mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
2241 commits 135 branches 173 tags 201 MiB
Commit graph

632 commits

Author SHA1 Message Date
Thibault Cohen
6862c9c637
Support template for webhook jsonpath (#1939) 
* Support template for webhook jsonpath

Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com>
 2023-01-23 19:43:50 +01:00
Gareth Evans
ac9993f151
📚 use more inclusive language (#1927) 
Signed-off-by: Gareth Evans <gareth@bryncynfelin.co.uk>
 2023-01-19 13:31:51 -03:00
Moritz Johner
5ef3b23a68
feat: make cache generic, refactor feature flags (#1640) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2023-01-19 17:25:47 +01:00
Gustavo Fernandes de Carvalho
769efdc391
Feature/deletion policies (#1914) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2023-01-19 06:37:19 -03:00
Moritz Johner
736b287b6d
implement azure referent auth (#1886) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2023-01-13 18:30:34 +00:00
Gustavo Fernandes de Carvalho
833658699d
Adds Keyvault PushSecret (#1883) 
* Adds Keyvault PushSecret

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2023-01-13 07:13:37 -03:00
Moritz Johner
5384954f46
aws secretsmanager/parameterstore referent auth (#1884) 
* feat: implement referentAuth for aws

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: e2e tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Update pkg/provider/aws/provider.go

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* Update pkg/provider/aws/provider.go

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* feat: allow each credential to be referent

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
 2023-01-13 10:19:25 +01:00
Hiroshi Muraoka
f4e70ddfed
🐛 GCP: prevent goroutine leak on workload identity reconciliation (#1902) 
Signed-off-by: Hiroshi Muraoka <h.muraoka714@gmail.com>
 2023-01-12 09:27:01 -03:00
Moritz Johner
11c61d8581
feat: referent auth for gcp (#1887) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2023-01-10 14:40:42 +01:00
cspargo
fdc21faf61
AWS Role Chaining (#1855) 
Signed-off-by: cspargo <colinspargo@gmail.com>
 2023-01-08 11:49:22 -03:00
Gustavo Fernandes de Carvalho
0d08e0497e
Implements Deletion policy for Hashicorp vault. (#1879) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2023-01-06 13:40:42 -03:00
Gustavo Fernandes de Carvalho
a051da82cf
🐛 Fixes vault PushSecret logic (#1866) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2023-01-06 13:17:18 -03:00
Dominik Zeiger
6c7e5cecce
🐛 gitlab: Fallback to wildcard variables and use pagination (bugfix) (#1838) 
* gitlab: fallback to wildcard variables when using "GetAllSecrets"

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
 2023-01-04 17:58:55 +01:00
Gustavo Fernandes de Carvalho
0bd9ea4dbd
Templates from string (#1748) 
* Adds templates from string

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2023-01-03 19:02:43 -03:00
Gustavo Fernandes de Carvalho
ed173dcf77
chore: bumps (#1852) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2023-01-03 22:11:59 +01:00
Gustavo Fernandes de Carvalho
2f5fe6c594
🧹chore: bumps (#1792) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2022-12-07 14:40:51 -03:00
Moritz Johner
0bdb51a568
fix sync calls metrics & defer patch status (#1770) 
* fix: increment sync_calls_total metric once per reconciliation

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: patch status only if not skipped

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: unit tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-12-04 11:41:01 +01:00
Dominik Zeiger
8a0f711e96
gitlab: allow fallback to wildcard variable, when no environment specific value is defined (#1772) 
Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
 2022-12-03 09:35:06 +01:00
Gustavo Fernandes de Carvalho
0cb799b5cf
Feature/push secret (#1315) 
Introduces Push Secret feature with implementations for the following providers:

* GCP Secret Manager
* AWS Secrets Manager
* AWS Parameter Store
* Hashicorp Vault KV

Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com>
Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com>
Signed-off-by: William Young <will.young@engineerbetter.com>
Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com>
Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com>
Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com>
Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com>
 2022-11-29 16:04:46 -03:00
Dominik Zeiger
117e93b4ed
gitlab: small documentation updates (#1747) 
Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
 2022-11-24 20:50:35 +01:00
Steven Bressey
b5be79de98
Feature: Add secret metadata templating from secret values (#1740) 
* handle template data for secret labels & annotations

