dependabot[bot]
cec59321d9
chore(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 ( #3666 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](68827325e0...5927c834f5
2024-07-08 06:17:07 -03:00
dependabot[bot]
eea2e8092e
chore(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 ( #3665 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](d70bba72b1...4fd812986e
2024-07-08 06:16:47 -03:00
dependabot[bot]
4045fe9ae6
chore(deps): bump distroless/static from 4197211 to ce46866 ( #3663 )
...
Bumps distroless/static from `4197211` to `ce46866`.
---
updated-dependencies:
- dependency-name: distroless/static
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-08 11:57:46 +03:00
dependabot[bot]
e6e96a1e45
chore(deps): bump golang from 1.22.4 to 1.22.5 ( #3662 )
...
Bumps golang from 1.22.4 to 1.22.5.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-08 11:57:21 +03:00
Gustavo Fernandes de Carvalho
374c7bf019
chore: bump to 0.9.20 ( #3660 )
...
* chore: bump to 0.9.20
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* bump docs
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
---------
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-07-06 15:59:44 -03:00
shazib
4e444ce150
docs: updated k8s support for ESO v0.9 ( #3659 )
2024-07-06 07:30:42 +03:00
Gustavo Fernandes de Carvalho
2be716aff4
fix github credentials ( #3656 )
...
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
2024-07-04 07:37:14 -03:00
Moritz Johner
d7657e6feb
docs: add proposal for PushSecret metadata ( #3612 )
...
* docs: add proposal for PushSecret metadata
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* docs: add examples for aws sm/ps
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* docs: add note regarding old format
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2024-07-03 20:57:53 -03:00
Shuhei Kitagawa
67fccd4fca
Allow specifying the same namespace for SecretStores ( #3555 )
...
* Allow specifying the same namespace for SecretStores
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
* Fix unit tests
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
---------
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2024-07-03 20:56:55 -03:00
Andrew Gunnerson
2053df7b7c
fix(vault): Treat tokens expiring in <60s as expired ( #3637 )
...
* fix(vault): Treat tokens expiring in <60s as expired
Without this, it's possible to hit a TOCTOU issue where checkToken()
sees a valid token, but it expires before the actual operation is
performed. This condition is only reachable when the experimental
caching feature is enabled.
60 seconds was chosen as a sane (but arbitrary) value. It should be more
than enough to cover the amount of time between checkToken() and the
actual operation.
Signed-off-by: Andrew Gunnerson <andrew.gunnerson@elastic.co>
* ADOPTERS.md: Add Elastic
Signed-off-by: Andrew Gunnerson <andrew.gunnerson@elastic.co>
---------
Signed-off-by: Andrew Gunnerson <andrew.gunnerson@elastic.co>
2024-07-03 20:56:38 -03:00
Christophe Collot
504b5506f4
feat: implement pushing whole k8s secret to Azure Keyvault ( #3650 )
...
* feat: implement pushing whole secrets to azure keyvault
Signed-off-by: Christophe Collot <christophe.collot.cloud@gmail.com>
* bump e2e pipeline (#3646 )
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
Signed-off-by: Christophe Collot <christophe.collot.cloud@gmail.com>
* fix e2e permissions (#3647 )
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
Signed-off-by: Christophe Collot <christophe.collot.cloud@gmail.com>
* bump docs with e2e commands (#3648 )
Signed-off-by: Christophe Collot <christophe.collot.cloud@gmail.com>
* also needs pull-requests (#3649 )
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
Signed-off-by: Christophe Collot <christophe.collot.cloud@gmail.com>
* style: remove unnecessary line
Signed-off-by: Christophe Collot <christophe.collot.cloud@gmail.com>
* style: remove trailing line
Signed-off-by: Christophe Collot <christophe.collot.cloud@gmail.com>
---------
Signed-off-by: Christophe Collot <christophe.collot.cloud@gmail.com>
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
2024-07-03 08:38:01 +02:00
Doug Goldstein
93e9b4cef7
fix(webhook): perform conversion of data ( #3638 )
...
Instead of assuming that the data fields are strings that can be
converted to byte array, convert the actual type to a byte array.
fixes #3239
Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
2024-07-03 07:42:34 +02:00
Gustavo Fernandes de Carvalho
4d9e0c37ff
use github token to allow comment ( #3651 )
...
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
2024-07-02 11:18:32 -03:00
Gustavo Fernandes de Carvalho
6c8e9aa6d0
also needs pull-requests ( #3649 )
...
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
2024-07-02 07:13:54 -03:00
Gustavo Fernandes de Carvalho
4aeba81f07
bump docs with e2e commands ( #3648 )
2024-07-02 07:09:35 -03:00
Gustavo Fernandes de Carvalho
3909efa367
fix e2e permissions ( #3647 )
...
