mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
1804 commits 135 branches 173 tags 201 MiB
Commit graph

518 commits

Author SHA1 Message Date
Gustavo Carvalho
effbe7ebb8 Adding ValidateStore for fake provider 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-21 14:43:23 -03:00
nitzann
951acdc4bb Add public_cert support 2022-03-20 10:35:17 +02:00
Daniel Hix
324c7def06
feat: implement ClusterExternalSecret (#542) 
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
 2022-03-20 09:32:27 +01:00
Moritz Johner
c1db2b5754 fix: integrate sdk changes 2022-03-18 20:39:15 +01:00
AndreyZamyslov
45449dccc9
Yandex Lockbox Connection Leaks (#835) 
* fix Yandex Lockbox provider connection leaks (https://github.com/external-secrets/external-secrets/issues/833)

* fix Yandex Lockbox provider connection leaks (https://github.com/external-secrets/external-secrets/issues/833)
 2022-03-16 17:58:01 +01:00
paul-the-alien[bot]
fb056cc9b5
Merge pull request #784 from external-secrets/feature/hashivault-getallsecrets 
Implements Hashicorp Vault GetAllSecrets
 2022-03-12 11:19:04 +00:00
Gustavo Carvalho
caf00a43aa Chore: bumping gitlab-go to 0.58.0 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2022-03-10 08:46:17 -03:00
Gustavo Carvalho
b093db366d Fixing lint 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 13:58:54 -03:00
Gustavo Carvalho
8be3cd5a72 Moving duplication validation logic to utils method 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 13:49:17 -03:00
paul-the-alien[bot]
439ecfaf9d
Merge pull request #783 from AtzeDeVries/allow-gcp-cross-project-secrets 
GCP: allow cluster to be in different project
 2022-03-09 10:03:20 +00:00
Gustavo Carvalho
164e8776ec Adding docs and implementing ConversionStrategy 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 06:59:54 -03:00
Gustavo Carvalho
2f23fd28ed Adding GetAllSecrets for Hashicorp Vault 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 05:40:09 -03:00
Gustavo Carvalho
0086fe2342 WIP: GetAllSecrets for vault method 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 05:39:09 -03:00
Atze de Vries
c560b0ced5 fix lint 2022-03-09 09:26:36 +01:00
Atze de Vries
03fc0e9dc1 use storespec directly in get ClusterProjectID 2022-03-09 08:49:50 +01:00
Sebastián Gómez
b0240cf45a Fix merge conflict 2022-03-07 13:59:58 -05:00
Sebastián Gómez
02a8878707 Implement GetAllSecrets for Azure Key Vault 2022-03-07 13:55:10 -05:00
Atze de Vries
6574697e9e remove unwanted stuff 2022-03-07 12:57:54 +01:00
Atze de Vries
d9f87c296d rework clusterProjectID and add test 2022-03-07 12:56:08 +01:00
Atze de Vries
2f53ab8220 also make optional for v1beta1 and add note to docs 2022-03-03 19:35:38 +01:00
paul-the-alien[bot]
b9de64b967
Merge pull request #750 from external-secrets/feature/validating-webhook 
Feature: validating webhook
 2022-03-02 17:10:56 +00:00
Atze de Vries
da47ad2cac GCP: allow cluster to be in different project 2022-03-02 11:24:04 +01:00
Moritz Johner
8fc4484cc6 feat: implement validating webhook 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-03-01 21:25:15 +01:00
Marc Billow
6de9399126 Fix template fallback logic to handle TemplateFrom syntax 2022-02-23 16:34:50 -06:00
Moritz Johner
fb8f496204 Merge branch 'main' into feature/conversion-webhook 2022-02-23 08:15:03 +01:00
rodrmartinez
045e056719 Fix sonarcloud code smells 2022-02-22 15:55:31 -03:00
rodrmartinez
e887e49436 leaves Validate() method empty for now 2022-02-22 15:46:58 -03:00
rodrmartinez
7c4a17a9c3 Merge branch 'main' into feature/kubernetes-provider 2022-02-17 15:38:45 -03:00
rodrmartinez
86d7710727 changing kubernetes api struct 2022-02-17 14:45:43 -03:00
Gustavo Carvalho
847b95e4fd Merge branch 'main' into feature/conversion-webhook 
Disabled secrets cache for cert controller.

