Gergely Brautigam
c3dcd9adcd
fix: bitwarden API url to point to the correct default location ( #3848 )
...
* fix: bitwarden API url to point to the correct default location
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* explicitly remove trailing slashes to prevent not found error
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-02 07:04:48 +02:00
Shlomo Zalman Heigh
a1722cbfaa
Use Conjur API's built in JWT functions ( #3771 )
...
* Use Conjur API's built in JWT functions
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
* docs: clarify that all Conjur types are supported
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
* docs: add link to Conjur blog post
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
---------
Signed-off-by: Shlomo Heigh <shlomo.heigh@cyberark.com>
2024-08-28 21:54:04 +02:00
eso-service-account-app[bot]
3414bd6428
chore: update dependencies ( #3815 )
2024-08-19 17:07:20 +02:00
Gergely Brautigam
82d419e2ee
feat: add CAProvider to Bitwarden provider ( #3699 )
...
* feat: add CAProvider to bitwarden
This change introduces a refactor as well since CAProvider
was used by multiple providers with diverging implementations.
The following providers were affected:
- webhook
- akeyless
- vault
- conjur
- kubernetes
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* refactored the Kubernetes provider to use create ca
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* refactor webhook, vault and kubernetes provider
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* rename CreateCACert to FetchCACertFromSource
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* addressed comments and autodecoding base64 data
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* check if the decoded value is a valid certificate
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-08-16 12:32:35 +02:00
Gustavo Fernandes de Carvalho
098d03792d
chore: update security best practice ( #3794 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-08-15 21:31:01 +02:00
Kris
d230fd7e9f
chore: add minimal policy for fetching parameters from ssm ( #3770 )
...
Signed-off-by: Kris Johnstone <kris.johnstone@fostermoore.com>
2024-08-08 06:48:08 -03:00
btfhernandez
77f5d0ad91
feat: add beyondtrust provider ( #3683 )
...
* feat: add beyondtrust provider
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: edit go.mod and go.sum files
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: change test file name (provider_test.go)
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: solve PR comments
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* feat: organize attributes in a higher hierarchy
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix sonar cloud issues and go.mod file conflicts
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix PR comments and apply table driven tests
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix PR comments
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix lint issues
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: fix lint issues on tests
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: run make fmt
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: apply camelCase to yaml attributes
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: solve go.mod file conflict
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
* fix: run make check-diff
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
---------
Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
Signed-off-by: btfhernandez <133419363+btfhernandez@users.noreply.github.com>
2024-08-07 09:27:04 +02:00
Gergely Brautigam
6bab976275
doc: add maintainer of the bitwarden secret manager provider ( #3762 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-08-05 08:19:27 +02:00
Ketil
eae808d851
docs: document fullPemToPkcs12 functions ( #3749 )
...
Signed-off-by: Ketil Gjerde <477141+mysteq@users.noreply.github.com>
2024-08-02 10:21:31 +02:00
Gergely Brautigam
d5ca3161d6
feat: do not modify the secret in case of a NotModified ( #3746 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-07-31 12:29:21 +02:00
Gergely Brautigam
8c709cfa43
feat: add prefix definition to all secret keys for aws parameter store ( #3718 )
...
* feat: add prefix definition to all secret keys for aws parameter store
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* added a push secret test to verify called parameter has a prefix
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-07-31 12:29:07 +02:00
Carlos Neto
d10a66ee68
docs: add more details in the externalsecret comments in the API section (creationPolicy + deletionPolicy) ( #3725 )
...
Signed-off-by: c-neto <carlos.neto.dev@gmail.com>
2024-07-29 22:47:48 +02:00
Tyler Renslow
a2c7923e35
docs: Remove references to pemCertificate and pemPrivateKey functions ( #3744 )
...
* Update docs
Fixes #3260 Removes old deprecated template function
Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>
* Update templating-v1.md
Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>
---------
Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>
2024-07-29 22:33:34 +02:00
Engin Diri
4f62fb3963
feat: add PushSecret support for Pulumi ESC ( #3597 )
...
Signed-off-by: Engin Diri <engin.diri@ediri.de>
2024-07-25 09:00:17 +02:00
Zaza
972f227002
Update bitwarden-secrets-manager.md ( #3710 )
...
Fixed typos in the bitwarden provider docs
Signed-off-by: Zaza <thomas.kyle6@gmail.com>
2024-07-22 11:33:00 +02:00
Mike Tougeron
7f71b4717a
Update docs for namespaceSelectors usage and namespaceSelector deprecation ( #3695 )
...
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
2024-07-21 16:37:48 -03:00
Ali Nadir
fb020db6de
Added 2 articles I wrote on AWS secrets injection and ESO templating ( #3707 )
...
Signed-off-by: Ali Nadir <56518209+alinadir44@users.noreply.github.com>
2024-07-21 16:36:56 -03:00
abhinav1708
bdd0c7ec9a
support for adding headers in vault provider ( #3677 )
...
