mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
2527 commits 135 branches 173 tags 201 MiB
Commit graph

2527 commits

This branch
This branch
All branches
Author SHA1 Message Date
Moritz Johner
58cb47cc06
chore: add tests for AWS/SM (#3057) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2024-01-22 09:35:09 +01:00
dependabot[bot]
c45eaca651
chore(deps): bump alpine from 3.18 to 3.19 in /hack/api-docs (#3039) 
Bumps alpine from 3.18 to 3.19.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-22 06:37:09 +01:00
Moritz Johner
ee35aa0f9f
feat: expose admission warnings to ValidateStore interface (#3058) 
This allows providers to issue warnings, e.g. during a
migration/deprecation period

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2024-01-21 23:34:29 +01:00
Moritz Johner
fd62f96e9f
chore: fixup security response suggestions (#3056) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2024-01-21 19:57:15 +01:00
Moritz Johner
26f9c3f1f4
chore: refactor/centralise secretKeyRef usage (#3022) 
* chore: refactor/centralise secretKeyRef usage

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2024-01-21 08:19:57 +01:00
kyasbal
b6b4f12509
Fix wrong namespaceSelector configuration in snippet in document (#3054) 
The snippet[1] was not aligning with the schema defined in CRD.

[1] https://external-secrets.io/latest/guides/security-best-practices/

Signed-off-by: kyasbal <kyasbal1994@gmail.com>
 2024-01-20 22:26:12 +01:00
Moritz Johner
21191dc47e
docs: add security response process (#3037) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2024-01-20 07:25:20 +01:00
dependabot[bot]
0bdb53c99f
chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.3.1 (#3045) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](e38b1902ae...0864cf1902)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 11:57:29 +01:00
dependabot[bot]
80634b5c22
chore(deps): bump mkdocs-material from 9.5.3 to 9.5.4 in /hack/api-docs (#3043) 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.5.3 to 9.5.4.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.3...9.5.4)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 11:57:14 +01:00
dependabot[bot]
e45a6aa8e6
chore(deps): bump golang from 04cf306 to c4b696f in /e2e (#3038) 
Bumps golang from `04cf306` to `c4b696f`.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:08:55 +01:00
dependabot[bot]
1495f96881
chore(deps): bump alpine from 13b7e62 to 51b6726 in /e2e (#3040) 
Bumps alpine from `13b7e62` to `51b6726`.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:08:44 +01:00
dependabot[bot]
4913b7b41b
chore(deps): bump ubi8/ubi-minimal from d8b81a3 to 2882390 (#3041) 
Bumps ubi8/ubi-minimal from `d8b81a3` to `2882390`.

---
updated-dependencies:
- dependency-name: ubi8/ubi-minimal
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:08:35 +01:00
dependabot[bot]
528bd8fc0e
chore(deps): bump golang from fd78f2f to fd78f2f (#3042) 
Bumps golang from `fd78f2f` to `fd78f2f`.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:08:18 +01:00
dependabot[bot]
d655f385b1
chore(deps): bump actions/checkout from 3.1.0 to 4.1.1 (#3044) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.1.0...b4ffde65f46336ab88eb53be808477a3936bae11)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:07:44 +01:00
dependabot[bot]
79e7b4efe4
chore(deps): bump mkdocs-macros-plugin in /hack/api-docs (#3046) 
Bumps [mkdocs-macros-plugin](https://github.com/fralau/mkdocs_macros_plugin) from 0.7.0 to 1.0.5.
- [Release notes](https://github.com/fralau/mkdocs_macros_plugin/releases)
- [Changelog](https://github.com/fralau/mkdocs-macros-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fralau/mkdocs_macros_plugin/compare/v0.7.0...v1.0.5)

---
updated-dependencies:
- dependency-name: mkdocs-macros-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:07:31 +01:00
dependabot[bot]
71b29fb5b8
chore(deps): bump markupsafe from 2.1.1 to 2.1.3 in /hack/api-docs (#3047) 
Bumps [markupsafe](https://github.com/pallets/markupsafe) from 2.1.1 to 2.1.3.
- [Release notes](https://github.com/pallets/markupsafe/releases)
- [Changelog](https://github.com/pallets/markupsafe/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/markupsafe/compare/2.1.1...2.1.3)

---
updated-dependencies:
- dependency-name: markupsafe
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:06:47 +01:00
dependabot[bot]
2de573ec66
chore(deps): bump github/codeql-action from 2.2.4 to 3.23.1 (#3048) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 3.23.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](17573ee1cc...0b21cf2492)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:04:09 +01:00
dependabot[bot]
a0d4814f51
chore(deps): bump actions/cache from 3.3.3 to 4.0.0 (#3049) 
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.3 to 4.0.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](e12d46a63a...13aacd865c)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:03:59 +01:00
dependabot[bot]
25f47b6e01
chore(deps): bump click from 8.1.3 to 8.1.7 in /hack/api-docs (#3050) 
Bumps [click](https://github.com/pallets/click) from 8.1.3 to 8.1.7.
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/click/compare/8.1.3...8.1.7)