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-17 09:35:20 -03:00
paul-the-alien[bot]
18b4f2be8b
Merge pull request #703 from external-secrets/chore/cleanup-azure-provider 
chore: cleanup az/keyvault provider
 2022-02-17 11:56:00 +00:00
paul-the-alien[bot]
4cca87b6d7
Merge pull request #729 from external-secrets/fix/disable-sec-cm-cache 
feat: avoid caching secrets/configmaps
 2022-02-17 09:15:31 +00:00
Gustavo Carvalho
40ec693479 Merge branch 'main' into feature/conversion-webhook 
Fixed conflicts and implemented necessary changes for v1beta1
 2022-02-16 16:00:32 -03:00
paul-the-alien[bot]
86aedda434
Merge pull request #701 from external-secrets/feature/template-string-interface 
feat: implement template engine v2
 2022-02-16 17:16:24 +00:00
Moritz Johner
899cf72f22 feat: avoid caching secrets/configmaps 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-16 14:37:42 +01:00
paul-the-alien[bot]
ff4af57a7b
Merge pull request #727 from external-secrets/fix/vault-key-with-dot 
fix: vault keys should take precedence over gjson
 2022-02-15 18:28:41 +00:00
Moritz Johner
094bcf0332 fix: vault keys should take precedence over gjson 2022-02-15 17:28:14 +01:00
castaneai
3fd3cc0186
Fix the leak in GCPSM when the secret operator cannot find the secret. (#722) 
* fix(gcp): Fix the leak in GCPSM when the secret operator cannot find the secret.

The IAM client has an internal gRPC connection,
but if the secret fetch fails, the goroutine created by the gRPC connection will leak.

Therefore, close the IAM client when the creation of the GCPSM client fails.

* test: fix build error on fakeIAMClient
 2022-02-15 16:54:11 +01:00
Gustavo Carvalho
96cb340ace Implementing Requeue Interval for certController. Fixing unit tests and check-diff 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 16:05:17 -03:00
Gustavo Carvalho
1d8cfc4a12 Changed logic of Webhook check for certs. 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 15:46:10 -03:00
Gustavo Carvalho
31eedfbb26 Fixing up some code smells 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 10:36:12 -03:00
Gustavo Carvalho
1587fa02b1 Improved deployments and crd logic. Added cert-controller reconcile tests 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 10:08:27 -03:00
Gustavo Carvalho
3d9e5a9fdb Adding controller tests for cert-controller 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 09:01:21 -03:00
Gustavo Carvalho
e776f6d843 WIP: implementing separate deployments 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-13 09:14:41 -03:00
Gustavo Carvalho
ab03bcdcc7 Making reviewable 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-11 15:17:20 -03:00
Gustavo Carvalho
a85e487d1d Added unit tests for crd controller methods. 
Added simple GetAllSecrets logic test
Starting (and failing to) test on controller level

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-11 15:14:14 -03:00
Gustavo Carvalho
024b64fe39 Added Readiness Probe for helm charts. 
Fixed make generate command to not use kubectl
Fixed lint

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-11 08:10:11 -03:00
Moritz Johner
74fca707b3 feat(template): add filterPEM function 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:32:37 +01:00
Moritz Johner
9486dd85dd fix(template): extract multiple certs/keys from PKCS#12 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
009b60de19 fix(webhook): use v2 template funcs with webhook provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
a627e82639 chore: fix smells 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
54e68399ec feat: implement template engine v2 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:31 +01:00
Gustavo Carvalho
23784803ff Merge branch 'main' into feature/conversion-webhook 
Updated Oracle provider new specs for v1beta1
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 16:55:37 -03:00
Gustavo Carvalho
fd9e09a1ee WIP: Structured reconciliation loops for CRDs 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 14:12:13 -03:00
paul-the-alien[bot]
027f28ec97
Merge pull request #700 from EladGabay/elad/oci-secret-by-name 
oracle vault: Use instance principal if auth is empty
 2022-02-10 10:34:40 +00:00
rodrmartinez
dc41b40dda Adds linting changes 2022-02-09 17:33:54 -03:00
rodrmartinez
a318978afd Adds setAuth test func 2022-02-09 15:23:03 -03:00
rodrmartinez
da858878d8 refactor setAuth method 2022-02-09 15:22:37 -03:00
Gustavo Carvalho
82ddeb9de5 Merge branch 'main' into feature/conversion-webhook 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 16:40:06 -03:00
Gustavo Carvalho
0530385992 v1beta1 initial commit 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 14:07:34 -03:00
paul-the-alien[bot]
31efb94b20
Merge pull request #674 from external-secrets/feat/vault-nested-values 
allow nested json in vault
 2022-02-08 15:29:20 +00:00
Moritz Johner
4b5d047934 chore: cleanup az/keyvault provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-08 13:04:18 +01:00
Moritz Johner
5b8ab034ec feat(vault): marshal nested value as json, add docs 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 08:05:10 +01:00
Elad Gabay
fe416890b1 oracle vault: Use instance principal if auth is empty 
Currently the oracle vault's secretstore uses a specific user credentials.
This commit introduce a new way to access the vault, using the instance principal.

