2022-05-20 15:51:50 +00:00
Muhammad Soliman	8c03c11b0f	update documentation	2022-05-19 19:13:09 -04:00
Muhammad Soliman	30f365a1e0	set default values	2022-05-19 19:12:48 -04:00
Muhammad Soliman	5364501406	fixed webhook pdb name	2022-05-19 18:54:56 -04:00
Muhammad Soliman	8cd35eac72	added pdb support	2022-05-19 18:46:36 -04:00
paul-the-alien[bot]	3de2cc8bee	Merge pull request #1040 from AndreyZamyslov/yandex-certificate-manager Support for Yandex Certificate Manager	2022-05-17 16:48:58 +00:00
Cristina DE DIOS GONZÁLEZ	3256bc4b82	azkv tag feature	2022-05-16 16:49:34 +02:00
Moritz Johner	c532bac0be	chore: bump chart 0.5.3 (#1128 )	2022-05-11 15:33:06 +02:00
david amick	435aefc7ac	Add 1Password support	2022-05-08 17:01:26 -07:00
Docs	c73206b29c	Add senhasegura DSM provider	2022-05-02 13:28:18 -03:00
Gonzalo Servat	db7fd4a037	Fix casing on Gitlab	2022-04-28 21:43:42 +10:00
Gustavo Carvalho	7a6b5a0193	Bumping chart version to 0.5.2 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-04-27 13:12:16 -03:00
Docs	dc7df48cae	add support for Yandex Certificate Manager	2022-04-22 21:40:52 +03:00
Moritz Johner	544c439d7d	docs: replace logo, add support docs Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-04-21 19:19:46 +02:00
Gustavo Carvalho	3bd0d2d04f	Making spec.target optional fixes #996 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-04-20 13:27:13 -03:00
paul-the-alien[bot]	e10760e509	Merge pull request #917 from external-secrets/chart-service-monitor feat: replace prometheus annotations with servicemonitor	2022-04-20 15:14:38 +00:00
Moritz Johner	a98895a647	chore: add note for users using prometheus.enabled	2022-04-20 14:42:02 +02:00
paul-the-alien[bot]	dc8c74d345	Merge pull request #1003 from eric-maydeck/webhook-secret-annotations feat: (helm chart) enable annotations for webhook secret	2022-04-20 11:54:22 +00:00
Moritz Johner	ef4eebb5cc	chore: make changes backward-compatible	2022-04-19 22:24:09 +02:00
Moritz Johner	746ef24eb6	fix: gen readme	2022-04-19 21:50:38 +02:00
Moritz Johner	4ca31ba8af	feat: replace prometheus annotations with servicemonitor	2022-04-19 21:50:38 +02:00
Jeroen Op 't Eynde	c04350d0d0	fix(helm-chart): remove caBundle and set name/namespace (#1001 ) Do not set caBundle to avoid issues with GitOps tools.	2022-04-19 21:43:19 +02:00
Eric Maydeck	ee8d7e666a	added webhook.secretAnnotations to helm readme	2022-04-19 13:23:47 -06:00
Gustavo Carvalho	59d08dda2b	Added Dependency License Check Workflow Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-04-19 10:50:45 -03:00
Eric Maydeck	730eab548a	feat: enable annotations for webhook secret	2022-04-14 18:03:10 -06:00
Merlin	4820cc9165	Ignore ExternalSecret processing if the store is not usuable (e.g. NotReady).	2022-04-13 23:24:39 +02:00
Gustavo Carvalho	26a824fb2a	Updated default ports to 10250 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-04-12 07:27:16 -03:00
Gustavo Carvalho	b5220fa618	Adding some options for webhook deployment: * hostNetwork for webhook pod * FailurePolicy for validatingwebhook definition * Changed webhook port to a configurable value * Defined default value as 9443 Fixes #944 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-04-11 15:16:20 -03:00
Docs	51d910268a	chore: bump to 0.5.1	2022-04-06 16:29:06 +02:00
Alfred Krohmer	74c06dc2e4	fix: only create cert-controller RBAC resources if cert-controller creation itself is enabled Previously both `certController.create` and `certController.rbac.create` needed to be set to `false` in order to prevent the cert-controller RBAC resources from being created.	2022-04-06 14:15:49 +02:00
Gustavo Carvalho	c421da95c9	update chart version to 0.5.0 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-04-05 09:52:09 -03:00