---
updated-dependencies:
- dependency-name: click
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 09:03:48 +01:00
dependabot[bot]
6a23a3f1d0
chore(deps): bump tornado from 6.3.3 to 6.4 in /hack/api-docs (#3051) 
Bumps [tornado](https://github.com/tornadoweb/tornado) from 6.3.3 to 6.4.
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](https://github.com/tornadoweb/tornado/compare/v6.3.3...v6.4.0)

---
updated-dependencies:
- dependency-name: tornado
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 08:50:51 +01:00
Moritz Johner
43b6c5eaad
fix: hack/api-docs/requirements.txt to reduce vulnerabilities (#3036) 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
 2024-01-19 08:04:25 +01:00
Rodrigo Fior Kuntzer
31cecaa62b
feat: add support for Hashicorp Vault mTLS (#3018) 
* feat: adding support for mTLS to the Vault provider

Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
 2024-01-19 00:43:28 +01:00
Moritz Johner
00249f1d43
Create OSSF scorecard job (#3032) 
* Create scorecard.yml

Adds a scorecard workflow to regularly check the repo.
See docs: https://github.com/marketplace/actions/ossf-scorecard-action#scorecard-badge

Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
 2024-01-18 21:03:07 +01:00
Ludovic Ortega
0a02f73142
feat: set default namespace on vault secretStore (namespaced ressource) (#2869) 
* feat: set default namespace on vault secretStore

Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr>

* fix: unit test

Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr>

* feat: remove depreciation message

Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr>

---------

Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr>
 2024-01-16 19:59:24 +01:00
dependabot[bot]
6bffc9563f
chore(deps): bump golang from 1.21.5 to 1.21.6 (#3024) 
Bumps golang from 1.21.5 to 1.21.6.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-15 20:55:40 +01:00
Amirhossein Akhlaghpour
1bd07fd90e
Validator (#3003) 
* feat: add validator for duplicates keys

Signed-off-by: Mehrbod Akhlaghpour <m9.akhlaghpoor@gmail.com>

* feat: retain mode on duplicate keys

Signed-off-by: Mehrbod Akhlaghpour <m9.akhlaghpoor@gmail.com>

* feat: add new test

Signed-off-by: Mehrbod Akhlaghpour <m9.akhlaghpoor@gmail.com>

* chore: rebase the test

Signed-off-by: Mehrbod Akhlaghpour <m9.akhlaghpoor@gmail.com>

* fix: test cases for duplicate keys

Signed-off-by: Mehrbod Akhlaghpour <m9.akhlaghpoor@gmail.com>

---------

Signed-off-by: Mehrbod Akhlaghpour <m9.akhlaghpoor@gmail.com>
 2024-01-14 18:08:59 +01:00
Peter Stolz
1f665cea5d
docs: add command to install CRDs using kustomize (#3023) 
Signed-off-by: Peter Stolz <50801264+PeterStolz@users.noreply.github.com>
 2024-01-14 15:27:29 +01:00
aviadkray
04bccc5316
gramar2 - intuitive not intuative (#2992) 
Signed-off-by: aviadkray <108495983+aviadkray@users.noreply.github.com>
 2024-01-12 22:55:55 +01:00
aviadkray
92187cf2b9
fix grammar (#2991) 2024-01-12 22:47:41 +01:00
Shuhei Kitagawa
373a9c23e8
Update the ExternalSecret status even when data is empty (#2927) 
https://github.com/external-secrets/external-secrets/issues/2874

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
 2024-01-12 22:09:03 +01:00
Charles Thomas
40ab707049
doc: update bitwarden-cli image & version (#2971) 
Signed-off-by: Charles Thomas <ch@rlesthom.as>
 2024-01-12 22:01:26 +01:00
Benjamin Walterscheid
ef19459914
Issue/2965 - Documentation does not reflect latest changes for datafrom for IBM Secret Manager (#3010) 
* 2963 - removed duplicated annotations

Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>

* 2963 - updated documentation to use kv secret types with v1beta1 apiVersion

Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>

* 2963 - minor yaml corrections

Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>

* added some example for v2 literal templating (#3007)

Signed-off-by: Robert Paschedag <robert.paschedag@sap.com>
Co-authored-by: Robert Paschedag <robert.paschedag@sap.com>
Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>

