1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

725 commits

Author SHA1 Message Date
Shuhei Kitagawa
373a9c23e8
Update the ExternalSecret status even when data is empty (#2927)
https://github.com/external-secrets/external-secrets/issues/2874

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2024-01-12 22:09:03 +01:00
Pedro Parra Ortega
ba8cf6bde5
Feat/allow keeper to work with complex types (#3016)
* update dependencies (#3005)

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* feat: allow keeper to work with complex types

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

---------

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>
Co-authored-by: eso-service-account-app[bot] <85832941+eso-service-account-app[bot]@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2024-01-12 00:30:58 +01:00
barucoh
ab1e95a458
Akeyless Provider - Add support for Certificate items Signed-off-by: barucoh <20933964+barucoh@users.noreply.github.com> (#3013)
Signed-off-by: “barucoh” <“ohadbaruch1@gmail.com”>
2024-01-10 23:11:03 +01:00
Bryce Thuilot
0bb4feae4a
feat: add PushSecret and DeleteSecret to onepassword provider (#2646)
* feat: add PushSecret and DeleteSecret to onepassword provider

Signed-off-by: Bryce Thuilot <bryce@thuilot.io>

* refactor: clean code based on suggestions

Signed-off-by: Bryce Thuilot <bryce@thuilot.io>

* refactor: make suggested sonar cube changes

Signed-off-by: Bryce Thuilot <bryce@thuilot.io>

---------

Signed-off-by: Bryce Thuilot <bryce@thuilot.io>
2024-01-04 19:36:41 +01:00
Gergely Brautigam
d6e24a82bd
feat: add templating to PushSecret (#2926)
* feat: add templating to PushSecret

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* adding unit tests around templating basic concepts and verifying output

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* extracting some of the common functions of the parser

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* remove some more duplication

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* removed commented out code segment

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* added documentation for templating feature

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* simplified the templating for annotations and labels

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-12-22 21:45:34 +01:00
Shanti G
fb762b57b3
minor changes: extension of PR #2950 (#2967) 2023-12-21 08:38:08 +02:00
Nitzan Nissim
b0bdef20b5
Add support for IBM Cloud Service Credentials secret type (#2950) 2023-12-21 08:21:02 +02:00
Florent Viel
88da2f3199
feat: add custom user agent to scaleway provider (#2938)
Signed-off-by: Florent Viel <fviel@scaleway.com>
2023-12-09 16:25:29 +09:00
Kiyofumi Sano
2f043ecaed
Signed-off-by: Kiyo510 <miraishida00510@gmail.com> (#2919)
typo: ref:#2917 Fix typo in ExtermalSecretRewriteTransform
2023-12-02 14:53:11 +01:00
Victor Santos
3599384660
feat(fake): deprecate ValueMap to use Value instead (#2884) 2023-12-02 06:57:48 +09:00
Tal Asulin
2441ad547b
Feat/Adding support for PushSecret using HashiCorp Vault KV v1 (#2879)
* feat: init pushsecret support for vault kv1

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* feat: update delete secret to support vault kv1

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* test: adding unit tests for deletesecret for vault v1 coverage

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* docs: adding a note for describing the potential risk of using kv1 with pushsecret

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* feat: removing white spaces

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* feat: removing white spaces

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* chore: reverting buildMetadataPath changes as they are not called from v1 logic

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* feat: add custom metadata to vault v1 secrets

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* docs: adjusting documentation for supporting vault kv v1

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* docs: adjusting documentation for supporting vault kv v1

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* Update docs/provider/hashicorp-vault.md

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Tal Asulin <tallin900@gmail.com>
Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

---------

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>
Signed-off-by: Tal Asulin <tallin900@gmail.com>
Co-authored-by: talasulin <tal.asulin@appsflyer.comn>
Co-authored-by: tal-asulin <tal-asulin@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2023-11-30 04:51:30 -03:00
Moritz Johner
2b2661ebc2
fix: use service management endpoint for ACR when using WI (#2913)
The `scope` parameter used to be the ACR url foobar.azurecr.io, but
this stopped working. Turns out that you need to use the management
endpoint as `scope` in order to authenticate with ACR.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-30 00:02:28 +01:00
Shuhei Kitagawa
632f1bba28
Stop deleting all the Secret metadata (#2900)
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-11-28 06:22:41 -03:00
Moritz Johner
c5fa8d81a6
fix: webhook support more types when parsing response (#2899)
* fix: support more types in webhook response