Moritz Johner	c2bcceb057	feat: implement deletionPolicy (#900 ) * feat: implement deletionPolicy Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gustavo.carvalho@container-solutions.com>	2022-04-05 13:38:06 +02:00
Alfred Krohmer	d7022b1bef	feat(vault): add option for JWT backend to authenticate with Kubernetes service account token (#768 )	2022-04-04 21:20:58 +02:00
Eric Chan	e132edf0d4	Only generate create flags for cluster scoped crds	2022-03-30 13:19:35 +10:00
Eric Chan	efb75527e0	add create flags to each CRDs resources for a more fine-grained control	2022-03-30 13:19:35 +10:00
Gustavo Carvalho	c779ef59e7	Marking v1alpha1 as deprecated. Improving docs and menu order. Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-03-29 11:21:32 -03:00
paul-the-alien[bot]	85937c99e7	Merge pull request #800 from kinyat/feat/scoped-rbac Add the ability to support scoped RBAC with a scoped namespace	2022-03-25 16:05:30 +00:00
Suraj Narwade	2d91580e95	Add namespace to service resource & fix typo Signed-off-by: Suraj Narwade <suraj.narwade@rvu.co.uk>	2022-03-25 13:36:57 +00:00
Eric Chan	8dd8ca4d92	add new flags to control both cluster store and cluster external secret reconciler	2022-03-24 23:55:08 +10:00
Eric Chan	93114bdc0e	make scopedRBAC to disable cluster secret store	2022-03-24 23:55:03 +10:00
Eric Chan	553d99a456	Add the ability to support scoped RBAC with a scoped namespace	2022-03-24 23:54:46 +10:00
paul-the-alien[bot]	d27f256ede	Merge pull request #873 from gusfcarvalho/fix/mutex-on-gcp Adding mutexes only for GCP provider	2022-03-24 09:53:43 +00:00
Gustavo Carvalho	bae43b39c4	Adding mutexes only for GCP provider Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-03-24 06:34:07 -03:00
Moritz Johner	cf7e3832ae	feat(azure): implement workload identity (#738 ) * feat(azure): implement workload identity Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Henning Eggers <henning.eggers@inovex.de>	2022-03-22 21:59:01 +01:00
Docs	bdc5d9b378	fix: update CRDs	2022-03-20 09:34:03 +01:00
Daniel Hix	324c7def06	feat: implement ClusterExternalSecret (#542 ) Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2022-03-20 09:32:27 +01:00
paul-the-alien[bot]	fb056cc9b5	Merge pull request #784 from external-secrets/feature/hashivault-getallsecrets Implements Hashicorp Vault GetAllSecrets	2022-03-12 11:19:04 +00:00
Docs	3502ab0a94	Add flags to control weather a deployment should be created	2022-03-11 09:21:50 +10:00
paul-the-alien[bot]	439ecfaf9d	Merge pull request #783 from AtzeDeVries/allow-gcp-cross-project-secrets GCP: allow cluster to be in different project	2022-03-09 10:03:20 +00:00
Gustavo Carvalho	164e8776ec	Adding docs and implementing ConversionStrategy Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-03-09 06:59:54 -03:00
Gustavo Carvalho	2f23fd28ed	Adding GetAllSecrets for Hashicorp Vault Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-03-09 05:40:09 -03:00
Atze de Vries	2f53ab8220	also make optional for v1beta1 and add note to docs	2022-03-03 19:35:38 +01:00
Atze de Vries	739043283c	make clusterProjectID omitemtpy	2022-03-02 18:03:45 +01:00
Atze de Vries	da47ad2cac	GCP: allow cluster to be in different project	2022-03-02 11:24:04 +01:00
Moritz Johner	8fc4484cc6	feat: implement validating webhook Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-03-01 21:25:15 +01:00
Moritz Johner	fb8f496204	Merge branch 'main' into feature/conversion-webhook	2022-02-23 08:15:03 +01:00
rodrmartinez	39038b03c8	enforce that exactly one auth property is used	2022-02-22 15:45:45 -03:00
rodrmartinez	0392777965	Merge branch 'main' into feature/kubernetes-provider	2022-02-22 14:57:50 -03:00
Moritz Johner	b0de9a1196	chore: bump chart version Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-02-22 10:41:17 +01:00
