external-secrets

mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

Author	SHA1	Message	Date
Gergely Brautigam	a50dff013c	fix: uuid generator doc example links (#3955 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-09-25 09:46:58 +02:00
Gijs Middelkamp	daa1297f3d	Implements Previder provider for Previder Secret Vault implementation (#3916 ) * Added Previder Vault Provider and tests Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Set go version back to 1.23 Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Updates after "make reviewable" Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Fixed methods to naming convention Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Added Previder to stability support doc Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Added installation documentation and Previder logo Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Altered last test name for naming convention Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Adds Previder provider to api-docs/mkdocs.yml Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Ran make check-diff Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Updated Tiltfile to check for new default image used in helm chart Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Added optional tag to PreviderAuth struct Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Removed toolchain Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> * Updated to go 1.23.1 for CVE; Updated previder/vault-cli to 0.1.2 for CVE fix also Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> --------- Signed-off-by: Gijs Middelkamp <g.middelkamp@previder.nl> Signed-off-by: Gijs Middelkamp <17021438+gkwmiddelkamp@users.noreply.github.com>	2024-09-21 16:44:32 +02:00
Engin Diri	231a6ea674	feat: update Pulumi provider for GA (#3917 ) Signed-off-by: Engin Diri <engin.diri@ediri.de> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-09-21 09:54:12 +02:00
Alexander Schaber	f73187dabb	New Generator for UUIDs (#3296 ) * feat(generator/uuid): initial version Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * fix(generator/uuid): rename symbols in compliance with lint Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * fix(generator/uuid): rename unused vars to `_` to fix lint Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * docs(generator/uuid): initial documentation for uuid generator Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> --------- Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>	2024-09-08 19:54:47 +02:00
Gergely Brautigam	82d419e2ee	feat: add CAProvider to Bitwarden provider (#3699 ) * feat: add CAProvider to bitwarden This change introduces a refactor as well since CAProvider was used by multiple providers with diverging implementations. The following providers were affected: - webhook - akeyless - vault - conjur - kubernetes Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * refactored the Kubernetes provider to use create ca Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * refactor webhook, vault and kubernetes provider Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * rename CreateCACert to FetchCACertFromSource Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * addressed comments and autodecoding base64 data Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * check if the decoded value is a valid certificate Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-08-16 12:32:35 +02:00
btfhernandez	77f5d0ad91	feat: add beyondtrust provider (#3683 ) * feat: add beyondtrust provider Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * feat: edit go.mod and go.sum files Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * feat: change test file name (provider_test.go) Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * feat: solve PR comments Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * feat: organize attributes in a higher hierarchy Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix sonar cloud issues and go.mod file conflicts Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix PR comments and apply table driven tests Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix PR comments Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix lint issues Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: fix lint issues on tests Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: run make fmt Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: apply camelCase to yaml attributes Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: solve go.mod file conflict Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> * fix: run make check-diff Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> --------- Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com> Signed-off-by: btfhernandez <133419363+btfhernandez@users.noreply.github.com>	2024-08-07 09:27:04 +02:00
Gergely Brautigam	d5ca3161d6	feat: do not modify the secret in case of a NotModified (#3746 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-07-31 12:29:21 +02:00
Gergely Brautigam	8c709cfa43	feat: add prefix definition to all secret keys for aws parameter store (#3718 ) * feat: add prefix definition to all secret keys for aws parameter store Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * added a push secret test to verify called parameter has a prefix Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-07-31 12:29:07 +02:00
Mike Tougeron	7f71b4717a	Update docs for namespaceSelectors usage and namespaceSelector deprecation (#3695 ) Signed-off-by: Mike Tougeron <tougeron@adobe.com>	2024-07-21 16:37:48 -03:00
abhinav1708	bdd0c7ec9a	support for adding headers in vault provider (#3677 ) * support for vault headers Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * changes in crds bases for headers support Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * adding autogenerated files Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * removing extra--- Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * adding headers before x-vault-Inconsistent Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> * changing for lint pass Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com> --------- Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>	2024-07-15 11:27:06 +02:00
