1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

106 commits

Author SHA1 Message Date
dependabot[bot]
3e7a62eedb
chore(deps): bump watchdog from 3.0.0 to 4.0.0 in /hack/api-docs (#3134)
Bumps [watchdog](https://github.com/gorakhargosh/watchdog) from 3.0.0 to 4.0.0.
- [Release notes](https://github.com/gorakhargosh/watchdog/releases)
- [Changelog](https://github.com/gorakhargosh/watchdog/blob/master/changelog.rst)
- [Commits](https://github.com/gorakhargosh/watchdog/compare/v3.0.0...v4.0.0)

---
updated-dependencies:
- dependency-name: watchdog
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-14 20:54:58 +01:00
Engin Diri
dc9b5b7207
feat: add support for Pulumi ESC (#2997)
Signed-off-by: Engin Diri <engin.diri@ediri.de>
2024-02-14 19:56:06 +01:00
Sourav Patnaik
a012f4829c
Implementation of Chef External Secrets Provider (#3127)
* Adding the details for chef provider secret store.

Issue: https://github.com/external-secrets/external-secrets/issues/2905

This commit intends to add the chef provider structure to the existing list of external-secrets providers.
It defines the structure of the SecretStore and ClusterSecretStore for chef Provider.
The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are:
1. serverurl: This is the URL to the chef server.
2. username: The username to connect to the chef server.
3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password.

This commit also contains the auto generated CRDs using the `make generate` command.

Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>

* Implementation for Chef ESO provided

Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>

* - implemented Chef eso, added required methods
- added unit test cases
- added sample documentation
Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* Added Documentation for Authentication

Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>

* added documentation for Chef eso
Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* Updated chef ESO documentation

Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>

* updated ValidateStore method signature
Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* made changes in chef provider to satisfy 'make docs'

Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* - updated code as per review comment, make reviewable suggestions
Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* modified chef provider code as per review comment

Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

---------

Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
Co-authored-by: Subroto Roy <subrotoroy007@gmail.com>
Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
2024-02-14 09:54:08 +01:00
dependabot[bot]
c3e16ecea7
chore(deps): bump mkdocs-minify-plugin in /hack/api-docs (#3108)
Bumps [mkdocs-minify-plugin](https://github.com/byrnereese/mkdocs-minify-plugin) from 0.7.2 to 0.8.0.
- [Release notes](https://github.com/byrnereese/mkdocs-minify-plugin/releases)
- [Commits](https://github.com/byrnereese/mkdocs-minify-plugin/compare/0.7.2...0.8.0)

---
updated-dependencies:
- dependency-name: mkdocs-minify-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 08:14:12 +09:00
dependabot[bot]
8aaa4f9357
chore(deps): bump urllib3 from 2.1.0 to 2.2.0 in /hack/api-docs (#3109)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.1.0...2.2.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 08:06:18 +09:00
dependabot[bot]
b77a7f1f20
chore(deps): bump markupsafe from 2.1.4 to 2.1.5 in /hack/api-docs (#3107)
Bumps [markupsafe](https://github.com/pallets/markupsafe) from 2.1.4 to 2.1.5.
- [Release notes](https://github.com/pallets/markupsafe/releases)
- [Changelog](https://github.com/pallets/markupsafe/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/markupsafe/compare/2.1.4...2.1.5)

---
updated-dependencies:
- dependency-name: markupsafe
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 08:05:52 +09:00
dependabot[bot]
8db79b9e34
chore(deps): bump platformdirs from 4.1.0 to 4.2.0 in /hack/api-docs (#3105)
Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/platformdirs/platformdirs/releases)
- [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst)
- [Commits](https://github.com/platformdirs/platformdirs/compare/4.1.0...4.2.0)