Gustavo Carvalho	f9fd1a8c52	bump version to 0.4.3	2022-02-18 09:29:53 -03:00
rodrmartinez	7c4a17a9c3	Merge branch 'main' into feature/kubernetes-provider	2022-02-17 15:38:45 -03:00
rodrmartinez	86d7710727	changing kubernetes api struct	2022-02-17 14:45:43 -03:00
Gustavo Carvalho	c0ed7de5f7	Adding status information to kubectl get css Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-17 13:13:59 -03:00
Gustavo Carvalho	40ec693479	Merge branch 'main' into feature/conversion-webhook Fixed conflicts and implemented necessary changes for v1beta1	2022-02-16 16:00:32 -03:00
paul-the-alien[bot]	86aedda434	Merge pull request #701 from external-secrets/feature/template-string-interface feat: implement template engine v2	2022-02-16 17:16:24 +00:00
Gustavo Carvalho	2e6017dd4b	Using cobra commands instead of several binaries Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-15 08:52:52 -03:00
Gustavo Carvalho	96cb340ace	Implementing Requeue Interval for certController. Fixing unit tests and check-diff Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-14 16:05:17 -03:00
Gustavo Carvalho	1d8cfc4a12	Changed logic of Webhook check for certs. Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-14 15:46:10 -03:00
Gustavo Carvalho	1587fa02b1	Improved deployments and crd logic. Added cert-controller reconcile tests Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-14 10:08:27 -03:00
Gustavo Carvalho	38b7393eb6	Fixed weird bug with make helm generate Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-14 07:25:29 -03:00
Gustavo Carvalho	0db78819bb	Fixing lints and adding correct image names in eso.go Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-13 16:37:32 -03:00
Gustavo Carvalho	3c167edd4b	Fixing some helm linting and an error on e2e Makefile Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-13 16:05:34 -03:00
Gustavo Carvalho	824529710f	Merge branch 'main' into feature/conversion-webhook	2022-02-13 16:00:02 -03:00
Gustavo Carvalho	bbedad6053	WIP: improve deployment manifests to be on a functional state Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-13 15:53:40 -03:00
Gustavo Carvalho	ff62a47d47	Bumping chart version to v0.4.2 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-13 09:16:41 -03:00
Gustavo Carvalho	e776f6d843	WIP: implementing separate deployments Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-13 09:14:41 -03:00
Gustavo Carvalho	024b64fe39	Added Readiness Probe for helm charts. Fixed make generate command to not use kubectl Fixed lint Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-11 08:10:11 -03:00
Moritz Johner	54e68399ec	feat: implement template engine v2 Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-02-11 08:26:31 +01:00
Gustavo Carvalho	773d362a5c	Fixing Makefile and helm README Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-10 17:00:52 -03:00
Gustavo Carvalho	23784803ff	Merge branch 'main' into feature/conversion-webhook Updated Oracle provider new specs for v1beta1 Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-10 16:55:37 -03:00
Gustavo Carvalho	5ae4e4a7a2	Fixing deployment Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-10 15:44:13 -03:00
Gustavo Carvalho	f1d3802604	Attempting to separate webhook in a new container Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-10 15:38:54 -03:00
Gustavo Carvalho	b8ef9e8dba	Now adding appropriate bundle Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-10 14:53:18 -03:00
Gustavo Carvalho	fd9e09a1ee	WIP: Structured reconciliation loops for CRDs Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-10 14:12:13 -03:00
paul-the-alien[bot]	027f28ec97	Merge pull request #700 from EladGabay/elad/oci-secret-by-name oracle vault: Use instance principal if auth is empty	2022-02-10 10:34:40 +00:00
