external-secrets

mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

Author	SHA1	Message	Date
Mykhailo Zahlada	47cc50a9ed	Workloadidentity clientid from secret ref (#3367 ) * updates documentation: extends workloadIdentity auth configuration Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * adds and updates tests Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * extends provider configuration to accept clientId and tenantId as auth SecretRef Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * updates service account example Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * updates docs Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> --------- Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> Co-authored-by: Mykhailo Zahlada <myzahlad@microsoft.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2024-04-18 05:09:53 -03:00
Thorben Below	432c6bf9ab	Feat: Add Passbolt Provider (#3334 ) * add passbolt provider Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com> * Fix: return err for unimplemented methods Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com> --------- Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>	2024-04-18 09:58:25 +02:00
rohautl	e0bdcd0d97	feat: implement azure pushsecret ifnotexist updatepolicy via secretExists function (#3361 ) Signed-off-by: rohautl <lu.rohaut@laposte.net> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2024-04-17 15:02:14 -03:00
Shuhei Kitagawa	119622a656	Use grpc.NewClient instead of grpc.Dial (#3369 ) Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2024-04-16 12:17:05 -03:00
David Recuenco	7602995a1c	Extract support for SDKMS provider (#3237 ) * ADD extract support for sdkms provider Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * Apply suggestions from code review Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: David Recuenco <david.recuencogadea+github@gmail.com> --------- Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> Signed-off-by: David Recuenco <david.recuencogadea+github@gmail.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-04-09 08:20:37 +02:00
rickymulder	efcd9874a7	Address #3331 and #3080 (#3335 ) * Address !3331 and !3080 * Modify webhook provider TLS config to restrict tls renegotiation to once per client ** Addresses !3331 * Modify webhook certs validation to include intermediates held within tls.crt Addresses !3080 [Cert-Manager recommendation](https://cert-manager.io/docs/configuration/ca) for CA issuer Signed-off-by: Rick Mulder <rickymulder@gmail.com> * Add tls chain tests related to #3080 Signed-off-by: Rick Mulder <rickymulder@gmail.com> * Clean up tls chain test based on sonarcloud recommendation Signed-off-by: Rick Mulder <rickymulder@gmail.com> * Fix checkEndpoints and checkCRDs to use proper pointer reference Signed-off-by: Rick Mulder <rickymulder@gmail.com> --------- Signed-off-by: Rick Mulder <rickymulder@gmail.com>	2024-04-09 08:10:55 +02:00
Shuhei Kitagawa	120fedf841	Add NamespaceSelectors field to ClusterExternalSecret (#3268 ) https://github.com/external-secrets/external-secrets/issues/3257 Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2024-04-05 08:35:08 +09:00
Rodrigo Fior Kuntzer	9ff2354213	fix: introducing support for conversion strategy for PushSecret. (#3292 ) * fix: introducing support for conversion strategy for PushSecret. Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com> * fix: unit tests code quality. Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com> --------- Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-04-04 16:31:28 +02:00
Michael Serchenia	84731616f4	GitHub provider (supersedes #3014 ) (#3115 ) * github provider signed, supersedes #3014 Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * tests pass, + crd + docs Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * fix sonarLint alert Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * refactoring, replace secretStore with generator Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * cosmetics + tst + lint pass Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * docs Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * clean-up + lint + test Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * small refactor, fix issues left in comments Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> --------- Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>	2024-04-03 09:19:57 +02:00
Yann Ponzoni	5ac6b5fc3f	Allow Pulimi to extract structured data. (#3308 ) * Handle json.RawMessage as a []byte in util.GetByteValue. This allow Pulimi to extract structured data. Close: #3307 Signed-off-by: alphayax <alphayax@gmail.com> * Add test for utils.GetByteValue: TestGetByteValue Signed-off-by: alphayax <alphayax@gmail.com> --------- Signed-off-by: alphayax <alphayax@gmail.com>	2024-03-27 12:18:27 +01:00
Rodrigo Fior Kuntzer	ceb26a6d50	fix: allow pushing the whole secret to Vault (#3288 ) Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-03-27 07:24:44 +01:00
Blair Drummond	731c0ed736	feat: add vault auth namespace option (#3157 ) * feat: add vault auth namespace option Signed-off-by: Blair Drummond <blaird@liatrio.com> * fix: appease the linter Signed-off-by: Blair Drummond <blaird@liatrio.com> * feat: add tests for auth namespace Signed-off-by: Blair Drummond <blaird@liatrio.com> * fix: add make reviewable output Signed-off-by: Blair Drummond <blaird@liatrio.com> --------- Signed-off-by: Blair Drummond <blaird@liatrio.com>	2024-03-27 07:23:34 +01:00
Gergely Brautigam	e589572caf	feat: add wait for values to be created and updated on 1Password side (#3238 )	2024-03-18 11:18:56 +01:00
