* Added support for standard K8s labels in metrics
Signed-off-by: KA <110458464+kallymsft@users.noreply.github.com>
* Added feature-flag for label metrics
Signed-off-by: KA <110458464+kallymsft@users.noreply.github.com>
---------
Signed-off-by: KA <110458464+kallymsft@users.noreply.github.com>
Objective of this commit is to allow logs to be more readable.
Default log ts encoding in the logger employed (zap) is unix time.
This leads to logs not much human-readable. This change introduces the
possibility to customize the ts with a set of preconfigured encodings:
one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'
Default value does not change
Signed-off-by: RiccardoColella <colella.git@outlook.com>
Signed-off-by: RiccardoColella <colella.git@outlook.com>
* added new crd-names flag to reconcile only installed CRDs in cert controller
Signed-off-by: Steven Bressey <sbressey@bressey.me>
* add guide to disable cluster features
Signed-off-by: Steven Bressey <sbressey@bressey.me>
* fix fmt
Signed-off-by: Steven Bressey <sbressey@bressey.me>
Co-authored-by: Steven Bressey <sbressey@bressey.me>
The new functionality is controlled using the newly-introduced
--experimental-enable-vault-token-cache and
--experimental-vault-token-cache-size command-line flags.
Signed-off-by: NicEggert <nicholas.eggert@target.com>
During our internal security scan, the webhook for external-secrets was
flagged because it supports protocol vulnerable to Sweet32
(https://sweet32.info/). In order to avoid the webhook from being
flagged, we need to restrict the TLS ciphers on controller runtime.
To do this I needed to update the dependency to 0.12.3 and some other
conflicting dependencies.
Signed-off-by: Joao Pedro Silva <jp.silva15@gmail.com>
* hostNetwork for webhook pod
* FailurePolicy for validatingwebhook definition
* Changed webhook port to a configurable value
* Defined default value as 9443
Fixes#944
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