Signed-off-by: Steven Bressey <steven.bressey@artifakt.io>
 2022-11-23 22:29:59 +01:00
Dominik Zeiger
b7100e27a0
gitlab: support "environment_scope" tag for findAll (#1732) 
Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
 2022-11-23 22:22:35 +01:00
Dominik Zeiger
f38f40a2b4
gitlab: support for CI/CD group variables (#1692) 
* gitlab: support for ci/cd group variables

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

* gitlab: support for ci/cd group variables (automatically discover project groups)

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

* gitlab: support for ci/cd group variables (documentation)

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
 2022-11-21 22:26:34 +01:00
Gustavo Fernandes de Carvalho
bd4495814b
🧹Bumping versions (#1708) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2022-11-09 17:44:07 -03:00
Dominik Zeiger
6ec0d2cd95
gitlab: getAllSecrets (#1681) 
* gitlab: getAllSecrets

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

* Update pkg/provider/gitlab/gitlab.go

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Dominik Zeiger <domizei385@users.noreply.github.com>
Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

* gitlab: added some test coverage

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
Signed-off-by: Dominik Zeiger <domizei385@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
 2022-11-01 15:09:36 -03:00
Gustavo Fernandes de Carvalho
d1fa28532d
🧹 chore: bumping versions (#1688) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2022-10-31 06:54:52 -03:00
Moritz Johner
dabfa5a589
Feature: initial generator implementation + Github Actions OIDC/AWS (#1539) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
 2022-10-29 20:15:50 +02:00
Moritz Johner
411f03ffe1
fix: allow controller to delete delete externalsecrets (#1670) 
When using ClusterExternalSecret the controller needs to delete
external-secret resources

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-10-26 23:23:15 +02:00
Gustavo Fernandes de Carvalho
d5cc8b3de5
🐛 Implements new buildPath logic (#1636) 
Signed-off-by: Gustavo <gusfcarvalho@gmail.com>
 2022-10-26 15:19:25 -03:00
Martin Schimandl
6ca30a762a
Implement oracle validator (#1592) 
* Implement oracle validator

Signed-off-by: Martin Schimandl <martin.schimandl@gmail.com>

* Add more granular OCI error handling

Signed-off-by: Martin Schimandl <martin.schimandl@gmail.com>

* Remove two newlines the linter does not like

Signed-off-by: Martin Schimandl <martin.schimandl@gmail.com>

Signed-off-by: Martin Schimandl <martin.schimandl@gmail.com>
 2022-10-25 23:32:40 +02:00
Yannay Hammer
14f5ddf198
Added namespace condition to ClusterSecretStore (#1635) 
* Added namespace condition to ClusterSecretStore

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Added the new conditions field to the docs

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Added tests to ClusterSecretStore namespace conditions

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Added some comments to explain tests better

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Fixed a testcase

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Increased golangci timeout to 10m

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Fixed test to use fakeProvider correctly

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Removed hardcoded timeout from make lint

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Improved error message on non matching namespace

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Modified testCase to use GenericStore interface

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Attempt at generalizing the testcase and reducing code duplication

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Reduced some diff

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* fix: tidy e2e mod

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Yannay Hammer <yannayha@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Docs <docs@external-secrets.io>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-10-17 16:40:18 +02:00
dependabot[bot]
27d0cd72f5
chore(deps): bump sigs.k8s.io/controller-runtime from 0.12.3 to 0.13.0 (#1547) 
* chore(deps): bump sigs.k8s.io/controller-runtime from 0.12.3 to 0.13.0

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.12.3 to 0.13.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.12.3...v0.13.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: remove dependency on crossplane-runtime/pkg/test

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-10-13 20:24:56 +02:00
Eng Zer Jun
0c9efa67b0
test: use T.Setenv to set env vars in tests (#1611) 
This commit replaces `os.Setenv` with `t.Setenv` in tests. The
environment variable is automatically restored to its original value
when the test and all its subtests complete.

Reference: https://pkg.go.dev/testing#T.Setenv
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2022-10-06 22:05:42 +02:00
Nic Eggert
773956f5d3
Add optional caching for Vault clients, including token re-use. (#1537) 
The new functionality is controlled using the newly-introduced
--experimental-enable-vault-token-cache and
--experimental-vault-token-cache-size command-line flags.

