1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

88 commits

Author SHA1 Message Date
Moritz Johner
54e68399ec feat: implement template engine v2
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-02-11 08:26:31 +01:00
Elad Gabay
fe416890b1 oracle vault: Use instance principal if auth is empty
Currently the oracle vault's secretstore uses a specific user credentials.
This commit introduce a new way to access the vault, using the instance principal.

All user's details moved to "auth" section in the OracleProvider which now is optional.
If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them.

In addition:
- Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference.
- Bump OCI SDK version.
2022-02-07 18:38:10 +02:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter (#466)
* Initial draft of reporter

* Test out reporter in AWS provider

* trying out different events approach

* feat: implement store reconciler and events

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add validate() method to provider interface

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: use static requeue interval in store ctrl

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-02-07 11:42:18 +01:00
Moritz Johner
fe1cb8bc69 feat(provider): implement fake provider
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-02-01 11:18:43 +01:00
Marc Billow
0753da1cbd Support for eventual consistency in Vault Enterprise 2022-01-19 16:25:01 -06:00
Lucas Severo Alves
16948ed572
Merge pull request #596 from EladGabay/elad/oci-secret-by-name
OCI Vault: Get secret by name from a specific Vault
2022-01-16 17:20:46 +00:00
Elad Gabay
f50438353e oracle: Add Vault OCID to provider 2022-01-16 12:05:58 +02:00
Elad Gabay
137ce182c1 oracle: Fix provider fields docs 2022-01-16 12:02:56 +02:00
paul-the-alien[bot]
4c6b6a1e84
Merge pull request #525 from HanseMerkur/vault_optional_path
Optional path for Vault SecretStore
2022-01-14 19:33:29 +00:00
paul-the-alien[bot]
44d4cf061b
Merge pull request #559 from willemm/feat/generic_webhook
Add generic webhook provider
2022-01-11 15:50:05 +00:00
Lennart Weller
f7f521317e add generated files 2022-01-10 10:12:17 +01:00
Lennart Weller
0d06247163 Made SecretStore path for Vault optional
* Backwards compatible change
  * Added tests to check for a range of possible combinations for paths
2022-01-10 10:12:17 +01:00
Brent Spector
5edb7e6af2 format for lint 2022-01-05 17:01:15 -08:00
Brent Spector
26f9be4fb1 add path to jwt vault auth 2022-01-05 15:22:00 -08:00
Brent Spector
561bd3ae56 Add support for mount path in ldap auth 2022-01-05 14:54:50 -08:00
Willem Monsuwe
d04508e974 Added generic webhook provider
This provider allows a secretstore with a generic url (templated)
which will be called with a defined method, headers (templated)
and optional body (also templated)
The response can be parsed out with a jsonPath expression
2021-12-29 10:53:29 +01:00
Moritz Johner
80fac0f697 feat: add gcp workload identity via SA
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2021-12-17 12:20:12 +01:00
paul-the-alien[bot]
78d046b712
Merge pull request #530 from ADustyOldMuffin/add-docs-and-fix-ca-vault
Add documentation for CAProvider namespace and fix issue with SecretStore
2021-12-16 19:44:24 +00:00
Vladimir Fedin
c351efcc15
Add ability provide CA for Yandex' Lockbox provider (#487)
* Add ability provide CA for Yandex' Lockbox provider

