1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

518 commits

Author SHA1 Message Date
Sebastian Gomez
6f8a4c4a35 Removed duplicated code 2022-01-13 12:43:42 -05:00
Lennart Weller
015b35add2 Linter wasn't happy. Again 2022-01-13 18:40:23 +01:00
Sebastian Gomez
8784bfc5ba Fixed lint issues 2022-01-13 12:13:33 -05:00
Sebastian Gomez
119d4b809b Merge branch 'main' into akv-table-tests 2022-01-13 10:45:48 -05:00
Sebastian Gomez
d75fcb9269 Fixed some lint issues 2022-01-12 15:29:57 -05:00
Sebastian Gomez
385caa156f Table driven test with anonymous functions implemented.
The NewClient tests were kept as they were.
2022-01-12 14:33:38 -05:00
paul-the-alien[bot]
44d4cf061b
Merge pull request #559 from willemm/feat/generic_webhook
Add generic webhook provider
2022-01-11 15:50:05 +00:00
Willem Monsuwe
00558e1dd5 Moved http client initialization to NewClient 2022-01-11 11:09:12 +01:00
Willem M
7160cab0b8
Use MethodGet field instead of hardcoded string literal
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2022-01-11 00:02:32 +01:00
Lennart Weller
23c859eaf9 Pull changes from linter 2022-01-10 10:12:17 +01:00
Lennart Weller
0d06247163 Made SecretStore path for Vault optional
* Backwards compatible change
  * Added tests to check for a range of possible combinations for paths
2022-01-10 10:12:17 +01:00
Brent Spector
26f9be4fb1 add path to jwt vault auth 2022-01-05 15:22:00 -08:00
Brent Spector
561bd3ae56 Add support for mount path in ldap auth 2022-01-05 14:54:50 -08:00
Willem Monsuwe
aed3d30736 Apparently I was a bit overzealous in removing nil checks 2021-12-30 10:45:36 +01:00
Willem Monsuwe
fe043ed8ed TIL you can range over nil slices in go 2021-12-30 09:02:29 +01:00
Willem Monsuwe
f971d4b9b3 Try to address some complexity code smells 2021-12-29 17:18:52 +01:00
Willem Monsuwe
d04508e974 Added generic webhook provider
This provider allows a secretstore with a generic url (templated)
which will be called with a defined method, headers (templated)
and optional body (also templated)
The response can be parsed out with a jsonPath expression
2021-12-29 10:53:29 +01:00
Lucas Severo Alves
fc4eedfd63
Merge pull request #427 from jack-evans/concurrency
add concurrent flag to allow more reconciles at the same time
2021-12-27 11:10:45 +01:00
Moritz Johner
b9f2910182 fix: supported nested json with dataFrom
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2021-12-22 21:11:39 +01:00
Jack Evans
d77f543c98
add concurrent flag to allow more reconciles at the same time 2021-12-17 15:36:51 +00:00
Moritz Johner
80fac0f697 feat: add gcp workload identity via SA
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2021-12-17 12:20:12 +01:00
paul-the-alien[bot]
78d046b712
Merge pull request #530 from ADustyOldMuffin/add-docs-and-fix-ca-vault
Add documentation for CAProvider namespace and fix issue with SecretStore
2021-12-16 19:44:24 +00:00
Vladimir Fedin
c351efcc15
Add ability provide CA for Yandex' Lockbox provider (#487)
* Add ability provide CA for Yandex' Lockbox provider

* Add tests for getting CA from secrets at Lockbox provider

* fixup! Add tests for getting CA from secrets at Lockbox provider

Co-authored-by: Vladimir Fedin <vladimirfedin@yandex-team.ru>
2021-12-16 20:16:23 +01:00
Andrew Leap
60fd67aeec Add testcase 2021-12-16 15:14:27 +00:00
Andrew Leap
f1fad4576c Support common idiom for GCP SM
Common idiom for GCP SM is like:
{
    "name": {
        "client_id": "<client_id>",
        "client_secret": "<client_secret>",
    }
}