Bill Hamilton	1876ff88d7	Add support for Delinea Secret Server (#3468 ) * implements secretserver Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com> * bump to align e2e Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * bump Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> --------- Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2024-07-10 14:32:17 -03:00
kaedwen	48cccaeded	add AuthRef to kubernetes provider fixes #3627 (#3628 ) * add AuthRef to kubernetes provider fixes #3627 Signed-off-by: kaedwen <kaedwen@heinrich.blue> * run make reviewable Signed-off-by: kaedwen <kaedwen@heinrich.blue> * fix validation for given authRef Signed-off-by: kaedwen <kaedwen@heinrich.blue> * refactor kubernetes provider auth Signed-off-by: kaedwen <kaedwen@heinrich.blue> * satisfy linter Signed-off-by: kaedwen <kaedwen@heinrich.blue> * add URL for kubernetes provider tests Signed-off-by: kaedwen <kaedwen@heinrich.blue> --------- Signed-off-by: kaedwen <kaedwen@heinrich.blue>	2024-07-01 23:31:10 +02:00
Gergely Brautigam	095537e6ad	feat: add bitwarden secret manager support (#3603 )	2024-06-28 06:04:25 +02:00
Nathan Ellenfield	907e8ebc82	Fix ACR External Secret example (#3626 ) * Fix ACR External Secret example Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com> * Fix typos in acr generator docs Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com> --------- Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>	2024-06-26 19:50:24 +02:00
Geoffrey MUSELLI	f74e08546c	Support glob for namespaces condition in ClusterSecretStore (#2920 ) * feat(ClusterSecretStore): Support glob for conditions.namespaces Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Fix diff Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Fix code smell Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): First code review Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Second code review Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Generate Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * feat(ClusterSecretStore): Fix Sonar method complexity Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> * addressed comments Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * renamed namedspacesregexes because it sounded funny Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: gmuselli <geoffrey.muselli@gmail.com> Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-06-17 08:36:05 +02:00
smcavallo	d29c001d37	Add device42 provider (#3571 )	2024-06-14 06:04:19 +02:00
Akhil Mohan	ace1ff595f	Infisical provider (#3477 ) * feat: added crds for infisical provider Signed-off-by: = <akhilmhdh@gmail.com> * feat: implemented infisical provider logic Signed-off-by: = <akhilmhdh@gmail.com> * fix: resolved broken doc building due to vault doc error Signed-off-by: = <akhilmhdh@gmail.com> * docs: added doc for infisical provider Signed-off-by: = <akhilmhdh@gmail.com> * docs: fixed a warning in mkdocs on link Signed-off-by: = <akhilmhdh@gmail.com> * feat: resolved all lint issues Signed-off-by: = <akhilmhdh@gmail.com> * doc: removed k8s auth release banner from infisical doc Signed-off-by: = <akhilmhdh@gmail.com> * feat: added support for property to infisical provider Signed-off-by: = <akhilmhdh@gmail.com> * feat: removed auth type and made implicit ordering of authentication based on feedback Signed-off-by: = <akhilmhdh@gmail.com> * feat: support for referent authentication Signed-off-by: = <akhilmhdh@gmail.com> * feat: added error for tag not supported in find Signed-off-by: = <akhilmhdh@gmail.com> * fix: resolved failing build Signed-off-by: = <akhilmhdh@gmail.com> * feat: updated doc and added stability matrix for infisical Signed-off-by: = <akhilmhdh@gmail.com> * feat: switched to less error prone use and revoke token strategy and added validate interface logic Signed-off-by: = <akhilmhdh@gmail.com> * feat: code lint issue fixes Signed-off-by: = <akhilmhdh@gmail.com> * feat: resolved review comments for infisical client Signed-off-by: = <akhilmhdh@gmail.com> * feat: improved test cases and resolved sonar issues Signed-off-by: = <akhilmhdh@gmail.com> * feat: resolved sonar suggestions Signed-off-by: = <akhilmhdh@gmail.com> * feat: resolved sonar suggestions for test const ids Signed-off-by: = <akhilmhdh@gmail.com> * feat: store changes to assertError Signed-off-by: = <akhilmhdh@gmail.com> --------- Signed-off-by: = <akhilmhdh@gmail.com>	2024-06-11 22:27:31 +02:00
AvivGuiser	c365cb4956	add log.level and log.encoding to all components (#3558 ) * add log.level and log.encoding to all components Signed-off-by: Aviv Guiser <avivguiser@gmail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2024-06-08 15:37:01 +02:00
Gergely Brautigam	94c9a33a11	feat: add location to GCP push secret (#3502 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-06-07 09:46:29 +02:00
Luis Schweigard	0abb3e9cc4	Add support for Authentication against Azure Key Vault using Client Certificate (#3469 ) * Implementation of Certificate Based Authz against Azure Key Vault Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Add tests for new Azure certificate auth functionality Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Add documentation for Azure Cert based Auth Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Generate spec.md Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Add changes from code review Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> * Fix naming in test error case Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com> --------- Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>	2024-05-13 08:40:50 -03:00