All user's details moved to "auth" section in the OracleProvider which now is optional.
If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them.

In addition:
- Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference.
- Bump OCI SDK version.
 2022-02-07 18:38:10 +02:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter (#466) 
* Initial draft of reporter

* Test out reporter in AWS provider

* trying out different events approach

* feat: implement store reconciler and events

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add validate() method to provider interface

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: use static requeue interval in store ctrl

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-07 11:42:18 +01:00
Moritz Johner
2ac4053648 feat(vault): allow using nested json 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-05 22:11:41 +01:00
Moritz Johner
fe1cb8bc69 feat(provider): implement fake provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-01 11:18:43 +01:00
Moritz Johner
e015bed08d chore: update k8s / envtest 2022-01-28 19:51:07 +01:00
paul-the-alien[bot]
6f4c03a75d
Merge pull request #645 from external-secrets/fix/delete-secret-using-tpl 
fix: ensure that data is being deleted when using tpl
 2022-01-27 14:49:00 +00:00
Jeroen Op 't Eynde
83afebe9b3
fix(metrics): ensure status_condition metrics reflect the status (#612) 
* fix(metrics): ensure status_condition metrics reflect the status

* lint fixes

* fix(metrics): remove condition=deleted metric (+lint fixes)
 2022-01-27 14:26:09 +01:00
Moritz Johner
e2701fa35a fix: ensure that data is being deleted when using tpl 2022-01-26 20:14:59 +01:00
rodrmartinez
cbd350fef6 Adds lockbox again to register 2022-01-26 15:41:09 -03:00
rodrmartinez
5a766c1995 Adds GetSecret and GetSecretMaps methods 2022-01-26 15:29:14 -03:00
rodrmartinez
8620174449 Adds kubernetes provider to register 2022-01-26 15:28:37 -03:00
paul-the-alien[bot]
5a8df8cb18
Merge pull request #642 from external-secrets/fix/webhook-test-race 
fix: webhook test race
 2022-01-26 18:14:48 +00:00
rodrmartinez
1c5ce19a20 Adds Kubernetes Provider 2022-01-25 17:14:48 -03:00
Moritz Johner
edb2c290f4 fix(gcp): use gax-go v2 package 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-25 21:09:33 +01:00
Moritz Johner
ce6f5b1653 fix: webhook test race 2022-01-25 20:45:45 +01:00
paul-the-alien[bot]
0b9c142a22
Merge pull request #618 from external-secrets/feature/aws-e2e-managed 
feat(e2e): implement aws tests, enhance gcp tests
 2022-01-24 10:46:02 +00:00
Moritz Johner
008268ee00 feat(e2e): implement aws tests, enhance gcp tests 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-21 23:37:50 +01:00
Marc Ingram
07415bdabf improve test? 2022-01-21 14:01:45 -07:00
Marc Ingram
e93a1716f5 fix format and lint 2022-01-21 13:36:41 -07:00
Marc Ingram
705ffbbd95 Optimise patching so as changes only happen with something changes 2022-01-21 12:36:05 -07:00
Marc Billow
01355b7653 Formatting and linting fixes 2022-01-19 16:28:23 -06:00
Marc Billow
0753da1cbd Support for eventual consistency in Vault Enterprise 2022-01-19 16:25:01 -06:00
Lucas Severo Alves
16948ed572
Merge pull request #596 from EladGabay/elad/oci-secret-by-name 
OCI Vault: Get secret by name from a specific Vault
 2022-01-16 17:20:46 +00:00
Elad Gabay
dbedbedb96 make fmt 2022-01-16 13:30:21 +02:00
Lucas Severo Alves
2bacd30313
Merge pull request #569 from rodrmartinez/oci-patch 
Replace vaults with secrets package to retrieve secrets
 2022-01-16 11:13:50 +00:00
Elad Gabay
cab49e57f7 oracle: Get secret by name from a specific vault 2022-01-16 13:11:46 +02:00
Moritz Johner
27854adaa5 fix: force ownership when merging secrets 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-14 22:27:27 +01:00
paul-the-alien[bot]
4c6b6a1e84