Sulfixx	e57e4b72ca	Integrate Passworddepot (#2799 ) * PLAT-1179 \| updated to beta1 Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Updating External Secrets fixes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fix to Passworddepots-crds-generation Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| apiextensionsv1 removal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * Update apis/externalsecrets/v1beta1/secretstore_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * PLAT-1179 \| Removed insecureverify and other fixes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fixed Linter and Sonar Issues Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fixed Typo in Passworddepot_api.go Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Resolved go.mod Conflict Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Resolved go.mod conflict typo Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| admission.Warnings error fix Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added nolint:bodyclose // linters bug Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Removed <= Head arrow from mkdocs.yml Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added Make Check-Diff Changes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Changed Error Package, Added Context, API Refactor Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added const DoRequestError to reduce Codesmell Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Moved defer body close func into ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Moved Status Check into ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Removed Response.body from ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * Update apis/externalsecrets/v1alpha1/secretstore_passworddepot_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * PLAT-1179 \| Go mod tidy and Make generate Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added empty SecretExists Method Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Renamed unsed ctx to _ Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> --------- Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> Co-authored-by: Sören Rohweder <soeren.rohweder@fastleansmart.com> Co-authored-by: Simon Becker <simon.becker@fastleansmart.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-03-12 13:33:08 +01:00
Gergely Brautigam	1d5177c8c7	feat: add secret push format to AWS secrets manager (#3189 )	2024-03-10 08:12:50 +01:00
Carolin Dohmen	29e5f71d8b	Add PushSecret UpdatePolicy (to replace PR #3100 ) (#3117 ) * Add PushSecret UpdatePolicy Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Adjust description of UpdatePolicy in PushSecret Spec Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Restructure PushSecret Status Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Refactor PushSecret controller method Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Add missing methods for new providers Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Add missing method to onboardbase client Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Add docs on PushSecret UpdatePolicy Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> * Use constant for error message Signed-off-by: Carolin Dohmen <carodohmen@gmail.com> --------- Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>	2024-03-08 11:17:31 +01:00
Trent V	de78ea175f	fixed gitlab error typo: gilabClient -> gitlabClient (#3241 ) Signed-off-by: Trenton VanderWert <trenton.vanderwert@gmail.com>	2024-03-08 12:44:16 +09:00
Florent Viel	3bd911b9c1	Update Scaleway provider to use v1beta1 API version (#3205 ) * feat: update scw secret api to v1beta1 Signed-off-by: Florent Viel <fviel@scaleway.com> * fix: lint issue Signed-off-by: Florent Viel <fviel@scaleway.com> --------- Signed-off-by: Florent Viel <fviel@scaleway.com>	2024-03-06 10:39:27 +01:00
filedeploy	1fbd7a01e1	Implement Doppler Secret Push and Delete functions (#3200 ) * Implement Doppler Secret Push and Delete functions Signed-off-by: Carter Cook <carter.cook@filedeploy.com> * Better error formatting (PR review #3200) Signed-off-by: Carter Cook <carter.cook@filedeploy.com> --------- Signed-off-by: Carter Cook <carter.cook@filedeploy.com>	2024-03-06 10:35:18 +01:00
Shlomo Zalman Heigh	1d3209da59	Conjur E2E Tests for K8s JWT Authentication (#3217 ) Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>	2024-03-01 17:36:19 +01:00
Aleem Isiaka	52f6655345	Onboardbase (#2697 ) * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Run decrypt with error Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Install deps Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Improved docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Improved docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Update hack/crd.generate.sh Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com> * address issues with running the code Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * decrypt library into code Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add docs to onboardbase provider Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * refactor duplicates Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Address Issues with tests Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Address issues with delete policy and json secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Fix lint errors Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * error out when there is tags in the find field Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * execute delete request with the right data Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * ignore deletion policy Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * improve lint errors Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * remove cryptojs decrypt libs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Get secret value if property is set Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * run obb operator Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * 👌 IMPROVE: supports request deadline, esv1beta1 api updates Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * use same timeout Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix failing test Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add improve docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add improve docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> --------- Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> Signed-off-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com> Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com> Co-authored-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2024-02-29 21:28:17 +01:00