* Add tests for getting CA from secrets at Lockbox provider

* fixup! Add tests for getting CA from secrets at Lockbox provider

Co-authored-by: Vladimir Fedin <vladimirfedin@yandex-team.ru>
2021-12-16 20:16:23 +01:00
Daniel Hix
d53b3df7f8 Remove namespace requirement for secret store and require for cluster secret store 2021-12-13 17:07:32 -06:00
Daniel Hix
082cee230f Merge branch 'main' into ibm-enable-retries 2021-12-13 13:27:57 -06:00
Laszlo Varadi
a976e32831 Supporting Managed Identity authentication for Azure Keyvault 2021-12-06 10:26:34 +01:00
renanaAkeyless
b0116e3199
Update zz_generated.deepcopy.go 2021-11-09 21:14:53 +02:00
renanaAkeyless
085fbd5f35
Update zz_generated.deepcopy.go 2021-11-09 20:39:33 +02:00
renanaAkeyless
0348bbb59d lint 2021-11-08 13:27:12 +02:00
renanaAkeyless
4a5877d926 Adde Akeyless 2021-11-07 16:18:40 +02:00
Daniel Hix
99f49feee4 Add retry settings to secret store CRD 2021-10-20 18:50:01 -05:00
paul-the-alien[bot]
d9f30a3350
Merge pull request #414 from ADustyOldMuffin/vault-ca-provider
Add the ability to specify cert for Vault from K8s Secrets
2021-10-20 21:43:37 +00:00
Daniel Hix
8e303e6d77 Add caProvider to types 2021-10-05 23:55:44 -05:00
Arthur
9f2a17f220 Merge branch 'main' into feat/immutable-secrets 2021-09-22 14:20:35 -03:00
Lucas Severo Alves
9d3b05a2c7
Merge pull request #365 from KianTigger/oracle-provider
Oracle provider
2021-09-10 12:17:37 +01:00
Alexander Chernov
280964f84e
fix: dependent kind=secret are not recreated in case of deletion. (#349)
* chore: whitespace, typos, superflous aliases

* fix: deleted child secret is not recreated straight away.

* fix: e2e run
2021-09-09 11:14:17 +02:00
Kian
694db476f9 Making changes based on feedback 2021-09-03 11:14:17 +01:00
KianTigger
9d6f7ac46f Merge branch 'main' of https://github.com/external-secrets/external-secrets into external-secrets-main 2021-09-02 15:23:54 +01:00
Kian
baa91c75c8 Completed Oracle provider, e2e tests non functional due to lack of company OCI account 2021-09-02 15:19:47 +01:00
Elsa Chelala
db5b4c5044 eat: add status printcolumn to ES CRD (#318)
Formatting changes
2021-08-31 13:14:09 -04:00
Elsa Chelala
7f6dcb5edb WiP: Alibaba Provider 2021-08-30 15:25:26 -04:00
Ted
6f1fae0637 feat: specify GitLab URL to connect to 2021-08-27 18:19:28 -04:00
Kian
926e37448a Developing unit tests and fixing provider files. In process of starting to write e2e test files 2021-08-27 16:09:39 +01:00
Lucas Severo Alves
a4c2c93255 fix: rebase conflits 2021-08-25 16:54:16 +02:00
jabray5
d45469acc7 operator functional and retrieves secrets from gitlab 2021-08-25 16:47:05 +02:00
jabray5
92f6077079 Added gitlab provider 2021-08-25 16:45:39 +02:00
zamysel
0dc8842b85 Merge branch 'main' into lockbox 2021-08-25 11:23:15 +03:00
Mouhsen Ibrahim
03f3622c2c make auth key for GCPSM provider optional 2021-08-24 14:22:06 +02:00
Mouhsen Ibrahim
403a47c116 Add support for Google Cloud Identity
If the name of the service account secret is kept
empty, this means we want to use Google Cloud Identity
to authenticate against the GCP project
2021-08-23 22:28:24 +02:00
zamysel
c7229199f3 Add support for Yandex Lockbox: custom API endpoint 2021-08-20 16:16:35 +03:00
zamysel
42a3e2c457 Add support for Yandex Lockbox: docs 2021-08-19 17:33:36 +03:00
Arthur
c8315865a1 add immutable field on ExternalSecretTarget and on v1.Secret creation
Co-authored-by: mouhsen-ibrahim <mouhsen.ibrahim@gmail.com>
2021-08-18 19:55:10 -03:00
Kian
b030aed0a2 Merge remote-tracking branch 'origin/main' into oracle-provider 2021-08-18 14:41:30 +01:00
Kian
42d834aedf Adding fixes to necessary files 2021-08-18 13:46:24 +01:00