---
updated-dependencies:
- dependency-name: platformdirs
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 08:05:25 +09:00
dependabot[bot]
e1680d8cff
chore(deps): bump mkdocs-material from 9.5.4 to 9.5.7 in /hack/api-docs (#3106)
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.5.4 to 9.5.7.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.4...9.5.7)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 08:04:57 +09:00
dependabot[bot]
c9162c2abe
chore(deps): bump alpine from 51b6726 to c5b1261 in /hack/api-docs (#3088)
Bumps alpine from `51b6726` to `c5b1261`.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 18:29:37 +01:00
dependabot[bot]
3a12858329
chore(deps): bump markupsafe from 2.1.3 to 2.1.4 in /hack/api-docs (#3062)
Bumps [markupsafe](https://github.com/pallets/markupsafe) from 2.1.3 to 2.1.4.
- [Release notes](https://github.com/pallets/markupsafe/releases)
- [Changelog](https://github.com/pallets/markupsafe/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/markupsafe/compare/2.1.3...2.1.4)

---
updated-dependencies:
- dependency-name: markupsafe
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 09:51:10 +01:00
dependabot[bot]
aa00a40a4a
chore(deps): bump mkdocs-minify-plugin in /hack/api-docs (#3063)
Bumps [mkdocs-minify-plugin](https://github.com/byrnereese/mkdocs-minify-plugin) from 0.5.0 to 0.7.2.
- [Release notes](https://github.com/byrnereese/mkdocs-minify-plugin/releases)
- [Commits](https://github.com/byrnereese/mkdocs-minify-plugin/compare/0.5.0...0.7.2)

---
updated-dependencies:
- dependency-name: mkdocs-minify-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 09:46:46 +01:00
dependabot[bot]
c45eaca651
chore(deps): bump alpine from 3.18 to 3.19 in /hack/api-docs (#3039)
Bumps alpine from 3.18 to 3.19.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 06:37:09 +01:00
dependabot[bot]
80634b5c22
chore(deps): bump mkdocs-material from 9.5.3 to 9.5.4 in /hack/api-docs (#3043)
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.5.3 to 9.5.4.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.3...9.5.4)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 11:57:14 +01:00
dependabot[bot]
79e7b4efe4
chore(deps): bump mkdocs-macros-plugin in /hack/api-docs (#3046)
Bumps [mkdocs-macros-plugin](https://github.com/fralau/mkdocs_macros_plugin) from 0.7.0 to 1.0.5.
- [Release notes](https://github.com/fralau/mkdocs_macros_plugin/releases)
- [Changelog](https://github.com/fralau/mkdocs-macros-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fralau/mkdocs_macros_plugin/compare/v0.7.0...v1.0.5)

---
updated-dependencies:
- dependency-name: mkdocs-macros-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 09:07:31 +01:00
dependabot[bot]
71b29fb5b8
chore(deps): bump markupsafe from 2.1.1 to 2.1.3 in /hack/api-docs (#3047)
Bumps [markupsafe](https://github.com/pallets/markupsafe) from 2.1.1 to 2.1.3.
- [Release notes](https://github.com/pallets/markupsafe/releases)
- [Changelog](https://github.com/pallets/markupsafe/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/markupsafe/compare/2.1.1...2.1.3)

---
updated-dependencies:
- dependency-name: markupsafe
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 09:06:47 +01:00
dependabot[bot]
25f47b6e01
chore(deps): bump click from 8.1.3 to 8.1.7 in /hack/api-docs (#3050)
Bumps [click](https://github.com/pallets/click) from 8.1.3 to 8.1.7.
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/click/compare/8.1.3...8.1.7)

---
updated-dependencies:
- dependency-name: click
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 09:03:48 +01:00
dependabot[bot]
6a23a3f1d0
chore(deps): bump tornado from 6.3.3 to 6.4 in /hack/api-docs (#3051)
Bumps [tornado](https://github.com/tornadoweb/tornado) from 6.3.3 to 6.4.
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](https://github.com/tornadoweb/tornado/compare/v6.3.3...v6.4.0)

---
updated-dependencies:
- dependency-name: tornado
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 08:50:51 +01:00
Moritz Johner
43b6c5eaad
fix: hack/api-docs/requirements.txt to reduce vulnerabilities (#3036)
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
2024-01-19 08:04:25 +01:00
Moritz Johner
00249f1d43
Create OSSF scorecard job (#3032)
* Create scorecard.yml