* support for vault headers
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* changes in crds bases for headers support
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* adding autogenerated files
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* removing extra---
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* adding headers before x-vault-Inconsistent
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
* changing for lint pass
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
---------
Signed-off-by: Abhinav Garg 10033523 <abhinav1708@gmail.com>
2024-07-15 11:27:06 +02:00
Arthur Kepler
14e6d78d25
namespacesRegexdocs: Fix namespaceRegexes
in full-cluster-secret-store.yaml ( #3681 )
...
This fixes a typo on https://external-secrets.io/v0.9.20/api/clustersecretstore/ , in which the property is incorrectly called `namespacesRegex`
Signed-off-by: Arthur Kepler <610274+excalq@users.noreply.github.com>
2024-07-11 07:09:30 -03:00
Jefferson Machado
03a2ee6ce0
Commenting secrets manifest from hashicorp vault integration ( #3680 )
...
Signed-off-by: Jefferson Machado <35748721+jeffmachado@users.noreply.github.com>
2024-07-11 07:08:33 -03:00
Bill Hamilton
1876ff88d7
Add support for Delinea Secret Server ( #3468 )
...
* implements secretserver
Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com>
* bump to align e2e
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
* bump
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
---------
Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-07-10 14:32:17 -03:00
shazib
4e444ce150
docs: updated k8s support for ESO v0.9 ( #3659 )
2024-07-06 07:30:42 +03:00
Gustavo Fernandes de Carvalho
4aeba81f07
bump docs with e2e commands ( #3648 )
2024-07-02 07:09:35 -03:00
kaedwen
48cccaeded
add AuthRef to kubernetes provider fixes #3627 ( #3628 )
...
* add AuthRef to kubernetes provider fixes #3627
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* run make reviewable
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* fix validation for given authRef
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* refactor kubernetes provider auth
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* satisfy linter
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
* add URL for kubernetes provider tests
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
---------
Signed-off-by: kaedwen <kaedwen@heinrich.blue>
2024-07-01 23:31:10 +02:00
Sverre Boschman
00cf351548
docs: fix dataFrom.find in ExternalSecret api example ( #3633 )
...
Signed-off-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com>
2024-06-29 19:21:16 +02:00
Gergely Brautigam
095537e6ad
feat: add bitwarden secret manager support ( #3603 )
2024-06-28 06:04:25 +02:00
Nathan Ellenfield
907e8ebc82
Fix ACR External Secret example ( #3626 )
...
* Fix ACR External Secret example
Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>
* Fix typos in acr generator docs
Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>
---------
Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>
2024-06-26 19:50:24 +02:00
Idan Adar
e13e09413e
Fix typo privatKey in multiple files ( #3578 )
...
* Update generators.external-secrets.io_githubaccesstokens.yaml
Fixes https://github.com/external-secrets/external-secrets/issues/3556
Signed-off-by: Idan Adar <iadar@il.ibm.com>
* Update generator_github.go
Signed-off-by: Idan Adar <iadar@il.ibm.com>
* Update github.go
Signed-off-by: Idan Adar <iadar@il.ibm.com>
* Update generator-github.yaml
Signed-off-by: Idan Adar <iadar@il.ibm.com>
* Update github_test.go
Signed-off-by: Idan Adar <iadar@il.ibm.com>
* fix: rename property
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: Idan Adar <iadar@il.ibm.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2024-06-17 11:12:03 +02:00
Geoffrey MUSELLI
f74e08546c
Support glob for namespaces condition in ClusterSecretStore ( #2920 )
...
* feat(ClusterSecretStore): Support glob for conditions.namespaces
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix diff
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix code smell
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): First code review
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Second code review
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Generate
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* feat(ClusterSecretStore): Fix Sonar method complexity
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
* addressed comments
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
* renamed namedspacesregexes because it sounded funny
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
---------
Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-06-17 08:36:05 +02:00
smcavallo
d29c001d37
Add device42 provider ( #3571 )
2024-06-14 06:04:19 +02:00
Victor Santos
dd8c004f47
feat: add support to set Type for AWS parameter store ( #3576 )
...
Signed-off-by: Victor Santos <vsantos.py@gmail.com>
2024-06-12 10:24:52 +02:00
Akhil Mohan
ace1ff595f
Infisical provider ( #3477 )
...
* feat: added crds for infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: implemented infisical provider logic
Signed-off-by: = <akhilmhdh@gmail.com>
* fix: resolved broken doc building due to vault doc error
Signed-off-by: = <akhilmhdh@gmail.com>
* docs: added doc for infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* docs: fixed a warning in mkdocs on link
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved all lint issues
Signed-off-by: = <akhilmhdh@gmail.com>
* doc: removed k8s auth release banner from infisical doc
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: added support for property to infisical provider
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: removed auth type and made implicit ordering of authentication based on feedback
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: support for referent authentication
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: added error for tag not supported in find
Signed-off-by: = <akhilmhdh@gmail.com>
* fix: resolved failing build
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: updated doc and added stability matrix for infisical
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: switched to less error prone use and revoke token strategy and added validate interface logic
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: code lint issue fixes
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved review comments for infisical client
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: improved test cases and resolved sonar issues
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved sonar suggestions
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: resolved sonar suggestions for test const ids
Signed-off-by: = <akhilmhdh@gmail.com>
* feat: store changes to assertError
Signed-off-by: = <akhilmhdh@gmail.com>
---------
Signed-off-by: = <akhilmhdh@gmail.com>
2024-06-11 22:27:31 +02:00
AvivGuiser
c365cb4956
add log.level and log.encoding to all components ( #3558 )
...