Gustavo Carvalho	574953d2d8	Fixing lint and checkdiffs Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-09 11:41:31 -03:00
Gustavo Carvalho	ba8a5b7b64	Adding first structure for webhook service. Rewrote webhook conversion for ExternalSecrets Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-09 11:28:44 -03:00
Gustavo Carvalho	0530385992	v1beta1 initial commit Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-08 14:07:34 -03:00
Alexander Huck	2bbc033699	fix: add port name to deployment (#697 ) Co-authored-by: Alexander Huck <alexander.huck@inovex.de> Co-authored-by: Alberto Llamas <albertollamaso@gmail.com>	2022-02-07 20:20:01 +01:00
Elad Gabay	fe416890b1	oracle vault: Use instance principal if auth is empty Currently the oracle vault's secretstore uses a specific user credentials. This commit introduce a new way to access the vault, using the instance principal. All user's details moved to "auth" section in the OracleProvider which now is optional. If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them. In addition: - Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference. - Bump OCI SDK version.	2022-02-07 18:38:10 +02:00
Lucas Severo Alves	6630ab7494	Initial draft of reporter (#466 ) * Initial draft of reporter * Test out reporter in AWS provider * trying out different events approach * feat: implement store reconciler and events Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: add validate() method to provider interface Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: use static requeue interval in store ctrl Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2022-02-07 11:42:18 +01:00
Lucas Severo Alves	4c5f9ae763	chore: bump version 0.4.1 Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com>	2022-02-02 20:22:10 +01:00
Docs	9fbb6d22b0	Making reviewable Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-02-02 15:31:56 -03:00
Lucas Severo Alves	0e19d00c8d	chore: bump chart to v0.4.0	2022-02-02 17:56:22 +01:00
paul-the-alien[bot]	5060619826	Merge pull request #614 from external-secrets/fix/docs Improves Documentation. Removes controller reference	2022-02-01 19:38:32 +00:00
Moritz Johner	fe1cb8bc69	feat(provider): implement fake provider Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2022-02-01 11:18:43 +01:00
rodrmartinez	fad68e163a	Update CRDs	2022-01-26 15:27:59 -03:00
rodrmartinez	b6b74350d5	Creates Kubernetes Provider secretstore	2022-01-25 17:11:12 -03:00
Gustavo Carvalho	d694bb4b9b	Added make reviewable Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-01-25 09:39:37 -03:00
Gustavo Carvalho	b95d82dc39	Fixing trailing whitespace Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-01-25 09:24:00 -03:00
Gustavo Carvalho	7df28de2d8	Merge branch 'main' into fix/docs	2022-01-25 09:15:07 -03:00
Gustavo Carvalho	33fb42df53	Changed Dev guide Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>	2022-01-25 08:21:09 -03:00
Marc Billow	0753da1cbd	Support for eventual consistency in Vault Enterprise	2022-01-19 16:25:01 -06:00
Moritz Johner	40ff991e17	fix: remove support for v1beta1 crds	2022-01-17 21:44:33 +01:00
Lucas Severo Alves	16948ed572	Merge pull request #596 from EladGabay/elad/oci-secret-by-name OCI Vault: Get secret by name from a specific Vault	2022-01-16 17:20:46 +00:00
Elad Gabay	f50438353e	oracle: Add Vault OCID to provider	2022-01-16 12:05:58 +02:00
Elad Gabay	137ce182c1	oracle: Fix provider fields docs	2022-01-16 12:02:56 +02:00
paul-the-alien[bot]	4c6b6a1e84	Merge pull request #525 from HanseMerkur/vault_optional_path Optional path for Vault SecretStore	2022-01-14 19:33:29 +00:00