Signed-off-by: NicEggert <nicholas.eggert@target.com>
 2022-09-30 20:41:36 +02:00
Dominik Zeiger
fa38fe1e60
enable configuration of environment_scope for gitlab provider (#1565) 
* enable configuration of environment_scope for gitlab provider

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
 2022-09-27 22:08:38 +02:00
Ryan Blunden
f01e13f21b
Add Doppler provider (#1573) 
* Add Doppler provider

Signed-off-by: Ryan Blunden <ryan.blunden@doppler.com>
 2022-09-23 22:47:25 +02:00
Sebastián Gómez
cef547e473
fix: unmarshal JSON error when empty secrets in Vault (#1512) 
Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>
 2022-09-14 22:26:10 +02:00
Rhaenys
7397243ca0
New Duration Metric (#1533) 
Signed-off-by: Cristina DE DIOS GONZALEZ <cristina.dedios@amadeus.com>
 2022-09-12 19:19:45 +02:00
Moritz Johner
af367e9933
chore: refactor provider (#1529) 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-09-12 14:55:46 +02:00
renanaAkeyless
ed59520674
added akeyless k8s auth option (#1531) 
* added akeyless k8s auth option

Signed-off-by: Docs <renana@akeyless.io>
 2022-09-11 13:25:29 +02:00
Moritz Johner
ed0ceb8d84
fix: aws parameter store json decode, bump go 1.19 (#1525) 
* fix: parameter store should decode complex json values

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-09-06 19:46:36 +02:00
Marcel Hoyer
17ece4df8f
flip order of err and nil secret variable check in listSecrets() function of vault provider (#1504) 
Signed-off-by: Marcel Hoyer <mhoyer@pixelplastic.de>
 2022-08-31 14:35:42 +02:00
dependabot[bot]
67fedc840e
Kubernetes v1.24 upgrade (#1345) 
* build(deps): bump sigs.k8s.io/controller-runtime from 0.11.2 to 0.12.3

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.11.2 to 0.12.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.11.2...v0.12.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* feat: bump kubernetes 1.24

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: backwards-compatible vault implementation

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add audiences field to serviceAccountRef

This will be used by aws, azure, gcp, kubernetes & vault providers
in combination with TokenRequest API: it will _append_ audience claims
to provider-specific audiences.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: refactor kubernetes client to match provider/client interfaces

the kubernetes provider mixed up provider and client interfaces which
made it really hard to reason about. This commit separates into two
structs, each implements one interface.
The client struct fields have been renamed and annotated so their use
and scope is clear.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: deprecate expirationSeconds

expirationSeconds is not needed because we generate a
service account token on the fly for a single use.
There will be no replacement for this.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: rename token fetch audiences field

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: generate CRDs

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-19 17:32:06 +02:00
Moritz Johner
2d20b5488e
feat: add azkv.environmentType (#1469) 
users of USGovCloud, ChinaCloud, GermanCloud need slightly different
configuration for AADEndpoint and keyvault resource.

This is based on CSI Secret Store Azure KV driver,

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-18 00:12:44 +02:00
Moritz Johner
8e245f6073
fix: remove convertKeys from aws providers (#1470) 
ConvertKeys is called in the external secrets controller
which takes care of mapping the keys.
Calling it before returning the data is a bug as it
interferes with the new rewrite feature.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-17 15:36:02 +02:00
stephen-dexda
e64acea549
fix: AWS attr. dot check off-by-one error (#1459) 
* Fix off-by-one in check for dot in JSON attr. name

Signed-off-by: stephen-dexda <stephen@dexda.io>
 2022-08-15 21:44:32 +02:00
dependabot[bot]
bf21843eba
⬆️github.com/akeylesslabs/akeyless-go/v2 from 2.16.8 to 2.17.0 (#1438) 
* Bump github.com/akeylesslabs/akeyless-go/v2 from 2.16.8 to 2.17.0

Bumps [github.com/akeylesslabs/akeyless-go/v2](https://github.com/akeylesslabs/akeyless-go) from 2.16.8 to 2.17.0.
- [Release notes](https://github.com/akeylesslabs/akeyless-go/releases)
- [Changelog](https://github.com/akeylesslabs/akeyless-go/blob/master/docs/KmipRenewServerCertificate.md)
- [Commits](https://github.com/akeylesslabs/akeyless-go/compare/v2.16.8...v2.17.0)

---
updated-dependencies:
- dependency-name: github.com/akeylesslabs/akeyless-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fixing linting issues

