external-secrets

mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

Author	SHA1	Message	Date
Tchoupinax	0dd419a738	feat: edit all required changes for recursive option (#3939 ) * feat: edit all required changes for recursive option Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> * chore: make reviewable Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> * feat: add missing param Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> * feat: change property type to boolean Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> * docs: new doc version Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr> --------- Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>	2024-10-14 09:24:48 +02:00
Moritz Johner	76cf8ad263	feat: allow generators to be referenced from a PushSecret (#3965 ) This removes the need for an intermediary Kind=ExternalSecret and Kind=Secret when using a generator. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-10-02 06:43:00 +00:00
Gabi Davar	7f5e8fa9ce	Make CRD categories useful (#3929 ) * Make CRD categories useful * one category for all ES objects. * one only for generators * add missing controller label on CRDs * fix UUID description (was referring to password) Signed-off-by: Gabi Davar <grizzly.nyo@gmail.com> * missing update Signed-off-by: Gabi Davar <grizzly.nyo@gmail.com> --------- Signed-off-by: Gabi Davar <grizzly.nyo@gmail.com>	2024-09-25 09:45:07 +02:00
Gijs Middelkamp	daa1297f3d	Implements Previder provider for Previder Secret Vault implementation (#3916 ) * Added Previder Vault Provider and tests Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Set go version back to 1.23 Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Updates after "make reviewable" Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Fixed methods to naming convention Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Added Previder to stability support doc Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Added installation documentation and Previder logo Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Altered last test name for naming convention Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Adds Previder provider to api-docs/mkdocs.yml Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Ran make check-diff Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Updated Tiltfile to check for new default image used in helm chart Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Added optional tag to PreviderAuth struct Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Removed toolchain Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Updated to go 1.23.1 for CVE; Updated previder/vault-cli to 0.1.2 for CVE fix also Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> --------- Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> Signed-off-by: Gijs Middelkamp <17021438+gkwmiddelkamp@users.noreply.github.com>	2024-09-21 16:44:32 +02:00
Engin Diri	231a6ea674	feat: update Pulumi provider for GA (#3917 ) Signed-off-by: Engin Diri <engin.diri@ediri.de> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-09-21 09:54:12 +02:00
eso-service-account-app[bot]	f76be9fa78	chore: update dependencies (#3915 ) * update dependencies Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> * revert pulumi update Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * updated controller runtime Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-09-16 16:23:11 +02:00
Gergely Brautigam	e2a8750f44	fix: update uuids.generator shortname (#3883 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-09-09 08:42:10 +02:00
Alexander Schaber	f73187dabb	New Generator for UUIDs (#3296 ) * feat(generator/uuid): initial version Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * fix(generator/uuid): rename symbols in compliance with lint Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * fix(generator/uuid): rename unused vars to `_` to fix lint Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * docs(generator/uuid): initial documentation for uuid generator Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> --------- Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>	2024-09-08 19:54:47 +02:00
eso-service-account-app[bot]	21f1dca82e	chore: update dependencies (#3862 ) * update dependencies Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> * fix alibaba breaking things again Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * commit modified templates because of version increase Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-09-02 18:30:34 +02:00
eso-service-account-app[bot]	3414bd6428	chore: update dependencies (#3815 )	2024-08-19 17:07:20 +02:00
Gergely Brautigam	82d419e2ee	feat: add CAProvider to Bitwarden provider (#3699 ) * feat: add CAProvider to bitwarden This change introduces a refactor as well since CAProvider was used by multiple providers with diverging implementations. The following providers were affected: - webhook - akeyless - vault - conjur - kubernetes Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * refactored the Kubernetes provider to use create ca Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * refactor webhook, vault and kubernetes provider Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * rename CreateCACert to FetchCACertFromSource Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * addressed comments and autodecoding base64 data Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * check if the decoded value is a valid certificate Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-08-16 12:32:35 +02:00
btfhernandez	77f5d0ad91	feat: add beyondtrust provider (#3683 ) * feat: add beyondtrust provider Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * feat: edit go.mod and go.sum files Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * feat: change test file name (provider_test.go) Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * feat: solve PR comments Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * feat: organize attributes in a higher hierarchy Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix sonar cloud issues and go.mod file conflicts Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix PR comments and apply table driven tests Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix PR comments Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix lint issues Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix lint issues on tests Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: run make fmt Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: apply camelCase to yaml attributes Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: solve go.mod file conflict Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: run make check-diff Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> --------- Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> Signed-off-by: btfhernandez <133419363+btfhernandez@users.noreply.github.com>	2024-08-07 09:27:04 +02:00