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: properly decode json

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Update pkg/provider/webhook/webhook.go

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* Update pkg/provider/webhook/webhook.go

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* fix: expose errors

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-11-25 08:53:30 +01:00
Gergely Brautigam
3fbe318582
feat: allow pushing the whole secret to the provider (#2862)
* feat: allow pushing the whole secret to the provider

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* add documentation about pushing a whole secret

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* disabling this feature for the rest of the providers for now

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* added scenario for update with existing property

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-11-21 22:00:21 +01:00
Yonatan Koren
d42e19dc70
feat: AWS SecretsManager Config (allow ForceDeleteWithoutRecovery for PushSecret) (#2854)
* Add secretsmanager config.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

* Fix unit tests.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

* Update docs, fix validation, tests.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

* Fix grammatical error in attribute descriptions.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

* Improve API docs for SecretsManager.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

---------

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
2023-11-14 18:44:22 -03:00
Shuhei Kitagawa
c9b3f97425
Refactor the PushSecret interface (#2859)
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-11-08 06:47:13 +09:00
Moritz Johner
f5cd6816aa
feat: fix cert-controller readiness probe (#2857)
readiness probes are being executed independently from the
leader election status. The current implementation depends on
leader election (client cache etc.) to run properly.
This commit fixes that by short-circuiting the readiness probes
when the mgr is not the leader.

This bug surfaces when `leader-election=true` and cert-controller `replicas>=2`.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-07 09:51:27 +01:00
Shuhei Kitagawa
e0c1d93f9b
Support GetAllSecrets for the fake provider (#2844)
* Support GetAllSecrets for the fake provider

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Stop reassigning map keys

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Use a single loop to construct the dataMap

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-11-07 09:48:49 +09:00
Anders Swanson
f4a7c95b54
feat: Oracle PushSecret & find implementation (#2840)
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2023-11-03 21:42:27 +01:00
Moritz Johner
9ff86eab51
fix: remove sourceRef.generatorRef from .data[] (#2735)
fix: deprecate sourceRef.generatorRef from .data[]

A generator is supposed to be used via .dataFrom[]. Usage in .data[]
is not implemented and doesn't make sense, see #2720.

This commit splits the SourceRef into two types:
- one that only defines a secretStoreRef
- one that allows to define either secretStoreRef or generatorRef

The former is used in .data[] and the latter is used in .dataFrom[].

The Deprecated field is going to be removed with v1.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-02 14:37:59 +01:00
Gergely Brautigam
8f3cd55191
ref: cleanup condition handling for objects (#2829)
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-11-02 10:19:03 +01:00
Anders Swanson
8dd934ceed
feat: Oracle provider service account masquerade (#2817)
* feat: Oracle provider service account masquerade

Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2023-11-02 08:34:18 +01:00
Minho Ryang
99194e0237
feat: k8s provider can handle all types of secret, fix #2709 (#2792)
Signed-off-by: Minho Ryang <minho@comcom.ai>
2023-11-01 22:42:49 +01:00
Moritz Johner
caa0acd5cc
fix: wrap errors in data[] (#2834)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: HamzaMasood1 <hamzamasood183@gmail.com>
2023-11-01 22:31:56 +01:00
Valentin Torikian
0c76b1ffd3
fix: requeue ExternalSecret based on delta to last refreshTime (#2815)
* Fix skew between refreshInterval and refreshTime that can lead to skipped refresh when backend provider
is slow to answer. See https://github.com/external-secrets/external-secrets/issues/2812.