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2022-08-11 14:32:04 -03:00
Kewei Ma
53443eaadf
Fix provisionedNamespaces in Status field of ClusterExternalSecret keeps getting updated non-stop (#1441) 
Signed-off-by: Kewei Ma <kewei@indeed.com>
 2022-08-09 17:55:34 +02:00
Gustavo Fernandes de Carvalho
b4e7acfaa9
Implements dataFrom key rewrite (#1381) 
* Implements dataFrom key rewrite

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* docs: add example to remove invalid characters

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-04 15:24:02 -03:00
Moritz Johner
6593e06561
fix: handle empty conversionStrategy (#1408) 
This is for the case when the conversion webhook does not
set the conversionStrategy properly (it doesn't run the Defaulter).

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-08-01 19:44:09 +02:00
Mike
fdf1f9ce6f
feat: Add support for container auth to IBM provider. (#1177) 2022-07-26 22:48:07 +02:00
david amick
524e33bbeb
🧹Improve 1Password integration and docs (#1340) 2022-07-26 09:07:48 -03:00
Stanislaw Scherban
eb8e614755
retryer implementation to handle throttling exceptions on AWS (#1331) 
* awsretryer implemented for AWS providers
 2022-07-19 20:00:46 +02:00
Gustavo Fernandes de Carvalho
fa91ba0f6c
Adds DecodingStrategy to ExternalSecrets (#1294) 
Fixes #920

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-07-12 09:18:00 -03:00
paul-the-alien[bot]
c42c48911e
Merge pull request #1283 from external-secrets/mj-fix-aws-token-aud 
fix: respect aud annotation at IRSA
 2022-06-22 14:17:48 +00:00
paul-the-alien[bot]
240b8db4f0
Merge pull request #1244 from albertollamaso/reuse-aws-session 
Once the AWS session is created first time, it can be reused
 2022-06-22 13:20:37 +00:00
Alberto Llamas
e31a408e1d update 2022-06-22 07:24:26 +02:00
Moritz Johner
8f85e53f17 fix: respect aud annotation at IRSA 2022-06-21 23:33:24 +02:00
Alberto Llamas
629d2f391c fix 2022-06-21 12:14:36 +02:00
Alberto Llamas
5ec222dfd0 update 2022-06-21 11:52:01 +02:00
Alberto Llamas
c3335907ac Fix recommendations from go-lint 2022-06-18 13:05:47 +02:00
Alberto Llamas
ad63b74c9f Reuse AWS session as feature gate that a user has to opt-in in order to use it 2022-06-18 10:54:47 +02:00
paul-the-alien[bot]
94024a144b
Merge pull request #1257 from external-secrets/bug-1137 
Azure KeyVault decoding bugs
 2022-06-15 21:20:44 +00:00
Moritz Johner
cff9be1664
feat(kubernetes): allow service account auth (#1201) 
* feat(kubernetes): allow service account auth