---------

Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
Signed-off-by: Robert Paschedag <robert.paschedag@sap.com>
Co-authored-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>
Co-authored-by: Robert Paschedag <robert.paschedag@web.de>
Co-authored-by: Robert Paschedag <robert.paschedag@sap.com>
 2024-01-12 21:48:49 +01:00
Zadkiel Aharonian
551706c494
docs: update controller reconcile error rule (#3021) 
Signed-off-by: Zadkiel Aharonian <zadkiel.aharonian@gmail.com>
 2024-01-12 19:54:52 +01:00
Pedro Parra Ortega
ba8cf6bde5
Feat/allow keeper to work with complex types (#3016) 
* update dependencies (#3005)

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* feat: allow keeper to work with complex types

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

---------

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>
Co-authored-by: eso-service-account-app[bot] <85832941+eso-service-account-app[bot]@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
 2024-01-12 00:30:58 +01:00
eso-service-account-app[bot]
559c773792
update dependencies (#3005) 
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
 2024-01-10 23:59:43 +01:00
barucoh
ab1e95a458
Akeyless Provider - Add support for Certificate items Signed-off-by: barucoh <20933964+barucoh@users.noreply.github.com> (#3013) 
Signed-off-by: “barucoh” <“ohadbaruch1@gmail.com”>
 2024-01-10 23:11:03 +01:00
Robert Paschedag
45e2bd3796
added some example for v2 literal templating (#3007) 
Signed-off-by: Robert Paschedag <robert.paschedag@sap.com>
Co-authored-by: Robert Paschedag <robert.paschedag@sap.com>
 2024-01-09 09:38:23 +01:00
Shuhei Kitagawa
f32ea9f91d
Configure codecov (#2995) 
* Configure codevov

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Disable annotations

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Set ignore

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
 2024-01-05 23:26:39 +01:00
Bryce Thuilot
0bb4feae4a
feat: add PushSecret and DeleteSecret to onepassword provider (#2646) 
* feat: add PushSecret and DeleteSecret to onepassword provider

Signed-off-by: Bryce Thuilot <bryce@thuilot.io>

* refactor: clean code based on suggestions

Signed-off-by: Bryce Thuilot <bryce@thuilot.io>

* refactor: make suggested sonar cube changes

Signed-off-by: Bryce Thuilot <bryce@thuilot.io>

---------

Signed-off-by: Bryce Thuilot <bryce@thuilot.io>
 2024-01-04 19:36:41 +01:00
Matúš Ferech
0ac250dd2d
Fix typo in pushsecrets docs (#2998) 2024-01-04 15:28:05 +01:00
Allen Conlon
0fbc4a8340
feat: add ability to define flavour for tag (#2881) 
Signed-off-by: Allen Conlon <allen@conlon.dev>
 2024-01-03 23:19:31 +01:00
Aran Shavit
bfc158aaa0
Fix value name (#2985) 2024-01-03 17:19:32 +01:00
eso-service-account-app[bot]
cbb2c409e4
update dependencies (#2988) 
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
 2024-01-02 22:58:12 +01:00
Thibault Gérondal
97a51b50f4
fix: chart: update cert-manager cert. duration (#2986) 
Update cert-manager certificate duration to 1 year in the Helm chart.

This commit resolves a timing issue in the external-secrets Helm chart,
where the default certificate duration was previously not explicitly
set. This lack of specification led to conflicts with the cert-manager's
lookahead interval. By setting the `webhook.certManager.cert.duration`
to "8760h" (one year), we ensure that cert-manager will renew the
certificate before the external-secrets webhook starts to report issues,
and restarts, due to the certificate nearing expiration (as per the
lookahead interval).

This solution has been discussed in
external-secrets/external-secrets#2519.

Signed-off-by: Thibault Gérondal <tgerondal@emasphere.com>
 2023-12-27 18:33:18 +01:00
dependabot[bot]
921ed35efc
chore(deps): bump golang from 1.20.1 to 1.21.5 (#2976) 
Bumps golang from 1.20.1 to 1.21.5.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-25 13:51:25 +01:00
Moritz Johner
47874c0b55
chore: bump 0.9.11 (#2982) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2023-12-25 14:34:43 +02:00
Moritz Johner
a0c5f7eb51
fix: bump kubernetes version support (#2981) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2023-12-25 13:53:10 +02:00
eso-service-account-app[bot]
6f21a9ab33
update dependencies (#2978) 
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
 2023-12-25 12:31:26 +01:00
Moritz Johner
e9cd99148f
fix: do not error if helm chart version already exists (#2974) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2023-12-23 22:30:03 +01:00
Nate Kaldor
371b18fd08
do not deploy certController when certManager is enabled by webhook (#2952) 
Signed-off-by: kaldorn <nate.kaldor@outreach.io>
 2023-12-22 22:23:12 +01:00