1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

3146 commits

Author SHA1 Message Date
dependabot[bot]
6c7d829ede
chore(deps): bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 (#4146)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.28.0 to 0.29.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](915b19bbe7...18f2510ee3)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-25 10:53:38 +01:00
dependabot[bot]
bcbf90a363
chore(deps): bump codecov/codecov-action from 5.0.2 to 5.0.7 (#4145)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.0.2 to 5.0.7.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](5c47607acb...015f24e681)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-25 10:50:33 +01:00
dependabot[bot]
5f537ac831
chore(deps): bump tornado from 6.4.1 to 6.4.2 in /hack/api-docs (#4144)
Bumps [tornado](https://github.com/tornadoweb/tornado) from 6.4.1 to 6.4.2.
- [Changelog](https://github.com/tornadoweb/tornado/blob/v6.4.2/docs/releases.rst)
- [Commits](https://github.com/tornadoweb/tornado/compare/v6.4.1...v6.4.2)

---
updated-dependencies:
- dependency-name: tornado
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-25 10:42:15 +01:00
dependabot[bot]
662d5840fe
chore(deps): bump mkdocs-material in /hack/api-docs (#4143)
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.5.44 to 9.5.45.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.44...9.5.45)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-25 10:33:44 +01:00
Mathew Wicks
ac26166ac9
feat: significantly reduce api calls and introduce partial secret cache (#4086)
* feat: reduce api calls and introduce partial secret cache

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

* updates from review 1

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

* updates from review 2

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

* fix updating CreationPolicy after secret creation

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

* updates from review 3

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

* prevent loop when two ES claim Owner on the same target secret

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

* updates from review 4

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

* fix ClusterSecretStore not ready message

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

---------

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-24 22:53:53 +01:00
Gergely Brautigam
bea0fb6361
chore: bump version v0.10.7 (#4141) 2024-11-23 11:43:25 +01:00
Gergely Brautigam
dc6be312cf
feat: add yaml based encoding for get secrets as map (#4001) 2024-11-23 07:31:53 +01:00
Gustavo Fernandes de Carvalho
9f91fe80d2
chore: add blog (#4137)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-11-21 15:37:31 +00:00
Igor Beliakov
96921ee131
fix(azure-keyvault): remove incorrect suffix from provider URL (#4136)
Signed-off-by: Igor Beliakov <demtis.register@gmail.com>
2024-11-21 08:37:38 -03:00
Gergely Brautigam
1ae44e4167
fix: permissions on steps is not a thing (#4134)
* fix: permissions on steps is not a thing

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* add comment in the values about the conversion

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-20 20:58:44 +01:00
Gergely Brautigam
f68c0a96ad
Release v0.10.6 helm chart docs (#4133)
* chore: bump helm-chart version v0.10.6

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* updated the release doc

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-20 18:40:35 +01:00
Antonio Spadaro
23eea8927a
Change wrong YAML TLS keys (#4131)
See https://github.com/external-secrets/external-secrets/issues/4130

Signed-off-by: Antonio Spadaro <ilovelinux@users.noreply.github.com>
2024-11-20 09:23:46 -03:00
Gergely Brautigam
f61580e0dd
fix: further restrict token permissions on helm action steps (#4129)
* fix: further restrict token permissions on helm action steps

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* pin cosign to a specific hash

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-20 12:07:42 +01:00
Gergely Brautigam
dc7c2ab443
fix: restrict the token permission update to the push chart step (#4128) 2024-11-20 11:19:00 +01:00
Gergely Brautigam
44e462f510
feat: implement SecretExists function for gcp secretsmanager (#4127)
* feat: implement SecretExists function for gcp secretsmanager

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* refactored the test for lesser complexity

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-20 10:40:41 +01:00
Moritz Johner
1d85a90530
fix: do not import gpg key from forked repo (#4126)
* fix: do not import gpg key from forked repo

The key does not exist there and is not needed.
The import-gpg and run-chart-releaser step should only run
on main.
Otherwise it fails due to missing GPG key and invalid permissions on
github token.
2024-11-19 21:58:25 +01:00
Gergely Brautigam
7b7dad464d
feat: supporting pushing entire secret for bitwarden provider (#4106)
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-19 16:32:17 +01:00
Gergely Brautigam
3ffeeb55dd
feat: enable concurrent reconciling for push secret reconciler (#4124)
* feat: enable concurrent reconciling for push secret reconciler

