1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

330 commits

Author SHA1 Message Date
Moritz Johner
736b287b6d
implement azure referent auth (#1886)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-01-13 18:30:34 +00:00
Moritz Johner
5384954f46
aws secretsmanager/parameterstore referent auth (#1884)
* feat: implement referentAuth for aws

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: e2e tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Update pkg/provider/aws/provider.go

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* Update pkg/provider/aws/provider.go

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

* feat: allow each credential to be referent

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2023-01-13 10:19:25 +01:00
Moritz Johner
11c61d8581
feat: referent auth for gcp (#1887)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-01-10 14:40:42 +01:00
Gustavo Fernandes de Carvalho
6677c1e52d
🧹 chore: bumps (#1896)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2023-01-09 16:07:21 -03:00
dependabot[bot]
f2124d74da
🧹 chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.171 to 1.44.172 (#1857)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.171 to 1.44.172.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.171...v1.44.172)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-04 20:51:09 +01:00
Moritz Johner
ac46bd2700
chore: bump golang-jwt (#1858)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-01-03 23:49:34 +00:00
Gustavo Fernandes de Carvalho
0bd9ea4dbd
Templates from string (#1748)
* Adds templates from string

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2023-01-03 19:02:43 -03:00
Gustavo Fernandes de Carvalho
ed173dcf77
chore: bumps (#1852)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2023-01-03 22:11:59 +01:00
Gustavo Fernandes de Carvalho
3762297fb3
🧹 chore: bumps (#1807)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-12-12 14:37:22 -03:00
Gustavo Fernandes de Carvalho
823486ced1
🧹chore:bumps (#1797)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-12-11 09:19:47 -03:00
Gustavo Fernandes de Carvalho
2f5fe6c594
🧹chore: bumps (#1792)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-12-07 14:40:51 -03:00
Gustavo Fernandes de Carvalho
0cb799b5cf
Feature/push secret (#1315)
Introduces Push Secret feature with implementations for the following providers:

* GCP Secret Manager
* AWS Secrets Manager
* AWS Parameter Store
* Hashicorp Vault KV

Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com>
Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com>
Signed-off-by: William Young <will.young@engineerbetter.com>
Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com>
Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com>
Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com>
Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com>
2022-11-29 16:04:46 -03:00
Gustavo Fernandes de Carvalho
d71e905a47
🧹chore: bumps (#1758)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-11-28 07:46:50 -03:00
Moritz Johner
dd08a78684
feat: fips compliant build using boringcrypto (#1731)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-11-23 21:25:19 +01:00
Moritz Johner
1ca002cb9b
chore: bump dependencies (#1741)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-11-21 23:08:35 +01:00
dependabot[bot]
b3334228ed
chore(deps): bump github.com/aws/aws-sdk-go from 1.44.141 to 1.44.142 (#1730)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.141 to 1.44.142.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.44.141...v1.44.142)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-11-19 19:55:18 +01:00
Moritz Johner
a60a6d96c4
feat: bump deps (#1729)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-11-19 00:48:02 +01:00
Gustavo Fernandes de Carvalho
bd4495814b
🧹Bumping versions (#1708)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-11-09 17:44:07 -03:00
Gustavo Fernandes de Carvalho
d1fa28532d
🧹 chore: bumping versions (#1688)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-10-31 06:54:52 -03:00
Moritz Johner
dabfa5a589
Feature: initial generator implementation + Github Actions OIDC/AWS (#1539)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2022-10-29 20:15:50 +02:00
Moritz Johner
2d5cb1b28c
chore: bump 0.6.1 (#1678)
* chore: bump 0.6.1

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: increase timeout for azure/e2e test

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-28 21:18:14 +02:00
Moritz Johner
8643e65100
chore: bump dependencies (#1667)
* chore: bump dependencies

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: bump libksba package

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: cleanup go sum

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-25 22:42:34 +02:00
Moritz Johner
e9c8c4548d
fix: bump golang/x/text pkg (#1652)
address CVE-2022-32149
https://avd.aquasec.com/nvd/2022/cve-2022-32149/