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
2024-07-02 05:48:36 -03:00
Gustavo Fernandes de Carvalho
943a51d8d5
bump e2e pipeline ( #3646 )
...
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@productmadness.com>
2024-07-02 05:34:54 -03:00
Joe Stevens
f516892164
implement handling for pushing whole k8s secret to gcsm ( #3644 )
...
Signed-off-by: Joseph Stevens <thejosephstevens@gmail.com>
2024-07-02 08:08:55 +02:00
kaedwen
48cccaeded
add AuthRef to kubernetes provider fixes #3627 ( #3628 )
...
* add AuthRef to kubernetes provider fixes #3627
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* run make reviewable
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* fix validation for given authRef
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* refactor kubernetes provider auth
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* satisfy linter
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* add URL for kubernetes provider tests
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
---------
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
2024-07-01 23:31:10 +02:00
dependabot[bot]
c6bafe8c61
chore(deps): bump importlib-metadata in /hack/api-docs ( #3639 )
...
Bumps [importlib-metadata](https://github.com/python/importlib_metadata ) from 7.2.1 to 8.0.0.
- [Release notes](https://github.com/python/importlib_metadata/releases )
- [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst )
- [Commits](https://github.com/python/importlib_metadata/compare/v7.2.1...v8.0.0 )
---
updated-dependencies:
- dependency-name: importlib-metadata
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-01 18:06:05 +02:00
dependabot[bot]
3eb960052d
chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 ( #3640 )
2024-07-01 17:03:21 +03:00
eso-service-account-app[bot]
cd1ce790f7
update dependencies ( #3641 )
2024-07-01 17:02:33 +03:00
Sverre Boschman
00cf351548
docs: fix dataFrom.find in ExternalSecret api example ( #3633 )
...
Signed-off-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com>
2024-06-29 19:21:16 +02:00
Bill Hamilton
a14386b520
added secretserver env vars to e2e.yml ( #3636 )
2024-06-28 11:03:22 -03:00
Gergely Brautigam
87c09c6046
fix: e2e installation of ESO needs to update dependencies first ( #3635 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-06-28 14:42:17 +02:00
Gergely Brautigam
095537e6ad
feat: add bitwarden secret manager support ( #3603 )
2024-06-28 06:04:25 +02:00
Nathan Ellenfield
907e8ebc82
Fix ACR External Secret example ( #3626 )
...
* Fix ACR External Secret example
Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>
* Fix typos in acr generator docs
Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>
---------
Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>
2024-06-26 19:50:24 +02:00
dependabot[bot]
22c1af40e0
chore(deps): bump softprops/action-gh-release from 2.0.5 to 2.0.6 ( #3614 )
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.5 to 2.0.6.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](69320dbe05...a74c6b72af
2024-06-24 13:19:39 +02:00
dependabot[bot]
8a7fb7611c
chore(deps): bump aquasecurity/trivy-action from 0.22.0 to 0.23.0 ( #3615 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](595be6a0f6...7c2007bcb5
2024-06-24 13:19:21 +02:00
dependabot[bot]
5aefdec4c7
chore(deps): bump livereload from 2.6.3 to 2.7.0 in /hack/api-docs ( #3616 )
...
Bumps [livereload](https://github.com/lepture/python-livereload ) from 2.6.3 to 2.7.0.
- [Release notes](https://github.com/lepture/python-livereload/releases )
- [Changelog](https://github.com/lepture/python-livereload/blob/master/CHANGES.rst )
- [Commits](https://github.com/lepture/python-livereload/compare/2.6.3...2.7.0 )
---
updated-dependencies:
- dependency-name: livereload
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 13:19:03 +02:00
dependabot[bot]
d1f91e8c02
chore(deps): bump importlib-metadata in /hack/api-docs ( #3617 )
...
Bumps [importlib-metadata](https://github.com/python/importlib_metadata ) from 7.1.0 to 7.2.1.
- [Release notes](https://github.com/python/importlib_metadata/releases )
- [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst )
- [Commits](https://github.com/python/importlib_metadata/compare/v7.1.0...v7.2.1 )
---
updated-dependencies:
- dependency-name: importlib-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 13:18:49 +02:00
dependabot[bot]
424898f812
chore(deps): bump urllib3 from 2.2.1 to 2.2.2 in /hack/api-docs ( #3618 )
...
Bumps [urllib3](https://github.com/urllib3/urllib3 ) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 13:18:32 +02:00
dependabot[bot]
88958faf2f
chore(deps): bump golang from 6522f0c to ace6cc3 ( #3620 )
...
