Diego Tejada
4dfa4d2622
feat: Add API key auth support on BeyondTrust provider ( #4101 )
...
* chore: bump BeyondTrust/go-client-library-passwordsafe version v0.9.1
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* feat: add ApiKey attribute to BeyondtrustAuth
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: update docs with ApiKey reference, add extra help comments
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* feat: conditionally using API Key or Client Credentials Auth on BeyondTrust provider
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* test: Add API key tests for BeyondTrust provider
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: add apiKey to spec.md
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: make reviewable files
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: ensured fmt
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: update APIKey variable case
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: fix typo
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: fix typo
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: fix typo
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump watchdog from 5.0.3 to 6.0.0 in /hack/api-docs (#4067 )
Bumps [watchdog](https://github.com/gorakhargosh/watchdog ) from 5.0.3 to 6.0.0.
- [Release notes](https://github.com/gorakhargosh/watchdog/releases )
- [Changelog](https://github.com/gorakhargosh/watchdog/blob/master/changelog.rst )
- [Commits](https://github.com/gorakhargosh/watchdog/compare/v5.0.3...v6.0.0 )
---
updated-dependencies:
- dependency-name: watchdog
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump pymdown-extensions in /hack/api-docs (#4068 )
Bumps [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions ) from 10.11.2 to 10.12.
- [Release notes](https://github.com/facelessuser/pymdown-extensions/releases )
- [Commits](https://github.com/facelessuser/pymdown-extensions/compare/10.11.2...10.12 )
---
updated-dependencies:
- dependency-name: pymdown-extensions
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump mkdocs-material in /hack/api-docs (#4069 )
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 9.5.42 to 9.5.43.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.42...9.5.43 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump softprops/action-gh-release from 2.0.8 to 2.0.9 (#4070 )
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.8 to 2.0.9.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](c062e08bd5...e7a8f85e1c
)
---
updated-dependencies:
- dependency-name: softprops/action-gh-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: move inactive maintainers to emeritus (#4073 )
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: update dependencies (#4071 )
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* removed updating sigs.k8s.io/structured-merge-diff/v4 because that broke compilation and fixed two lint issues
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update VaultAppRole documentation to show/use roleRef in its examples (#4035 )
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* feat: add option to configure topic information for GCM (#4055 )
* feat: add option to configure topic information for GCM
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* fix the comparison logic for updates to include topics
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* feat: add AWS STS Session token generator (#4041 )
* feat: add AWS STS Session token generator
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* version update for the generated CRD
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(helm): Add extra labels to the validating webhooks (#4074 )
It should add a bunch of app.kubernetes.io labels
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Reduce refreshInterval example for ACR (#4078 )
The old example used a `refreshInterval` value of 12h for the ACR access token. This change reduces that to 3h instead, since that is the expiration time for Service Principal authentication tokens:
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli#service-principal
Service principals are not the only way to authenticate towards ACR. In fact, two other ways (`managedIdentity` and `workloadIdentity`) are also outlined in the docs. I was unable to find any documentation in Azure for the default expiration time for those tokens, so as far as I know it is always 3 hours. Thus I think we should reflect this in our examples.
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Fix PushSecret lookup in keepersecurity provider (#4077 )
* Fixed Keeper Security custom record type name in docs
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Fixed Keeper records lookup in PushSecret
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Improved Keeper record lookup to search only for records of the expected type
Improved PushSecret and DeleteSecret
Fixed "nil pointer dereference" errors
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Fixed tests
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* chore(helm): Add extra labels to the validating webhooks (#4074 )
It should add a bunch of app.kubernetes.io labels
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Added tests for secrets with multiple matches
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
---------
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Tete17 <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Add ability to use RetrySettings in the VaultDynamicSecret generator (#4076 )
Signed-off-by: Oleksij Samorukov <samm@net-art.cz>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: make reviewable format
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* refactor: reduced complexity in NewClient
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* refactor: reduced function parameters
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump golang from 1.23.2 to 1.23.3 (#4089 )
Bumps golang from 1.23.2 to 1.23.3.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump packaging from 24.1 to 24.2 in /hack/api-docs (#4090 )
Bumps [packaging](https://github.com/pypa/packaging ) from 24.1 to 24.2.
