mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
2416 commits 135 branches 173 tags 201 MiB
Commit graph

359 commits

Author SHA1 Message Date
oddy
735f3e7e69
Remove unnecessary space before a colon (#1494) 
Signed-off-by: dubs11kt <dubs11kt@gmail.com>

Signed-off-by: dubs11kt <dubs11kt@gmail.com>
 2022-08-30 16:15:43 +02:00
dependabot[bot]
67fedc840e
Kubernetes v1.24 upgrade (#1345) 
* build(deps): bump sigs.k8s.io/controller-runtime from 0.11.2 to 0.12.3

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.11.2 to 0.12.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.11.2...v0.12.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* feat: bump kubernetes 1.24

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: backwards-compatible vault implementation

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add audiences field to serviceAccountRef

This will be used by aws, azure, gcp, kubernetes & vault providers
in combination with TokenRequest API: it will _append_ audience claims
to provider-specific audiences.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: refactor kubernetes client to match provider/client interfaces

the kubernetes provider mixed up provider and client interfaces which
made it really hard to reason about. This commit separates into two
structs, each implements one interface.
The client struct fields have been renamed and annotated so their use
and scope is clear.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: deprecate expirationSeconds

expirationSeconds is not needed because we generate a
service account token on the fly for a single use.
There will be no replacement for this.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: rename token fetch audiences field

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: generate CRDs

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-19 17:32:06 +02:00
Moritz Johner
2d20b5488e
feat: add azkv.environmentType (#1469) 
users of USGovCloud, ChinaCloud, GermanCloud need slightly different
configuration for AADEndpoint and keyvault resource.

This is based on CSI Secret Store Azure KV driver,

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-18 00:12:44 +02:00
Helena Steck
2b5710d8d5
add missing default values for spec.target (#1431) 
Add missing default values for ExternalSecretTarget on CRD definition
Fixes #1233

Signed-off-by: Helena Steck <steckhelena@gmail.com>
 2022-08-08 21:27:13 +02:00
Moritz Johner
dfb5c9419b
chore: bump helm release (#1432) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-05 08:36:49 +02:00
Gustavo Fernandes de Carvalho
b4e7acfaa9
Implements dataFrom key rewrite (#1381) 
* Implements dataFrom key rewrite

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* docs: add example to remove invalid characters

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-04 15:24:02 -03:00
Daniel Quackenbush
b441112587
📚 update references to select "main" instead of "master" (#1346) 
* 📝 update references to select "main" instead of "master"

* Remove unused variable
 2022-07-29 14:34:25 -03:00
dependabot[bot]
9c09b936b1
build(deps): bump sigs.k8s.io/controller-tools from 0.9.0 to 0.9.2 (#1322) 
* build(deps): bump sigs.k8s.io/controller-tools from 0.9.0 to 0.9.2

Bumps [sigs.k8s.io/controller-tools](https://github.com/kubernetes-sigs/controller-tools) from 0.9.0 to 0.9.2.
- [Release notes](https://github.com/kubernetes-sigs/controller-tools/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-tools/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-tools/compare/v0.9.0...v0.9.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-tools
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: re-gen CRDs

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-07-28 22:39:24 +02:00
cebidhem
39a51fbead
feat(helm): adds new flags to create metrics services for other scrapers (#1392) 
* adds new flag and docs for other metrics scrapers than Prometheus