Bumps golang from `6522f0c` to `ace6cc3`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 13:18:13 +02:00
dependabot[bot]
976ab9f112
chore(deps): bump alpine from 77726ef to b89d9c9 in /hack/api-docs ( #3621 )
...
Bumps alpine from `77726ef` to `b89d9c9`.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 13:17:54 +02:00
dependabot[bot]
f6cf8d5ee7
chore(deps): bump alpine from 3.20.0 to 3.20.1 in /e2e ( #3622 )
...
Bumps alpine from 3.20.0 to 3.20.1.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 13:17:36 +02:00
eso-service-account-app[bot]
0a4f5102ae
update dependencies ( #3624 )
...
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2024-06-24 13:17:12 +02:00
Timofei Larkin
490eeacca2
Adds codepath for removing finalizers ( #3610 )
...
* Adds codepath for removing finalizers
See #3609 .
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
* Add test case for #3609
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
---------
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
2024-06-21 21:57:04 +02:00
Moritz Johner
f1ab7ef89d
fix: explicitly fetch status subresource due to inconsistencies ( #3608 )
...
* fix: explicitly fetch status subresource due to inconsistencies
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: bump go
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: add rbac to get status
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2024-06-21 12:59:25 +02:00
Idan Adar
9a6ffcd844
Make UBI more tolerable from OS vulnerabilities ( #3607 )
...
* Make UBI safer from OS vulnerabilities
* Add missing files
* Use correct packages
* Fix CVEs
2024-06-20 17:50:49 +02:00
Eric Fang
ebae16beb3
Remove the use of "golang.org/x/crypto/pkcs12" ( #3601 )
...
Switch to software.sslmate.com/src/go-pkcs12 instead
Signed-off-by: yihuaf <yihuaf@unkies.org>
2024-06-18 19:21:48 +02:00
Andrew Gunnerson
c7fc730019
fix(vault): Fix crash when caching is enabled and a token expires ( #3598 )
...
In the vault client library, LookupSelfWithContext calls ParseSecret,
which has a few places where it returns `nil, nil` instead of returning
a proper error. The most common scenario is when the token expires and
the Vault server returns:
{
"errors": [
"permission denied"
]
}
This commit adds an additional check to ensure that a nil response won't
be dereferenced in checkToken().
Signed-off-by: Andrew Gunnerson <andrew.gunnerson@elastic.co>
2024-06-18 09:28:41 +02:00
Bude8
23f2829ec1
Add logic to skip multiple stores. Add tests for multiple un/managed stores ( #3123 )
...
Signed-off-by: Bude8 <henryblee8@gmail.com>
2024-06-18 07:56:20 +02:00
Tsubasa Nagasawa
8ef07f515d
feat(chart): Enable partial cache for certcontroller when installCRDs=true ( #3589 )
...
* chore(chart): Remove unnecessary line breaks to format the list of args
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
* feat(chart): Enable partial cache for certcontroller when installCRDs=true
If CRDs are managed by a Helm chart, the addition of the label to the CRDs
required for the partial cache feature is reflected in the update.
Therefore, if installCRDs=true, the partial cache feature is automatically enabled.
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
* fix: run ct using main images
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: set helm test values
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* chore: bump CRDs in helm tests
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2024-06-18 00:50:45 +02:00
dependabot[bot]
cc00e7a7ff
chore(deps): bump golang from 9bdd569 to 6522f0c ( #3594 )
...
Bumps golang from `9bdd569` to `6522f0c`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-17 22:49:38 +02:00
dependabot[bot]
95b354bc97
chore(deps): bump golang from aec4784 to 9678844 in /e2e ( #3593 )
...
Bumps golang from `aec4784` to `9678844`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-17 22:49:13 +02:00
eso-service-account-app[bot]
e459722f89
update dependencies ( #3596 )
...
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2024-06-17 18:30:10 +02:00
dependabot[bot]
73229ac460
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 ( #3590 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
2024-06-17 17:53:09 +02:00
dependabot[bot]
564882e852
chore(deps): bump codecov/codecov-action from 4.4.1 to 4.5.0 ( #3592 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.4.1 to 4.5.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](125fc84a9a...e28ff129e5
2024-06-17 17:53:03 +02:00
dependabot[bot]
c1b0b78959
chore(deps): bump github/codeql-action from 3.25.8 to 3.25.10 ( #3591 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.8 to 3.25.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2e230e8fe0...23acc5c183
2024-06-17 17:52:55 +02:00
dependabot[bot]
543a37c110
chore(deps): bump mkdocs-material in /hack/api-docs ( #3595 )
...
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 9.5.26 to 9.5.27.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.26...9.5.27 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-17 17:52:48 +02:00