Using DataFrom, the current GCP SM will fail to unmarshal cause it's expecting
{
    "name": "{\"client_id\": \"<client_id>\", \"client_secret\": \"<client_secret>\"}",
}
which is much more annoying to work with.  By tweaking the implementation to
try to decode to a string, but if that fails, use the raw []byte of the value
we get the best of both worlds.
2021-12-15 18:47:43 +00:00
Daniel Hix
d53b3df7f8 Remove namespace requirement for secret store and require for cluster secret store 2021-12-13 17:07:32 -06:00
Daniel Hix
e8791280a9 Some quick lint fixes. 2021-12-13 14:27:15 -06:00
Daniel Hix
d0a46060cc Add test to check for invalid duration input. 2021-12-13 14:14:37 -06:00
Daniel Hix
082cee230f Merge branch 'main' into ibm-enable-retries 2021-12-13 13:27:57 -06:00
Laszlo Varadi
a976e32831 Supporting Managed Identity authentication for Azure Keyvault 2021-12-06 10:26:34 +01:00
Moritz Johner
12a25fca8b fix: IsNil fails on struct value 2021-11-26 09:59:10 +01:00
Martin Montes
394c4257f1
Checking nil value when parsing secret values. Added tests 2021-11-19 11:15:07 +01:00
Martin Montes
d09beae10b
fix: checking nil values when reading secret in vault provider 2021-11-18 19:23:17 +01:00
renanaAkeyless
ecef240319
Merge branch 'external-secrets:main' into main 2021-11-09 20:43:31 +02:00
renanaAkeyless
7ae9c40668 Update akeyless.go 2021-11-09 20:35:01 +02:00
renanaAkeyless
0348bbb59d lint 2021-11-08 13:27:12 +02:00
renanaAkeyless
4a5877d926 Adde Akeyless 2021-11-07 16:18:40 +02:00
paul-the-alien[bot]
0fb03e4650
Merge pull request #450 from external-secrets/feature/log-on-success
Added log for first secret reconciliation after errors
2021-11-02 23:34:57 +00:00
Lucas Severo Alves
54c1a3d9d8
Merge pull request #460 from jmhobbs/golangci-lint-update
golangci-lint install and version update
2021-11-02 20:05:20 -03:00
paul-the-alien[bot]
cc79b7b615
Merge pull request #422 from FGA-GCES/eduardo/code_smells
Fixing some codeSmells
2021-11-02 23:04:05 +00:00
Eduardo Vieira
1742b9c9fc Adjsuting lint 2021-11-02 18:30:39 -03:00
Gustavo Carvalho
03afd1099c Adding inline comments explaining log functionality
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2021-11-01 17:53:59 -03:00
andreabenf
a0385ef7f2 Changing variables names 2021-10-28 14:11:14 -03:00
andreabenf
460de06636 adjusting code smells 2021-10-28 14:09:19 -03:00
John Hobbs
33cee58948 Replace deprecated golangci-lint checkers. 2021-10-27 17:01:15 -05:00
paul-the-alien[bot]
91140d0d83
Merge pull request #445 from external-secrets/fix/aws-provider-panic
Fixing panic due to no Namespace on ServiceAccountRef
2021-10-27 12:48:31 +00:00
Gustavo Fernandes de Carvalho
b8ba78d1b1 Added log for first secret reconciliation after errors
Fixes #444

Signed-off-by: Gustavo Fernandes de Carvalho <gustavo.carvalho@container-solutions.com>
2021-10-25 16:29:22 -03:00
paul-the-alien[bot]
6279801382
Merge pull request #437 from external-secrets/fix/codesmells
Fixed Sonarqube yandex codesmell
2021-10-25 17:31:33 +00:00
Gustavo Carvalho
403b1a34a0 Fixing lint
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2021-10-22 14:45:21 -03:00
Gustavo Carvalho
389f7e45de Reducing duplications and fixing code smells
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2021-10-22 14:39:37 -03:00
Gustavo Carvalho
d022cc31ab Fixing panic due to no Namespace on ServiceAccountRef
Fixes #419