- [Release notes](https://github.com/pypa/packaging/releases )
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pypa/packaging/compare/24.1...24.2 )
---
updated-dependencies:
- dependency-name: packaging
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump mkdocs-material in /hack/api-docs (#4091 )
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 9.5.43 to 9.5.44.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.43...9.5.44 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update docs for ExternalSecrets's refreshInterval (#4097 )
Fixes #4079
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump zipp from 3.20.2 to 3.21.0 in /hack/api-docs (#4092 )
Bumps [zipp](https://github.com/jaraco/zipp ) from 3.20.2 to 3.21.0.
- [Release notes](https://github.com/jaraco/zipp/releases )
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst )
- [Commits](https://github.com/jaraco/zipp/compare/v3.20.2...v3.21.0 )
---
updated-dependencies:
- dependency-name: zipp
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump regex from 2024.9.11 to 2024.11.6 in /hack/api-docs (#4093 )
Bumps [regex](https://github.com/mrabarnett/mrab-regex ) from 2024.9.11 to 2024.11.6.
- [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt )
- [Commits](https://github.com/mrabarnett/mrab-regex/compare/2024.9.11...2024.11.6 )
---
updated-dependencies:
- dependency-name: regex
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /e2e (#4094 )
Bumps golang from 1.23.2-bookworm to 1.23.3-bookworm.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* update dependencies (#4096 )
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1 (#4088 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](662472033e...4f3212b617
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Fix typo in webhook.md (#4100 )
Signed-off-by: Stas Alekseev <100800+salekseev@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* docs: reformat pushsecrets documentation to be a list (#4102 )
* reformat pushsecrets documentation to be a list
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
* Use sections instead of a list
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
---------
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* fix: refresh interval values (#4111 )
Signed-off-by: Gustavo <gustavo@externalsecrets.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Sign helm chart artifact in ghcr.io (#4098 )
* Install cosign for signing helm charts
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Fix helm push failing when GITHUB_REPOSITORY_OWNER contains Uppercase alphabets
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Sign helm chart in oci registry using cosign
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Add permissions required for cosign signing and provenance attestations
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Log helm push output
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Attest build provenance for helm artifact
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Format: break code block
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Reformat: Remove temp variable
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Verify signed helm chart after signing it
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Remove unnecessary helm action changes for external-secrets repository
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
---------
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump distroless/static from `cc226ca` to `f4a57e8` (#4112 )
Bumps distroless/static from `cc226ca` to `f4a57e8`.
---
updated-dependencies:
- dependency-name: distroless/static
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump golang from `0974259` to `c694a4d` (#4113 )
Bumps golang from `0974259` to `c694a4d`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump alpine from `beefdbd` to `1e42bbe` (#4114 )
Bumps alpine from `beefdbd` to `1e42bbe`.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump github/codeql-action from 3.27.1 to 3.27.4 (#4115 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.1 to 3.27.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4f3212b617...ea9e4e3799
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump codecov/codecov-action from 4.6.0 to 5.0.2 (#4116 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.6.0 to 5.0.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](b9fd7d16f6...5c47607acb
)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump softprops/action-gh-release from 2.0.9 to 2.1.0 (#4117 )
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.9 to 2.1.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](e7a8f85e1c...01570a1f39
)
---
updated-dependencies:
- dependency-name: softprops/action-gh-release
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump alpine from `beefdbd` to `1e42bbe` in /hack/api-docs (#4118 )
Bumps alpine from `beefdbd` to `1e42bbe`.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump alpine from `beefdbd` to `1e42bbe` in /e2e (#4119 )
Bumps alpine from `beefdbd` to `1e42bbe`.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump golang from `0e3377d` to `3f3b9da` in /e2e (#4120 )
Bumps golang from `0e3377d` to `3f3b9da`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* fix: re-enable signing helm release (#4109 )
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* update dependencies (#4122 )
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update pkg/provider/beyondtrust/provider.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: fix linter errors
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* refactor: split credentials/certificate reading functionality
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* style: apply make fmt
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
---------
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
Signed-off-by: Oleksij Samorukov <samm@net-art.cz>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Stas Alekseev <100800+salekseev@users.noreply.github.com>
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Signed-off-by: Gustavo <gustavo@externalsecrets.com>
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: eso-service-account-app[bot] <85832941+eso-service-account-app[bot]@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Mike Tougeron <mtougeron@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
Co-authored-by: Tete17 <miguel_tete17@hotmail.com>
Co-authored-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
Co-authored-by: idimov-keeper <78815270+idimov-keeper@users.noreply.github.com>
Co-authored-by: Alex Samorukov <samm@net-art.cz>
Co-authored-by: Stas Alekseev <100800+salekseev@users.noreply.github.com>
Co-authored-by: Tobi <22715034+twobiers@users.noreply.github.com>
Co-authored-by: Arun Murugan <arunmurugan.official@gmail.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2024-11-26 21:54:58 +01:00
eso-service-account-app[bot]
db64df2f0c
chore: update dependencies ( #4050 )
...
