mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-15 17:51:01 +00:00
Code Activity
1120 commits 135 branches 173 tags 201 MiB
Commit graph

305 commits

Author SHA1 Message Date
castaneai
3fd3cc0186
Fix the leak in GCPSM when the secret operator cannot find the secret. (#722) 
* fix(gcp): Fix the leak in GCPSM when the secret operator cannot find the secret.

The IAM client has an internal gRPC connection,
but if the secret fetch fails, the goroutine created by the gRPC connection will leak.

Therefore, close the IAM client when the creation of the GCPSM client fails.

* test: fix build error on fakeIAMClient
 2022-02-15 16:54:11 +01:00
paul-the-alien[bot]
027f28ec97
Merge pull request #700 from EladGabay/elad/oci-secret-by-name 
oracle vault: Use instance principal if auth is empty
 2022-02-10 10:34:40 +00:00
paul-the-alien[bot]
31efb94b20
Merge pull request #674 from external-secrets/feat/vault-nested-values 
allow nested json in vault
 2022-02-08 15:29:20 +00:00
Moritz Johner
5b8ab034ec feat(vault): marshal nested value as json, add docs 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 08:05:10 +01:00
Elad Gabay
fe416890b1 oracle vault: Use instance principal if auth is empty 
Currently the oracle vault's secretstore uses a specific user credentials.
This commit introduce a new way to access the vault, using the instance principal.

All user's details moved to "auth" section in the OracleProvider which now is optional.
If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them.

In addition:
- Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference.
- Bump OCI SDK version.
 2022-02-07 18:38:10 +02:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter (#466) 
* Initial draft of reporter

* Test out reporter in AWS provider

* trying out different events approach

* feat: implement store reconciler and events

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add validate() method to provider interface

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: use static requeue interval in store ctrl

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-07 11:42:18 +01:00
Moritz Johner
2ac4053648 feat(vault): allow using nested json 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-05 22:11:41 +01:00
Moritz Johner
fe1cb8bc69 feat(provider): implement fake provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-01 11:18:43 +01:00
Moritz Johner
e015bed08d chore: update k8s / envtest 2022-01-28 19:51:07 +01:00
paul-the-alien[bot]
6f4c03a75d
Merge pull request #645 from external-secrets/fix/delete-secret-using-tpl 
fix: ensure that data is being deleted when using tpl
 2022-01-27 14:49:00 +00:00
Jeroen Op 't Eynde
83afebe9b3
fix(metrics): ensure status_condition metrics reflect the status (#612) 
* fix(metrics): ensure status_condition metrics reflect the status