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2021-10-22 14:22:40 -03:00
Eduardo Lima
ff90d4eb44
Removing "map" from test const name 2021-10-21 14:46:47 -03:00
Daniel Hix
3b743a39b8 Enable retries on the IBM provider 2021-10-20 18:50:21 -05:00
Arthur
dc8398b6c1 merge main into refactor/cognitifeComplexity 2021-10-20 19:15:29 -03:00
Arthur
e44b025cdd fix lint 2021-10-20 19:04:58 -03:00
paul-the-alien[bot]
d9f30a3350
Merge pull request #414 from ADustyOldMuffin/vault-ca-provider
Add the ability to specify cert for Vault from K8s Secrets
2021-10-20 21:43:37 +00:00
paul-the-alien[bot]
7ab0fcf502
Merge pull request #438 from gusfcarvalho/fix/433
Fixing ClusterScope access for AzureKV Provider
2021-10-20 19:39:15 +00:00
Gustavo Carvalho
8e7da7b6ed Fixing sonar cloud duplication
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2021-10-18 17:24:18 -03:00
Gustavo Carvalho
a5f5ecf6a5 Fixing ClusterScope access for AzureKV Provider
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2021-10-18 17:17:42 -03:00
Sebastian Gomez
aa182f4e0f Fixed Sonarqube yandex codesmell 2021-10-18 12:02:14 -04:00
Daniel Hix
8bfa7cffa1 Update tests to remove code duplication 2021-10-12 16:06:01 -05:00
Daniel Hix
1ab920bc6b Swap to switch statements to ease readability 2021-10-12 15:49:41 -05:00
Daniel Hix
9c5c588b19 Move logic into separate function to try and help code smell 2021-10-12 15:42:26 -05:00
Daniel Hix
1b3a1f1941 Add tests for ConfigMaps 2021-10-12 14:34:26 -05:00
Daniel Hix
0f71dd0846 Add config map option/ability to specify for cert in caProvider 2021-10-12 14:33:38 -05:00
Lucas Severo Alves
9e3914b944
Merge pull request #420 from FGA-GCES/mateus/code_smells
Fix some code smells
2021-10-12 18:50:38 +02:00
Lucas Severo Alves
c00afc9ff7
Merge pull request #329 from FGA-GCES/feat/immutable-secrets
Add immutable secrets
2021-10-12 18:20:23 +02:00
Daniel Hix
e6c6749a86 utilize new test function to remove code smells 2021-10-11 19:19:46 -05:00
Daniel Hix
87204969c7 Fix code smell. 2021-10-11 19:11:25 -05:00
Daniel Hix
a075963b10 Add test for missing cert secret 2021-10-11 19:08:16 -05:00
Daniel Hix
4b17163501 Added simple test making the store with CA in secrets 2021-10-11 18:57:13 -05:00
Daniel Hix
275f1c4094 Added simple test to make sure it's getting the cert. 2021-10-09 13:26:26 -05:00
Arthur
7649fe2c47 create function for each ibm provider secret get case 2021-10-07 15:45:37 -03:00
Arthur
6eba9df3b1 separate function to remap secret data on ibm.GetSecretMap to reduce cognitive complexity 2021-10-07 15:22:19 -03:00
Arthur
1600960b36 separate vault test cases run function for better cognitive complexity 2021-10-07 14:48:13 -03:00
Eduardo Vieira
c68e00ce0c Creating map-foo and bar const for testing 2021-10-07 10:55:04 -03:00
Eduardo Vieira
b2b6b5255d Defining targetProp const for reutilization 2021-10-07 10:50:27 -03:00
Eduardo Vieira
3d5c0b54e6 Changing expectedSecretValue declaration scope 2021-10-07 10:43:59 -03:00
Eduardo Vieira
7502e2c557 Adding FakeManager and test-secret const for testing 2021-10-07 10:39:13 -03:00
Arthur
e617ce9e23 refactor vault token functions for better cognitive complexity 2021-10-07 10:21:49 -03:00
Mateus Oliveira Patrício
1a5bd14eea create const for "provider should be registered" 2021-10-07 09:26:29 -03:00
Mateus Oliveira Patrício
269c65bd24 create const for string literal
"[%d] unexpected error: %s, expected: '%s'"
2021-10-07 09:26:16 -03:00
Mateus Oliveira Patrício
4760525ed3 refactored 4 string literals to consts 2021-10-07 09:25:45 -03:00
Arthur
0990f29876 Merge branch 'feat/immutable-secrets' of github.com:FGA-GCES/external-secrets into feat/immutable-secrets 2021-10-06 21:24:50 -03:00
Arthur
1f5978eb13 add tests for controller reconciling logic 2021-10-06 21:23:41 -03:00
Daniel Hix
3ff2bfd559 Fix linting issue 2021-10-06 11:28:13 -05:00
Daniel Hix
b3a44fdbd0
Merge branch 'external-secrets:main' into vault-ca-provider 2021-10-06 10:38:59 -05:00
Daniel Hix
d7c861d38d Add logic to pull cert from K8s secret. 2021-10-05 23:55:57 -05:00
Lucas Severo Alves
91851bb738
Merge pull request #381 from cooperbenson-qz/cooperbenson-qz/issue376
Revoke Vault token on Close
2021-10-05 08:55:01 +02:00
Cooper Benson
af5b8295bb Revoke Vault token on Close
Fixes #376
2021-09-22 16:10:54 -06:00
Mateus Oliveira Patrício
b16d4389b9 refactor: remove unnecessary convert 2021-09-22 23:57:36 +02:00
Mateus Oliveira Patrício
b2adb77f1b fix: syncWithoutTargetName test case 2021-09-22 23:57:36 +02:00
Mateus Oliveira Patrício
42a658c2b1 WiP: no target name unit test 2021-09-22 23:57:36 +02:00
Arthur
9f2a17f220 Merge branch 'main' into feat/immutable-secrets 2021-09-22 14:20:35 -03:00
Arthur
4de31e9d4d stopping reconciling for immutable secrets based on es conditions 2021-09-17 21:37:21 -03:00
Moritz Johner
ce02f98db9 fix: add explicit test for using dataFrom + template 2021-09-10 16:07:39 +02:00
Lucas Severo Alves
9d3b05a2c7
Merge pull request #365 from KianTigger/oracle-provider
Oracle provider
2021-09-10 12:17:37 +01:00
Alexander Chernov
280964f84e
fix: dependent kind=secret are not recreated in case of deletion. (#349)
* chore: whitespace, typos, superflous aliases

* fix: deleted child secret is not recreated straight away.