Adds a scorecard workflow to regularly check the repo.
See docs: https://github.com/marketplace/actions/ossf-scorecard-action#scorecard-badge

Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
2024-01-18 21:03:07 +01:00
Moritz Johner
d42ccaaf78
docs: mention auth-delegator role in vault provider (#2734)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-10-13 15:50:40 +02:00
Ian Purton
0321657a69
Integrate Cloak Secrets (#2108)
* Integrate Cloak Secrets

Signed-off-by: Ian Purton <ian.purton@gmail.com>

* Fix link

Signed-off-by: Ian Purton <36966+ianpurton@users.noreply.github.com>

---------

Signed-off-by: Ian Purton <ian.purton@gmail.com>
Signed-off-by: Ian Purton <36966+ianpurton@users.noreply.github.com>
2023-08-03 08:54:45 +02:00
Moritz Johner
416deb3303
chore: bump dependencies (#2568)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-08-02 21:42:03 +02:00
Shuhei Kitagawa
9cef707f10
Disable Git top-level directory owner check (#2559)
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-07-31 23:05:45 +02:00
Moritz Johner
c764775508
fix: downgrade pyyaml <6.0 (#2516)
Latest cython 3.0 breaks pyYAML 6.0. Installation fails with:
AttributeError: cython_sources

Cython 3.0 is in beta at the moment and this needs to be fixed upstream.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-07-17 22:29:24 +02:00
Michael Sauter
bdf437c2e1
Add support for Delinea DevOps Secrets Vault (#2415)
* Add support for Delinea DevOps Secrets Vault

Closes #1709.

Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>

* fix: remove merge conflict

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Improve documentation

Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>

---------

Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-07-06 18:01:43 +02:00
Eric
86aad7d8ab
Add support for cert-manager managed webhook certs (#2394)
* Add support for cert-manager managed webhook certs

Signed-off-by: Eric Stokes <fernferret@gmail.com>

* Ran make helm.docs to update README.md

Signed-off-by: Eric Stokes <fernferret@gmail.com>

* Added unittests for chart

Signed-off-by: Eric Stokes <fernferret@gmail.com>

* tidy: Fixed trailing whitespace

Signed-off-by: Eric Stokes <fernferret@gmail.com>

---------

Signed-off-by: Eric Stokes <fernferret@gmail.com>
2023-06-21 22:07:24 +02:00
Shuhei Kitagawa
7ca43a7c84
Mount ~/.gitconfig when running make docs (#2421)
* Mount ~/.gitconfig when running make docs

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Use GIT_COMMITTER_NAME and GIT_COMMITTER_EMAIL

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Update hack/api-docs/requirements.txt

Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

---------

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-06-21 19:36:08 +02:00
David Hisel
de491a2790
Add Conjur provider (#2412)
* Add Conjur provider

Signed-off-by: David Hisel <David.Hisel@CyberArk.com>

* fix: lint

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: unit tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: David Hisel <David.Hisel@CyberArk.com>
Signed-off-by: David Hisel <132942678+davidh-cyberark@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-06-21 11:17:00 +02:00
Moritz Johner
9c436af220
feat: add ESO threat model (#2308)
* feat: add ESO threat model

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Update docs/guides/threat-model.md

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* feat: add controls to disable CRDs C05

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2023-06-12 13:07:36 +02:00
sdischer-sap
8034079e1d
Feature/pushsecret kubernetes (#2322)
* Add API changes for push secret to k8s

- Property field similar to ExternalSecret

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* rebase: merge commits

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* New Test cases for existing PushSecret Logic

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* feat: replace property if it exists, but differs

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* feat: restrict usage to having a property always

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* chore: refactor delete to work with property only and cleanup whole secret only if it would be empty otherwise

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* feat: refuse to work without property in spec

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* chore: cleanup code, make it more readable

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* feat: add metric calls for kubernetes

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* chore: reorder test cases

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* feat: make property optional to not break compatibility

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* fix: adapt fake impls to include new method to fix tests