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* add check-diff output for controller-gen update
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-10-29 10:54:27 +01:00
Tchoupinax
0dd419a738
feat: edit all required changes for recursive option ( #3939 )
...
* feat: edit all required changes for recursive option
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
* chore: make reviewable
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
* feat: add missing param
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
* feat: change property type to boolean
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
* docs: new doc version
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
---------
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
2024-10-14 09:24:48 +02:00
Gabi Davar
7f5e8fa9ce
Make CRD categories useful ( #3929 )
...
* Make CRD categories useful
* one category for all ES objects.
* one only for generators
* add missing controller label on CRDs
* fix UUID description (was referring to password)
Signed-off-by: Gabi Davar <grizzly.nyo@gmail.com>
* missing update
Signed-off-by: Gabi Davar <grizzly.nyo@gmail.com>
---------
Signed-off-by: Gabi Davar <grizzly.nyo@gmail.com>
2024-09-25 09:45:07 +02:00
Gijs Middelkamp
daa1297f3d
Implements Previder provider for Previder Secret Vault implementation ( #3916 )
...
* Added Previder Vault Provider and tests
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Set go version back to 1.23
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Updates after "make reviewable"
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Fixed methods to naming convention
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Added Previder to stability support doc
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Added installation documentation and Previder logo
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Altered last test name for naming convention
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Adds Previder provider to api-docs/mkdocs.yml
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Ran make check-diff
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Updated Tiltfile to check for new default image used in helm chart
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Added optional tag to PreviderAuth struct
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Removed toolchain
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Updated to go 1.23.1 for CVE; Updated previder/vault-cli to 0.1.2 for CVE fix also
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
---------
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
Signed-off-by: Gijs Middelkamp <17021438+gkwmiddelkamp@users.noreply.github.com>
2024-09-21 16:44:32 +02:00
Engin Diri
231a6ea674
feat: update Pulumi provider for GA ( #3917 )
...
Signed-off-by: Engin Diri <engin.diri@ediri.de>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-21 09:54:12 +02:00
eso-service-account-app[bot]
f76be9fa78
chore: update dependencies ( #3915 )
...
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* revert pulumi update
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* updated controller runtime
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-16 16:23:11 +02:00
eso-service-account-app[bot]
21f1dca82e
chore: update dependencies ( #3862 )
...
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* fix alibaba breaking things again
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* commit modified templates because of version increase
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-02 18:30:34 +02:00
eso-service-account-app[bot]
3414bd6428
chore: update dependencies ( #3815 )
2024-08-19 17:07:20 +02:00
Gergely Brautigam
82d419e2ee
feat: add CAProvider to Bitwarden provider ( #3699 )
...
* feat: add CAProvider to bitwarden
This change introduces a refactor as well since CAProvider
was used by multiple providers with diverging implementations.
The following providers were affected:
- webhook
- akeyless
- vault
- conjur
- kubernetes
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* refactored the Kubernetes provider to use create ca
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* refactor webhook, vault and kubernetes provider
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* rename CreateCACert to FetchCACertFromSource
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* addressed comments and autodecoding base64 data
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* check if the decoded value is a valid certificate
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-08-16 12:32:35 +02:00
btfhernandez
77f5d0ad91
feat: add beyondtrust provider ( #3683 )
...
* feat: add beyondtrust provider
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: edit go.mod and go.sum files
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: change test file name (provider_test.go)
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: solve PR comments
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: organize attributes in a higher hierarchy
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix sonar cloud issues and go.mod file conflicts
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix PR comments and apply table driven tests
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix PR comments
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix lint issues
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix lint issues on tests
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: run make fmt
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: apply camelCase to yaml attributes
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: solve go.mod file conflict
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: run make check-diff
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
---------
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
Signed-off-by: btfhernandez <133419363+btfhernandez@users.noreply.github.com>
2024-08-07 09:27:04 +02:00
Gergely Brautigam
8c709cfa43
feat: add prefix definition to all secret keys for aws parameter store ( #3718 )
...