* fix: e2e run
2021-09-09 11:14:17 +02:00
Arthur
8417b34d26 make reconciling stop if es is synced and immutable 2021-09-08 20:44:23 -03:00
Kian
e448c77833 Fixing incorrect naming of services 2021-09-03 17:28:20 +01:00
Kian
344d7fd2e9 fixing unnecessary conversion 2021-09-03 11:20:21 +01:00
Kian
694db476f9 Making changes based on feedback 2021-09-03 11:14:17 +01:00
Moritz Johner
059c54bc53 fix: allow using tpl metadata 2021-09-02 18:14:03 +02:00
Kian
700c2b5869 fixing kms issue 2021-09-02 15:28:36 +01:00
KianTigger
9d6f7ac46f Merge branch 'main' of https://github.com/external-secrets/external-secrets into external-secrets-main 2021-09-02 15:23:54 +01:00
Kian
baa91c75c8 Completed Oracle provider, e2e tests non functional due to lack of company OCI account 2021-09-02 15:19:47 +01:00
Elsa Chelala
db5b4c5044 eat: add status printcolumn to ES CRD (#318)
Formatting changes
2021-08-31 13:14:09 -04:00
Elsa Chelala
ab1b51534f Remove old non working e2e tests 2021-08-30 16:04:16 -04:00
Elsa Chelala
55441ecd77 Working unit tests 2021-08-30 15:25:33 -04:00
Elsa Chelala
882b348ff5 WiP: e2e and unit tests 2021-08-30 15:25:33 -04:00
Elsa Chelala
e053010e67 WiP: Working provider, implementing the e2e tests 2021-08-30 15:25:33 -04:00
Elsa Chelala
7f6dcb5edb WiP: Alibaba Provider 2021-08-30 15:25:26 -04:00
Ted
6f1fae0637 feat: specify GitLab URL to connect to 2021-08-27 18:19:28 -04:00
Kian
926e37448a Developing unit tests and fixing provider files. In process of starting to write e2e test files 2021-08-27 16:09:39 +01:00
Arthur
e32353c8a4 fixing tests for immutable secret 2021-08-26 15:05:15 -03:00
paul-the-alien[bot]
5e433b6ac9
Merge pull request #319 from Jabray5/gitlab-ci-secrets
Gitlab CI variables
2021-08-26 08:16:49 +00:00
Lucas Severo Alves
a4c2c93255 fix: rebase conflits 2021-08-25 16:54:16 +02:00
Lucas Severo Alves
21df9b5729 fix: error strings 2021-08-25 16:47:06 +02:00
jabray5
aca08e09d9 fixed E2E and unit tests 2021-08-25 16:47:06 +02:00
jabray5
cac9a72797 e2e tests pass 2021-08-25 16:47:06 +02:00
jabray5
f83926c5e6 passes 1st e2e test 2021-08-25 16:47:06 +02:00
jabray5
d45469acc7 operator functional and retrieves secrets from gitlab 2021-08-25 16:47:05 +02:00
jabray5
8211200e4d added GetSecret and GetSecretMap functions to Gitlab 2021-08-25 16:45:41 +02:00
jabray5
16c0d81290 fixed environment variable names 2021-08-25 16:45:41 +02:00
jabray5
349c193131 made env variables more consistent with other providers 2021-08-25 16:45:41 +02:00
jabray5
92f6077079 Added gitlab provider 2021-08-25 16:45:39 +02:00
Lucas Severo Alves
fb51f8bc57 fix: wi for clusterstore 2021-08-25 14:56:28 +02:00
paul-the-alien[bot]
ee830e47e3
Merge pull request #323 from AndreyZamyslov/lockbox
Add support for Yandex Lockbox
2021-08-25 10:06:21 +00:00
zamysel
0dc8842b85 Merge branch 'main' into lockbox 2021-08-25 11:23:15 +03:00
Alexander Chernov
29ff7e797d
Merge branch 'external-secrets:main' into feat/aws-cache 2021-08-25 07:42:28 +01:00
Alexander Chernov
dae7237953 feat: added cache in aws secret manager provider 2021-08-25 07:38:13 +01:00
zamysel
1e66d123b9 Add support for Yandex Lockbox: long lived connections to lockbox api 2021-08-24 21:41:45 +03:00
Mouhsen Ibrahim
403a47c116 Add support for Google Cloud Identity
If the name of the service account secret is kept
empty, this means we want to use Google Cloud Identity
to authenticate against the GCP project
2021-08-23 22:28:24 +02:00
paul-the-alien[bot]
201e43f4af
Merge pull request #327 from spirosoik/fix/iss-315
Fix the issue for non deleting one/more key-value pair
2021-08-20 15:26:37 +00:00
zamysel
c7229199f3 Add support for Yandex Lockbox: custom API endpoint 2021-08-20 16:16:35 +03:00
Mateus Oliveira Patrício
6655ed120e fix: use es name if target secret is empty 2021-08-19 18:43:34 -03:00
Arthur
c8315865a1 add immutable field on ExternalSecretTarget and on v1.Secret creation
Co-authored-by: mouhsen-ibrahim <mouhsen.ibrahim@gmail.com>
2021-08-18 19:55:10 -03:00
Kian
b030aed0a2 Merge remote-tracking branch 'origin/main' into oracle-provider 2021-08-18 14:41:30 +01:00
Kian
3ae7015725 Setting up all necessary files for provider. 2021-08-18 13:42:12 +01:00
Spiros Economakis
73ec3a5368
Fix the issue for non deleting one/more key-value pair
The issue is that the `dataMap` from the provider returns only the remaining data
and we were updating partially the current `secretMap` only for the keys included
in the new value.