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* add cluster secret store concurrent option as well

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-19 12:20:05 +01:00
eso-service-account-app[bot]
210b39715e
update dependencies (#4122)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-18 15:18:30 +01:00
Moritz Johner
df54ac9986
fix: re-enable signing helm release (#4109)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2024-11-18 12:29:25 +00:00
dependabot[bot]
4e6372bd47
chore(deps): bump golang from 0e3377d to 3f3b9da in /e2e (#4120)
Bumps golang from `0e3377d` to `3f3b9da`.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 13:14:05 +01:00
dependabot[bot]
24942b8410
chore(deps): bump alpine from beefdbd to 1e42bbe in /e2e (#4119)
Bumps alpine from `beefdbd` to `1e42bbe`.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 13:11:57 +01:00
dependabot[bot]
accb0a5ac4
chore(deps): bump alpine from beefdbd to 1e42bbe in /hack/api-docs (#4118)
Bumps alpine from `beefdbd` to `1e42bbe`.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 13:10:26 +01:00
dependabot[bot]
d1d9889d7b
chore(deps): bump softprops/action-gh-release from 2.0.9 to 2.1.0 (#4117)
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.9 to 2.1.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](e7a8f85e1c...01570a1f39)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 11:53:30 +01:00
dependabot[bot]
6724119638
chore(deps): bump codecov/codecov-action from 4.6.0 to 5.0.2 (#4116)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.6.0 to 5.0.2.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](b9fd7d16f6...5c47607acb)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 11:51:38 +01:00
dependabot[bot]
7b8cc5f233
chore(deps): bump github/codeql-action from 3.27.1 to 3.27.4 (#4115)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.1 to 3.27.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](4f3212b617...ea9e4e3799)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 11:30:04 +01:00
dependabot[bot]
b4bf572e08
chore(deps): bump alpine from beefdbd to 1e42bbe (#4114)
Bumps alpine from `beefdbd` to `1e42bbe`.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 11:15:57 +01:00
dependabot[bot]
2f4e3094d4
chore(deps): bump golang from 0974259 to c694a4d (#4113)
Bumps golang from `0974259` to `c694a4d`.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 11:04:32 +01:00
dependabot[bot]
933e1b1542
chore(deps): bump distroless/static from cc226ca to f4a57e8 (#4112)
Bumps distroless/static from `cc226ca` to `f4a57e8`.

---
updated-dependencies:
- dependency-name: distroless/static
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 10:15:28 +01:00
Arun Murugan
b5cdec5687
Sign helm chart artifact in ghcr.io (#4098)
* Install cosign for signing helm charts

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Fix helm push failing when GITHUB_REPOSITORY_OWNER contains Uppercase alphabets

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Sign helm chart in oci registry using cosign

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Add permissions required for cosign signing and provenance attestations

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Log helm push output

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Attest build provenance for helm artifact

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Format: break code block

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Reformat: Remove temp variable

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Verify signed helm chart after signing it

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

* Remove unnecessary helm action changes for external-secrets repository

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>

---------

Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-18 07:53:38 +01:00
Gustavo Fernandes de Carvalho
27c5f1f1f2
fix: refresh interval values (#4111)
Signed-off-by: Gustavo <gustavo@externalsecrets.com>
2024-11-18 07:50:16 +01:00
Tobi
c2388d2b9d
docs: reformat pushsecrets documentation to be a list (#4102)
* reformat pushsecrets documentation to be a list

Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>

* Use sections instead of a list

Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>

---------

Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-15 23:34:01 +01:00
Stas Alekseev
6fdfb6208a
Fix typo in webhook.md (#4100)
Signed-off-by: Stas Alekseev <100800+salekseev@users.noreply.github.com>
2024-11-13 17:36:33 +00:00
dependabot[bot]
0304b44742
chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1 (#4088)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](662472033e...4f3212b617)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-13 17:23:01 +00:00
eso-service-account-app[bot]
77f2b3489c
update dependencies (#4096)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2024-11-12 22:50:43 +00:00
dependabot[bot]
0c0fe54d6f
chore(deps): bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /e2e (#4094)
Bumps golang from 1.23.2-bookworm to 1.23.3-bookworm.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 22:27:54 +00:00
dependabot[bot]
81c49ba25f
chore(deps): bump regex from 2024.9.11 to 2024.11.6 in /hack/api-docs (#4093)
Bumps [regex](https://github.com/mrabarnett/mrab-regex) from 2024.9.11 to 2024.11.6.
- [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt)
- [Commits](https://github.com/mrabarnett/mrab-regex/compare/2024.9.11...2024.11.6)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 21:38:37 +00:00
dependabot[bot]
b262773d41
chore(deps): bump zipp from 3.20.2 to 3.21.0 in /hack/api-docs (#4092)
Bumps [zipp](https://github.com/jaraco/zipp) from 3.20.2 to 3.21.0.
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](https://github.com/jaraco/zipp/compare/v3.20.2...v3.21.0)