Signed-off-by: cebidhem <cebidhem@pm.me>

* Update deploy/charts/external-secrets/templates/webhook-service.yaml

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
 2022-07-28 08:09:47 +02:00
Moritz Johner
4affcb7345
🐛Clarify CAProvider usage in struct annotations (#1397) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-07-27 18:44:23 -03:00
Mike
fdf1f9ce6f
feat: Add support for container auth to IBM provider. (#1177) 2022-07-26 22:48:07 +02:00
Emir Özbir
83c2d2214f
feat: Helm chart dns options (#1377) 
Adds dnsConfig to allow configuration of custom dns options for the eso deployment
 2022-07-25 12:05:04 +02:00
Gareth Evans
7eff8db532
feat: additional columns for kubectl output (#1359) 2022-07-19 20:48:37 +02:00
cebidhem
3245951003
[helm] - Adds variables to configure extra labels to the serviceAccounts (#1357) 
Signed-off-by: cebidhem <cebidhem@pm.me>
 2022-07-15 06:10:48 -03:00
Gustavo Fernandes de Carvalho
6f1d30079a
⬆️chore: bump version 0.5.8 (#1353) 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-07-12 10:42:07 -03:00
Gustavo Fernandes de Carvalho
fa91ba0f6c
Adds DecodingStrategy to ExternalSecrets (#1294) 
Fixes #920

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-07-12 09:18:00 -03:00
Gustavo Fernandes de Carvalho
ccea3d532f
🐛 Adds ability to configure cert lookahead interval for webhook pod. (#1304) 
Fixes #1249

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-07-12 06:25:16 -03:00
Kratik Jain
acdd9d7c67
📚 corrected helm install command (#1330) 2022-07-08 09:07:08 -03:00
Mark Hahl
03da357171
fix invalid YAML error when using extraVolumeMounts (#1311) 2022-07-08 07:57:08 -03:00
Moritz Johner
5d451d9e2d chore: bump helm 2022-06-22 17:16:19 +02:00
Django Cass
bd536016f3 Fixed some minor syntax issues 2022-06-22 20:08:50 +10:00
Django Cass
09bda1abc7 Added support for custom volume mounts for all 3 deployments 2022-06-22 20:04:55 +10:00
Moritz Johner
cff9be1664
feat(kubernetes): allow service account auth (#1201) 
* feat(kubernetes): allow service account auth

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-06-13 21:49:05 +02:00
Gustavo Carvalho
a2f265861a bump 0.5.6 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-06-01 13:48:45 -03:00
Moritz Johner
39234ad186 fix: bump 0.5.5 2022-05-31 19:31:43 +02:00
Docs
dec887e733 chore: bump 0.5.4 2022-05-31 11:18:52 +02:00
Gustavo Carvalho
e3e7acb153 bump controller-tools,google-golang-api,google-golang-grpc versions 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-05-25 07:39:22 -03:00
paul-the-alien[bot]
1829399a8d
Merge pull request #1163 from msolimans/main 
Add support for PodDisruptionBudget
 2022-05-21 05:51:57 +00:00
Docs
32869bfccf added certController.replicaCount 2022-05-20 17:31:46 -04:00
Docs
4ec2caa183 fixed indentation 2022-05-20 17:25:06 -04:00
Docs
f230ebc831 missing and in cert-controller-pdb 2022-05-20 12:37:19 -04:00
Docs
aa3e47df97 added missing and 2022-05-20 12:32:37 -04:00
Docs
5325ed10f9 linting fix: removed trailing spaces 2022-05-20 12:19:20 -04:00
paul-the-alien[bot]
1a6579b876
Merge pull request #1062 from dreadful-dragon/feature/azkv-tags-sync 
azkv tag feature
 2022-05-20 15:51:50 +00:00
Muhammad Soliman
8c03c11b0f update documentation 2022-05-19 19:13:09 -04:00
Muhammad Soliman
30f365a1e0 set default values 2022-05-19 19:12:48 -04:00
Muhammad Soliman
5364501406 fixed webhook pdb name 2022-05-19 18:54:56 -04:00
Muhammad Soliman
8cd35eac72 added pdb support 2022-05-19 18:46:36 -04:00
paul-the-alien[bot]
3de2cc8bee
Merge pull request #1040 from AndreyZamyslov/yandex-certificate-manager 
Support for Yandex Certificate Manager
 2022-05-17 16:48:58 +00:00
Cristina DE DIOS GONZÁLEZ
3256bc4b82 azkv tag feature 2022-05-16 16:49:34 +02:00
Moritz Johner
c532bac0be
chore: bump chart 0.5.3 (#1128) 2022-05-11 15:33:06 +02:00
david amick
435aefc7ac
Add 1Password support 2022-05-08 17:01:26 -07:00
Docs
c73206b29c Add senhasegura DSM provider 2022-05-02 13:28:18 -03:00
Gonzalo Servat
db7fd4a037
Fix casing on Gitlab 2022-04-28 21:43:42 +10:00
Gustavo Carvalho
7a6b5a0193 Bumping chart version to 0.5.2 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-27 13:12:16 -03:00
Docs
dc7df48cae add support for Yandex Certificate Manager 2022-04-22 21:40:52 +03:00
Moritz Johner
544c439d7d docs: replace logo, add support docs 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-04-21 19:19:46 +02:00
Gustavo Carvalho
3bd0d2d04f Making spec.target optional 
fixes #996