Ticket: #315
2021-08-18 14:30:20 +03:00
zamysel
6b2f852eb6 Add support for Yandex Lockbox: custom API endpoint 2021-08-17 20:13:13 +03:00
zamysel
0815fcf857 Add support for Yandex Lockbox: tests 2021-08-17 19:30:05 +03:00
zamysel
7017935888 Add support for Yandex Lockbox 2021-08-12 20:05:02 +03:00
Spiros Economakis
f1829f0445
Set the metric when is deleted to condition deleted and false (#306)
* Set the metric when is deleted to condition deleted and false

When a metrics is deleted metrics are still shown ready and condition true.
In practice this gives the wrong monitoring as the external secret in practice
is deleted.

Issue: #231

* Fix name and namespace for the metric of deletion
2021-08-07 23:40:26 +02:00
paul-the-alien[bot]
e0a3eb648b
Merge pull request #302 from ContainerSolutions/k8s_common_types_e2e_tests
K8s common types e2e tests
2021-08-04 09:29:07 +00:00
Kian
abe1a9a202 Fixing incoming changes 2021-08-03 22:38:59 +02:00
Kian
17fa30737c Attempting to fix lint issues with gofmt -s 2021-08-03 13:20:18 +01:00
KianTigger
28b50123e3
Adding back removals caused by incorrect commit.
Pulled wrong version to edit and commit. Undoing changes.
2021-08-03 13:09:30 +01:00
KianTigger
3eeb69c897
Merge branch 'main' into k8s_common_types_e2e_tests 2021-08-03 13:01:59 +01:00
Kian
0558fb6f13 Fixing merge issues and secret logging 2021-08-03 12:53:45 +01:00
Kian
7167e042b6 Fixing merge issues and secret logging 2021-08-03 12:51:55 +01:00
Kian
3514227291 Amending logging secret values when debugging. Kept different error messages 2021-08-03 11:59:22 +01:00
KianTigger
78b0589a07
Merge branch 'external-secrets:main' into main 2021-08-03 11:49:55 +01:00
Kian
f413c5e5d7 Amending logging secret values when debugging. Kept different error messages 2021-08-03 11:42:10 +01:00
Moritz Johner
49fbf72bf6 fix: zero refreshInterval shouldn't sync 2021-08-02 22:48:13 +02:00
Lucas Severo Alves
3c6e548cfa we want inner values to be strings, even if it is json strings 2021-08-01 10:36:52 +02:00
Kian
6f3adf91d5 fixing lint issues 2021-08-01 10:11:21 +02:00
paul-the-alien[bot]
e65658d543
Merge pull request #265 from ricardoptcosta/mtls-auth
feat: adding Vault TLS client authentication
2021-07-30 14:20:42 +00:00
Kian
fec30259e9 fixing lint issues 2021-07-29 13:17:07 +01:00
Kian
77638df745 fixing lint issues 2021-07-29 13:14:34 +01:00
Kian
5558a90523 fixing lint issues 2021-07-29 13:11:23 +01:00
Kian
1164ea56c5 fixing lint issues 2021-07-29 13:05:08 +01:00
Kian
7be8db468e fixing local changes 2021-07-29 12:25:08 +01:00
Kian
db6b9297cd fixing conflicts and pulling changes 2021-07-29 11:43:57 +01:00
Moritz Johner
8e61b49c82 fix: resource leak 2021-07-28 09:45:25 +02:00
paul-the-alien[bot]
22632116c2
Merge pull request #275 from Jabray5/new-azure-getsecretmap
fix azure GetSecretMap
2021-07-28 07:29:21 +00:00
Lucas Severo Alves
b01497cc54 fix: GetSecretMap unit test, return error for key,cert
Co-authored-by: Joey Brayshaw <joeybrayshaw@gmail.com>
2021-07-27 19:28:53 +02:00
jabray5
2f3c2f1bc7 fixed error formatting 2021-07-27 14:55:31 +01:00
ric
2ab70cc510 Merge branch 'main' into mtls-auth 2021-07-26 09:43:56 +01:00
ric
832a06c69a add unit tests on Client TLS Auth 2021-07-26 09:39:38 +01:00
Lawrence Brogan
3a4dfadb68 Fix Openshift 4.7 issues
Add `externalsecrets/finalizers` to the controller ClusterRole.