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* feat: change status-ref to include property to allow multi property deletes

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* chore: fix make reviewable complains

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* fix: fix imports from merge conflict

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* chore: adapt latest make reviewable suggestions

Signed-off-by: Stephan Discher <stephan.discher@sap.com>

* docs: update push secret support for k8s provider

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* docs: add Kubernetes PushSecret docs

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Stephan Discher <stephan.discher@sap.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-05-18 00:15:18 +02:00
Maikel
6128e1d045
fix: use correct casing in docs for GitLab provider (#2303)
* fix: use correct casing in docs for GitLab provider

Signed-off-by: Maikel Vlasman <git@maikelvlasman.com>

* chore: update helm tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Maikel Vlasman <git@maikelvlasman.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Maikel Vlasman <git@maikelvlasman.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-05-15 14:12:24 +02:00
Moritz Johner
f6475d63b0
feat: add security best practices doc, restructure guides section (#2290)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-05-11 08:21:30 +02:00
Moritz Johner
99a691f804
feat: add hostNetwork option for controller/certController in helm chart (#2269)
Signed-off-by: Moritz Johner <Moritz.Johner@form3.tech>
2023-05-02 22:00:00 +02:00
Maxim Rubchinsky
59f5759106
Add Alibaba RRSA auth support (#1752)
support alibaba oidc assume role

---------

Signed-off-by: Maxim Rubchinsky <maxim.rubchinsky@wiz.io>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-04-16 14:12:30 +02:00
Matthias Baetens
eedd90c567
Fix Google Cloud Secret Manager typo (#2196)
See [issue](https://github.com/external-secrets/external-secrets/issues/2195)

Signed-off-by: Matthias Baetens <baetensmatthias@gmail.com>
2023-04-05 20:26:50 +02:00
Thibault Cohen
6c070bb538
Add bitwarden example (#2139)
* Add bitwarden example

Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com>

* Fix bitwarden docs

Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com>

* fix: punctuation, newline for bullet list

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-03-20 21:47:47 +01:00
Moritz Johner
c6309dac2e
feat: add helm unit tests (#2113)
* feat: add helm unit tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* docs: add install instructions for helm-unittest

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-03-16 01:05:03 +01:00
azert9
f181500e98
Feature/scaleway provider (#2086)
* wip: basic structure of scaleway provider

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: add some tests for GetAllSecrets

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: implement PushSecret

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: improved test fixtures

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: allow finding secrets by project using the path property

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: add delete secret method

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* Delete dupplicate of push remote ref test implem

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: add capability to use a secret for configuring access token

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: implement GetSecretMap

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: filtering by name and projetc id

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: add test for finding secret by name regexp

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: config validation

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: handle situation where no namespace is specified and we cannot provide a default

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: reference secrets by id or name

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: invalid request caused by pagination handling

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: log the error when failing to access secret version

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: pass context to sdk where missing

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: add a cache for reducing AccessSecretVersion() calls

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* refacto: use GetSecret with name instead of ListSecrets

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: allow using secret name in ExternalSecrets

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: use latest_enabled instead of latest

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* refacto: optimized PushSecret and improved its test coverage

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: doesConfigDependOnNamespace was always true

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: use new api with refactored name-based endpoints

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* remove useless todo

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: use secret names as key for GetAllSecrets

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: support gjson propery lookup

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: e2e tests

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: e2e test using secret to store api key

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: cleanup left over resources on the secret manager before each e2e run

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* doc: add doc for scaleway provider

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* refacto: fix lint issues

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: cleanup code in e2e was commented

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: the previous version is disabled when we push to a secret

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* doc: add comments to ScalewayProvider struct to point to console and doc

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: add missing e2e env vars for scaleway

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* docs: add scaleway to support/stability table

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-03-16 01:03:52 +01:00
Moritz Johner
05dacdc104
chore: update docs for release (#2126)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-03-13 22:31:29 +01:00
Kristián Leško
be0c946b10
docs: add HashiCorp Vault Generator documentation (#2123)
* docs: add HashiCorp Vault Generator documentation

Document the Vault dynamic secrets Generator from #2074.

