1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

2467 commits

Author SHA1 Message Date
eso-service-account-app[bot]
41e9ba849b
update dependencies (#2946)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2023-12-11 22:49:44 +01:00
dependabot[bot]
b833cd44ac
chore(deps): bump golang from 1.21.4-alpine to 1.21.5-alpine (#2944)
Bumps golang from 1.21.4-alpine to 1.21.5-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 09:50:38 +01:00
dependabot[bot]
9b41c931df
chore(deps): bump actions/setup-python from 4.7.1 to 5.0.0 (#2941)
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.1 to 5.0.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.7.1...v5.0.0)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 09:41:47 +01:00
dependabot[bot]
d53cfbad06
chore(deps): bump actions/stale from 8 to 9 (#2942)
Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 09:41:00 +01:00
dependabot[bot]
0fe7bba692
chore(deps): bump actions/setup-go from 4 to 5 (#2943)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 09:40:29 +01:00
Florent Viel
88da2f3199
feat: add custom user agent to scaleway provider (#2938)
Signed-off-by: Florent Viel <fviel@scaleway.com>
2023-12-09 16:25:29 +09:00
Leonardo
bf1793488b
fix: update Helm snapshot so 'make helm.test' stops failing (#2935)
Signed-off-by: Leonardo M. Miranda <leonardomichalskim@gmail.com>
2023-12-08 08:26:39 +09:00
Victor Santos
96233b759a
docs(alibaba): add access key authentication (#2934)
Signed-off-by: Victor Santos <vsantos.py@gmail.com>
2023-12-07 17:43:03 +01:00
Shlomo Zalman Heigh
14fb8597db
Add CONTRIBUTING.md file (#2925)
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
2023-12-04 21:43:05 +01:00
eso-service-account-app[bot]
5967b70653
update dependencies (#2922)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2023-12-04 19:16:33 +01:00
Kiyofumi Sano
2f043ecaed
Signed-off-by: Kiyo510 <miraishida00510@gmail.com> (#2919)
typo: ref:#2917 Fix typo in ExtermalSecretRewriteTransform
2023-12-02 14:53:11 +01:00
Victor Santos
3599384660
feat(fake): deprecate ValueMap to use Value instead (#2884) 2023-12-02 06:57:48 +09:00
Tal Asulin
2441ad547b
Feat/Adding support for PushSecret using HashiCorp Vault KV v1 (#2879)
* feat: init pushsecret support for vault kv1

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* feat: update delete secret to support vault kv1

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* test: adding unit tests for deletesecret for vault v1 coverage

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* docs: adding a note for describing the potential risk of using kv1 with pushsecret

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* feat: removing white spaces

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* feat: removing white spaces

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* chore: reverting buildMetadataPath changes as they are not called from v1 logic

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* feat: add custom metadata to vault v1 secrets

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* docs: adjusting documentation for supporting vault kv v1

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* docs: adjusting documentation for supporting vault kv v1

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

* Update docs/provider/hashicorp-vault.md

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Tal Asulin <tallin900@gmail.com>
Signed-off-by: talasulin <tal.asulin@appsflyer.comn>

---------

Signed-off-by: talasulin <tal.asulin@appsflyer.comn>
Signed-off-by: Tal Asulin <tallin900@gmail.com>
Co-authored-by: talasulin <tal.asulin@appsflyer.comn>
Co-authored-by: tal-asulin <tal-asulin@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2023-11-30 04:51:30 -03:00
Moritz Johner
2b2661ebc2
fix: use service management endpoint for ACR when using WI (#2913)
The `scope` parameter used to be the ACR url foobar.azurecr.io, but
this stopped working. Turns out that you need to use the management
endpoint as `scope` in order to authenticate with ACR.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-30 00:02:28 +01:00
Sebastián Gómez
15b68cc722
chore: remove references to Prometheus in Helm chart (#2814)
Remove references to deprecated prometheus values. 

Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-29 23:46:55 +01:00
Petter Abrahamsson
eea369578d
fix: Small typo in the 'templateFrom' guide (#2912)
Signed-off-by: Petter Abrahamsson <pabraham@redhat.com>
2023-11-29 21:48:08 +01:00
eso-service-account-app[bot]
c2957067fc
chore: update dependencies (#2903)
* update dependencies

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>

* chore: bump deps

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-29 20:45:52 +01:00
Ryan Arnold
8fd952c6e7
Docs: Add details on how to use FilterPEM function (#2893)
* Docs - add note clarifying how to use filterpem for future readers

Signed-off-by: arnoldrw <arnold.rw@pg.com>

* Update docs/guides/templating.md

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Ryan Arnold <51235300+arnoldrw@users.noreply.github.com>

---------

Signed-off-by: arnoldrw <arnold.rw@pg.com>
Signed-off-by: Ryan Arnold <51235300+arnoldrw@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-11-29 20:37:13 +01:00
Shuhei Kitagawa
632f1bba28
Stop deleting all the Secret metadata (#2900)
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-11-28 06:22:41 -03:00
Mateusz Łoskot
4acf82f23c
docs: Recommend use of Workload Identity for Azure Key Vault (#2906)
* docs: Recommend use of Workload Identity for Azure Key Vault

Mentions AAD Pod Identity is deprecated and updates overview
of supported authentication modes for Azure Key Vault.

This removes "should use aad-pod-identity" wording, see
https://github.com/external-secrets/external-secrets/discussions/2901

Signed-off-by: Mateusz Łoskot <mateusz@loskot.net>

* docs: Fix missing link to Multi-Tenancy Guide

Signed-off-by: Mateusz Łoskot <mateusz@loskot.net>

* docs: Fix typos

Capitalise own names.

Signed-off-by: Mateusz Łoskot <mateusz@loskot.net>

---------

Signed-off-by: Mateusz Łoskot <mateusz@loskot.net>
2023-11-27 14:15:05 -03:00
Moritz Johner
c5fa8d81a6
fix: webhook support more types when parsing response (#2899)
* fix: support more types in webhook response

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: properly decode json

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Update pkg/provider/webhook/webhook.go

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* Update pkg/provider/webhook/webhook.go

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* fix: expose errors

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-11-25 08:53:30 +01:00
Moritz Johner
74897535d2
feat: add PushSecret generator design (#2665)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-22 21:45:55 +00:00
Gergely Brautigam
3fbe318582
feat: allow pushing the whole secret to the provider (#2862)
* feat: allow pushing the whole secret to the provider

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* add documentation about pushing a whole secret

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* disabling this feature for the rest of the providers for now

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* added scenario for update with existing property

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-11-21 22:00:21 +01:00
eso-service-account-app[bot]
431aef844d
update dependencies (#2890)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2023-11-20 11:43:16 +01:00
dependabot[bot]
ae258f0dcd
chore(deps): bump actions/github-script from 6 to 7 (#2889)
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-20 10:08:26 +01:00
Lakhan Jindam
325f36e47d
add validations for the remaining enum values (#2860)
* add validations for the remaining enum values

Signed-off-by: lakhan jindam <lakhanj569@gmail.com>

* generate crd configs using make reviewable cmd and address review comments

Signed-off-by: lakhan jindam <lakhanj569@gmail.com>

---------

Signed-off-by: lakhan jindam <lakhanj569@gmail.com>
2023-11-18 19:55:39 -03:00
Victor Santos
6458048c62
docs: fix deprecation policy typo (#2875)
Signed-off-by: Victor Santos <vsantos.py@gmail.com>
2023-11-15 13:42:35 +01:00
visokoo
2e4067ed3f
docs: remove additional space in dockercreds example that causes the last curly brace to be removed (#2877)
Signed-off-by: Vivian Ta <ta.vivian@gmail.com>
2023-11-15 13:41:47 +01:00
Yonatan Koren
d42e19dc70
feat: AWS SecretsManager Config (allow ForceDeleteWithoutRecovery for PushSecret) (#2854)
* Add secretsmanager config.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

* Fix unit tests.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

* Update docs, fix validation, tests.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

* Fix grammatical error in attribute descriptions.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

* Improve API docs for SecretsManager.

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>

---------

Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
2023-11-14 18:44:22 -03:00
dependabot[bot]
c648b19f79
chore(deps): bump golang from 1.21.3-alpine to 1.21.4-alpine (#2870)
Bumps golang from 1.21.3-alpine to 1.21.4-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-13 21:02:28 +01:00
Roger
80f780a8fa
bump 0.9.9 (#2872)
Signed-off-by: rogertuma <tumaroger@gmail.com>
2023-11-13 16:05:17 -03:00
Lucas Severo Alves
beabdb2f28
Update PAUL.yaml to include roger (#2873) 2023-11-13 19:38:38 +01:00
Shuhei Kitagawa
8b0fa87f30
Validate data or dataFrom existence (#2867)
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-11-11 08:28:16 +09:00
Lucas Pimentel Quintao
92d8210221
feat: update dataFrom with use of generator (#2793)
* feat: adds example extract/find use case to dataFrom example