Merge pull request #525 from HanseMerkur/vault_optional_path 
Optional path for Vault SecretStore
 2022-01-14 19:33:29 +00:00
rodmartinez
90abbdf642 remove byte conversion and add return error 2022-01-14 13:46:16 -03:00
rodmartinez
721086d520 encode apiOutput content 2022-01-14 12:59:59 -03:00
rodmartinez
4373bb2775 Decode base64 payoload 2022-01-14 12:59:59 -03:00
rodmartinez
b962666b1c Remove unused constant, errInvalidSecret 2022-01-14 12:59:59 -03:00
rodmartinez
60454a4760 refactor apiOutput on TestGetSecretMap 2022-01-14 12:59:59 -03:00
rodmartinez
9f98cabe63 complete apiOutput 2022-01-14 12:59:59 -03:00
rodmartinez
a1f78cbae1 replace vault with secrets pkg 2022-01-14 12:59:59 -03:00
rodmartinez
9b4e9a919d replace vault with secrets in fake package 2022-01-14 12:59:59 -03:00
rodmartinez
c8c67258c2 Replace OCI vault with secrets package 2022-01-14 12:59:59 -03:00
Sebastian Gomez
6f8a4c4a35 Removed duplicated code 2022-01-13 12:43:42 -05:00
Lennart Weller
015b35add2 Linter wasn't happy. Again 2022-01-13 18:40:23 +01:00
Sebastian Gomez
8784bfc5ba Fixed lint issues 2022-01-13 12:13:33 -05:00
Sebastian Gomez
119d4b809b Merge branch 'main' into akv-table-tests 2022-01-13 10:45:48 -05:00
Sebastian Gomez
d75fcb9269 Fixed some lint issues 2022-01-12 15:29:57 -05:00
Sebastian Gomez
385caa156f Table driven test with anonymous functions implemented. 
The NewClient tests were kept as they were.
 2022-01-12 14:33:38 -05:00
paul-the-alien[bot]
44d4cf061b
Merge pull request #559 from willemm/feat/generic_webhook 
Add generic webhook provider
 2022-01-11 15:50:05 +00:00
Willem Monsuwe
00558e1dd5 Moved http client initialization to NewClient 2022-01-11 11:09:12 +01:00
Willem M
7160cab0b8
Use MethodGet field instead of hardcoded string literal 
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
 2022-01-11 00:02:32 +01:00
Lennart Weller
23c859eaf9 Pull changes from linter 2022-01-10 10:12:17 +01:00
Lennart Weller
0d06247163 Made SecretStore path for Vault optional 
* Backwards compatible change
  * Added tests to check for a range of possible combinations for paths
 2022-01-10 10:12:17 +01:00
Brent Spector
26f9be4fb1 add path to jwt vault auth 2022-01-05 15:22:00 -08:00
Brent Spector
561bd3ae56 Add support for mount path in ldap auth 2022-01-05 14:54:50 -08:00
Willem Monsuwe
aed3d30736 Apparently I was a bit overzealous in removing nil checks 2021-12-30 10:45:36 +01:00
Willem Monsuwe
fe043ed8ed TIL you can range over nil slices in go 2021-12-30 09:02:29 +01:00
Willem Monsuwe
f971d4b9b3 Try to address some complexity code smells 2021-12-29 17:18:52 +01:00
Willem Monsuwe
d04508e974 Added generic webhook provider 
This provider allows a secretstore with a generic url (templated)
which will be called with a defined method, headers (templated)
and optional body (also templated)
The response can be parsed out with a jsonPath expression
 2021-12-29 10:53:29 +01:00
Lucas Severo Alves
fc4eedfd63
Merge pull request #427 from jack-evans/concurrency 
add concurrent flag to allow more reconciles at the same time
 2021-12-27 11:10:45 +01:00
Moritz Johner
b9f2910182 fix: supported nested json with dataFrom 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2021-12-22 21:11:39 +01:00
Jack Evans
d77f543c98
add concurrent flag to allow more reconciles at the same time 2021-12-17 15:36:51 +00:00
Moritz Johner
80fac0f697 feat: add gcp workload identity via SA 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2021-12-17 12:20:12 +01:00
paul-the-alien[bot]
78d046b712
Merge pull request #530 from ADustyOldMuffin/add-docs-and-fix-ca-vault 
Add documentation for CAProvider namespace and fix issue with SecretStore
 2021-12-16 19:44:24 +00:00
Vladimir Fedin
c351efcc15
Add ability provide CA for Yandex' Lockbox provider (#487) 
* Add ability provide CA for Yandex' Lockbox provider