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-19 21:33:28 +02:00
dependabot[bot]
9a3928e274
chore(deps): bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0 (#1643)
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/googleapis/gax-go/releases)
- [Commits](https://github.com/googleapis/gax-go/compare/v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-17 22:14:47 +02:00
dependabot[bot]
7213c2db60
chore(deps): bump cloud.google.com/go/iam from 0.3.0 to 0.5.0 (#1645) (#1644)
* chore(deps): bump cloud.google.com/go/iam from 0.3.0 to 0.5.0

Bumps [cloud.google.com/go/iam](https://github.com/googleapis/google-cloud-go) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.3.0...v0.5.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/iam
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: bump e2e

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-17 20:11:22 +02:00
dependabot[bot]
ec6dc62f01
chore(deps): bump cloud.google.com/go/iam from 0.3.0 to 0.5.0 (#1645)
* chore(deps): bump cloud.google.com/go/iam from 0.3.0 to 0.5.0

Bumps [cloud.google.com/go/iam](https://github.com/googleapis/google-cloud-go) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.3.0...v0.5.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/iam
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: bump e2e

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-17 19:12:58 +02:00
dependabot[bot]
4e59e48aef
chore(deps): bump github.com/onsi/gomega from 1.21.1 to 1.22.1 (#1647)
* chore(deps): bump github.com/onsi/gomega from 1.21.1 to 1.22.1

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.21.1 to 1.22.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.21.1...v1.22.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: bump e2e deps

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-17 19:12:24 +02:00
Yannay Hammer
14f5ddf198
Added namespace condition to ClusterSecretStore (#1635)
* Added namespace condition to ClusterSecretStore

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Added the new conditions field to the docs

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Added tests to ClusterSecretStore namespace conditions

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Added some comments to explain tests better

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Fixed a testcase

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Increased golangci timeout to 10m

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Fixed test to use fakeProvider correctly

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Removed hardcoded timeout from make lint

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Improved error message on non matching namespace

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Modified testCase to use GenericStore interface

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Attempt at generalizing the testcase and reducing code duplication

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* Reduced some diff

Signed-off-by: Yannay Hammer <yannayha@gmail.com>

* fix: tidy e2e mod

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Yannay Hammer <yannayha@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Docs <docs@external-secrets.io>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-17 16:40:18 +02:00
dependabot[bot]
27d0cd72f5
chore(deps): bump sigs.k8s.io/controller-runtime from 0.12.3 to 0.13.0 (#1547)
* chore(deps): bump sigs.k8s.io/controller-runtime from 0.12.3 to 0.13.0

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.12.3 to 0.13.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.12.3...v0.13.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: remove dependency on crossplane-runtime/pkg/test

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-13 20:24:56 +02:00
dependabot[bot]
c85e87dd08
chore(deps): bump github.com/aws/aws-sdk-go from 1.44.101 to 1.44.114 (#1627)
* chore(deps): bump github.com/aws/aws-sdk-go from 1.44.101 to 1.44.114

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.101 to 1.44.114.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.101...v1.44.114)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: add ginkgo tools

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-10 21:13:39 +02:00
dependabot[bot]
792f15fe9e
chore(deps): bump google.golang.org/grpc from 1.49.0 to 1.50.0 (#1622)
* chore(deps): bump google.golang.org/grpc from 1.49.0 to 1.50.0

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.49.0 to 1.50.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.49.0...v1.50.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: bump e2e pkg

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-10 20:48:22 +02:00
Tanat Lokejaroenlarb
2caea38f9d
Allow specifying the webhook's readiness probe port (#1593)
* Parameterize the readiness probe port and add a default address since `healthz-address` is an address not a port

Signed-off-by: insomniacoder <tanatloke@gmail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-10-07 00:06:28 +02:00
Moritz Johner
1672dfd556
feat: test UBI image build (#1574)
* feat: test UBI image build