Signed-off-by: Valentin Torikian <vtorikian@upgrade.com>
2023-10-27 21:41:10 +02:00
Tom Elliot
0612404f64
Add Support for fips regions. (#2805)
Signed-off-by: Tom Elliot <thomas.elliot@acquia.com>
2023-10-26 00:32:59 +02:00
Gergely Brautigam
7fbae000d6
feat: add namespace list selector to ClusterExternalSecrets (#2803)
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-10-25 13:58:05 +02:00
Sonny Alves Dias
0a0fd050c0
add directive to apply template on secret names (#2802)
Signed-off-by: Sonny Alves Dias <sonny.dias@superevilmegacorp.com>
2023-10-25 13:45:38 +02:00
Anders Swanson
b1bad77eb3
Oracle: Workload Identity authentication (#2781)
* Oracle: Workload Identity authentication

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Merge main

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Cleanup go.mod

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Lint

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Use mutex for environment variables

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

---------

Signed-off-by: anders-swanson <anders.swanson@oracle.com>
Signed-off-by: Anders Swanson <91502735+anders-swanson@users.noreply.github.com>
2023-10-24 21:48:25 +02:00
Moritz Johner
818eddd220
fix: do not iterate on the raw response value (#2801)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-10-24 12:13:11 +02:00
Shuhei Kitagawa
7b57943c55
Fix the k8s double encoding problem (#2760)
https://github.com/external-secrets/external-secrets/issues/2745

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-10-12 21:45:01 +02:00
Kevin van den Broek
f0ae0e81ee
fix: enable sharedConfigState in AWS auth provider (#2777)
The value `session.SharedConfigDisable` prevented the AWS SDK to use the
default provider chain. By removing this value from the getAWSSession
function the default SDK provider chain is used. This enables the SDK to
use the shared config file:
https://github.com/aws/aws-sdk-go/blob/main/aws/session/env_config.go#L84
as well as the shared credentials file:
https://github.com/aws/aws-sdk-go/blob/main/aws/session/env_config.go#L76

This fixes the code to be correct with the documentation of
NewGeneratorSession which notes that it uses the authentication order:

1. service-account token.
2. static credentials.
3. sdk default provider.

See also the AWS documentation:
https://github.com/aws/aws-sdk-go/blob/main/aws/session/session.go#L158

Signed-off-by: Kevin van den Broek <info@kevinvandenbroek.nl>
2023-10-12 09:18:17 +02:00
Shuhei Kitagawa
5421ec503f
Oracle provider retry (#2762)
* add oracle provider retry capabilities

Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com>

* add oracle provider retry capabilities unit test

Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com>

* Update unit tests for the Oracle provider retry config

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com>
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Co-authored-by: Andrei Ilas <andrei.ilas@oracle.com>
Co-authored-by: Andrei Ilas <andrei.cva@gmail.com>
2023-10-11 08:49:32 +02:00
Shanti G
583b919cb7
leverage IBM provider's latest API to get the secret by name (#2750) 2023-10-11 07:35:53 +03:00
Florent Viel
24f1a093e5
Scaleway secret path (#2737)
* feat: add path support for scaleway provider

Signed-off-by: Florent Viel <fviel@scaleway.com>

* feat: update scaleway testcases for path support

Signed-off-by: Florent Viel <fviel@scaleway.com>

* docs: update scaleway doc to add path support

Signed-off-by: Florent Viel <fviel@scaleway.com>

* fix: change func signature to make linter pass

Signed-off-by: Florent Viel <fviel@scaleway.com>

---------

Signed-off-by: Florent Viel <fviel@scaleway.com>
2023-09-28 21:00:16 +02:00
Ben Bertrands
cfb629c020
Support PushSecret Property for AWS SM (#2623)
* Support PushSecret Property for AWS SM

Signed-off-by: Ben Bertrands <public@bb-it.dev>

* Support PushSecret Property for AWS SM: leverage the VersionId field to prevent a "LostUpdate" concurrency problem

Signed-off-by: Ben Bertrands <public@bb-it.dev>

* Support PushSecret Property for AWS SM: errors.Join doesn't exist in go 1.19

Signed-off-by: Ben Bertrands <public@bb-it.dev>

* Support PushSecret Property for AWS SM: use an incrementing uuid for the secret version

Signed-off-by: Ben Bertrands <public@bb-it.dev>

---------

Signed-off-by: Ben Bertrands <public@bb-it.dev>
Signed-off-by: Ben Bertrands <8938515+benbertrands@users.noreply.github.com>
2023-09-26 13:18:18 +02:00
Kieran Bristow
d9eaeb40dc
Conjur JWT support (#2591)
* Add JWT Auth to Conjur Provider