David Recuenco	af38fc68d5	ADD sdkms base implementation (#3180 ) * ADD sdkms base implementation Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX get secret object by name, unmarshalling error formatting Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD suport for fortanix secret security objects Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD more tests for opaque, secret, new client Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX changes required by make reviewable Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD missing provider registration Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX remove unused error string, add generated assets Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> --------- Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>	2024-02-28 10:59:47 +01:00
Marco Singer	983488ca57	feat(generator/webhook): Improve error message (#3190 ) Signed-off-by: Marco Singer <marcosinger@users.noreply.github.com>	2024-02-28 09:23:08 +09:00
Mathias Maes	74ed3facb7	Add PEM to PKCS12 template function (#3101 ) * Add PEM to PKCS12 template function Signed-off-by: Mathias Maes <mathias.maes@aloxy.io> * add docs Signed-off-by: Mathias Maes <mathias.maes@aloxy.io> * add pemToPkcs12Pass Signed-off-by: Mathias Maes <mathias.maes@aloxy.io> * fix formatting Signed-off-by: Mathias Maes <mathias.maes@aloxy.io> --------- Signed-off-by: Mathias Maes <mathias.maes@aloxy.io>	2024-02-27 09:36:53 +01:00
Gustavo Fernandes de Carvalho	1cf8f68276	Implements Webhook Generator (#3121 ) * adding webhook generators Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * bumping bundle Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * linting Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * fixing copy-paste error Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * common webhook functions Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * removing duplicates. Adding tests for generator Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * docs Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> --------- Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2024-02-17 06:49:31 -03:00
Engin Diri	dc9b5b7207	feat: add support for Pulumi ESC (#2997 ) Signed-off-by: Engin Diri <engin.diri@ediri.de>	2024-02-14 19:56:06 +01:00
Sourav Patnaik	a012f4829c	Implementation of Chef External Secrets Provider (#3127 ) * Adding the details for chef provider secret store. Issue: https://github.com/external-secrets/external-secrets/issues/2905 This commit intends to add the chef provider structure to the existing list of external-secrets providers. It defines the structure of the SecretStore and ClusterSecretStore for chef Provider. The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are: 1. serverurl: This is the URL to the chef server. 2. username: The username to connect to the chef server. 3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password. This commit also contains the auto generated CRDs using the `make generate` command. Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * Implementation for Chef ESO provided Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * - implemented Chef eso, added required methods - added unit test cases - added sample documentation Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Added Documentation for Authentication Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * added documentation for Chef eso Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Updated chef ESO documentation Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * updated ValidateStore method signature Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * made changes in chef provider to satisfy 'make docs' Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * - updated code as per review comment, make reviewable suggestions Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * modified chef provider code as per review comment Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> --------- Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> Co-authored-by: Subroto Roy <subrotoroy007@gmail.com> Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>	2024-02-14 09:54:08 +01:00
Gergely Brautigam	e726087851	feat: add push secret to e2e tests (#3017 ) * feat: add push secret to e2e tests Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * finally, a fully working example for an e2e flow with push secret Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * fix value field duplication issue Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-02-12 16:44:45 +01:00
Parth Patel	8db12430e7	Changes as per suggestion and clean up (#3077 ) Signed-off-by: Parth Patel <p.patel81@yahoo.com>	2024-02-07 07:56:46 +09:00
Moritz Johner	d246c2e082	🧹 refactor vault provider (#3072 ) * chore: split monolith into separate files Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * chore: add tests Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * chore: rename vault/auth_iam vars Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fixup: remove string duplication Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-31 22:03:32 +01:00
Shanti G	5f8d24000a	IBM provider: remove deprecated code for fetching secret by name (#3078 ) * remove deprecated code for fetching secret by name Signed-off-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com> * update the documentation Signed-off-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com> * fix linting Signed-off-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com> --------- Signed-off-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com> Co-authored-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com>	2024-01-26 17:46:24 +01:00
Moritz Johner	01f6be8e6e	chore: bump jwx pkg (#3075 ) Bump to v2 to address CVE-2024-21664. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-25 10:34:47 +01:00
charan986	2b39593109	added metrics support for akeyless (#3069 ) * added metrics support for akeyles Signed-off-by: Sai Charan Godasi <saicharangodasi@Sais-MacBook-Air.local>	2024-01-24 22:34:55 +01:00