paul-the-alien[bot]	44d4cf061b	Merge pull request #559 from willemm/feat/generic_webhook Add generic webhook provider	2022-01-11 15:50:05 +00:00
paul-the-alien[bot]	be78d56708	Merge pull request #567 from brentspector/feat/ldap-auth-path Add Path Parameter to LDAP and JWT/OIDC Hashicorp Vault Auth	2022-01-10 13:11:10 +00:00
Lennart Weller	f7f521317e	add generated files	2022-01-10 10:12:17 +01:00
Lucas Severo Alves	395fee02b3	chore: bump chart to 0.3.11	2022-01-06 15:08:43 +01:00
Brent Spector	26f9be4fb1	add path to jwt vault auth	2022-01-05 15:22:00 -08:00
Brent Spector	561bd3ae56	Add support for mount path in ldap auth	2022-01-05 14:54:50 -08:00
Willem Monsuwe	d04508e974	Added generic webhook provider This provider allows a secretstore with a generic url (templated) which will be called with a defined method, headers (templated) and optional body (also templated) The response can be parsed out with a jsonPath expression	2021-12-29 10:53:29 +01:00
Lucas Severo Alves	fc4eedfd63	Merge pull request #427 from jack-evans/concurrency add concurrent flag to allow more reconciles at the same time	2021-12-27 11:10:45 +01:00
Jack Evans	5e74da3342	add specific concurrent option to helm chart	2021-12-17 15:37:38 +00:00
Moritz Johner	80fac0f697	feat: add gcp workload identity via SA Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2021-12-17 12:20:12 +01:00
paul-the-alien[bot]	78d046b712	Merge pull request #530 from ADustyOldMuffin/add-docs-and-fix-ca-vault Add documentation for CAProvider namespace and fix issue with SecretStore	2021-12-16 19:44:24 +00:00
Vladimir Fedin	c351efcc15	Add ability provide CA for Yandex' Lockbox provider (#487 ) * Add ability provide CA for Yandex' Lockbox provider * Add tests for getting CA from secrets at Lockbox provider * fixup! Add tests for getting CA from secrets at Lockbox provider Co-authored-by: Vladimir Fedin <vladimirfedin@yandex-team.ru>	2021-12-16 20:16:23 +01:00
beastob	67991140e9	Add annotations to Deployment Signed-off-by: beastob <beastob.mark1@gmail.com>	2021-12-15 23:46:33 +08:00
Moritz Johner	57191a4726	chore: bump chart 0.3.10	2021-12-15 10:24:52 +01:00
Daniel Hix	d53b3df7f8	Remove namespace requirement for secret store and require for cluster secret store	2021-12-13 17:07:32 -06:00
Daniel Hix	082cee230f	Merge branch 'main' into ibm-enable-retries	2021-12-13 13:27:57 -06:00
paul-the-alien[bot]	1e9ba0ceb5	Merge pull request #514 from vazul/azure_managed_identity Supporting Managed Identity authentication for Azure Keyvault	2021-12-07 08:45:26 +00:00
Lucas Severo Alves	81eaee7ce0	chore: bump chart 0.3.9	2021-12-06 14:50:30 +01:00
Laszlo Varadi	a976e32831	Supporting Managed Identity authentication for Azure Keyvault	2021-12-06 10:26:34 +01:00
Lucas Severo Alves	2c07e7d49a	Merge pull request #475 from renanaAkeyless/main Add Akeyless provider	2021-11-16 13:09:20 +01:00
Lucas Severo Alves	f7a27b71ff	Bump 0.3.8 readme	2021-11-12 16:44:31 +01:00
Lucas Severo Alves	ae943b580d	Bump 0.3.8	2021-11-12 16:42:54 +01:00
renanaAkeyless	0348bbb59d	lint	2021-11-08 13:27:12 +02:00
renanaAkeyless	234f3281ab	deplay	2021-11-07 16:30:20 +02:00
renanaAkeyless	4a5877d926	Adde Akeyless	2021-11-07 16:18:40 +02:00
Gustavo Fernandes de Carvalho	9500f8e4b2	Bumping version to 0.3.7 Signed-off-by: Gustavo Fernandes de Carvalho <gustavo.carvalho@container-solutions.com>	2021-10-27 16:12:08 -03:00
Daniel Hix	99f49feee4	Add retry settings to secret store CRD	2021-10-20 18:50:01 -05:00
paul-the-alien[bot]	d9f30a3350	Merge pull request #414 from ADustyOldMuffin/vault-ca-provider Add the ability to specify cert for Vault from K8s Secrets	2021-10-20 21:43:37 +00:00
Lucas Severo Alves	c00afc9ff7	Merge pull request #329 from FGA-GCES/feat/immutable-secrets Add immutable secrets	2021-10-12 18:20:23 +02:00
