Gustavo Fernandes de Carvalho
e65bf8d402
chore: deprecation policy and deprecating process ( #4154 )
...
* chore: deprecation policy and deprecating process
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* fix: add missing non-scope to website
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* chore: adds inclusion to in-scope
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* Update DEPRECATING.md
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
* Update DEPRECATING.md
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
---------
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-27 20:04:38 +01:00
Ronaldo
4f3909e0c9
Add support for multiple Items fields in DelineSecretServer secrets ( #4051 )
...
* Add support for multiple fields in DelineSecretServer secrets
Signed-off-by: Ronaldo Saheki <rsaheki@gmail.com>
* Add tested cases for errors and update documentation
Signed-off-by: Ronaldo Saheki <rsaheki@gmail.com>
* Update docs/provider/secretserver.md
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Ronaldo Saheki <rsaheki@gmail.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: Ronaldo Saheki <ronaldo.saheki@veeam.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-27 07:35:52 +01:00
Diego Tejada
4dfa4d2622
feat: Add API key auth support on BeyondTrust provider ( #4101 )
...
* chore: bump BeyondTrust/go-client-library-passwordsafe version v0.9.1
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* feat: add ApiKey attribute to BeyondtrustAuth
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: update docs with ApiKey reference, add extra help comments
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* feat: conditionally using API Key or Client Credentials Auth on BeyondTrust provider
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* test: Add API key tests for BeyondTrust provider
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: add apiKey to spec.md
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: make reviewable files
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: ensured fmt
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: update APIKey variable case
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: fix typo
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: fix typo
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: fix typo
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump watchdog from 5.0.3 to 6.0.0 in /hack/api-docs (#4067 )
Bumps [watchdog](https://github.com/gorakhargosh/watchdog ) from 5.0.3 to 6.0.0.
- [Release notes](https://github.com/gorakhargosh/watchdog/releases )
- [Changelog](https://github.com/gorakhargosh/watchdog/blob/master/changelog.rst )
- [Commits](https://github.com/gorakhargosh/watchdog/compare/v5.0.3...v6.0.0 )
---
updated-dependencies:
- dependency-name: watchdog
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump pymdown-extensions in /hack/api-docs (#4068 )
Bumps [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions ) from 10.11.2 to 10.12.
- [Release notes](https://github.com/facelessuser/pymdown-extensions/releases )
- [Commits](https://github.com/facelessuser/pymdown-extensions/compare/10.11.2...10.12 )
---
updated-dependencies:
- dependency-name: pymdown-extensions
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump mkdocs-material in /hack/api-docs (#4069 )
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 9.5.42 to 9.5.43.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.42...9.5.43 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump softprops/action-gh-release from 2.0.8 to 2.0.9 (#4070 )
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.8 to 2.0.9.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](c062e08bd5...e7a8f85e1c#4073 )
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: update dependencies (#4071 )
* update dependencies
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
* removed updating sigs.k8s.io/structured-merge-diff/v4 because that broke compilation and fixed two lint issues
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update VaultAppRole documentation to show/use roleRef in its examples (#4035 )
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* feat: add option to configure topic information for GCM (#4055 )
* feat: add option to configure topic information for GCM
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* fix the comparison logic for updates to include topics
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* feat: add AWS STS Session token generator (#4041 )
* feat: add AWS STS Session token generator
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* version update for the generated CRD
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(helm): Add extra labels to the validating webhooks (#4074 )
It should add a bunch of app.kubernetes.io labels
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Reduce refreshInterval example for ACR (#4078 )
The old example used a `refreshInterval` value of 12h for the ACR access token. This change reduces that to 3h instead, since that is the expiration time for Service Principal authentication tokens:
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli#service-principal
Service principals are not the only way to authenticate towards ACR. In fact, two other ways (`managedIdentity` and `workloadIdentity`) are also outlined in the docs. I was unable to find any documentation in Azure for the default expiration time for those tokens, so as far as I know it is always 3 hours. Thus I think we should reflect this in our examples.