Gergely Brautigam	8c709cfa43	feat: add prefix definition to all secret keys for aws parameter store (#3718 ) * feat: add prefix definition to all secret keys for aws parameter store Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * added a push secret test to verify called parameter has a prefix Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-07-31 12:29:07 +02:00
Engin Diri	4f62fb3963	feat: add PushSecret support for Pulumi ESC (#3597 ) Signed-off-by: Engin Diri <engin.diri@ediri.de>	2024-07-25 09:00:17 +02:00
abhinav1708	bdd0c7ec9a	support for adding headers in vault provider (#3677 ) * support for vault headers Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * changes in crds bases for headers support Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * adding autogenerated files Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * removing extra--- Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * adding headers before x-vault-Inconsistent Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * changing for lint pass Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> --------- Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>	2024-07-15 11:27:06 +02:00
Bill Hamilton	1876ff88d7	Add support for Delinea Secret Server (#3468 ) * implements secretserver Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com> * bump to align e2e Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * bump Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> --------- Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2024-07-10 14:32:17 -03:00
kaedwen	48cccaeded	add AuthRef to kubernetes provider fixes #3627 (#3628 ) * add AuthRef to kubernetes provider fixes #3627 Signed-off-by: kaedwen <kaedwen@heinrich.blue> * run make reviewable Signed-off-by: kaedwen <kaedwen@heinrich.blue> * fix validation for given authRef Signed-off-by: kaedwen <kaedwen@heinrich.blue> * refactor kubernetes provider auth Signed-off-by: kaedwen <kaedwen@heinrich.blue> * satisfy linter Signed-off-by: kaedwen <kaedwen@heinrich.blue> * add URL for kubernetes provider tests Signed-off-by: kaedwen <kaedwen@heinrich.blue> --------- Signed-off-by: kaedwen <kaedwen@heinrich.blue>	2024-07-01 23:31:10 +02:00
Gergely Brautigam	095537e6ad	feat: add bitwarden secret manager support (#3603 )	2024-06-28 06:04:25 +02:00
Idan Adar	e13e09413e	Fix typo privatKey in multiple files (#3578 ) * Update generators.external-secrets.io_githubaccesstokens.yaml Fixes https://github.com/external-secrets/external-secrets/issues/3556 Signed-off-by: Idan Adar <iadar@il.ibm.com> * Update generator_github.go Signed-off-by: Idan Adar <iadar@il.ibm.com> * Update github.go Signed-off-by: Idan Adar <iadar@il.ibm.com> * Update generator-github.yaml Signed-off-by: Idan Adar <iadar@il.ibm.com> * Update github_test.go Signed-off-by: Idan Adar <iadar@il.ibm.com> * fix: rename property Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Idan Adar <iadar@il.ibm.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2024-06-17 11:12:03 +02:00
Geoffrey MUSELLI	f74e08546c	Support glob for namespaces condition in ClusterSecretStore (#2920 ) * feat(ClusterSecretStore): Support glob for conditions.namespaces Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Fix diff Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Fix code smell Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): First code review Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Second code review Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Generate Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Fix Sonar method complexity Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * addressed comments Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * renamed namedspacesregexes because it sounded funny Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-06-17 08:36:05 +02:00
Tsubasa Nagasawa	199c9103db	feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache (#3588 ) * feat: Add component labels to custom resource definitions Prerequisite for restricting the CRDs cached by Informer Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com> * feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache The certcontroller watches CRDs and Webhook configurations, and manages CA certificates for conversion webhooks of CRDs and Webhook configurations. Some clusters have a large number of CRDs and Webhook configurations installed. Additionally, some CRDs have large object sizes. Currently, the certcontroller holds all CRDs and Webhook configurations in the Informer cache. Since this includes CRDs not managed by the certcontroller for CA certificates, memory usage tends to be high. This PR adds a label to the CRDs and configures the Informer cache to hold only the CRDs and Webhook configurations restricted by the label selector. It assumes that the CRDs have a label. Depending on how the External Secrets Operator is managed, it may be possible to update the External Secrets Operator without updating the CRDs, so as a precaution, it can be turned on/off via a startup option. It is disabled by default. Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com> --------- Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>	2024-06-16 12:52:10 +02:00
smcavallo	d29c001d37	Add device42 provider (#3571 )	2024-06-14 06:04:19 +02:00