* lint fixes

* fix(metrics): remove condition=deleted metric (+lint fixes)
 2022-01-27 14:26:09 +01:00
Moritz Johner
e2701fa35a fix: ensure that data is being deleted when using tpl 2022-01-26 20:14:59 +01:00
paul-the-alien[bot]
5a8df8cb18
Merge pull request #642 from external-secrets/fix/webhook-test-race 
fix: webhook test race
 2022-01-26 18:14:48 +00:00
Moritz Johner
edb2c290f4 fix(gcp): use gax-go v2 package 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-25 21:09:33 +01:00
Moritz Johner
ce6f5b1653 fix: webhook test race 2022-01-25 20:45:45 +01:00
paul-the-alien[bot]
0b9c142a22
Merge pull request #618 from external-secrets/feature/aws-e2e-managed 
feat(e2e): implement aws tests, enhance gcp tests
 2022-01-24 10:46:02 +00:00
Moritz Johner
008268ee00 feat(e2e): implement aws tests, enhance gcp tests 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-21 23:37:50 +01:00
Marc Ingram
07415bdabf improve test? 2022-01-21 14:01:45 -07:00
Marc Ingram
e93a1716f5 fix format and lint 2022-01-21 13:36:41 -07:00
Marc Ingram
705ffbbd95 Optimise patching so as changes only happen with something changes 2022-01-21 12:36:05 -07:00
Marc Billow
01355b7653 Formatting and linting fixes 2022-01-19 16:28:23 -06:00
Marc Billow
0753da1cbd Support for eventual consistency in Vault Enterprise 2022-01-19 16:25:01 -06:00
Lucas Severo Alves
16948ed572
Merge pull request #596 from EladGabay/elad/oci-secret-by-name 
OCI Vault: Get secret by name from a specific Vault
 2022-01-16 17:20:46 +00:00
Elad Gabay
dbedbedb96 make fmt 2022-01-16 13:30:21 +02:00
Lucas Severo Alves
2bacd30313
Merge pull request #569 from rodrmartinez/oci-patch 
Replace vaults with secrets package to retrieve secrets
 2022-01-16 11:13:50 +00:00
Elad Gabay
cab49e57f7 oracle: Get secret by name from a specific vault 2022-01-16 13:11:46 +02:00
Moritz Johner
27854adaa5 fix: force ownership when merging secrets 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-14 22:27:27 +01:00
paul-the-alien[bot]
4c6b6a1e84
Merge pull request #525 from HanseMerkur/vault_optional_path 
Optional path for Vault SecretStore
 2022-01-14 19:33:29 +00:00
rodmartinez
90abbdf642 remove byte conversion and add return error 2022-01-14 13:46:16 -03:00
rodmartinez
721086d520 encode apiOutput content 2022-01-14 12:59:59 -03:00
rodmartinez
4373bb2775 Decode base64 payoload 2022-01-14 12:59:59 -03:00
rodmartinez
b962666b1c Remove unused constant, errInvalidSecret 2022-01-14 12:59:59 -03:00
rodmartinez
60454a4760 refactor apiOutput on TestGetSecretMap 2022-01-14 12:59:59 -03:00
rodmartinez
9f98cabe63 complete apiOutput 2022-01-14 12:59:59 -03:00
rodmartinez
a1f78cbae1 replace vault with secrets pkg 2022-01-14 12:59:59 -03:00
rodmartinez
9b4e9a919d replace vault with secrets in fake package 2022-01-14 12:59:59 -03:00
rodmartinez
c8c67258c2 Replace OCI vault with secrets package 2022-01-14 12:59:59 -03:00
Sebastian Gomez
6f8a4c4a35 Removed duplicated code 2022-01-13 12:43:42 -05:00
Lennart Weller
015b35add2 Linter wasn't happy. Again 2022-01-13 18:40:23 +01:00
Sebastian Gomez
8784bfc5ba Fixed lint issues 2022-01-13 12:13:33 -05:00
Sebastian Gomez
119d4b809b Merge branch 'main' into akv-table-tests 2022-01-13 10:45:48 -05:00
Sebastian Gomez
d75fcb9269 Fixed some lint issues 2022-01-12 15:29:57 -05:00
Sebastian Gomez
385caa156f Table driven test with anonymous functions implemented. 
The NewClient tests were kept as they were.
 2022-01-12 14:33:38 -05:00
paul-the-alien[bot]
44d4cf061b
Merge pull request #559 from willemm/feat/generic_webhook 
Add generic webhook provider
 2022-01-11 15:50:05 +00:00
Willem Monsuwe
00558e1dd5 Moved http client initialization to NewClient 2022-01-11 11:09:12 +01:00
Willem M
7160cab0b8
Use MethodGet field instead of hardcoded string literal 
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
 2022-01-11 00:02:32 +01:00
Lennart Weller
23c859eaf9 Pull changes from linter 2022-01-10 10:12:17 +01:00
Lennart Weller
0d06247163 Made SecretStore path for Vault optional 
* Backwards compatible change
  * Added tests to check for a range of possible combinations for paths
 2022-01-10 10:12:17 +01:00
Brent Spector
26f9be4fb1 add path to jwt vault auth 2022-01-05 15:22:00 -08:00
Brent Spector
561bd3ae56 Add support for mount path in ldap auth 2022-01-05 14:54:50 -08:00