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Fix PushSecret lookup in keepersecurity provider (#4077 )
* Fixed Keeper Security custom record type name in docs
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Fixed Keeper records lookup in PushSecret
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Improved Keeper record lookup to search only for records of the expected type
Improved PushSecret and DeleteSecret
Fixed "nil pointer dereference" errors
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Fixed tests
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* chore(helm): Add extra labels to the validating webhooks (#4074 )
It should add a bunch of app.kubernetes.io labels
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Added tests for secrets with multiple matches
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
---------
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Tete17 <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Add ability to use RetrySettings in the VaultDynamicSecret generator (#4076 )
Signed-off-by: Oleksij Samorukov <samm@net-art.cz>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: make reviewable format
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* refactor: reduced complexity in NewClient
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* refactor: reduced function parameters
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump golang from 1.23.2 to 1.23.3 (#4089 )
Bumps golang from 1.23.2 to 1.23.3.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump packaging from 24.1 to 24.2 in /hack/api-docs (#4090 )
Bumps [packaging](https://github.com/pypa/packaging ) from 24.1 to 24.2.
- [Release notes](https://github.com/pypa/packaging/releases )
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pypa/packaging/compare/24.1...24.2 )
---
updated-dependencies:
- dependency-name: packaging
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump mkdocs-material in /hack/api-docs (#4091 )
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material ) from 9.5.43 to 9.5.44.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases )
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG )
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.43...9.5.44 )
---
updated-dependencies:
- dependency-name: mkdocs-material
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update docs for ExternalSecrets's refreshInterval (#4097 )
Fixes #4079
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump zipp from 3.20.2 to 3.21.0 in /hack/api-docs (#4092 )
Bumps [zipp](https://github.com/jaraco/zipp ) from 3.20.2 to 3.21.0.
- [Release notes](https://github.com/jaraco/zipp/releases )
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst )
- [Commits](https://github.com/jaraco/zipp/compare/v3.20.2...v3.21.0 )
---
updated-dependencies:
- dependency-name: zipp
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump regex from 2024.9.11 to 2024.11.6 in /hack/api-docs (#4093 )
Bumps [regex](https://github.com/mrabarnett/mrab-regex ) from 2024.9.11 to 2024.11.6.
- [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt )
- [Commits](https://github.com/mrabarnett/mrab-regex/compare/2024.9.11...2024.11.6 )
---
updated-dependencies:
- dependency-name: regex
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /e2e (#4094 )
Bumps golang from 1.23.2-bookworm to 1.23.3-bookworm.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* update dependencies (#4096 )
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1 (#4088 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](662472033e...4f3212b617#4100 )
Signed-off-by: Stas Alekseev <100800+salekseev@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* docs: reformat pushsecrets documentation to be a list (#4102 )
* reformat pushsecrets documentation to be a list
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
* Use sections instead of a list
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
---------
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* fix: refresh interval values (#4111 )
Signed-off-by: Gustavo <gustavo@externalsecrets.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Sign helm chart artifact in ghcr.io (#4098 )
* Install cosign for signing helm charts
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Fix helm push failing when GITHUB_REPOSITORY_OWNER contains Uppercase alphabets
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Sign helm chart in oci registry using cosign
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Add permissions required for cosign signing and provenance attestations
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Log helm push output
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Attest build provenance for helm artifact
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Format: break code block
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Reformat: Remove temp variable
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Verify signed helm chart after signing it
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
* Remove unnecessary helm action changes for external-secrets repository
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
---------
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump distroless/static from `cc226ca` to `f4a57e8` (#4112 )
Bumps distroless/static from `cc226ca` to `f4a57e8`.