* Add tests for getting CA from secrets at Lockbox provider

* fixup! Add tests for getting CA from secrets at Lockbox provider

Co-authored-by: Vladimir Fedin <vladimirfedin@yandex-team.ru>
 2021-12-16 20:16:23 +01:00
Andrew Leap
60fd67aeec Add testcase 2021-12-16 15:14:27 +00:00
Andrew Leap
f1fad4576c Support common idiom for GCP SM 
Common idiom for GCP SM is like:
{
    "name": {
        "client_id": "<client_id>",
        "client_secret": "<client_secret>",
    }
}

Using DataFrom, the current GCP SM will fail to unmarshal cause it's expecting
{
    "name": "{\"client_id\": \"<client_id>\", \"client_secret\": \"<client_secret>\"}",
}
which is much more annoying to work with.  By tweaking the implementation to
try to decode to a string, but if that fails, use the raw []byte of the value
we get the best of both worlds.
 2021-12-15 18:47:43 +00:00
Daniel Hix
d53b3df7f8 Remove namespace requirement for secret store and require for cluster secret store 2021-12-13 17:07:32 -06:00
Daniel Hix
e8791280a9 Some quick lint fixes. 2021-12-13 14:27:15 -06:00
Daniel Hix
d0a46060cc Add test to check for invalid duration input. 2021-12-13 14:14:37 -06:00
Daniel Hix
082cee230f Merge branch 'main' into ibm-enable-retries 2021-12-13 13:27:57 -06:00
Laszlo Varadi
a976e32831 Supporting Managed Identity authentication for Azure Keyvault 2021-12-06 10:26:34 +01:00
Moritz Johner
12a25fca8b fix: IsNil fails on struct value 2021-11-26 09:59:10 +01:00
Martin Montes
394c4257f1
Checking nil value when parsing secret values. Added tests 2021-11-19 11:15:07 +01:00
Martin Montes
d09beae10b
fix: checking nil values when reading secret in vault provider 2021-11-18 19:23:17 +01:00
renanaAkeyless
ecef240319
Merge branch 'external-secrets:main' into main 2021-11-09 20:43:31 +02:00
renanaAkeyless
7ae9c40668 Update akeyless.go 2021-11-09 20:35:01 +02:00
renanaAkeyless
0348bbb59d lint 2021-11-08 13:27:12 +02:00
renanaAkeyless
4a5877d926 Adde Akeyless 2021-11-07 16:18:40 +02:00
paul-the-alien[bot]
0fb03e4650
Merge pull request #450 from external-secrets/feature/log-on-success 
Added log for first secret reconciliation after errors
 2021-11-02 23:34:57 +00:00
Lucas Severo Alves
54c1a3d9d8
Merge pull request #460 from jmhobbs/golangci-lint-update 
golangci-lint install and version update
 2021-11-02 20:05:20 -03:00
paul-the-alien[bot]
cc79b7b615
Merge pull request #422 from FGA-GCES/eduardo/code_smells 
Fixing some codeSmells
 2021-11-02 23:04:05 +00:00
Eduardo Vieira
1742b9c9fc Adjsuting lint 2021-11-02 18:30:39 -03:00
Gustavo Carvalho
03afd1099c Adding inline comments explaining log functionality 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2021-11-01 17:53:59 -03:00
andreabenf
a0385ef7f2 Changing variables names 2021-10-28 14:11:14 -03:00
andreabenf
460de06636 adjusting code smells 2021-10-28 14:09:19 -03:00
John Hobbs
33cee58948 Replace deprecated golangci-lint checkers. 2021-10-27 17:01:15 -05:00
paul-the-alien[bot]
91140d0d83
Merge pull request #445 from external-secrets/fix/aws-provider-panic 
Fixing panic due to no Namespace on ServiceAccountRef
 2021-10-27 12:48:31 +00:00
Gustavo Fernandes de Carvalho
b8ba78d1b1 Added log for first secret reconciliation after errors 
Fixes #444