* feat: add prefix definition to all secret keys for aws parameter store
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* added a push secret test to verify called parameter has a prefix
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-07-31 12:29:07 +02:00
Engin Diri
4f62fb3963
feat: add PushSecret support for Pulumi ESC ( #3597 )
...
Signed-off-by: Engin Diri <engin.diri@ediri.de>
2024-07-25 09:00:17 +02:00
abhinav1708
bdd0c7ec9a
support for adding headers in vault provider ( #3677 )
...
* support for vault headers
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* changes in crds bases for headers support
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* adding autogenerated files
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* removing extra---
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* adding headers before x-vault-Inconsistent
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* changing for lint pass
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
---------
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
2024-07-15 11:27:06 +02:00
Bill Hamilton
1876ff88d7
Add support for Delinea Secret Server ( #3468 )
...
* implements secretserver
Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com>
* bump to align e2e
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* bump
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
---------
Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-07-10 14:32:17 -03:00
kaedwen
48cccaeded
add AuthRef to kubernetes provider fixes #3627 ( #3628 )
...
* add AuthRef to kubernetes provider fixes #3627
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* run make reviewable
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* fix validation for given authRef
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* refactor kubernetes provider auth
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* satisfy linter
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* add URL for kubernetes provider tests
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
---------
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
2024-07-01 23:31:10 +02:00
Gergely Brautigam
095537e6ad
feat: add bitwarden secret manager support ( #3603 )
2024-06-28 06:04:25 +02:00
Geoffrey MUSELLI
f74e08546c
Support glob for namespaces condition in ClusterSecretStore ( #2920 )
...
* feat(ClusterSecretStore): Support glob for conditions.namespaces
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix diff
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix code smell
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): First code review
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Second code review
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Generate
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix Sonar method complexity
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* addressed comments
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* renamed namedspacesregexes because it sounded funny
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-06-17 08:36:05 +02:00
Tsubasa Nagasawa
199c9103db
feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache ( #3588 )
...
* feat: Add component labels to custom resource definitions
Prerequisite for restricting the CRDs cached by Informer
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
* feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache
The certcontroller watches CRDs and Webhook configurations, and
manages CA certificates for conversion webhooks of CRDs and Webhook
configurations. Some clusters have a large number of CRDs and Webhook
configurations installed. Additionally, some CRDs have large object sizes.
Currently, the certcontroller holds all CRDs and Webhook configurations
in the Informer cache. Since this includes CRDs not managed by the
certcontroller for CA certificates, memory usage tends to be high.
This PR adds a label to the CRDs and configures the Informer cache to hold
only the CRDs and Webhook configurations restricted by the label selector.
It assumes that the CRDs have a label. Depending on how the External Secrets
Operator is managed, it may be possible to update the External Secrets
Operator without updating the CRDs, so as a precaution, it can be turned
on/off via a startup option. It is disabled by default.
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
---------
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
2024-06-16 12:52:10 +02:00
smcavallo
d29c001d37
Add device42 provider ( #3571 )
2024-06-14 06:04:19 +02:00
Akhil Mohan
ace1ff595f
Infisical provider ( #3477 )
...
* feat: added crds for infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: implemented infisical provider logic
Signed-off-by: = <akhilmhdh@gmail.com>
* fix: resolved broken doc building due to vault doc error
Signed-off-by: = <akhilmhdh@gmail.com>
* docs: added doc for infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* docs: fixed a warning in mkdocs on link
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved all lint issues
Signed-off-by: = <akhilmhdh@gmail.com>
* doc: removed k8s auth release banner from infisical doc
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: added support for property to infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: removed auth type and made implicit ordering of authentication based on feedback
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: support for referent authentication
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: added error for tag not supported in find
Signed-off-by: = <akhilmhdh@gmail.com>
* fix: resolved failing build
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: updated doc and added stability matrix for infisical
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: switched to less error prone use and revoke token strategy and added validate interface logic
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: code lint issue fixes
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved review comments for infisical client
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: improved test cases and resolved sonar issues
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved sonar suggestions
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved sonar suggestions for test const ids
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: store changes to assertError
Signed-off-by: = <akhilmhdh@gmail.com>
---------
Signed-off-by: = <akhilmhdh@gmail.com>
2024-06-11 22:27:31 +02:00
Gergely Brautigam
94c9a33a11
feat: add location to GCP push secret ( #3502 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-06-07 09:46:29 +02:00
Luis Schweigard
0abb3e9cc4
Add support for Authentication against Azure Key Vault using Client Certificate ( #3469 )
...