---
updated-dependencies:
- dependency-name: distroless/static
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump golang from `0974259` to `c694a4d` (#4113 )
Bumps golang from `0974259` to `c694a4d`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump alpine from `beefdbd` to `1e42bbe` (#4114 )
Bumps alpine from `beefdbd` to `1e42bbe`.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump github/codeql-action from 3.27.1 to 3.27.4 (#4115 )
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.1 to 3.27.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4f3212b617...ea9e4e3799#4116 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.6.0 to 5.0.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](b9fd7d16f6...5c47607acb#4117 )
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.9 to 2.1.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](e7a8f85e1c...01570a1f39#4118 )
Bumps alpine from `beefdbd` to `1e42bbe`.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump alpine from `beefdbd` to `1e42bbe` in /e2e (#4119 )
Bumps alpine from `beefdbd` to `1e42bbe`.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore(deps): bump golang from `0e3377d` to `3f3b9da` in /e2e (#4120 )
Bumps golang from `0e3377d` to `3f3b9da`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* fix: re-enable signing helm release (#4109 )
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* update dependencies (#4122 )
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* Update pkg/provider/beyondtrust/provider.go
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* chore: fix linter errors
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* refactor: split credentials/certificate reading functionality
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
* style: apply make fmt
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
---------
Signed-off-by: Diego Tejada <dtejada@beyondtrust.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
Signed-off-by: Oleksij Samorukov <samm@net-art.cz>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Stas Alekseev <100800+salekseev@users.noreply.github.com>
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Signed-off-by: Gustavo <gustavo@externalsecrets.com>
Signed-off-by: Aruuunn <arunmurugan.official@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: eso-service-account-app[bot] <85832941+eso-service-account-app[bot]@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Mike Tougeron <mtougeron@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
Co-authored-by: Tete17 <miguel_tete17@hotmail.com>
Co-authored-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
Co-authored-by: idimov-keeper <78815270+idimov-keeper@users.noreply.github.com>
Co-authored-by: Alex Samorukov <samm@net-art.cz>
Co-authored-by: Stas Alekseev <100800+salekseev@users.noreply.github.com>
Co-authored-by: Tobi <22715034+twobiers@users.noreply.github.com>
Co-authored-by: Arun Murugan <arunmurugan.official@gmail.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2024-11-26 21:54:58 +01:00
Gergely Brautigam
fb9526f38a
feat: implement a cluster-wide generator ( #4140 )
...
* feat: implement a cluster-wide generator
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* remove unneeded function
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* check diff run output
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* alternative implementation of the Generator approach using specs only
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* refactor the extracting code
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* slight modification to the naming of the spec from generatorSpec to simply generator
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* write a unit test for the generator and register it in the scheme
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* add documentation for the cluster generator
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-26 15:32:26 +01:00
Daniel R. Dagfinrud
40a698dafd
feat: add ability to push expiration date to secret in azure key vault ( #4149 )
...
* feat: add ability to push expiration date of secret to azure key vault with annotation
Signed-off-by: deggja <danieldagfinrud@gmail.com>
* docs: set example annotation on secret in docs
Signed-off-by: deggja <danieldagfinrud@gmail.com>
* test: added test for updating to new expiration date
Signed-off-by: deggja <danieldagfinrud@gmail.com>
* chore: format
Signed-off-by: deggja <danieldagfinrud@gmail.com>
* chore: clean up go.mod
Signed-off-by: deggja <danieldagfinrud@gmail.com>
* feat: add expiration date for secret as field in metadata block in pushsecret
Signed-off-by: deggja <danieldagfinrud@gmail.com>
* extract the metadata from Kubernetes package and put it into its own package
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: deggja <danieldagfinrud@gmail.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-26 10:15:40 +01:00
Mathew Wicks
ac26166ac9
feat: significantly reduce api calls and introduce partial secret cache ( #4086 )
...
* feat: reduce api calls and introduce partial secret cache
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
* updates from review 1
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
* updates from review 2
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
* fix updating CreationPolicy after secret creation
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
* updates from review 3
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
* prevent loop when two ES claim Owner on the same target secret
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
* updates from review 4
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
* fix ClusterSecretStore not ready message
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
---------
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-24 22:53:53 +01:00
Gustavo Fernandes de Carvalho
9f91fe80d2
chore: add blog ( #4137 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-11-21 15:37:31 +00:00
Antonio Spadaro
23eea8927a
Change wrong YAML TLS keys ( #4131 )
...
See https://github.com/external-secrets/external-secrets/issues/4130
Signed-off-by: Antonio Spadaro <ilovelinux@users.noreply.github.com>
2024-11-20 09:23:46 -03:00
Gustavo Fernandes de Carvalho
27c5f1f1f2
fix: refresh interval values ( #4111 )
...
Signed-off-by: Gustavo <gustavo@externalsecrets.com>
2024-11-18 07:50:16 +01:00
Tobi
c2388d2b9d
docs: reformat pushsecrets documentation to be a list ( #4102 )
...
* reformat pushsecrets documentation to be a list
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
* Use sections instead of a list
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
---------
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-15 23:34:01 +01:00
Stas Alekseev
6fdfb6208a
Fix typo in webhook.md ( #4100 )
...
Signed-off-by: Stas Alekseev <100800+salekseev@users.noreply.github.com>
2024-11-13 17:36:33 +00:00
Andreas Lindhé
bf4a1a1ad9
Update docs for ExternalSecrets's refreshInterval ( #4097 )
...