---
updated-dependencies:
- dependency-name: zipp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 21:38:21 +00:00
Andreas Lindhé
bf4a1a1ad9
Update docs for ExternalSecrets's refreshInterval (#4097)
Fixes #4079

Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
2024-11-12 21:36:58 +00:00
dependabot[bot]
e25edd7092
chore(deps): bump mkdocs-material in /hack/api-docs (#4091)
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.5.43 to 9.5.44.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.43...9.5.44)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 21:02:09 +00:00
dependabot[bot]
ff659c4a35
chore(deps): bump packaging from 24.1 to 24.2 in /hack/api-docs (#4090)
Bumps [packaging](https://github.com/pypa/packaging) from 24.1 to 24.2.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/24.1...24.2)

---
updated-dependencies:
- dependency-name: packaging
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 21:01:27 +00:00
dependabot[bot]
45df833a13
chore(deps): bump golang from 1.23.2 to 1.23.3 (#4089)
Bumps golang from 1.23.2 to 1.23.3.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 22:00:52 +01:00
Alex Samorukov
ebbc3a0e27
Add ability to use RetrySettings in the VaultDynamicSecret generator (#4076)
Signed-off-by: Oleksij Samorukov <samm@net-art.cz>
2024-11-07 07:58:23 +01:00
idimov-keeper
b3c3e1924d
Fix PushSecret lookup in keepersecurity provider (#4077)
* Fixed Keeper Security custom record type name in docs

Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>

* Fixed Keeper records lookup in PushSecret

Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>

* Improved Keeper record lookup to search only for records of the expected type
Improved PushSecret and DeleteSecret
Fixed "nil pointer dereference" errors

Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>

* Fixed tests

Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>

* chore(helm): Add extra labels to the validating webhooks (#4074)

It should add a bunch of app.kubernetes.io labels

Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>

* Added tests for secrets with multiple matches

Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>

---------

Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Tete17 <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-06 21:58:04 +01:00
Andreas Lindhé
51fabd49a5
Reduce refreshInterval example for ACR (#4078)
The old example used a `refreshInterval` value of 12h for the ACR access token. This change reduces that to 3h instead, since that is the expiration time for Service Principal authentication tokens:

https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli#service-principal

Service principals are not the only way to authenticate towards ACR. In fact, two other ways (`managedIdentity` and `workloadIdentity`) are also outlined in the docs. I was unable to find any documentation in Azure for the default expiration time for those tokens, so as far as I know it is always 3 hours. Thus I think we should reflect this in our examples.

Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
2024-11-06 15:23:57 +01:00
Tete17
a9ba8b2bc8
chore(helm): Add extra labels to the validating webhooks (#4074)
It should add a bunch of app.kubernetes.io labels

Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-05 23:00:06 +01:00
Gergely Brautigam
d4d4f4bc4b
feat: add AWS STS Session token generator (#4041)
* feat: add AWS STS Session token generator

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* version update for the generated CRD

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-05 13:22:00 +01:00
Gergely Brautigam
6b70c9002f
feat: add option to configure topic information for GCM (#4055)
* feat: add option to configure topic information for GCM

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* fix the comparison logic for updates to include topics

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-05 13:06:29 +01:00
Mike Tougeron
9113bced5b
Update VaultAppRole documentation to show/use roleRef in its examples (#4035)
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
2024-11-05 06:08:01 -03:00
eso-service-account-app[bot]
abd7b77611
chore: update dependencies (#4071)
* update dependencies

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>

* removed updating sigs.k8s.io/structured-merge-diff/v4 because that broke compilation and fixed two lint issues

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-05 08:49:29 +01:00