* Implementation of Certificate Based Authz against Azure Key Vault
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add tests for new Azure certificate auth functionality
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add documentation for Azure Cert based Auth
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Generate spec.md
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add changes from code review
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Fix naming in test error case
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
---------
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
2024-05-13 08:40:50 -03:00
eso-service-account-app[bot]
34b4ff10da
chore: update dependencies ( #3433 )
...
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* bump alibaba
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* bump kube to 0.30
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-04-30 14:52:59 -03:00
Mykhailo Zahlada
47cc50a9ed
Workloadidentity clientid from secret ref ( #3367 )
...
* updates documentation: extends workloadIdentity auth configuration
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
* adds and updates tests
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
* extends provider configuration to accept clientId and tenantId as auth SecretRef
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
* updates service account example
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
* updates docs
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
---------
Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
Co-authored-by: Mykhailo Zahlada <myzahlad@microsoft.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-04-18 05:09:53 -03:00
Thorben Below
432c6bf9ab
Feat: Add Passbolt Provider ( #3334 )
...
* add passbolt provider
Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>
* Fix: return err for unimplemented methods
Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>
---------
Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>
2024-04-18 09:58:25 +02:00
Blair Drummond
731c0ed736
feat: add vault auth namespace option ( #3157 )
...
* feat: add vault auth namespace option
Signed-off-by: Blair Drummond <blaird@liatrio.com>
* fix: appease the linter
Signed-off-by: Blair Drummond <blaird@liatrio.com>
* feat: add tests for auth namespace
Signed-off-by: Blair Drummond <blaird@liatrio.com>
* fix: add make reviewable output
Signed-off-by: Blair Drummond <blaird@liatrio.com>
---------
Signed-off-by: Blair Drummond <blaird@liatrio.com>
2024-03-27 07:23:34 +01:00
Sulfixx
e57e4b72ca
Integrate Passworddepot ( #2799 )
...
* PLAT-1179 | updated to beta1
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Updating External Secrets fixes
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Fix to Passworddepots-crds-generation
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | apiextensionsv1 removal
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
* Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
* Update apis/externalsecrets/v1beta1/secretstore_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
* PLAT-1179 | Removed insecureverify and other fixes
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Fixed Linter and Sonar Issues
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Fixed Typo in Passworddepot_api.go
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Resolved go.mod Conflict
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Resolved go.mod conflict typo
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | admission.Warnings error fix
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Added nolint:bodyclose // linters bug
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Removed <= Head arrow from mkdocs.yml
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Added Make Check-Diff Changes
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Changed Error Package, Added Context, API Refactor
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Added const DoRequestError to reduce Codesmell
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Moved defer body close func into ReadAndUnmarshal
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Moved Status Check into ReadAndUnmarshal
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Removed Response.body from ReadAndUnmarshal
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* Update apis/externalsecrets/v1alpha1/secretstore_passworddepot_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
* PLAT-1179 | Go mod tidy and Make generate
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Added empty SecretExists Method
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
* PLAT-1179 | Renamed unsed ctx to _
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
---------
Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
Co-authored-by: Sören Rohweder <soeren.rohweder@fastleansmart.com>
Co-authored-by: Simon Becker <simon.becker@fastleansmart.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-03-12 13:33:08 +01:00
Shlomo Zalman Heigh
1d3209da59
Conjur E2E Tests for K8s JWT Authentication ( #3217 )
...
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
2024-03-01 17:36:19 +01:00
Aleem Isiaka
52f6655345
Onboardbase ( #2697 )
...