Fixes #4079
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
2024-11-12 21:36:58 +00:00
idimov-keeper
b3c3e1924d
Fix PushSecret lookup in keepersecurity provider ( #4077 )
...
* Fixed Keeper Security custom record type name in docs
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Fixed Keeper records lookup in PushSecret
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Improved Keeper record lookup to search only for records of the expected type
Improved PushSecret and DeleteSecret
Fixed "nil pointer dereference" errors
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Fixed tests
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* chore(helm): Add extra labels to the validating webhooks (#4074 )
It should add a bunch of app.kubernetes.io labels
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
* Added tests for secrets with multiple matches
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
---------
Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com>
Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com>
Co-authored-by: Tete17 <miguel_tete17@hotmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-06 21:58:04 +01:00
Andreas Lindhé
51fabd49a5
Reduce refreshInterval example for ACR ( #4078 )
...
The old example used a `refreshInterval` value of 12h for the ACR access token. This change reduces that to 3h instead, since that is the expiration time for Service Principal authentication tokens:
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli#service-principal
Service principals are not the only way to authenticate towards ACR. In fact, two other ways (`managedIdentity` and `workloadIdentity`) are also outlined in the docs. I was unable to find any documentation in Azure for the default expiration time for those tokens, so as far as I know it is always 3 hours. Thus I think we should reflect this in our examples.
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
2024-11-06 15:23:57 +01:00
Gergely Brautigam
d4d4f4bc4b
feat: add AWS STS Session token generator ( #4041 )
...
* feat: add AWS STS Session token generator
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* version update for the generated CRD
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-05 13:22:00 +01:00
Mike Tougeron
9113bced5b
Update VaultAppRole documentation to show/use roleRef in its examples ( #4035 )
...
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
2024-11-05 06:08:01 -03:00
eitan-kr
8d55db86e6
Updated stability and supported features for Akeyless ( #4061 )
...
Signed-off-by: eitan-kr <eitan.k@akeyless.io>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-10-30 22:34:40 +01:00
aaronkao
841074738d
Adding Pulumi ESC ( #4062 )
...
Signed-off-by: Aaron Kao <kao@pulumi.com>
2024-10-30 22:30:33 +01:00
Konradas Bunikis
c51ad8d98f
feat: Support repositories and permissions in GitHub generator ( #4039 )
...
* feat: Support repositories and permissions in GitHub generator
Signed-off-by: konradasb <konradasb0@gmail.com>
* fix: Correct typo ommited->omitted
Signed-off-by: konradasb <konradasb0@gmail.com>
* fix: Optimize http req body
Signed-off-by: konradasb <konradasb0@gmail.com>
* fix: Optimize body var usage
Signed-off-by: konradasb <konradasb0@gmail.com>
* fix: Correct typo marshalling->marshaling
Signed-off-by: konradasb <konradasb0@gmail.com>
---------
Signed-off-by: konradasb <konradasb0@gmail.com>
2024-10-28 12:02:06 +01:00
btfhernandez
a0be752c8a
chore: upgrade beyondtrust go client library ( #4027 )
...
* chore: upgrade beyondtrust go client library
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix attribute name in secret store file and push go.sum file
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: run go mod tidy and push changes
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
---------
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
2024-10-25 06:57:57 +02:00
Tchoupinax
0dd419a738
feat: edit all required changes for recursive option ( #3939 )
...
* feat: edit all required changes for recursive option
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
* chore: make reviewable
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
* feat: add missing param
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
* feat: change property type to boolean
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
* docs: new doc version
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
---------
Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
2024-10-14 09:24:48 +02:00
Moritz Johner
9f7533867d
feat: push secret metadata ( #3600 )
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2024-10-12 20:41:10 +02:00
Engin Diri
774d3dd4f6
docs: add blog post about Pulumi ESC and ESO ( #3996 )
...
Signed-off-by: Engin Diri <engin.diri@ediri.de>
2024-10-08 09:04:20 +02:00
Moritz Johner
76cf8ad263
feat: allow generators to be referenced from a PushSecret ( #3965 )
...
This removes the need for an intermediary Kind=ExternalSecret and
Kind=Secret when using a generator.
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2024-10-02 06:43:00 +00:00
Gergely Brautigam
a50dff013c
fix: uuid generator doc example links ( #3955 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-25 09:46:58 +02:00
Michael Malov
5d83bd4d93
docs: pin CRDs version in FluxCD example, bump api versions ( #3940 )
...