Daniel Hix	b3a44fdbd0	Merge branch 'external-secrets:main' into vault-ca-provider	2021-10-06 10:38:59 -05:00
Daniel Hix	8e303e6d77	Add caProvider to types	2021-10-05 23:55:44 -05:00
Lucas Severo Alves	65b8efa704	Fix release readme	2021-10-05 18:46:22 +02:00
Sebastián Gómez	339d7528c6	Bumping chart version v0.3.6	2021-10-05 11:39:17 -03:00
Arthur	9f2a17f220	Merge branch 'main' into feat/immutable-secrets	2021-09-22 14:20:35 -03:00
Kian	694db476f9	Making changes based on feedback	2021-09-03 11:14:17 +01:00
Kian	8f4f95102e	Fixing doc and lint issues. Adding necessary documentation	2021-09-02 16:06:52 +01:00
KianTigger	9d6f7ac46f	Merge branch 'main' of https://github.com/external-secrets/external-secrets into external-secrets-main	2021-09-02 15:23:54 +01:00
Kian	baa91c75c8	Completed Oracle provider, e2e tests non functional due to lack of company OCI account	2021-09-02 15:19:47 +01:00
Elsa Chelala	db5b4c5044	eat: add status printcolumn to ES CRD (#318 ) Formatting changes	2021-08-31 13:14:09 -04:00
Elsa Chelala	7f6dcb5edb	WiP: Alibaba Provider	2021-08-30 15:25:26 -04:00
Ted	6f1fae0637	feat: specify GitLab URL to connect to	2021-08-27 18:19:28 -04:00
Kian	926e37448a	Developing unit tests and fixing provider files. In process of starting to write e2e test files	2021-08-27 16:09:39 +01:00
Lucas Severo Alves	11b500d30d	chore: bump chart 0.3.5	2021-08-26 10:25:28 +02:00
Lucas Severo Alves	a4c2c93255	fix: rebase conflits	2021-08-25 16:54:16 +02:00
Lucas Severo Alves	21df9b5729	fix: error strings	2021-08-25 16:47:06 +02:00
jabray5	d45469acc7	operator functional and retrieves secrets from gitlab	2021-08-25 16:47:05 +02:00
zamysel	ec7d3a3517	Add support for Yandex Lockbox	2021-08-25 11:25:17 +03:00
zamysel	0dc8842b85	Merge branch 'main' into lockbox	2021-08-25 11:23:15 +03:00
Lucas Severo Alves	0f5f9bcf84	chore: bump chart	2021-08-24 19:54:44 +02:00
paul-the-alien[bot]	52e3e80a16	Merge pull request #339 from mouhsen-ibrahim/add-workload-identity-support Add support for Google Cloud Identity	2021-08-24 17:00:42 +00:00
Lucas Severo Alves	7fbbb37b59	Merge pull request #320 from spirosoik/feat/iss-289 Add the ability of ESO to reconcile only in scoped namespace	2021-08-24 18:49:50 +02:00
Mouhsen Ibrahim	03f3622c2c	make auth key for GCPSM provider optional	2021-08-24 14:22:06 +02:00
Mouhsen Ibrahim	fa7cc50433	format crds	2021-08-24 08:50:51 +02:00
paul-the-alien[bot]	9c28ed0aae	Merge pull request #338 from kolorful/main Allow setting priorityClassName	2021-08-23 21:02:12 +00:00
Kewei Ma	855e63ae45	Allow setting priorityClassName	2021-08-23 15:38:52 -05:00
Mouhsen Ibrahim	403a47c116	Add support for Google Cloud Identity If the name of the service account secret is kept empty, this means we want to use Google Cloud Identity to authenticate against the GCP project	2021-08-23 22:28:24 +02:00
Anthony Anderson	1faf3aaf99	add namespace to deployment and service account templates	2021-08-23 09:46:39 -04:00
zamysel	c7229199f3	Add support for Yandex Lockbox: custom API endpoint	2021-08-20 16:16:35 +03:00
Spiros Economakis	5e3b2a0ad0	Add the ability of ESO to reconcile only in scoped namespace By default ESO reconciles `Kind=ExternalSecret` across every namespace in a k8s cluster. With the new flag `--nameespace` we can scope the reconciling only to the provided namespace. Ticket: #289	2021-08-20 14:29:44 +03:00
zamysel	42a3e2c457	Add support for Yandex Lockbox: docs	2021-08-19 17:33:36 +03:00
Arthur	c8315865a1	add immutable field on ExternalSecretTarget and on v1.Secret creation Co-authored-by: mouhsen-ibrahim <mouhsen.ibrahim@gmail.com>	2021-08-18 19:55:10 -03:00
zamysel	6b2f852eb6	Add support for Yandex Lockbox: custom API endpoint	2021-08-17 20:13:13 +03:00