Akhil Mohan	ace1ff595f	Infisical provider (#3477 ) * feat: added crds for infisical provider Signed-off-by: = <akhilmhdh@gmail.com> * feat: implemented infisical provider logic Signed-off-by: = <akhilmhdh@gmail.com> * fix: resolved broken doc building due to vault doc error Signed-off-by: = <akhilmhdh@gmail.com> * docs: added doc for infisical provider Signed-off-by: = <akhilmhdh@gmail.com> * docs: fixed a warning in mkdocs on link Signed-off-by: = <akhilmhdh@gmail.com> * feat: resolved all lint issues Signed-off-by: = <akhilmhdh@gmail.com> * doc: removed k8s auth release banner from infisical doc Signed-off-by: = <akhilmhdh@gmail.com> * feat: added support for property to infisical provider Signed-off-by: = <akhilmhdh@gmail.com> * feat: removed auth type and made implicit ordering of authentication based on feedback Signed-off-by: = <akhilmhdh@gmail.com> * feat: support for referent authentication Signed-off-by: = <akhilmhdh@gmail.com> * feat: added error for tag not supported in find Signed-off-by: = <akhilmhdh@gmail.com> * fix: resolved failing build Signed-off-by: = <akhilmhdh@gmail.com> * feat: updated doc and added stability matrix for infisical Signed-off-by: = <akhilmhdh@gmail.com> * feat: switched to less error prone use and revoke token strategy and added validate interface logic Signed-off-by: = <akhilmhdh@gmail.com> * feat: code lint issue fixes Signed-off-by: = <akhilmhdh@gmail.com> * feat: resolved review comments for infisical client Signed-off-by: = <akhilmhdh@gmail.com> * feat: improved test cases and resolved sonar issues Signed-off-by: = <akhilmhdh@gmail.com> * feat: resolved sonar suggestions Signed-off-by: = <akhilmhdh@gmail.com> * feat: resolved sonar suggestions for test const ids Signed-off-by: = <akhilmhdh@gmail.com> * feat: store changes to assertError Signed-off-by: = <akhilmhdh@gmail.com> --------- Signed-off-by: = <akhilmhdh@gmail.com>	2024-06-11 22:27:31 +02:00
Gergely Brautigam	94c9a33a11	feat: add location to GCP push secret (#3502 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-06-07 09:46:29 +02:00
eso-service-account-app[bot]	41057acaf2	chore: update dependencies (#3513 ) * update dependencies Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> * fix: bump CRDs Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2024-05-25 21:42:52 +02:00
Luis Schweigard	0abb3e9cc4	Add support for Authentication against Azure Key Vault using Client Certificate (#3469 ) * Implementation of Certificate Based Authz against Azure Key Vault Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Add tests for new Azure certificate auth functionality Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Add documentation for Azure Cert based Auth Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Generate spec.md Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Add changes from code review Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Fix naming in test error case Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> --------- Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>	2024-05-13 08:40:50 -03:00
Tiago de Freitas Lima	e474043a7c	Add githubaccesstoken CRD to kustomization.yaml (#3446 ) * Add githubaccesstoken CRD to kustomization.yaml Signed-off-by: Tiago de Freitas Lima <tiago.lima@nubank.com.br> * Update crd.generate script to update resources list from kustomization.yaml file Signed-off-by: Tiago de Freitas Lima <tiago.lima@nubank.com.br> --------- Signed-off-by: Tiago de Freitas Lima <tiago.lima@nubank.com.br>	2024-05-06 19:50:37 -03:00
eso-service-account-app[bot]	34b4ff10da	chore: update dependencies (#3433 ) * update dependencies Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> * bump alibaba Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * bump kube to 0.30 Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> --------- Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2024-04-30 14:52:59 -03:00
Shuhei Kitagawa	9d17e34942	Refactor the SecretStore client manager (#3419 ) * Refactor the SecretStore client manager Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> * Fix ineffectual assignment to err Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> * Update docs Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> --------- Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2024-04-29 05:15:21 -03:00
Mykhailo Zahlada	47cc50a9ed	Workloadidentity clientid from secret ref (#3367 ) * updates documentation: extends workloadIdentity auth configuration Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * adds and updates tests Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * extends provider configuration to accept clientId and tenantId as auth SecretRef Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * updates service account example Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * updates docs Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> --------- Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> Co-authored-by: Mykhailo Zahlada <myzahlad@microsoft.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2024-04-18 05:09:53 -03:00
Thorben Below	432c6bf9ab	Feat: Add Passbolt Provider (#3334 ) * add passbolt provider Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com> * Fix: return err for unimplemented methods Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com> --------- Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>	2024-04-18 09:58:25 +02:00
Shuhei Kitagawa	120fedf841	Add NamespaceSelectors field to ClusterExternalSecret (#3268 ) https://github.com/external-secrets/external-secrets/issues/3257 Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2024-04-05 08:35:08 +09:00
Rodrigo Fior Kuntzer	9ff2354213	fix: introducing support for conversion strategy for PushSecret. (#3292 ) * fix: introducing support for conversion strategy for PushSecret. Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com> * fix: unit tests code quality. Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com> --------- Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-04-04 16:31:28 +02:00
Michael Serchenia	84731616f4	GitHub provider (supersedes #3014 ) (#3115 ) * github provider signed, supersedes #3014 Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * tests pass, + crd + docs Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * fix sonarLint alert Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * refactoring, replace secretStore with generator Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * cosmetics + tst + lint pass Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * docs Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * clean-up + lint + test Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * small refactor, fix issues left in comments Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> --------- Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>	2024-04-03 09:19:57 +02:00