Signed-off-by: Michael Malov <14035243+malovme@users.noreply.github.com>
2024-09-24 22:20:12 +02:00
John
18485b07db
docs(beyondtrust): fix provider indentation, smaller fixes ( #3924 )
...
* docs(beyondtrust): fix provider indentation, smaller fixes
Signed-off-by: dmpe <cincenko@outlook.com>
* add more documentation
Signed-off-by: dmpe <cincenko@outlook.com>
---------
Signed-off-by: dmpe <cincenko@outlook.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-24 07:03:34 +02:00
Gijs Middelkamp
daa1297f3d
Implements Previder provider for Previder Secret Vault implementation ( #3916 )
...
* Added Previder Vault Provider and tests
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Set go version back to 1.23
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Updates after "make reviewable"
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Fixed methods to naming convention
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Added Previder to stability support doc
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Added installation documentation and Previder logo
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Altered last test name for naming convention
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Adds Previder provider to api-docs/mkdocs.yml
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Ran make check-diff
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Updated Tiltfile to check for new default image used in helm chart
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Added optional tag to PreviderAuth struct
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Removed toolchain
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
* Updated to go 1.23.1 for CVE; Updated previder/vault-cli to 0.1.2 for CVE fix also
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
---------
Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl>
Signed-off-by: Gijs Middelkamp <17021438+gkwmiddelkamp@users.noreply.github.com>
2024-09-21 16:44:32 +02:00
Engin Diri
231a6ea674
feat: update Pulumi provider for GA ( #3917 )
...
Signed-off-by: Engin Diri <engin.diri@ediri.de>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-21 09:54:12 +02:00
dan-akeyless
680a3a4b8d
Feature/asm 11630 akeyless push secret ( #3907 )
...
* feat[ASM-11630]- Akeyless PushSecret: implement push, delete, exists
Signed-off-by: Dan Barak <dan.b@akeyless.io>
* feat[ASM-11630]- Akeyless PushSecret: contextualise token, add metrics, make new function interface friendly
Signed-off-by: Dan Barak <dan.b@akeyless.io>
* feat[ASM-11630]- Akeyless PushSecret: add test on SecretExists, PushSecret, DeleteSecret
Signed-off-by: Dan Barak <dan.b@akeyless.io>
* feat[ASM-11630]- Akeyless PushSecret: update documentations
Signed-off-by: Dan Barak <dan.b@akeyless.io>
* feat[ASM-11630]- Akeyless PushSecret: refactor metrics func names
Signed-off-by: Dan Barak <dan.b@akeyless.io>
* feat[ASM-11630]- Akeyless PushSecret: linting
Signed-off-by: Dan Barak <dan.b@akeyless.io>
* feat[ASM-11630]- Akeyless PushSecret: simplify push
Signed-off-by: Dan Barak <dan.b@akeyless.io>
* feat[ASM-11630]- Akeyless PushSecret: decrease code complexity and deduplicate
Signed-off-by: Dan Barak <dan.b@akeyless.io>
* feat[ASM-11630]- Akeyless PushSecret: check for token type assertion and decrease PushSecret complexity
Signed-off-by: Dan Barak <dan.b@akeyless.io>
---------
Signed-off-by: Dan Barak <dan.b@akeyless.io>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-20 21:14:03 +02:00
KAZY
665f112570
update label ( #3898 )
...
Signed-off-by: KAZYPinkSaurus <kazuya.arai@sansan.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-16 13:43:29 +02:00
Alexander Schaber
f73187dabb
New Generator for UUIDs ( #3296 )
...
* feat(generator/uuid): initial version
Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>
* fix(generator/uuid): rename symbols in compliance with lint
Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>
* fix(generator/uuid): rename unused vars to `_` to fix lint
Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>
* docs(generator/uuid): initial documentation for uuid generator
Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>
---------
Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>
2024-09-08 19:54:47 +02:00
Sn0rt
117056d557
chore: add eso tools page ( #3870 )
...
Signed-off-by: Sn0rt <wangguohao.2009@gmail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
2024-09-07 22:32:29 +02:00
Gustavo Fernandes de Carvalho
e96b15ba39
chore: update docs sponsors & broken links ( #3877 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-09-06 10:12:14 -03:00
shazib
adf4da46ac
Updated supported versions table for release 0.10 ( #3873 )
...