Loop through all ServiceAccount secrets for the token before failing
unstead of solely checking the first one.
2021-07-23 11:31:16 -06:00
Kian Kordtomeikel
723d8b53b6 fixed error messages and switch case in vault provider. Attempted fixes for vault JSON syncing errors 2021-07-23 16:01:08 +01:00
ric
a772f6339e fix lint warnings 2021-07-23 08:56:02 +01:00
Tymofii Polekhin
cf694874c3
Feature/ibm support more secret types (#271)
* ibm: add username_password, iam_credentials, imported_cert secret types. Update secrets-manager-go-sdk to v1.0.23.

* ibm: fix secret type test

* Fix lint issues

* run go mod tidy

* add tests for new secret types
2021-07-22 00:07:25 +02:00
ric
44ef7756ef refactoring to implement changes suggested in pull request 265 ,namely, 1) fetch client certificate and key as tls k8s secrets and 2) pass them directly to TLSClientConfig avoiding storing in disk 2021-07-21 22:30:49 +01:00
jabray5
3f6df6f158 fix azure GetSecretMap 2021-07-21 15:53:18 +01:00
ric
4221c1b151 remove cacert from client Authentication. It's already in CABundle. 2021-07-20 14:44:58 +01:00
Moritz Johner
466938522c feat(aws): add jwt authentication 2021-07-17 20:39:24 +02:00
Lucas Severo Alves
846562e057
Merge pull request #266 from ElsaChelala/nil-interface
Nil interface check - Comparison test changes
2021-07-15 17:04:49 +02:00
Elsa Chelala
f80462f4b9 Implemented test for nil client 2021-07-15 09:50:05 -04:00
Elsa Chelala
decbc10405 Add error condition in the secretsmanager tests.
Also added check to see if the interface is nil in GCP provider.
2021-07-14 15:34:26 -04:00
ric
7de9dc98c5 small fix on constant name 2021-07-14 16:39:50 +01:00
ric
0edf4154da merge with main 2021-07-14 14:26:04 +01:00
ric
c7fc6b24d3 complete initial version to review 2021-07-14 13:00:24 +01:00
ric
daffd18457 start work on getClientCertPath() 2021-07-13 22:55:21 +01:00
ric
73be01d492 most work done - missing unit tests and path do certs 2021-07-13 21:44:10 +01:00
paul-the-alien[bot]
2ab5bf800e
Merge pull request #262 from external-secrets/feature/refactor-e2e
fix(e2e): refactor e2e tests
2021-07-13 15:45:33 +00:00
Moritz Johner
ea46ec1911 fix(e2e): refactor e2e tests 2021-07-12 22:03:59 +02:00
Moritz Johner
59a851c941 feat(ctrl): implement creationPolicy=Merge/None 2021-07-12 18:45:44 +02:00
Moritz Johner
6d2f3dd7b1 fix(template): fix templateFrom tpl execution 2021-07-10 17:51:16 +02:00
paul-the-alien[bot]
abdfbac872
Merge pull request #235 from ContainerSolutions/ibm_provider
feat: ibm provider implementation
2021-07-05 10:22:31 +00:00
Elsa Chelala
57025eeef8 fix: aws test comparison 2021-07-02 14:05:44 -04:00
Elsa Chelala
b98563a812 fix: test comparison 2021-07-02 13:35:56 -04:00
ric
fd53e76247 feat: ibm provider implementation
Co-authored-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>
Co-authored-by: Lucas Severo <lucassalves65@gmail.com>
Co-authored-by: Joey Brayshaw <joeybrayshaw@gmail.com>
Co-authored-by: Elsa Chelala <elsachelala@gmail.com>
Co-authored-by: choilmto <choilmto@gmail.com>
Co-authored-by: Adrian Mouat <adrian.mouat@gmail.com>
Co-authored-by: ricardoptcosta <ricardoptcosta@gmail.com>
Co-authored-by: Gabi Beyer <Gabrielle.Beyer@container-solutions.com>
Co-authored-by: Tomasz Tarczynski <ttarczynski@users.noreply.github.com>
Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
2021-07-02 16:00:05 +02:00
Moritz Johner
73ca014cfb feat: implement templateFrom 2021-06-28 21:29:09 +02:00
paul-the-alien[bot]
f4dd6d547a
Merge pull request #217 from ContainerSolutions/gcp_property
feat: add property feature to gcp
2021-06-25 21:46:49 +00:00
Moritz Johner
5ac02ed2c4 feat: add synced resource version status 2021-06-25 21:23:29 +02:00
Lucas Severo Alves
01267ea6aa fix: close method for conections that need closing 2021-06-25 16:13:02 +02:00
Lucas Severo Alves
924c29fc8c Add unit tests for property based secret 2021-06-25 14:38:39 +02:00
Lucas Severo Alves
3c26b806bc feat: add property feature to gcp 2021-06-25 14:14:01 +02:00
paul-the-alien[bot]
662910fa7f
Merge pull request #215 from external-secrets/fix/az-key-types
support more azure key types
2021-06-24 18:37:20 +00:00
paul-the-alien[bot]
526a96d825
Merge pull request #196 from ElsaChelala/docs
Added doc strings and comments for the controllers package
2021-06-24 09:03:30 +00:00
Elsa Chelala
30d2c8648c Added changes to the Reconcile function documentation 2021-06-23 09:36:37 -04:00
Moritz Johner
0a56d2d388 fix: support more azure key types 2021-06-23 10:06:57 +02:00
Elsa Chelala
776ef0d27b dded doc strings and comments for the controllers package 2021-06-21 13:12:06 -04:00
Lucas Severo Alves
0655e600d5 test: Add e2e initial test for gcp 2021-06-18 12:09:22 +02:00
Ahmed MUSTAFA
07254798ee Avoid using Env variables for authorization , fix lint errors 2021-06-07 10:54:50 +02:00
Nicolas Courbet
2eaeff6444 Fix formatting issue with gci 2021-06-02 17:15:25 +02:00
Nicolas Courbet
0e49b84f6d Rebase on master, and rework unit tests 2021-06-02 17:14:58 +02:00
Ahmed MUSTAFA
1c17744c8b refactor the code to include the type as prefix of the secret name , handle Azure KV keys , simplify certificate management depending on templatng features , and remove the handling of tags 2021-06-02 17:09:48 +02:00
Ahmed MUSTAFA
4733427527 refactor vaultUrl and move it from External secrets to secret store 2021-06-02 17:04:50 +02:00
mjiao
fc95068034 Support azure kv as provider 2021-06-02 17:03:15 +02:00
Lee Wei
add9c81932
chore: refactor parameterstore unit test (#164)
* new parameterstoreTestCase struct
* remove swp files
* ignore vim swp
* refactor TestGetSecretMap
* refactor TestGetSecret
* add api error test
* fix test case
2021-05-28 07:17:54 +02:00
Gabi
c610913683 Add first round of unit tests for gcpsm 2021-05-27 11:43:34 +02:00
Gabi
bf0e5c4c52 Refactor gcp secretmanager
* Create store client struct
* Add authentication method
* Use error handling constants
* Add GetSecretMap functionality
2021-05-27 11:43:34 +02:00
Gabi
e19bb62a48 For GCPSM use provider NewClient interface 2021-05-27 11:43:34 +02:00
1aziz
51509513b0 remove unnecessary GCP provider's interface properties 2021-05-27 11:43:34 +02:00
1aziz
c3197051cb add provider for gcp 2021-05-27 11:43:34 +02:00
paul-the-alien[bot]
9a2ce587ac
Merge pull request #167 from external-secrets/chore/refactor-ctrl-tests
chore: refactor es ctrl tests
2021-05-27 06:31:34 +00:00
Moritz Johner
7f07c712ac chore: refactor es ctrl tests 2021-05-23 13:41:42 +02:00
Lee Wei
186228f0e0 rename remoteRef name 2021-05-22 00:20:05 +08:00
Moritz Johner
e5d6e30d00 fix: template data should be string, fix update mechanics 2021-05-20 08:46:22 +02:00
xxxbobrxxx
c900c8deb5 #150 Fix JWT bugs 2021-05-14 09:40:13 +03:00
xxxbobrxxx
e4d8fb4046 #150 Implement LDAP and JWT/OIDC auth methods 2021-05-13 19:19:57 +03:00
Gabi Beyer
303ac560f8
Merge pull request #138 from gabibeyer/sm-testcases-44
Add tweaks for secretsManager tests
2021-05-05 15:38:19 +02:00
paul-the-alien[bot]
1877a38996
Merge pull request #132 from external-secrets/fix/status-conditions
fix: update condition when error message changes
2021-05-05 06:22:14 +00:00
Gabi
0340bffb8e Add tweaks for secretsManager GetSecretMaps tests
Using the test case struct and tweaks function from GetSecrets,
create anonymous functions to test the GetSecretMaps call.