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Run decrypt with error
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Commit and Save
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Pull secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Integrate Onboardbase Into ESO
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Minor Fix And Cleanups
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Attend to review comments
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Install deps
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Improved docs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Improved docs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Update hack/crd.generate.sh
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com>
* address issues with running the code
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* decrypt library into code
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* add docs to onboardbase provider
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* refactor duplicates
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Address Issues with tests
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Address issues with delete policy and json secrets
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Fix lint errors
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* error out when there is tags in the find field
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* execute delete request with the right data
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* ignore deletion policy
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* improve lint errors
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* remove cryptojs decrypt libs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* Get secret value if property is set
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* run obb operator
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* 👌 IMPROVE: supports request deadline, esv1beta1 api updates
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* use same timeout
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* fix sonar cloud issues
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* fix sonar cloud issues
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* fix sonar cloud issues
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* fix failing test
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* add improve docs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
* add improve docs
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
---------
Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
Signed-off-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com>
Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com>
Co-authored-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-02-29 21:28:17 +01:00
David Recuenco
af38fc68d5
ADD sdkms base implementation ( #3180 )
...
* ADD sdkms base implementation
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* FIX get secret object by name, unmarshalling error formatting
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* ADD suport for fortanix secret security objects
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* ADD more tests for opaque, secret, new client
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* FIX changes required by make reviewable
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* ADD missing provider registration
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
* FIX remove unused error string, add generated assets
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
---------
Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>
2024-02-28 10:59:47 +01:00
Engin Diri
dc9b5b7207
feat: add support for Pulumi ESC ( #2997 )
...
Signed-off-by: Engin Diri <engin.diri@ediri.de>
2024-02-14 19:56:06 +01:00
Sourav Patnaik
a012f4829c
Implementation of Chef External Secrets Provider ( #3127 )
...
* Adding the details for chef provider secret store.
Issue: https://github.com/external-secrets/external-secrets/issues/2905
This commit intends to add the chef provider structure to the existing list of external-secrets providers.
It defines the structure of the SecretStore and ClusterSecretStore for chef Provider.
The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are:
1. serverurl: This is the URL to the chef server.
2. username: The username to connect to the chef server.
3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password.
This commit also contains the auto generated CRDs using the `make generate` command.
Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
* Implementation for Chef ESO provided
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
* - implemented Chef eso, added required methods
- added unit test cases
- added sample documentation
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* Added Documentation for Authentication
Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
* added documentation for Chef eso
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* Updated chef ESO documentation
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
* updated ValidateStore method signature
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* made changes in chef provider to satisfy 'make docs'
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* - updated code as per review comment, make reviewable suggestions
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
* modified chef provider code as per review comment
Issue: https://github.com/external-secrets/external-secrets/issues/2905
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
---------
Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
Co-authored-by: Subroto Roy <subrotoroy007@gmail.com>
Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
2024-02-14 09:54:08 +01:00
eso-service-account-app[bot]
41cd1d36a4
chore: update dependencies ( #3065 )
...
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* fix: re-generate CRDs with new controller-runtime version
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2024-01-22 20:56:06 +01:00
Rodrigo Fior Kuntzer
31cecaa62b
feat: add support for Hashicorp Vault mTLS ( #3018 )
...
* feat: adding support for mTLS to the Vault provider
Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
2024-01-19 00:43:28 +01:00
Victor Santos
3599384660
feat(fake): deprecate ValueMap to use Value instead ( #2884 )
2023-12-02 06:57:48 +09:00
Lakhan Jindam
325f36e47d
add validations for the remaining enum values ( #2860 )
...
* add validations for the remaining enum values
Signed-off-by: lakhan jindam <lakhanj569@gmail.com>
* generate crd configs using make reviewable cmd and address review comments
Signed-off-by: lakhan jindam <lakhanj569@gmail.com>
---------
Signed-off-by: lakhan jindam <lakhanj569@gmail.com>
2023-11-18 19:55:39 -03:00
Yonatan Koren
d42e19dc70
feat: AWS SecretsManager Config (allow ForceDeleteWithoutRecovery for PushSecret) ( #2854 )
...
* Add secretsmanager config.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
* Fix unit tests.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
* Update docs, fix validation, tests.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
* Fix grammatical error in attribute descriptions.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
* Improve API docs for SecretsManager.
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
---------
Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>
2023-11-14 18:44:22 -03:00
Anders Swanson
f4a7c95b54
feat: Oracle PushSecret & find implementation ( #2840 )
...
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2023-11-03 21:42:27 +01:00
Anders Swanson
8dd934ceed
feat: Oracle provider service account masquerade ( #2817 )
...
* feat: Oracle provider service account masquerade
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2023-11-02 08:34:18 +01:00
Anders Swanson
b1bad77eb3
Oracle: Workload Identity authentication ( #2781 )
...