Signed-off-by: Kristián Leško <kristian.lesko@gooddata.com>

* fix: add vault generator to nav

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Kristián Leško <kristian.lesko@gooddata.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-03-13 21:22:00 +01:00
Pedro Parra Ortega
c2054cc1bf
add-keeper-security-provider (#1768)
* add keepersecurity provider

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* 🧹chore: bumps (#1758)

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* Feature/push secret (#1315)

Introduces Push Secret feature with implementations for the following providers:

* GCP Secret Manager
* AWS Secrets Manager
* AWS Parameter Store
* Hashicorp Vault KV

Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com>
Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com>
Signed-off-by: William Young <will.young@engineerbetter.com>
Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com>
Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com>
Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com>
Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com>
Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* Fixing release pipeline for boringssl (#1763)

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* chore: bump 0.7.0-rc1 (#1765)

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* added documentation

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* added pushSecret first iteration

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* added pushSecret and updated documentation

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* refactor client

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* update code and unit tests

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* fix code smells

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* fix code smells

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* fix custom fields

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>

* making it reviewable

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* fix custom field on secret map

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* Update docs/snippets/keepersecurity-push-secret.yaml

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* fixed edge case, improved validation errors and updated docs

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* fix logic retrieving secrets

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* Update pkg/provider/keepersecurity/client.go

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* lint code

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* linting code

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* go linter fixed

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* fix crds and documentation

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

---------

Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com>
Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com>
Signed-off-by: William Young <will.young@engineerbetter.com>
Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com>
Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com>
Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com>
Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com>
Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>
Co-authored-by: Pedro Parra Ortega <pedro.parraortega@enreach.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-02-03 15:27:21 +01:00
Gustavo Fernandes de Carvalho
a1f8a8adc7
🐛 Fixing PushSecret CRD generation (#1967)
* Fixing PushSecret CRD generation

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* fix: increase hashicorp vault cache size to prevent eviction

Also remove tiny cache size from e2e tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-02-02 00:30:10 +01:00
cjc7373
5aaebf8bc0
fix: broken links in reference doc (#1778)
Signed-off-by: Jiacheng Cheng <jiacheng.cheng@sap.com>

Signed-off-by: Jiacheng Cheng <jiacheng.cheng@sap.com>
2022-12-05 22:38:11 +01:00
Moritz Johner
242a6ee1ef
chore: improve naming in examples, regenerate api doc spec (#1746)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-11-30 20:06:59 +01:00
Gustavo Fernandes de Carvalho
0cb799b5cf
Feature/push secret (#1315)
Introduces Push Secret feature with implementations for the following providers:

* GCP Secret Manager
* AWS Secrets Manager
* AWS Parameter Store
* Hashicorp Vault KV

Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com>
Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com>
Signed-off-by: William Young <will.young@engineerbetter.com>
Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com>
Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com>
Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com>
Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com>
2022-11-29 16:04:46 -03:00
Dominik Zeiger
117e93b4ed
gitlab: small documentation updates (#1747)
Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
2022-11-24 20:50:35 +01:00
Dominik Zeiger
f38f40a2b4
gitlab: support for CI/CD group variables (#1692)
* gitlab: support for ci/cd group variables

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

* gitlab: support for ci/cd group variables (automatically discover project groups)

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

* gitlab: support for ci/cd group variables (documentation)

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
2022-11-21 22:26:34 +01:00
Moritz Johner
dabfa5a589
Feature: initial generator implementation + Github Actions OIDC/AWS (#1539)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2022-10-29 20:15:50 +02:00
Moritz Johner
1672dfd556
feat: test UBI image build (#1574)
* feat: test UBI image build

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-Authored-By: Idan Adar <iadar@il.ibm.com>
Co-Authored-By: mrgadgil
2022-10-06 19:14:13 +02:00
Ryan Blunden
f01e13f21b
Add Doppler provider (#1573)
* Add Doppler provider

Signed-off-by: Ryan Blunden <ryan.blunden@doppler.com>
2022-09-23 22:47:25 +02:00