Move the `setApiErr` variable to be global and shared by both
tests.
2021-05-04 17:12:52 +02:00
Gabi
73fd040965 Add tweaks for secretsManager GetSecret tests
For readability and scalability, create a struct with default
test case values, then use anonymous function "tweaks" with only the
changes from default to test on.
2021-05-04 13:35:44 +02:00
Moritz Johner
6b14f3ac03 fix: ensure condition errors do not change with every req 2021-05-03 22:29:26 +02:00
Moritz Johner
f49de4f887 fix: update condition when error message changes
fixes #116
2021-05-03 22:28:19 +02:00
Moritz Johner
5f719a3dce fix(tpl): fail on parse/execute error
fixes #126
2021-05-01 21:58:58 +02:00
paul-the-alien[bot]
4de378f939
Merge pull request #120 from external-secrets/feat/e2e-tests
feat: e2e tests
2021-04-28 15:57:39 +00:00
paul-the-alien[bot]
682edff175
Merge pull request #119 from cnmcavoy/cnmcavoy/vault-cluster-secret-store
Add support for cluster secret store with the vault provider
2021-04-27 15:49:49 +00:00
Moritz Johner
1376181d2d fix: add tests for endpoint provider 2021-04-26 08:28:39 +02:00
Moritz Johner
3d53b64303 fix: metrics tests 2021-04-25 16:29:25 +02:00
Moritz Johner
7beec56522 feat: add basic e2e test 2021-04-25 15:44:15 +02:00
Moritz Johner
b8ecff54c0 feat(aws): allow custom endpoints 2021-04-25 01:26:10 +02:00
Moritz Johner
8c8064e0e1
Draft: feat: implement template (#69)
* feat: implement template
2021-04-23 08:22:23 +02:00
Jonatas Baldin
b8fda4387d
Merge pull request #110 from external-secrets/metrics-first-iteration
Add first iteration of custom metrics
2021-04-22 18:35:35 +02:00
Cameron McAvoy
4d3faf70a1 Add support for cluster secret store with the vault provider 2021-04-20 18:47:28 -05:00
Cameron McAvoy
f2d77e0324 Add service account selector to vault provider to look up the sa token 2021-04-19 13:26:29 -05:00
Jonatas Baldin
8eb569fc92 Remove uneceassary comment 2021-04-15 12:00:06 +02:00
Jonatas Baldin
866411997a Fix flaky tests (I hope!) 2021-04-14 17:18:14 +02:00
Jonatas Baldin
be51883506 Fix lint errors 2021-04-14 17:02:02 +02:00
Jonatas Baldin
90137df9a0 Remove controller predicate, add externalSecretCondition metric 2021-04-14 16:51:31 +02:00
Jonatas Baldin
07e81f262c Fix "File is not gci-ed" lint error 2021-04-12 17:51:51 +02:00
Jonatas Baldin
d7fced6310 Rename sync_calls_total and sync_calls_error variables to adhere coding style 2021-04-12 17:23:41 +02:00
Jonatas Baldin
80f6376d2c Add first iteration of custom metrics 2021-04-12 17:07:43 +02:00
Kellin McAvoy
6318811108 Cleanup and remove kustomize manifests in favor of Helm chart 2021-04-08 13:56:11 -05:00
Kellin McAvoy
7be249ba63 Add vault provider implementation 2021-03-26 03:36:48 -05:00
Moritz Johner
2c059b71ba
feat: add ssm parameter store support (#59)
* feat: add parameter store implementation
2021-03-22 19:14:19 +01:00
Moritz Johner
640978ca9e
feat: awssm refactoring (#57)
* fix: refactor awssm provider
2021-03-10 11:43:25 +01:00
Moritz Johner
ad686d4b50
feat: refactor provider / secretsclient interface (#55)
* feat: refactor provider / secretsclient interface