Signed-off-by: Gustavo Fernandes de Carvalho <gustavo.carvalho@container-solutions.com>
 2021-10-25 16:29:22 -03:00
paul-the-alien[bot]
6279801382
Merge pull request #437 from external-secrets/fix/codesmells 
Fixed Sonarqube yandex codesmell
 2021-10-25 17:31:33 +00:00
Gustavo Carvalho
403b1a34a0 Fixing lint 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2021-10-22 14:45:21 -03:00
Gustavo Carvalho
389f7e45de Reducing duplications and fixing code smells 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2021-10-22 14:39:37 -03:00
Gustavo Carvalho
d022cc31ab Fixing panic due to no Namespace on ServiceAccountRef 
Fixes #419

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2021-10-22 14:22:40 -03:00
Eduardo Lima
ff90d4eb44
Removing "map" from test const name 2021-10-21 14:46:47 -03:00
Daniel Hix
3b743a39b8 Enable retries on the IBM provider 2021-10-20 18:50:21 -05:00
Arthur
dc8398b6c1 merge main into refactor/cognitifeComplexity 2021-10-20 19:15:29 -03:00
Arthur
e44b025cdd fix lint 2021-10-20 19:04:58 -03:00
paul-the-alien[bot]
d9f30a3350
Merge pull request #414 from ADustyOldMuffin/vault-ca-provider 
Add the ability to specify cert for Vault from K8s Secrets
 2021-10-20 21:43:37 +00:00
paul-the-alien[bot]
7ab0fcf502
Merge pull request #438 from gusfcarvalho/fix/433 
Fixing ClusterScope access for AzureKV Provider
 2021-10-20 19:39:15 +00:00
Gustavo Carvalho
8e7da7b6ed Fixing sonar cloud duplication 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2021-10-18 17:24:18 -03:00
Gustavo Carvalho
a5f5ecf6a5 Fixing ClusterScope access for AzureKV Provider 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2021-10-18 17:17:42 -03:00
Sebastian Gomez
aa182f4e0f Fixed Sonarqube yandex codesmell 2021-10-18 12:02:14 -04:00
Daniel Hix
8bfa7cffa1 Update tests to remove code duplication 2021-10-12 16:06:01 -05:00
Daniel Hix
1ab920bc6b Swap to switch statements to ease readability 2021-10-12 15:49:41 -05:00
Daniel Hix
9c5c588b19 Move logic into separate function to try and help code smell 2021-10-12 15:42:26 -05:00
Daniel Hix
1b3a1f1941 Add tests for ConfigMaps 2021-10-12 14:34:26 -05:00
Daniel Hix
0f71dd0846 Add config map option/ability to specify for cert in caProvider 2021-10-12 14:33:38 -05:00
Lucas Severo Alves
9e3914b944
Merge pull request #420 from FGA-GCES/mateus/code_smells 
Fix some code smells
 2021-10-12 18:50:38 +02:00
Lucas Severo Alves
c00afc9ff7
Merge pull request #329 from FGA-GCES/feat/immutable-secrets 
Add immutable secrets
 2021-10-12 18:20:23 +02:00
Daniel Hix
e6c6749a86 utilize new test function to remove code smells 2021-10-11 19:19:46 -05:00
Daniel Hix
87204969c7 Fix code smell. 2021-10-11 19:11:25 -05:00
Daniel Hix
a075963b10 Add test for missing cert secret 2021-10-11 19:08:16 -05:00
Daniel Hix
4b17163501 Added simple test making the store with CA in secrets 2021-10-11 18:57:13 -05:00
Daniel Hix
275f1c4094 Added simple test to make sure it's getting the cert. 2021-10-09 13:26:26 -05:00
Arthur
7649fe2c47 create function for each ibm provider secret get case 2021-10-07 15:45:37 -03:00