zamysel	7017935888	Add support for Yandex Lockbox	2021-08-12 20:05:02 +03:00
HenningE	328cf881b8	feat: add status printcolumn to ES CRD (#318 )	2021-08-10 17:10:56 +02:00
Moritz Johner	b14ef0281a	chore(helm): bump 0.3.3	2021-08-07 23:59:46 +02:00
paul-the-alien[bot]	e65658d543	Merge pull request #265 from ricardoptcosta/mtls-auth feat: adding Vault TLS client authentication	2021-07-30 14:20:42 +00:00
Moritz Johner	2f61ee2d7e	chore: bump helm chart	2021-07-29 09:21:25 +02:00
Andrew	45ef86e8db	unable to patch secret. is forbidden	2021-07-28 14:50:29 -07:00
Moritz Johner	c658e42967	chore: bump helm	2021-07-28 17:03:10 +02:00
ric	2ab70cc510	Merge branch 'main' into mtls-auth	2021-07-26 09:43:56 +01:00
paul-the-alien[bot]	bd6e868474	Merge pull request #279 from zeonin/main Fix Openshift 4.7 issues	2021-07-25 13:01:17 +00:00
Moritz Johner	52f24f2c31	chore: bump helm	2021-07-25 14:16:40 +02:00
Lawrence Brogan	3a4dfadb68	Fix Openshift 4.7 issues Add `externalsecrets/finalizers` to the controller ClusterRole. Loop through all ServiceAccount secrets for the token before failing unstead of solely checking the first one.	2021-07-23 11:31:16 -06:00
ric	44ef7756ef	refactoring to implement changes suggested in pull request 265 ,namely, 1) fetch client certificate and key as tls k8s secrets and 2) pass them directly to TLSClientConfig avoiding storing in disk	2021-07-21 22:30:49 +01:00
ric	4221c1b151	remove cacert from client Authentication. It's already in CABundle.	2021-07-20 14:44:58 +01:00
Moritz Johner	466938522c	feat(aws): add jwt authentication	2021-07-17 20:39:24 +02:00
ric	0edf4154da	merge with main	2021-07-14 14:26:04 +01:00
ric	7d2d83d695	update crds to inclue client and ca certs but not client private key	2021-07-14 12:59:04 +01:00
ric	73be01d492	most work done - missing unit tests and path do certs	2021-07-13 21:44:10 +01:00
paul-the-alien[bot]	c70e83c5de	Merge pull request #259 from external-secrets/feature/creation-policy feat(ctrl): implement creationPolicy=Merge/None	2021-07-13 15:44:29 +00:00
Moritz Johner	59a851c941	feat(ctrl): implement creationPolicy=Merge/None	2021-07-12 18:45:44 +02:00
Moritz Johner	239f1c835b	chore: bump helm	2021-07-10 21:52:17 +02:00
ric	6170b2ceb8	bump to version 0.2.2	2021-07-08 22:31:06 +01:00
Andrew	d1af4756d6	Add configmap rules for templateFrom https://github.com/external-secrets/external-secrets/issues/179	2021-07-06 13:31:24 -07:00
ric	fd53e76247	feat: ibm provider implementation Co-authored-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com> Co-authored-by: Lucas Severo <lucassalves65@gmail.com> Co-authored-by: Joey Brayshaw <joeybrayshaw@gmail.com> Co-authored-by: Elsa Chelala <elsachelala@gmail.com> Co-authored-by: choilmto <choilmto@gmail.com> Co-authored-by: Adrian Mouat <adrian.mouat@gmail.com> Co-authored-by: ricardoptcosta <ricardoptcosta@gmail.com> Co-authored-by: Gabi Beyer <Gabrielle.Beyer@container-solutions.com> Co-authored-by: Tomasz Tarczynski <ttarczynski@users.noreply.github.com> Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>	2021-07-02 16:00:05 +02:00
paul-the-alien[bot]	04219ded4e	Merge pull request #222 from external-secrets/feat/template-from implement templateFrom	2021-06-29 13:43:48 +00:00
Moritz Johner	73ca014cfb	feat: implement templateFrom	2021-06-28 21:29:09 +02:00
paul-the-alien[bot]	1704c15e92	Merge pull request #219 from external-secrets/docs/store chore(docs): document es update behavior	2021-06-27 15:04:37 +00:00
Lucas Severo Alves	641d224293	Bump to 0.2.1 version	2021-06-25 23:58:23 +02:00
Moritz Johner	fb726dfb17	chore(docs): document es update behavior	2021-06-25 22:48:54 +02:00
Moritz Johner	5ac02ed2c4	feat: add synced resource version status	2021-06-25 21:23:29 +02:00

... 3 4 5 6 7 ...

477 commits