Michael Serchenia	34444280bb	GitHub token gen doc (#3463 ) * added tempalte example for github token gen + doc Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * added tempalte example for github token gen + doc Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * build doc success, added github with template example Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> --------- Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>	2024-05-10 05:00:57 -03:00
Shuhei Kitagawa	9d17e34942	Refactor the SecretStore client manager (#3419 ) * Refactor the SecretStore client manager Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> * Fix ineffectual assignment to err Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> * Update docs Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> --------- Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2024-04-29 05:15:21 -03:00
Mykhailo Zahlada	47cc50a9ed	Workloadidentity clientid from secret ref (#3367 ) * updates documentation: extends workloadIdentity auth configuration Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * adds and updates tests Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * extends provider configuration to accept clientId and tenantId as auth SecretRef Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * updates service account example Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> * updates docs Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> --------- Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com> Co-authored-by: Mykhailo Zahlada <myzahlad@microsoft.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2024-04-18 05:09:53 -03:00
Thorben Below	432c6bf9ab	Feat: Add Passbolt Provider (#3334 ) * add passbolt provider Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com> * Fix: return err for unimplemented methods Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com> --------- Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>	2024-04-18 09:58:25 +02:00
Shuhei Kitagawa	120fedf841	Add NamespaceSelectors field to ClusterExternalSecret (#3268 ) https://github.com/external-secrets/external-secrets/issues/3257 Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2024-04-05 08:35:08 +09:00
Blair Drummond	731c0ed736	feat: add vault auth namespace option (#3157 ) * feat: add vault auth namespace option Signed-off-by: Blair Drummond <blaird@liatrio.com> * fix: appease the linter Signed-off-by: Blair Drummond <blaird@liatrio.com> * feat: add tests for auth namespace Signed-off-by: Blair Drummond <blaird@liatrio.com> * fix: add make reviewable output Signed-off-by: Blair Drummond <blaird@liatrio.com> --------- Signed-off-by: Blair Drummond <blaird@liatrio.com>	2024-03-27 07:23:34 +01:00
Sulfixx	e57e4b72ca	Integrate Passworddepot (#2799 ) * PLAT-1179 \| updated to beta1 Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Updating External Secrets fixes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fix to Passworddepots-crds-generation Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| apiextensionsv1 removal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * Update apis/externalsecrets/v1beta1/secretstore_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * PLAT-1179 \| Removed insecureverify and other fixes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fixed Linter and Sonar Issues Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Fixed Typo in Passworddepot_api.go Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Resolved go.mod Conflict Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Resolved go.mod conflict typo Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| admission.Warnings error fix Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added nolint:bodyclose // linters bug Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Removed <= Head arrow from mkdocs.yml Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added Make Check-Diff Changes Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Changed Error Package, Added Context, API Refactor Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added const DoRequestError to reduce Codesmell Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Moved defer body close func into ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Moved Status Check into ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Removed Response.body from ReadAndUnmarshal Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * Update apis/externalsecrets/v1alpha1/secretstore_passworddepot_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> * PLAT-1179 \| Go mod tidy and Make generate Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Added empty SecretExists Method Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> * PLAT-1179 \| Renamed unsed ctx to _ Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> --------- Signed-off-by: Simon Becker <simon.becker@fastleansmart.com> Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com> Co-authored-by: Sören Rohweder <soeren.rohweder@fastleansmart.com> Co-authored-by: Simon Becker <simon.becker@fastleansmart.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-03-12 13:33:08 +01:00
Shlomo Zalman Heigh	1d3209da59	Conjur E2E Tests for K8s JWT Authentication (#3217 ) Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>	2024-03-01 17:36:19 +01:00
Gergely Brautigam	02f941b0a0	Revert "3012 - Probes for external-secrets (#3131 )" (#3213 ) This reverts commit `7eebfa027c`. Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-03-01 13:22:35 +01:00