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Update docs for Cyberark Conjur Provider

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Update test suite to cover new functionality

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Run make reviewable

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Set MinVersion for tls.Config to satisfy linting

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Move ca bundle config example to a yaml snippet

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* fix: consolidate naming

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: consolidate naming

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* docs: make it a working example

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Remove JWT expiration handling logic

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Run make fmt

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

---------

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-25 10:05:17 +02:00
Shuhei Kitagawa
719e8b1c82
Let ManagedField handle metadata (#2705)
https://github.com/external-secrets/external-secrets/issues/2682

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-09-25 09:33:00 +02:00
Moritz Johner
d59512e604
fix: assign default value to prevent nil panic (#2722)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-21 22:01:40 +02:00
Shuhei Kitagawa
150e3dfde1
Use locks for GCP PushSecrets (#2678)
* Use locks for GCP PushSecrets

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Share locks among providers

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-09-21 17:15:16 +02:00
Markus Lackner
a025b77e49
fix: do not recreate secret if deletion timestamp is set (#2718)
Signed-off-by: Markus Lackner <33040521+markuslackner@users.noreply.github.com>
2023-09-20 23:21:47 +02:00
Moritz Johner
9559c2a124
fix: ensure to correctly encode binary data as base64 (#2681)
Also disable HTML escape.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-15 19:34:53 +02:00
Moritz Johner
b78ce75218
fix: do not swallow errors when create or update fails (#2693)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-15 06:21:34 +02:00
Alexander Kurata
e85b76f1d3
Convert IBM auth struct fields to pointers (#2669)
* Convert SecretStore IBMAuth contents to struct pointers

Signed-off-by: akurata <akurata100@gmail.com>

* update ibm provider logic + tests

Signed-off-by: akurata <akurata100@gmail.com>

* refactor ibm provider validatestore to reduce complexity

Signed-off-by: akurata <akurata100@gmail.com>

* update ibm provider container auth profile check to return an error for a missing profile def

Signed-off-by: akurata <akurata100@gmail.com>

---------

Signed-off-by: akurata <akurata100@gmail.com>
Co-authored-by: Alex Kurata <alexander.kurata@ibm.com>
2023-09-05 12:03:49 +02:00
Florent Viel
012ece2b15
Refacto scaleway provider (#2667)
* replace API calls by ListSecrets

Scalewaw will deprecate soon the Secret Manager endpoints *ByName, the
idea is to use the ListSecrets instead and to filter by name

Signed-off-by: Florent Viel <fviel@scaleway.com>

* allow to filter by name for the fake scw secret api

Signed-off-by: Florent Viel <fviel@scaleway.com>

* improve scaleway fake api

Signed-off-by: Florent Viel <fviel@scaleway.com>

the fake implementation of the ListSecrets for the Scaleway API was too
naive and returns too many secrets based on the input filters

* scaleway: fix calls to the ListSecrets endpoint

Signed-off-by: Florent Viel <fviel@scaleway.com>

* scaleway: fix lint issues

Signed-off-by: Florent Viel <fviel@scaleway.com>

---------

Signed-off-by: Florent Viel <fviel@scaleway.com>
2023-09-04 20:01:38 +02:00
Shuhei Kitagawa
da85f80d97
Support PushSecret metadata (#2600)
* Support PushSecret metadata

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Refactor GCP PushSecret

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-08-28 23:50:21 +02:00
Shuhei Kitagawa
005fb4d123
Report not ready when no namespace matches (#2582)
* Report not ready when no namespace matches

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Fix flaky a test

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Simplify ClusterExternalSecret status

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-08-28 12:03:57 +02:00
Moritz Johner
97df83b518
chore: bump dependencies (#2654)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-08-28 11:50:46 +02:00
Alexandre Gaudreault
21928a45b9
fix(externalsecret): infinite reconcile loop with Merge secret (#2525)
* fix(externalsecret): infinite reconcile loop with Merge secret

Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com>

* code review

Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com>

* lint

Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com>

* add unit tests

Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com>

* lint

Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com>

* Use objectHash instead of value

Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com>

---------

Signed-off-by: Alexandre Gaudreault <alexandre.gaudreault@logmein.com>
2023-08-28 11:46:38 +02:00