Blair Drummond	731c0ed736	feat: add vault auth namespace option (#3157 ) * feat: add vault auth namespace option Signed-off-by: Blair Drummond <blaird@liatrio.com> * fix: appease the linter Signed-off-by: Blair Drummond <blaird@liatrio.com> * feat: add tests for auth namespace Signed-off-by: Blair Drummond <blaird@liatrio.com> * fix: add make reviewable output Signed-off-by: Blair Drummond <blaird@liatrio.com> --------- Signed-off-by: Blair Drummond <blaird@liatrio.com>	2024-03-27 07:23:34 +01:00
Sulfixx	e57e4b72ca	Integrate Passworddepot (#2799 ) * PLAT-1179 \| updated to beta1 Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Updating External Secrets fixes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fix to Passworddepots-crds-generation Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| apiextensionsv1 removal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * Update apis/externalsecrets/v1beta1/secretstore_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * PLAT-1179 \| Removed insecureverify and other fixes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fixed Linter and Sonar Issues Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fixed Typo in Passworddepot_api.go Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Resolved go.mod Conflict Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Resolved go.mod conflict typo Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| admission.Warnings error fix Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added nolint:bodyclose // linters bug Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Removed <= Head arrow from mkdocs.yml Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added Make Check-Diff Changes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Changed Error Package, Added Context, API Refactor Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added const DoRequestError to reduce Codesmell Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Moved defer body close func into ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Moved Status Check into ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Removed Response.body from ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * Update apis/externalsecrets/v1alpha1/secretstore_passworddepot_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * PLAT-1179 \| Go mod tidy and Make generate Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added empty SecretExists Method Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Renamed unsed ctx to _ Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> --------- Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> Co-authored-by: Sören Rohweder <soeren.rohweder@fastleansmart.com> Co-authored-by: Simon Becker <simon.becker@fastleansmart.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-03-12 13:33:08 +01:00
Carolin Dohmen	29e5f71d8b	Add PushSecret UpdatePolicy (to replace PR #3100 ) (#3117 ) * Add PushSecret UpdatePolicy Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Adjust description of UpdatePolicy in PushSecret Spec Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Restructure PushSecret Status Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Refactor PushSecret controller method Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Add missing methods for new providers Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Add missing method to onboardbase client Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Add docs on PushSecret UpdatePolicy Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Use constant for error message Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> --------- Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>	2024-03-08 11:17:31 +01:00
Shlomo Zalman Heigh	1d3209da59	Conjur E2E Tests for K8s JWT Authentication (#3217 ) Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>	2024-03-01 17:36:19 +01:00
Aleem Isiaka	52f6655345	Onboardbase (#2697 ) * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Run decrypt with error Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Install deps Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Improved docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Improved docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Update hack/crd.generate.sh Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com> * address issues with running the code Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * decrypt library into code Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add docs to onboardbase provider Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * refactor duplicates Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Address Issues with tests Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Address issues with delete policy and json secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Fix lint errors Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * error out when there is tags in the find field Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * execute delete request with the right data Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * ignore deletion policy Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * improve lint errors Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * remove cryptojs decrypt libs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Get secret value if property is set Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * run obb operator Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * 👌 IMPROVE: supports request deadline, esv1beta1 api updates Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * use same timeout Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix failing test Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add improve docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add improve docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> --------- Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> Signed-off-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com> Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com> Co-authored-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2024-02-29 21:28:17 +01:00