Benjamin Walterscheid	7eebfa027c	3012 - Probes for external-secrets (#3131 ) * issue/3012 - introduced livenessProbe for core controller Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> * issue/3012 - updated livenessprobe for core controller Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> * issue/3012 - updated failing tests for controller_test.yaml Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> * issue/3012 - liveness probes with missing LivenessEndpointName and liveAddr flag Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> * issue/3012 - added missing live-addr core controller flag Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> * issue/3012 - removed obsolete align Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> * issue/3012 - added missing livenessProbe to README Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> * issue/3012 - updated docu for livenessProbes Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> * issue/3012 - corrected description within values.yaml for check-diff Signed-off-by: Benjamin Walterscheid <git@berlking.io> * issue/3012 - minor README corrections Signed-off-by: Benjamin Walterscheid <git@berlking.io> * issue/3012 - updated snapshots for fortanix and onboardbase Signed-off-by: Benjamin Walterscheid <git@berlking.io> --------- Signed-off-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com> Signed-off-by: Benjamin Walterscheid <52604859+fdberlking@users.noreply.github.com> Signed-off-by: Benjamin Walterscheid <git@berlking.io> Co-authored-by: Benjamin Walterscheid <benjamin.walterscheid@de.ibm.com>	2024-03-01 08:57:45 +01:00
Aleem Isiaka	52f6655345	Onboardbase (#2697 ) * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Run decrypt with error Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Commit and Save Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Pull secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Integrate Onboardbase Into ESO Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Minor Fix And Cleanups Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Attend to review comments Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Install deps Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Improved docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Improved docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Update hack/crd.generate.sh Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com> * address issues with running the code Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * decrypt library into code Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add docs to onboardbase provider Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * refactor duplicates Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Address Issues with tests Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Address issues with delete policy and json secrets Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Fix lint errors Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * error out when there is tags in the find field Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * execute delete request with the right data Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * ignore deletion policy Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * improve lint errors Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * remove cryptojs decrypt libs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * Get secret value if property is set Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * run obb operator Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * 👌 IMPROVE: supports request deadline, esv1beta1 api updates Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * use same timeout Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix sonar cloud issues Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * fix failing test Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add improve docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> * add improve docs Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> --------- Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com> Signed-off-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com> Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com> Co-authored-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2024-02-29 21:28:17 +01:00
David Recuenco	af38fc68d5	ADD sdkms base implementation (#3180 ) * ADD sdkms base implementation Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX get secret object by name, unmarshalling error formatting Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD suport for fortanix secret security objects Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD more tests for opaque, secret, new client Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX changes required by make reviewable Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * ADD missing provider registration Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> * FIX remove unused error string, add generated assets Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com> --------- Signed-off-by: Recuenco, David <david.recuenco@adidas-group.com>	2024-02-28 10:59:47 +01:00
Gustavo Fernandes de Carvalho	1cf8f68276	Implements Webhook Generator (#3121 ) * adding webhook generators Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * bumping bundle Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * linting Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * fixing copy-paste error Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * common webhook functions Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * removing duplicates. Adding tests for generator Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * docs Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> --------- Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2024-02-17 06:49:31 -03:00
Engin Diri	dc9b5b7207	feat: add support for Pulumi ESC (#2997 ) Signed-off-by: Engin Diri <engin.diri@ediri.de>	2024-02-14 19:56:06 +01:00