Signed-off-by: Lucas Pimentel Quintao <lucaspimentel123@users.noreply.github.com>
2023-11-09 23:31:50 +01:00
Shuhei Kitagawa
c9b3f97425
Refactor the PushSecret interface (#2859)
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-11-08 06:47:13 +09:00
Moritz Johner
f5cd6816aa
feat: fix cert-controller readiness probe (#2857)
readiness probes are being executed independently from the
leader election status. The current implementation depends on
leader election (client cache etc.) to run properly.
This commit fixes that by short-circuiting the readiness probes
when the mgr is not the leader.

This bug surfaces when `leader-election=true` and cert-controller `replicas>=2`.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-07 09:51:27 +01:00
Shuhei Kitagawa
e0c1d93f9b
Support GetAllSecrets for the fake provider (#2844)
* Support GetAllSecrets for the fake provider

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Stop reassigning map keys

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Use a single loop to construct the dataMap

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-11-07 09:48:49 +09:00
Thomas
a15b146165
fix: add missing omitempty json tags for optional fields (#2855)
The missing tags can confuse some tools.

Fixes: #2853

Signed-off-by: Thomas Way <thomas@6f.io>
2023-11-06 21:54:44 +01:00
dependabot[bot]
2bf34ecaae
chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.6.1 (#2849)
* chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.6.1

Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action) from 2.3.1 to 2.6.1.
- [Release notes](https://github.com/helm/chart-testing-action/releases)
- [Commits](https://github.com/helm/chart-testing-action/compare/v2.3.1...v2.6.1)

---
updated-dependencies:
- dependency-name: helm/chart-testing-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: remove comment regarding upstream issue

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-06 20:40:56 +01:00
Yonatan Koren
f78009a0ae
Add Codefresh as an adopter. (#2856)
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
2023-11-06 19:25:03 +01:00
dependabot[bot]
a9d70527b3
chore(deps): bump helm/chart-releaser-action from 1.5.0 to 1.6.0 (#2848)
Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/helm/chart-releaser-action/releases)
- [Commits](https://github.com/helm/chart-releaser-action/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: helm/chart-releaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-06 15:15:29 +01:00
eso-service-account-app[bot]
e51d1a82a2
update dependencies (#2850)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2023-11-06 15:08:05 +01:00
Anders Swanson
f4a7c95b54
feat: Oracle PushSecret & find implementation (#2840)
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2023-11-03 21:42:27 +01:00
Charl Klein
06301854d0
docs: - Minor Note to assist future readers (#2839)
Signed-off-by: CharlKlein <19486531+CharlKlein@users.noreply.github.com>
2023-11-02 20:36:09 +01:00
Moritz Johner
9ff86eab51
fix: remove sourceRef.generatorRef from .data[] (#2735)
fix: deprecate sourceRef.generatorRef from .data[]

A generator is supposed to be used via .dataFrom[]. Usage in .data[]
is not implemented and doesn't make sense, see #2720.

This commit splits the SourceRef into two types:
- one that only defines a secretStoreRef
- one that allows to define either secretStoreRef or generatorRef

The former is used in .data[] and the latter is used in .dataFrom[].

The Deprecated field is going to be removed with v1.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-11-02 14:37:59 +01:00
Moritz Johner
22ca0ad35d
feat: add design doc for PushSecret updatePolicy (#2664)
feat: add pushsecret updatePolicy design doc

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2023-11-02 10:22:54 +01:00
Gergely Brautigam
8f3cd55191
ref: cleanup condition handling for objects (#2829)
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-11-02 10:19:03 +01:00
Anders Swanson
8dd934ceed
feat: Oracle provider service account masquerade (#2817)
* feat: Oracle provider service account masquerade

Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2023-11-02 08:34:18 +01:00
Minho Ryang
99194e0237
feat: k8s provider can handle all types of secret, fix #2709 (#2792)
Signed-off-by: Minho Ryang <minho@comcom.ai>
2023-11-01 22:42:49 +01:00
Moritz Johner
caa0acd5cc
fix: wrap errors in data[] (#2834)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: HamzaMasood1 <hamzamasood183@gmail.com>
2023-11-01 22:31:56 +01:00