see #53
2021-03-08 14:20:58 +01:00
Moritz Johner
a017255464
fix: validate refresh interval, refresh externalsecret (#48)
* fix: refresh es
2021-03-05 23:58:08 +01:00
Moritz Johner
53cc579ee8
fix: ssm may respond with nil SecretString (#41)
also: support nested json keys like foo.bar
details here: https://github.com/tidwall/gjson
2021-02-26 09:11:16 +01:00
Moritz Johner
92be45df6a
add awssm support (#34)
* feat: add awssm

fixes #26
2021-02-24 20:01:28 +01:00
Moritz Johner
89c56c269f
feat: status conditions (#25)
* feat: implement es ready condition

Co-authored-by: Kellin <kellinmcavoy@gmail.com>
2021-02-15 21:51:38 +01:00
Moritz Johner
adb4de943d chore: update dependencies 2021-02-06 13:16:36 +01:00
Lucas Severo Alves
60aaecf76b Linter fixes 2021-01-27 12:44:25 +01:00
Lucas Severo Alves
04f3dd4119 Merge branch 'main' into add-main-controller-logic 2021-01-27 12:18:11 +01:00
Lucas Severo Alves
3227e730f1 Change dir structure and adapt 2021-01-27 12:08:28 +01:00
Kellin McAvoy
3fd7586033 move controller into pkg 2021-01-07 12:50:59 -05:00
Jonatas Baldin
8ee64d918e Enable the New() method on the Prodiver interface to receive a GenericStore instead of a SecretStoreProvider) 2021-01-07 11:51:16 +01:00
Kellin McAvoy
3db006ddc4 feat: add cluster store 2020-12-29 13:02:29 -05:00
Kellin McAvoy
2e0a6effbe convert to multi-api 2020-12-29 12:25:08 -05:00
Kellin McAvoy
987d499241 cleanup: add lint and editorconfig 2020-12-21 14:38:48 -05:00
Kellin McAvoy
f1fb6cfa06 feat: implement provider interface
adds the provider interface, generic store and schema registration.
mostly taken from  itscontained/secret-manager

Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2020-12-01 15:57:14 +01:00
Jonatas Baldin
52fc65aeef Bootstrap project 2020-11-23 15:21:01 +01:00