Signed-off-by: Shazib Summar <clevver.roy39@gmail.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-06 10:41:11 +02:00
Orad Segal
b479f7d4ce
removed deprecated spec file ( #3868 )
...
Signed-off-by: Orad Segal <124451776+7Pawns@users.noreply.github.com>
2024-09-05 08:06:41 +02:00
saliha mallem
103af073a8
add saliha mallem blog ( #3867 )
...
Co-authored-by: Saliha Mallem <Saliha.Mallem@ibm.com>
2024-09-04 12:30:57 -03:00
Gergely Brautigam
c3dcd9adcd
fix: bitwarden API url to point to the correct default location ( #3848 )
...
* fix: bitwarden API url to point to the correct default location
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* explicitly remove trailing slashes to prevent not found error
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-02 07:04:48 +02:00
Shlomo Zalman Heigh
a1722cbfaa
Use Conjur API's built in JWT functions ( #3771 )
...
* Use Conjur API's built in JWT functions
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
* docs: clarify that all Conjur types are supported
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
* docs: add link to Conjur blog post
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
---------
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
2024-08-28 21:54:04 +02:00
eso-service-account-app[bot]
3414bd6428
chore: update dependencies ( #3815 )
2024-08-19 17:07:20 +02:00
Gergely Brautigam
82d419e2ee
feat: add CAProvider to Bitwarden provider ( #3699 )
...
* feat: add CAProvider to bitwarden
This change introduces a refactor as well since CAProvider
was used by multiple providers with diverging implementations.
The following providers were affected:
- webhook
- akeyless
- vault
- conjur
- kubernetes
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* refactored the Kubernetes provider to use create ca
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* refactor webhook, vault and kubernetes provider
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* rename CreateCACert to FetchCACertFromSource
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* addressed comments and autodecoding base64 data
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* check if the decoded value is a valid certificate
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-08-16 12:32:35 +02:00
Gustavo Fernandes de Carvalho
098d03792d
chore: update security best practice ( #3794 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-08-15 21:31:01 +02:00
Kris
d230fd7e9f
chore: add minimal policy for fetching parameters from ssm ( #3770 )
...
Signed-off-by: Kris Johnstone <kris.johnstone@fostermoore.com>
2024-08-08 06:48:08 -03:00
btfhernandez
77f5d0ad91
feat: add beyondtrust provider ( #3683 )
...
* feat: add beyondtrust provider
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: edit go.mod and go.sum files
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: change test file name (provider_test.go)
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: solve PR comments
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: organize attributes in a higher hierarchy
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix sonar cloud issues and go.mod file conflicts
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix PR comments and apply table driven tests
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix PR comments
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix lint issues
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix lint issues on tests
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: run make fmt
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: apply camelCase to yaml attributes
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: solve go.mod file conflict
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: run make check-diff
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
---------
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
Signed-off-by: btfhernandez <133419363+btfhernandez@users.noreply.github.com>
2024-08-07 09:27:04 +02:00
Gergely Brautigam
6bab976275
doc: add maintainer of the bitwarden secret manager provider ( #3762 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-08-05 08:19:27 +02:00
Ketil
eae808d851
docs: document fullPemToPkcs12 functions ( #3749 )
...
Signed-off-by: Ketil Gjerde <477141+mysteq@users.noreply.github.com>
2024-08-02 10:21:31 +02:00
Gergely Brautigam
d5ca3161d6
feat: do not modify the secret in case of a NotModified ( #3746 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-07-31 12:29:21 +02:00
Gergely Brautigam
8c709cfa43
feat: add prefix definition to all secret keys for aws parameter store ( #3718 )
...
* feat: add prefix definition to all secret keys for aws parameter store
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* added a push secret test to verify called parameter has a prefix
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-07-31 12:29:07 +02:00
Carlos Neto
d10a66ee68
docs: add more details in the externalsecret comments in the API section (creationPolicy + deletionPolicy) ( #3725 )
...
Signed-off-by: c-neto <carlos.neto.dev@gmail.com>
2024-07-29 22:47:48 +02:00
Tyler Renslow
a2c7923e35
docs: Remove references to pemCertificate and pemPrivateKey functions ( #3744 )
...
* Update docs
Fixes #3260 Removes old deprecated template function
Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>
* Update templating-v1.md
Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>
---------
Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>
2024-07-29 22:33:34 +02:00