* add log.level and log.encoding to all components
Signed-off-by: Aviv Guiser <avivguiser@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2024-06-08 15:37:01 +02:00
Gergely Brautigam
94c9a33a11
feat: add location to GCP push secret ( #3502 )
...
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-06-07 09:46:29 +02:00
Anders Swanson
8fb0fec6ca
Oracle Vault Provider Documentation ( #3551 )
...
* Oracle Vault Provider Documentation
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
* Oracle Vault Provider Documentation
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
---------
Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2024-06-06 21:20:45 +02:00
Andreas Lindhé
d7c0b55880
Fix typo: temaplate --> template ( #3554 )
...
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
2024-06-06 00:31:38 +03:00
Antoine Colombier
ef4fa28e0e
doc(BitWarden): extends the liveness timeout ( #3542 )
...
The liveness command perform a vault re-sync which usually takes a few second to perform. This commit replace the current value which is too low and lead to timeout and pod termination.
Signed-off-by: Antoine Colombier <7086688+acolombier@users.noreply.github.com>
2024-06-02 15:53:25 +02:00
Shuhei Kitagawa
b156e23743
Raise error when unknown key specified in template ( #3480 )
...
* Raise error when unknown key specified in template
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
* Update the template docs to clarify the new behavior with non-existing keys
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
---------
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2024-05-17 09:57:11 -03:00
Luis Schweigard
0abb3e9cc4
Add support for Authentication against Azure Key Vault using Client Certificate ( #3469 )
...
* Implementation of Certificate Based Authz against Azure Key Vault
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add tests for new Azure certificate auth functionality
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add documentation for Azure Cert based Auth
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Generate spec.md
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Add changes from code review
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
* Fix naming in test error case
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
---------
Signed-off-by: Luis Schweigard <luis.schweigard@gmail.com>
2024-05-13 08:40:50 -03:00
Bob Du
4b8b8788bf
Update getting-started.md ( #3476 )
...
Signed-off-by: Bob Du <i@bobdu.cc>
2024-05-11 11:03:08 -03:00
Michael Serchenia
34444280bb
GitHub token gen doc ( #3463 )
...
* added tempalte example for github token gen + doc
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* added tempalte example for github token gen + doc
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
* build doc success, added github with template example
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
---------
Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
2024-05-10 05:00:57 -03:00
Saverio Proto
bddca97cf2
Update getting-started.md ( #3464 )
...
* Update getting-started.md
Bump crds tag from v0.9.11 to v0.9.17
Signed-off-by: Saverio Proto <zioproto@gmail.com>
* Update docs/introduction/getting-started.md
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Saverio Proto <zioproto@gmail.com>
---------
Signed-off-by: Saverio Proto <zioproto@gmail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-05-07 17:05:24 -03:00
Parth Patel
6d08e679be
Fixed docs nav bar and a couple of broken links ( #3445 )
...
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
2024-05-05 07:47:47 -03:00
Steven I
297e55d3af
Improve bitwarden example ( #3435 )
...
* Add bitwarden-attachment example
Signed-off-by: Steven I. <commits@imsteven.xyz>
* Fix nav list
Signed-off-by: Steven I. <commits@imsteven.xyz>
---------
Signed-off-by: Steven I. <commits@imsteven.xyz>
2024-04-30 15:04:14 -03:00
Tyki6
e32233f401
Update common-k8s-secret-types.md to fix get secret jsonpath ( #3434 )
...
Signed-off-by: Tyki6 <57527739+tyki6@users.noreply.github.com>
2024-04-30 14:15:10 -03:00
Shuhei Kitagawa
9d17e34942
Refactor the SecretStore client manager ( #3419 )
...
* Refactor the SecretStore client manager
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
* Fix ineffectual assignment to err
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
* Update docs
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
---------
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2024-04-29 05:15:21 -03:00
Shlomo Zalman Heigh
02c6f625bd
Add Conjur Support for FindByName, FindByTag ( #3364 )
2024-04-28 19:01:00 +02:00
Shuhei Kitagawa
43a7a16baf
Update Go and golangci-lint version ( #3396 )
...
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-04-25 06:36:11 -03:00
Parth Patel
f893a246e7
Fix Azure Container Registry Generator invalid YAML ( #3414 )
...
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
2024-04-25 06:11:29 -03:00
Katsuya Kawabe
cf15c9ba73
Fix typo in webhook.md ( #3388 )
2024-04-19 14:39:14 +03:00