David Recuenco	af38fc68d5	ADD sdkms base implementation (#3180 ) * ADD sdkms base implementation Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX get secret object by name, unmarshalling error formatting Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD suport for fortanix secret security objects Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD more tests for opaque, secret, new client Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX changes required by make reviewable Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD missing provider registration Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX remove unused error string, add generated assets Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> --------- Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>	2024-02-28 10:59:47 +01:00
Gustavo Fernandes de Carvalho	1cf8f68276	Implements Webhook Generator (#3121 ) * adding webhook generators Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * bumping bundle Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * linting Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * fixing copy-paste error Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * common webhook functions Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * removing duplicates. Adding tests for generator Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * docs Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> --------- Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2024-02-17 06:49:31 -03:00
Engin Diri	dc9b5b7207	feat: add support for Pulumi ESC (#2997 ) Signed-off-by: Engin Diri <engin.diri@ediri.de>	2024-02-14 19:56:06 +01:00
Sourav Patnaik	a012f4829c	Implementation of Chef External Secrets Provider (#3127 ) * Adding the details for chef provider secret store. Issue: https://github.com/external-secrets/external-secrets/issues/2905 This commit intends to add the chef provider structure to the existing list of external-secrets providers. It defines the structure of the SecretStore and ClusterSecretStore for chef Provider. The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are: 1. serverurl: This is the URL to the chef server. 2. username: The username to connect to the chef server. 3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password. This commit also contains the auto generated CRDs using the `make generate` command. Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * Implementation for Chef ESO provided Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * - implemented Chef eso, added required methods - added unit test cases - added sample documentation Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Added Documentation for Authentication Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * added documentation for Chef eso Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Updated chef ESO documentation Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * updated ValidateStore method signature Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * made changes in chef provider to satisfy 'make docs' Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * - updated code as per review comment, make reviewable suggestions Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * modified chef provider code as per review comment Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> --------- Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> Co-authored-by: Subroto Roy <subrotoroy007@gmail.com> Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>	2024-02-14 09:54:08 +01:00
eso-service-account-app[bot]	41cd1d36a4	chore: update dependencies (#3065 ) * update dependencies Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> * fix: re-generate CRDs with new controller-runtime version Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-22 20:56:06 +01:00
Rodrigo Fior Kuntzer	31cecaa62b	feat: add support for Hashicorp Vault mTLS (#3018 ) * feat: adding support for mTLS to the Vault provider Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-01-19 00:43:28 +01:00
Gergely Brautigam	d6e24a82bd	feat: add templating to PushSecret (#2926 ) * feat: add templating to PushSecret Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * adding unit tests around templating basic concepts and verifying output Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * extracting some of the common functions of the parser Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * remove some more duplication Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * removed commented out code segment Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * added documentation for templating feature Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * simplified the templating for annotations and labels Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-12-22 21:45:34 +01:00
Victor Santos	3599384660	feat(fake): deprecate ValueMap to use Value instead (#2884 )	2023-12-02 06:57:48 +09:00
Gergely Brautigam	3fbe318582	feat: allow pushing the whole secret to the provider (#2862 ) * feat: allow pushing the whole secret to the provider Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * add documentation about pushing a whole secret Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * disabling this feature for the rest of the providers for now Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * added scenario for update with existing property Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-11-21 22:00:21 +01:00
Lakhan Jindam	325f36e47d	add validations for the remaining enum values (#2860 ) * add validations for the remaining enum values Signed-off-by: lakhan jindam <lakhanj569@gmail.com> * generate crd configs using make reviewable cmd and address review comments Signed-off-by: lakhan jindam <lakhanj569@gmail.com> --------- Signed-off-by: lakhan jindam <lakhanj569@gmail.com>	2023-11-18 19:55:39 -03:00
Yonatan Koren	d42e19dc70	feat: AWS SecretsManager Config (allow ForceDeleteWithoutRecovery for PushSecret) (#2854 ) * Add secretsmanager config. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> * Fix unit tests. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> * Update docs, fix validation, tests. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> * Fix grammatical error in attribute descriptions. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> * Improve API docs for SecretsManager. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> --------- Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>	2023-11-14 18:44:22 -03:00

1 2 3

142 commits