Arthur
6eba9df3b1 separate function to remap secret data on ibm.GetSecretMap to reduce cognitive complexity 2021-10-07 15:22:19 -03:00
Arthur
1600960b36 separate vault test cases run function for better cognitive complexity 2021-10-07 14:48:13 -03:00
Eduardo Vieira
c68e00ce0c Creating map-foo and bar const for testing 2021-10-07 10:55:04 -03:00
Eduardo Vieira
b2b6b5255d Defining targetProp const for reutilization 2021-10-07 10:50:27 -03:00
Eduardo Vieira
3d5c0b54e6 Changing expectedSecretValue declaration scope 2021-10-07 10:43:59 -03:00
Eduardo Vieira
7502e2c557 Adding FakeManager and test-secret const for testing 2021-10-07 10:39:13 -03:00
Arthur
e617ce9e23 refactor vault token functions for better cognitive complexity 2021-10-07 10:21:49 -03:00
Mateus Oliveira Patrício
1a5bd14eea create const for "provider should be registered" 2021-10-07 09:26:29 -03:00
Mateus Oliveira Patrício
269c65bd24 create const for string literal 
"[%d] unexpected error: %s, expected: '%s'"
 2021-10-07 09:26:16 -03:00
Mateus Oliveira Patrício
4760525ed3 refactored 4 string literals to consts 2021-10-07 09:25:45 -03:00
Arthur
0990f29876 Merge branch 'feat/immutable-secrets' of github.com:FGA-GCES/external-secrets into feat/immutable-secrets 2021-10-06 21:24:50 -03:00
Arthur
1f5978eb13 add tests for controller reconciling logic 2021-10-06 21:23:41 -03:00
Daniel Hix
3ff2bfd559 Fix linting issue 2021-10-06 11:28:13 -05:00
Daniel Hix
b3a44fdbd0
Merge branch 'external-secrets:main' into vault-ca-provider 2021-10-06 10:38:59 -05:00
Daniel Hix
d7c861d38d Add logic to pull cert from K8s secret. 2021-10-05 23:55:57 -05:00
Lucas Severo Alves
91851bb738
Merge pull request #381 from cooperbenson-qz/cooperbenson-qz/issue376 
Revoke Vault token on Close
 2021-10-05 08:55:01 +02:00
Cooper Benson
af5b8295bb Revoke Vault token on Close 
Fixes #376
 2021-09-22 16:10:54 -06:00
Mateus Oliveira Patrício
b16d4389b9 refactor: remove unnecessary convert 2021-09-22 23:57:36 +02:00
Mateus Oliveira Patrício
b2adb77f1b fix: syncWithoutTargetName test case 2021-09-22 23:57:36 +02:00
Mateus Oliveira Patrício
42a658c2b1 WiP: no target name unit test 2021-09-22 23:57:36 +02:00
Arthur
9f2a17f220 Merge branch 'main' into feat/immutable-secrets 2021-09-22 14:20:35 -03:00
Arthur
4de31e9d4d stopping reconciling for immutable secrets based on es conditions 2021-09-17 21:37:21 -03:00
Moritz Johner
ce02f98db9 fix: add explicit test for using dataFrom + template 2021-09-10 16:07:39 +02:00
Lucas Severo Alves
9d3b05a2c7
Merge pull request #365 from KianTigger/oracle-provider 
Oracle provider
 2021-09-10 12:17:37 +01:00
Alexander Chernov
280964f84e
fix: dependent kind=secret are not recreated in case of deletion. (#349) 
* chore: whitespace, typos, superflous aliases

* fix: deleted child secret is not recreated straight away.

* fix: e2e run
 2021-09-09 11:14:17 +02:00
Arthur
8417b34d26 make reconciling stop if es is synced and immutable 2021-09-08 20:44:23 -03:00
Kian
e448c77833 Fixing incorrect naming of services 2021-09-03 17:28:20 +01:00