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-20 13:27:13 -03:00
paul-the-alien[bot]
e10760e509
Merge pull request #917 from external-secrets/chart-service-monitor 
feat: replace prometheus annotations with servicemonitor
 2022-04-20 15:14:38 +00:00
Moritz Johner
a98895a647 chore: add note for users using prometheus.enabled 2022-04-20 14:42:02 +02:00
paul-the-alien[bot]
dc8c74d345
Merge pull request #1003 from eric-maydeck/webhook-secret-annotations 
feat: (helm chart) enable annotations for webhook secret
 2022-04-20 11:54:22 +00:00
Moritz Johner
ef4eebb5cc chore: make changes backward-compatible 2022-04-19 22:24:09 +02:00
Moritz Johner
746ef24eb6 fix: gen readme 2022-04-19 21:50:38 +02:00
Moritz Johner
4ca31ba8af feat: replace prometheus annotations with servicemonitor 2022-04-19 21:50:38 +02:00
Jeroen Op 't Eynde
c04350d0d0
fix(helm-chart): remove caBundle and set name/namespace (#1001) 
Do not set caBundle to avoid issues with GitOps tools.
 2022-04-19 21:43:19 +02:00
Eric Maydeck
ee8d7e666a added webhook.secretAnnotations to helm readme 2022-04-19 13:23:47 -06:00
Gustavo Carvalho
59d08dda2b Added Dependency License Check Workflow 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-19 10:50:45 -03:00
Eric Maydeck
730eab548a feat: enable annotations for webhook secret 2022-04-14 18:03:10 -06:00
Merlin
4820cc9165 Ignore ExternalSecret processing if the store is not usuable (e.g. 
NotReady).
 2022-04-13 23:24:39 +02:00
Gustavo Carvalho
26a824fb2a Updated default ports to 10250 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-12 07:27:16 -03:00
Gustavo Carvalho
b5220fa618 Adding some options for webhook deployment: 
* hostNetwork for webhook pod
 * FailurePolicy for validatingwebhook definition
 * Changed webhook port to a configurable value
 * Defined default value as 9443
Fixes #944

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-11 15:16:20 -03:00
Docs
51d910268a chore: bump to 0.5.1 2022-04-06 16:29:06 +02:00
Alfred Krohmer
74c06dc2e4
fix: only create cert-controller RBAC resources if cert-controller creation itself is enabled 
Previously both `certController.create` and `certController.rbac.create` needed to be set to `false` in order to prevent the cert-controller RBAC resources from being created.
 2022-04-06 14:15:49 +02:00
Gustavo Carvalho
c421da95c9 update chart version to 0.5.0 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-05 09:52:09 -03:00
Moritz Johner
c2bcceb057
feat: implement deletionPolicy (#900) 
* feat: implement deletionPolicy