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-06-13 21:49:05 +02:00
Alberto Llamas
909d137a83 Removing newlines 2022-06-13 20:36:58 +02:00
Alberto Llamas
cb6f66b5ac Fix aws session logic 2022-06-13 20:24:25 +02:00
Sebastián Gómez
9bc7eb1436 Remove codesmell 2022-06-13 11:56:38 -04:00
Sebastián Gómez
4ae98fc995 Removed code smell and simplified use of tags 2022-06-13 11:40:01 -04:00
Sebastián Gómez
65e93fa992 Code refactoring 2022-06-13 09:28:11 -04:00
Sebastián Gómez
aed1719697 Lint fixes 2022-06-13 09:27:54 -04:00
paul-the-alien[bot]
e4fbc633a1
Merge pull request #1254 from marcincuber/feat/yaml 
Adding toYaml fromYaml helper functions
 2022-06-11 12:19:50 +00:00
marcincuber
c8f13a0e1a fix test 2022-06-11 12:15:13 +01:00
marcincuber
a1e7862698 add tests 2022-06-11 11:15:06 +01:00
Sebastián Gómez
7714c29c87 Merge branch 'main' into bug-1137 2022-06-10 17:09:03 -04:00
Sebastián Gómez
b4dcffbf86 Fix cases with properties and json 2022-06-10 17:07:42 -04:00
Rhaenys
f005cc0346
azkv more unittest coverage (#1149) 2022-06-10 22:09:59 +02:00
marcincuber
5fe3b2d810 lint 2022-06-10 11:09:46 +01:00
marcincuber
efc8ede754 add yaml helper functions 2022-06-10 11:04:59 +01:00
Alberto Llamas
d64941ece9 Once the AWS session is created first time, it can be reused 2022-06-07 10:25:30 +02:00
paul-the-alien[bot]
94aa568929
Merge pull request #1173 from external-secrets/dependabot/go_modules/github.com/1Password/connect-sdk-go-1.4.0 
build(deps): bump github.com/1Password/connect-sdk-go from 1.2.0 to 1.4.0
 2022-06-07 08:19:24 +00:00
Docs
cc1043d3a6
Update fakes to implement client for 1Password/connect-sdk-go v1.4.0 2022-06-01 16:38:41 -07:00
Gustavo Carvalho
e6f050e873 make sure we check if it is referent during NewClient 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-06-01 13:15:36 -03:00
Gustavo Carvalho
a01a23bfc1 fixing panic if using JWT with KubernetesServiceAccountToken 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-05-31 11:40:00 -03:00
Sebastián Gómez
c5909fb966 Fix the first case, nested json. Test was also added 2022-05-30 11:05:20 -04:00
Moritz Johner
8c14f8aff0 fix: loosen validation to enable referent auth. 
also adding tests for vault. this is the only provider that supports
that as of now.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-05-23 20:10:16 +02:00
Moritz Johner
d4e9a56c21
fix: correctly convert matchExpressions to labelSelector (#1165) 
Fixes #1155

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-05-23 10:48:54 +02:00
Nitzan Nissim
97126d9798
Add support for IBM Secrets Manager's Private Certificate (#1160) 
* Use gsed on macos.

Signed-off-by: Marcin Kubica <marcin.kubica@engineerbetter.com>

* Add private_cert support

* Add private_cert support

Co-authored-by: Marcin Kubica <marcin.kubica@engineerbetter.com>
 2022-05-21 22:53:31 +02:00
paul-the-alien[bot]
1a6579b876
Merge pull request #1062 from dreadful-dragon/feature/azkv-tags-sync 
azkv tag feature
 2022-05-20 15:51:50 +00:00
paul-the-alien[bot]
3de2cc8bee
Merge pull request #1040 from AndreyZamyslov/yandex-certificate-manager 
Support for Yandex Certificate Manager
 2022-05-17 16:48:58 +00:00
Cristina DE DIOS GONZÁLEZ
3256bc4b82 azkv tag feature 2022-05-16 16:49:34 +02:00
paul-the-alien[bot]
49f4bad35d
Merge pull request #1108 from hydeenoble/provider/alibaba 
Implemented ValidateStore function for Alibaba Provider
 2022-05-13 22:21:03 +00:00
Docs
f4f2170502 "GetAllSecrets not implemented" -> "GetAllSecrets not supported" 2022-05-13 13:10:56 +03:00
Matt Demers
b004894b77 Add support for referencing secrets manager secrets by their VersionId 2022-05-11 16:30:30 -04:00
paul-the-alien[bot]
73a467479d
Merge pull request #1006 from Simspace/1Password 
Add 1Password support
 2022-05-09 19:55:56 +00:00
paul-the-alien[bot]
ff7e9f90f3
Merge pull request #1083 from external-secrets/beach-team 
Implement ValidateStore for Gitlab and Oracle providers
 2022-05-09 09:18:47 +00:00
david amick
435aefc7ac
Add 1Password support 2022-05-08 17:01:26 -07:00
Idowu Emehinola
ec7ae4f6df Implemented ValidateStore function for Alibaba Providergofmt 
Signed-off-by: Idowu Emehinola <hydeenoble39@gmail.com>
 2022-05-07 14:22:07 +02:00
Idowu Emehinola
65b92cd893 Merge branch 'main' of github.com:external-secrets/external-secrets into provider/alibaba 2022-05-06 18:56:27 +02:00
Idowu Emehinola
28a7299c8b Implemented ValidateStore function for Alibaba Provider 
Signed-off-by: Idowu Emehinola <hydeenoble39@gmail.com>
 2022-05-06 18:56:19 +02:00
Gustavo Carvalho
61b7c2a671 fix: fixed failing unit test 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-05-06 13:22:14 -03:00