Sourav Patnaik	a012f4829c	Implementation of Chef External Secrets Provider (#3127 ) * Adding the details for chef provider secret store. Issue: https://github.com/external-secrets/external-secrets/issues/2905 This commit intends to add the chef provider structure to the existing list of external-secrets providers. It defines the structure of the SecretStore and ClusterSecretStore for chef Provider. The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are: 1. serverurl: This is the URL to the chef server. 2. username: The username to connect to the chef server. 3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password. This commit also contains the auto generated CRDs using the `make generate` command. Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * Implementation for Chef ESO provided Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * - implemented Chef eso, added required methods - added unit test cases - added sample documentation Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Added Documentation for Authentication Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * added documentation for Chef eso Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Updated chef ESO documentation Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * updated ValidateStore method signature Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * made changes in chef provider to satisfy 'make docs' Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * - updated code as per review comment, make reviewable suggestions Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * modified chef provider code as per review comment Issue: https://github.com/external-secrets/external-secrets/issues/2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> --------- Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> Co-authored-by: Subroto Roy <subrotoroy007@gmail.com> Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>	2024-02-14 09:54:08 +01:00
Moritz Johner	26f9c3f1f4	chore: refactor/centralise secretKeyRef usage (#3022 ) * chore: refactor/centralise secretKeyRef usage Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-21 08:19:57 +01:00
Rodrigo Fior Kuntzer	31cecaa62b	feat: add support for Hashicorp Vault mTLS (#3018 ) * feat: adding support for mTLS to the Vault provider Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-01-19 00:43:28 +01:00
Moritz Johner	00249f1d43	Create OSSF scorecard job (#3032 ) * Create scorecard.yml Adds a scorecard workflow to regularly check the repo. See docs: https://github.com/marketplace/actions/ossf-scorecard-action#scorecard-badge Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>	2024-01-18 21:03:07 +01:00
Zadkiel Aharonian	551706c494	docs: update controller reconcile error rule (#3021 ) Signed-off-by: Zadkiel Aharonian <zadkiel.aharonian@gmail.com>	2024-01-12 19:54:52 +01:00
Gergely Brautigam	d6e24a82bd	feat: add templating to PushSecret (#2926 ) * feat: add templating to PushSecret Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * adding unit tests around templating basic concepts and verifying output Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * extracting some of the common functions of the parser Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * remove some more duplication Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * removed commented out code segment Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * added documentation for templating feature Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * simplified the templating for annotations and labels Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-12-22 21:45:34 +01:00
Kiyofumi Sano	2f043ecaed	Signed-off-by: Kiyo510 <miraishida00510@gmail.com> (#2919 ) typo: ref:#2917 Fix typo in ExtermalSecretRewriteTransform	2023-12-02 14:53:11 +01:00
Victor Santos	3599384660	feat(fake): deprecate ValueMap to use Value instead (#2884 )	2023-12-02 06:57:48 +09:00
Moritz Johner	2b2661ebc2	fix: use service management endpoint for ACR when using WI (#2913 ) The `scope` parameter used to be the ACR url foobar.azurecr.io, but this stopped working. Turns out that you need to use the management endpoint as `scope` in order to authenticate with ACR. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-11-30 00:02:28 +01:00
Yonatan Koren	d42e19dc70	feat: AWS SecretsManager Config (allow ForceDeleteWithoutRecovery for PushSecret) (#2854 ) * Add secretsmanager config. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> * Fix unit tests. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> * Update docs, fix validation, tests. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> * Fix grammatical error in attribute descriptions. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> * Improve API docs for SecretsManager. Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com> --------- Signed-off-by: Yonatan Koren <10080107+korenyoni@users.noreply.github.com>	2023-11-14 18:44:22 -03:00
Shuhei Kitagawa	c9b3f97425	Refactor the PushSecret interface (#2859 ) Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2023-11-08 06:47:13 +09:00
Anders Swanson	f4a7c95b54	feat: Oracle PushSecret & find implementation (#2840 ) Signed-off-by: anders-swanson <anders.swanson@oracle.com>	2023-11-03 21:42:27 +01:00
Moritz Johner	9ff86eab51	fix: remove sourceRef.generatorRef from .data[] (#2735 ) fix: deprecate sourceRef.generatorRef from .data[] A generator is supposed to be used via .dataFrom[]. Usage in .data[] is not implemented and doesn't make sense, see #2720. This commit splits the SourceRef into two types: - one that only defines a secretStoreRef - one that allows to define either secretStoreRef or generatorRef The former is used in .data[] and the latter is used in .dataFrom[]. The Deprecated field is going to be removed with v1. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-11-02 14:37:59 +01:00
Anders Swanson	8dd934ceed	feat: Oracle provider service account masquerade (#2817 ) * feat: Oracle provider service account masquerade Signed-off-by: anders-swanson <anders.swanson@oracle.com>	2023-11-02 08:34:18 +01:00
Shuhei Kitagawa	ff0ef2e6d9	Add validations for the enum values (#2819 ) Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2023-10-30 13:30:04 +01:00
Gergely Brautigam	7fbae000d6	feat: add namespace list selector to ClusterExternalSecrets (#2803 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-10-25 13:58:05 +02:00

1 2

97 commits