Moritz Johner	58cb47cc06	chore: add tests for AWS/SM (#3057 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-22 09:35:09 +01:00
Moritz Johner	ee35aa0f9f	feat: expose admission warnings to ValidateStore interface (#3058 ) This allows providers to issue warnings, e.g. during a migration/deprecation period Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-21 23:34:29 +01:00
Moritz Johner	26f9c3f1f4	chore: refactor/centralise secretKeyRef usage (#3022 ) * chore: refactor/centralise secretKeyRef usage Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-21 08:19:57 +01:00
Rodrigo Fior Kuntzer	31cecaa62b	feat: add support for Hashicorp Vault mTLS (#3018 ) * feat: adding support for mTLS to the Vault provider Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-01-19 00:43:28 +01:00
Ludovic Ortega	0a02f73142	feat: set default namespace on vault secretStore (namespaced ressource) (#2869 ) * feat: set default namespace on vault secretStore Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr> * fix: unit test Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr> * feat: remove depreciation message Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr> --------- Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr>	2024-01-16 19:59:24 +01:00
Shuhei Kitagawa	373a9c23e8	Update the ExternalSecret status even when data is empty (#2927 ) https://github.com/external-secrets/external-secrets/issues/2874 Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>	2024-01-12 22:09:03 +01:00
Pedro Parra Ortega	ba8cf6bde5	Feat/allow keeper to work with complex types (#3016 ) * update dependencies (#3005) Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * feat: allow keeper to work with complex types Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> --------- Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> Co-authored-by: eso-service-account-app[bot] <85832941+eso-service-account-app[bot]@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>	2024-01-12 00:30:58 +01:00
barucoh	ab1e95a458	Akeyless Provider - Add support for Certificate items Signed-off-by: barucoh <20933964+barucoh@users.noreply.github.com> (#3013 ) Signed-off-by: “barucoh” <“ohadbaruch1@gmail.com”>	2024-01-10 23:11:03 +01:00
Bryce Thuilot	0bb4feae4a	feat: add PushSecret and DeleteSecret to onepassword provider (#2646 ) * feat: add PushSecret and DeleteSecret to onepassword provider Signed-off-by: Bryce Thuilot <bryce@thuilot.io> * refactor: clean code based on suggestions Signed-off-by: Bryce Thuilot <bryce@thuilot.io> * refactor: make suggested sonar cube changes Signed-off-by: Bryce Thuilot <bryce@thuilot.io> --------- Signed-off-by: Bryce Thuilot <bryce@thuilot.io>	2024-01-04 19:36:41 +01:00
Gergely Brautigam	d6e24a82bd	feat: add templating to PushSecret (#2926 ) * feat: add templating to PushSecret Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * adding unit tests around templating basic concepts and verifying output Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * extracting some of the common functions of the parser Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * remove some more duplication Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * removed commented out code segment Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * added documentation for templating feature Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * simplified the templating for annotations and labels Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-12-22 21:45:34 +01:00
Shanti G	fb762b57b3	minor changes: extension of PR #2950 (#2967 )	2023-12-21 08:38:08 +02:00
Nitzan Nissim	b0bdef20b5	Add support for IBM Cloud Service Credentials secret type (#2950 )	2023-12-21 08:21:02 +02:00
Florent Viel	88da2f3199	feat: add custom user agent to scaleway provider (#2938 ) Signed-off-by: Florent Viel <fviel@scaleway.com>	2023-12-09 16:25:29 +09:00
Kiyofumi Sano	2f043ecaed	Signed-off-by: Kiyo510 <miraishida00510@gmail.com> (#2919 ) typo: ref:#2917 Fix typo in ExtermalSecretRewriteTransform	2023-12-02 14:53:11 +01:00
Victor Santos	3599384660	feat(fake): deprecate ValueMap to use Value instead (#2884 )	2023-12-02 06:57:48 +09:00
Tal Asulin	2441ad547b	Feat/Adding support for PushSecret using HashiCorp Vault KV v1 (#2879 ) * feat: init pushsecret support for vault kv1 Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * feat: update delete secret to support vault kv1 Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * test: adding unit tests for deletesecret for vault v1 coverage Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * docs: adding a note for describing the potential risk of using kv1 with pushsecret Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * feat: removing white spaces Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * feat: removing white spaces Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * chore: reverting buildMetadataPath changes as they are not called from v1 logic Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * feat: add custom metadata to vault v1 secrets Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * docs: adjusting documentation for supporting vault kv v1 Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * docs: adjusting documentation for supporting vault kv v1 Signed-off-by: talasulin <tal.asulin@appsflyer.comn> * Update docs/provider/hashicorp-vault.md Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Tal Asulin <tallin900@gmail.com> Signed-off-by: talasulin <tal.asulin@appsflyer.comn> --------- Signed-off-by: talasulin <tal.asulin@appsflyer.comn> Signed-off-by: Tal Asulin <tallin900@gmail.com> Co-authored-by: talasulin <tal.asulin@appsflyer.comn> Co-authored-by: tal-asulin <tal-asulin@users.noreply.github.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2023-11-30 04:51:30 -03:00
Moritz Johner	2b2661ebc2	fix: use service management endpoint for ACR when using WI (#2913 ) The `scope` parameter used to be the ACR url foobar.azurecr.io, but this stopped working. Turns out that you need to use the management endpoint as `scope` in order to authenticate with ACR. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-11-30 00:02:28 +01:00

1 2 3 4 5 ...

763 commits