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-05 13:38:06 +02:00
Alfred Krohmer
d7022b1bef
feat(vault): add option for JWT backend to authenticate with Kubernetes service account token (#768) 2022-04-04 21:20:58 +02:00
Eric Chan
e132edf0d4 Only generate create flags for cluster scoped crds 2022-03-30 13:19:35 +10:00
Eric Chan
efb75527e0 add create flags to each CRDs resources for a more fine-grained control 2022-03-30 13:19:35 +10:00
Gustavo Carvalho
c779ef59e7 Marking v1alpha1 as deprecated. 
Improving docs and menu order.
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-29 11:21:32 -03:00
paul-the-alien[bot]
85937c99e7
Merge pull request #800 from kinyat/feat/scoped-rbac 
Add the ability to support scoped RBAC with a scoped namespace
 2022-03-25 16:05:30 +00:00
Suraj Narwade
2d91580e95 Add namespace to service resource & fix typo 
Signed-off-by: Suraj Narwade <suraj.narwade@rvu.co.uk>
 2022-03-25 13:36:57 +00:00
Eric Chan
8dd8ca4d92 add new flags to control both cluster store and cluster external secret reconciler 2022-03-24 23:55:08 +10:00
Eric Chan
93114bdc0e make scopedRBAC to disable cluster secret store 2022-03-24 23:55:03 +10:00
Eric Chan
553d99a456 Add the ability to support scoped RBAC with a scoped namespace 2022-03-24 23:54:46 +10:00
paul-the-alien[bot]
d27f256ede
Merge pull request #873 from gusfcarvalho/fix/mutex-on-gcp 
Adding mutexes only for GCP provider
 2022-03-24 09:53:43 +00:00
Gustavo Carvalho
bae43b39c4 Adding mutexes only for GCP provider 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-24 06:34:07 -03:00
Moritz Johner
cf7e3832ae
feat(azure): implement workload identity (#738) 
* feat(azure): implement workload identity

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Henning Eggers <henning.eggers@inovex.de>
 2022-03-22 21:59:01 +01:00
Docs
bdc5d9b378 fix: update CRDs 2022-03-20 09:34:03 +01:00
Daniel Hix
324c7def06
feat: implement ClusterExternalSecret (#542) 
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
 2022-03-20 09:32:27 +01:00
paul-the-alien[bot]
fb056cc9b5
Merge pull request #784 from external-secrets/feature/hashivault-getallsecrets 
Implements Hashicorp Vault GetAllSecrets
 2022-03-12 11:19:04 +00:00
Docs
3502ab0a94 Add flags to control weather a deployment should be created 2022-03-11 09:21:50 +10:00
paul-the-alien[bot]
439ecfaf9d
Merge pull request #783 from AtzeDeVries/allow-gcp-cross-project-secrets 
GCP: allow cluster to be in different project
 2022-03-09 10:03:20 +00:00
Gustavo Carvalho
164e8776ec Adding docs and implementing ConversionStrategy 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 06:59:54 -03:00
Gustavo Carvalho
2f23fd28ed Adding GetAllSecrets for Hashicorp Vault 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 05:40:09 -03:00
Atze de Vries
2f53ab8220 also make optional for v1beta1 and add note to docs 2022-03-03 19:35:38 +01:00
Atze de Vries
739043283c make clusterProjectID omitemtpy 2022-03-02 18:03:45 +01:00
Atze de Vries
da47ad2cac GCP: allow cluster to be in different project 2022-03-02 11:24:04 +01:00
Moritz Johner
8fc4484cc6 feat: implement validating webhook 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-03-01 21:25:15 +01:00
Moritz Johner
fb8f496204 Merge branch 'main' into feature/conversion-webhook 2022-02-23 08:15:03 +01:00
rodrmartinez
39038b03c8 enforce that exactly one auth property is used 2022-02-22 15:45:45 -03:00
rodrmartinez
0392777965 Merge branch 'main' into feature/kubernetes-provider 2022-02-22 14:57:50 -03:00
Moritz Johner
b0de9a1196 chore: bump chart version 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-22 10:41:17 +01:00
Gustavo Carvalho
f9fd1a8c52 bump version to 0.4.3 2022-02-18 09:29:53 -03:00
rodrmartinez
7c4a17a9c3 Merge branch 'main' into feature/kubernetes-provider 2022-02-17 15:38:45 -03:00
rodrmartinez
86d7710727 changing kubernetes api struct 2022-02-17 14:45:43 -03:00
Gustavo Carvalho
c0ed7de5f7 Adding status information to kubectl get css 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-17 13:13:59 -03:00
Gustavo Carvalho
40ec693479 Merge branch 'main' into feature/conversion-webhook 
Fixed conflicts and implemented necessary changes for v1beta1
 2022-02-16 16:00:32 -03:00
paul-the-alien[bot]
86aedda434
Merge pull request #701 from external-secrets/feature/template-string-interface 
feat: implement template engine v2
 2022-02-16 17:16:24 +00:00
Gustavo Carvalho
2e6017dd4b Using cobra commands instead of several binaries 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-15 08:52:52 -03:00
Gustavo Carvalho
96cb340ace Implementing Requeue Interval for certController. Fixing unit tests and check-diff 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 16:05:17 -03:00
Gustavo Carvalho
1d8cfc4a12 Changed logic of Webhook check for certs. 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 15:46:10 -03:00
Gustavo Carvalho
1587fa02b1 Improved deployments and crd logic. Added cert-controller reconcile tests 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 10:08:27 -03:00
Gustavo Carvalho
38b7393eb6 Fixed weird bug with make helm generate 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 07:25:29 -03:00
Gustavo Carvalho
0db78819bb Fixing lints and adding correct image names in eso.go 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-13 16:37:32 -03:00
Gustavo Carvalho
3c167edd4b Fixing some helm linting and an error on e2e Makefile 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-13 16:05:34 -03:00
Gustavo Carvalho
824529710f Merge branch 'main' into feature/conversion-webhook 2022-02-13 16:00:02 -03:00
Gustavo Carvalho
bbedad6053 WIP: improve deployment manifests to be on a functional state 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-13 15:53:40 -03:00
Gustavo Carvalho
ff62a47d47 Bumping chart version to v0.4.2 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-13 09:16:41 -03:00
Gustavo Carvalho
e776f6d843 WIP: implementing separate deployments 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-13 09:14:41 -03:00
Gustavo Carvalho
024b64fe39 Added Readiness Probe for helm charts. 
Fixed make generate command to not use kubectl
Fixed lint