* Oracle: Workload Identity authentication
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Merge main
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Cleanup go.mod
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Lint
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Use mutex for environment variables
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
---------
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
Signed-off-by: Anders Swanson <91502735+anders-swanson@users.noreply.github.com>
2023-10-24 21:48:25 +02:00
Kieran Bristow
d9eaeb40dc
Conjur JWT support ( #2591 )
...
* Add JWT Auth to Conjur Provider
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Update docs for Cyberark Conjur Provider
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Update test suite to cover new functionality
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Run make reviewable
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Set MinVersion for tls.Config to satisfy linting
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Move ca bundle config example to a yaml snippet
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* fix: consolidate naming
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: consolidate naming
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* docs: make it a working example
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* Remove JWT expiration handling logic
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
* Run make fmt
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
---------
Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-25 10:05:17 +02:00
Moritz Johner
97df83b518
chore: bump dependencies ( #2654 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-08-28 11:50:46 +02:00
Moritz Johner
416deb3303
chore: bump dependencies ( #2568 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-08-02 21:42:03 +02:00
Martin Schuessler
f777a85156
added userPass authentication to the hashicorp vault provider ( #2539 )
...
Signed-off-by: Martin Schuessler <1407812+c0ffee@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-08-01 14:16:19 +02:00
Michael Sauter
bdf437c2e1
Add support for Delinea DevOps Secrets Vault ( #2415 )
...
* Add support for Delinea DevOps Secrets Vault
Closes #1709 .
Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>
* fix: remove merge conflict
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* Improve documentation
Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>
---------
Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-07-06 18:01:43 +02:00
David Hisel
de491a2790
Add Conjur provider ( #2412 )
...
* Add Conjur provider
Signed-off-by: David Hisel <David.Hisel@CyberArk.com>
* fix: lint
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: unit tests
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: David Hisel <David.Hisel@CyberArk.com>
Signed-off-by: David Hisel <132942678+davidh-cyberark@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-06-21 11:17:00 +02:00
Joel Watson
6a32b982f0
Add lower-kebab name transformer to Doppler provider ( #2418 )
...
Signed-off-by: Joel Watson <joel.watson@doppler.com>
2023-06-15 08:16:21 +02:00
Nima Fotouhi
e7799e757a
Adding session tags & transitive tags to SecretStore definition ( #2372 )
...
* feat: added session tag capability to assume role
modified apis/externalsecrets/v1beta1/secretstore_aws_types.go to expect session tags and transitive tags structs
modified pkg/provider/aws/auth/auth.go to pass session tags if they exist
Signed-off-by: Nima Fotouhi <fotouhi@live.com>
* fix: make build errors (JSON serialization error)
modified apis/externalsecrets/v1beta1/secretstore_aws_types.go to include a new custom struct (Tag) used with SessionTags instead of []*sts.Tag
modified pkg/provider/aws/auth/auth.go to convert custom Tag struct to sts.Tag before passing to assume role API call
Signed-off-by: Nima Fotouhi <fotouhi@live.com>
* removed unnecessary commented out code
Signed-off-by: Nima Fotouhi <fotouhi@live.com>
* chore(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (#2366 )
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v4.6.0...v4.6.1 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Nima Fotouhi <fotouhi@live.com>
* 📚 Update stability-support.md (#2363 )
Staring 0.82, IBM Cloud Secrets Manager supports fetching secrets by name as well as ID.
Signed-off-by: Idan Adar <iadar@il.ibm.com>
Signed-off-by: Nima Fotouhi <fotouhi@live.com>
* feat: ran make reviewable tasks (except for docs)
Signed-off-by: Nima Fotouhi <fotouhi@live.com>
* refractor: made addition of TransitiveTagKeys to setAssumeRoleOptions dependant to presence of SessionTags. So if user includes Transitive Tags in SecretStore definition without Session Tags, tags get ignored
Signed-off-by: Nima Fotouhi <fotouhi@live.com>
---------
Signed-off-by: Nima Fotouhi <fotouhi@live.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Idan Adar <iadar@il.ibm.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Idan Adar <iadar@il.ibm.com>
2023-06-01 11:12:02 +02:00
Moritz Johner
54664b43b1
chore: update dependencies ( #2348 )
...
* chore: update dependencies
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* chore: get rid of argo dependency to be independent of their k8s
versioning
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-05-31 09:36:22 +02:00