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-11 08:10:11 -03:00
Moritz Johner
54e68399ec feat: implement template engine v2 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:31 +01:00
Gustavo Carvalho
773d362a5c Fixing Makefile and helm README 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 17:00:52 -03:00
Gustavo Carvalho
23784803ff Merge branch 'main' into feature/conversion-webhook 
Updated Oracle provider new specs for v1beta1
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 16:55:37 -03:00
Gustavo Carvalho
5ae4e4a7a2 Fixing deployment 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 15:44:13 -03:00
Gustavo Carvalho
f1d3802604 Attempting to separate webhook in a new container 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 15:38:54 -03:00
Gustavo Carvalho
b8ef9e8dba Now adding appropriate bundle 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 14:53:18 -03:00
Gustavo Carvalho
fd9e09a1ee WIP: Structured reconciliation loops for CRDs 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 14:12:13 -03:00
paul-the-alien[bot]
027f28ec97
Merge pull request #700 from EladGabay/elad/oci-secret-by-name 
oracle vault: Use instance principal if auth is empty
 2022-02-10 10:34:40 +00:00
Gustavo Carvalho
574953d2d8 Fixing lint and checkdiffs 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-09 11:41:31 -03:00
Gustavo Carvalho
ba8a5b7b64 Adding first structure for webhook service. 
Rewrote webhook conversion for ExternalSecrets

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-09 11:28:44 -03:00
Gustavo Carvalho
0530385992 v1beta1 initial commit 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 14:07:34 -03:00
Alexander Huck
2bbc033699
fix: add port name to deployment (#697) 
Co-authored-by: Alexander Huck <alexander.huck@inovex.de>
Co-authored-by: Alberto Llamas <albertollamaso@gmail.com>
 2022-02-07 20:20:01 +01:00
Elad Gabay
fe416890b1 oracle vault: Use instance principal if auth is empty 
Currently the oracle vault's secretstore uses a specific user credentials.
This commit introduce a new way to access the vault, using the instance principal.

All user's details moved to "auth" section in the OracleProvider which now is optional.
If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them.

In addition:
- Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference.
- Bump OCI SDK version.
 2022-02-07 18:38:10 +02:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter (#466) 
* Initial draft of reporter

* Test out reporter in AWS provider

* trying out different events approach

* feat: implement store reconciler and events

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add validate() method to provider interface

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: use static requeue interval in store ctrl

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-07 11:42:18 +01:00
Lucas Severo Alves
4c5f9ae763 chore: bump version 0.4.1 
Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com>
 2022-02-02 20:22:10 +01:00
Docs
9fbb6d22b0 Making reviewable 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-02 15:31:56 -03:00
Lucas Severo Alves
0e19d00c8d chore: bump chart to v0.4.0 2022-02-02 17:56:22 +01:00
paul-the-alien[bot]
5060619826
Merge pull request #614 from external-secrets/fix/docs 
Improves Documentation. Removes controller reference
 2022-02-01 19:38:32 +00:00
Moritz Johner
fe1cb8bc69 feat(provider): implement fake provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-01 11:18:43 +01:00
rodrmartinez
fad68e163a Update CRDs 2022-01-26 15:27:59 -03:00
rodrmartinez
b6b74350d5 Creates Kubernetes Provider secretstore 2022-01-25 17:11:12 -03:00
Gustavo Carvalho
d694bb4b9b Added make reviewable 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-01-25 09:39:37 -03:00
Gustavo Carvalho
b95d82dc39 Fixing trailing whitespace 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-01-25 09:24:00 -03:00
Gustavo Carvalho
7df28de2d8 Merge branch 'main' into fix/docs 2022-01-25 09:15:07 -03:00
Gustavo Carvalho
33fb42df53 Changed Dev guide 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-01-25 08:21:09 -03:00
Marc Billow
0753da1cbd Support for eventual consistency in Vault Enterprise 2022-01-19 16:25:01 -06:00
Moritz Johner
40ff991e17 fix: remove support for v1beta1 crds 2022-01-17 21:44:33 +01:00
Lucas Severo Alves
16948ed572
Merge pull request #596 from EladGabay/elad/oci-secret-by-name 
OCI Vault: Get secret by name from a specific Vault
 2022-01-16 17:20:46 +00:00
Elad Gabay
f50438353e oracle: Add Vault OCID to provider 2022-01-16 12:05:58 +02:00
Elad Gabay
137ce182c1 oracle: Fix provider fields docs 2022-01-16 12:02:56 +02:00
paul-the-alien[bot]
4c6b6a1e84
Merge pull request #525 from HanseMerkur/vault_optional_path 
Optional path for Vault SecretStore
 2022-01-14 19:33:29 +00:00
paul-the-alien[bot]
44d4cf061b
Merge pull request #559 from willemm/feat/generic_webhook 
Add generic webhook provider
 2022-01-11 15:50:05 +00:00
paul-the-alien[bot]
be78d56708
Merge pull request #567 from brentspector/feat/ldap-auth-path 
Add Path Parameter to LDAP and JWT/OIDC Hashicorp Vault Auth
 2022-01-10 13:11:10 +00:00
Lennart Weller
f7f521317e add generated files 2022-01-10 10:12:17 +01:00
Lucas Severo Alves
395fee02b3 chore: bump chart to 0.3.11 2022-01-06 15:08:43 +01:00
Brent Spector
26f9be4fb1 add path to jwt vault auth 2022-01-05 15:22:00 -08:00
Brent Spector
561bd3ae56 Add support for mount path in ldap auth 2022-01-05 14:54:50 -08:00
Willem Monsuwe
d04508e974 Added generic webhook provider 
This provider allows a secretstore with a generic url (templated)
which will be called with a defined method, headers (templated)
and optional body (also templated)
The response can be parsed out with a jsonPath expression
 2021-12-29 10:53:29 +01:00
Lucas Severo Alves
fc4eedfd63
Merge pull request #427 from jack-evans/concurrency 
add concurrent flag to allow more reconciles at the same time
 2021-12-27 11:10:45 +01:00
Jack Evans
5e74da3342
add specific concurrent option to helm chart 2021-12-17 15:37:38 +00:00