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-Authored-By: Idan Adar <iadar@il.ibm.com>
Co-Authored-By: mrgadgil
2022-10-06 19:14:13 +02:00
Dominik Zeiger
fa38fe1e60
enable configuration of environment_scope for gitlab provider (#1565)
* enable configuration of environment_scope for gitlab provider

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
2022-09-27 22:08:38 +02:00
Moritz Johner
af367e9933
chore: refactor provider (#1529)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-09-12 14:55:46 +02:00
Moritz Johner
ed0ceb8d84
fix: aws parameter store json decode, bump go 1.19 (#1525)
* fix: parameter store should decode complex json values

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-09-06 19:46:36 +02:00
dependabot[bot]
67fedc840e
Kubernetes v1.24 upgrade (#1345)
* build(deps): bump sigs.k8s.io/controller-runtime from 0.11.2 to 0.12.3

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.11.2 to 0.12.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.11.2...v0.12.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* feat: bump kubernetes 1.24

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: backwards-compatible vault implementation

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add audiences field to serviceAccountRef

This will be used by aws, azure, gcp, kubernetes & vault providers
in combination with TokenRequest API: it will _append_ audience claims
to provider-specific audiences.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: refactor kubernetes client to match provider/client interfaces

the kubernetes provider mixed up provider and client interfaces which
made it really hard to reason about. This commit separates into two
structs, each implements one interface.
The client struct fields have been renamed and annotated so their use
and scope is clear.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: deprecate expirationSeconds

expirationSeconds is not needed because we generate a
service account token on the fly for a single use.
There will be no replacement for this.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: rename token fetch audiences field

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: generate CRDs

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-08-19 17:32:06 +02:00
Gustavo Fernandes de Carvalho
b4e7acfaa9
Implements dataFrom key rewrite (#1381)
* Implements dataFrom key rewrite

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* docs: add example to remove invalid characters

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-08-04 15:24:02 -03:00
Gustavo Fernandes de Carvalho
a99628eb06
🐛fixes e2e tests (#1420)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-08-02 16:58:46 -03:00
Gustavo Fernandes de Carvalho
fa91ba0f6c
Adds DecodingStrategy to ExternalSecrets (#1294)
Fixes #920

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-07-12 09:18:00 -03:00
Docs
f4d6b7392a fix lint recomendations 2022-06-21 17:41:02 -03:00
Docs
9d55b9bbeb Adds azure managed test case 2022-06-21 14:46:50 -03:00
Docs
6a0aee37e7 Adds CreateSecretStoreWithWI method 2022-06-21 14:46:17 -03:00
Moritz Johner
cff9be1664
feat(kubernetes): allow service account auth (#1201)
* feat(kubernetes): allow service account auth

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-06-13 21:49:05 +02:00
Moritz Johner
8c14f8aff0 fix: loosen validation to enable referent auth.
also adding tests for vault. this is the only provider that supports
that as of now.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-05-23 20:10:16 +02:00
Moritz Johner
8e0a5b96c6
ArgoCD & Flux e2e suites (#1041)
* feat: add gitops suite

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add flux tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: pin to v1.23 kubectl version to avoid invalid apiVersion issue

see: https://github.com/aws/aws-cli/issues/6920
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Revert "fix: pin to v1.23 kubectl version to avoid invalid apiVersion issue"

This reverts commit 2f78226cdce1683a0255457b41199d10dd30509f.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-05-23 16:14:21 +02:00
Docs
b8370897f0
Update docs from v1alpha to v1beta1, fix typos 2022-04-18 12:15:39 -07:00
Merlin
4820cc9165 Ignore ExternalSecret processing if the store is not usuable (e.g.
NotReady).
2022-04-13 23:24:39 +02:00
paul-the-alien[bot]
84af221762
Merge pull request #959 from external-secrets/chore/refactor-vault
Chore/refactor vault
2022-04-13 13:02:14 +00:00
Gustavo Carvalho
4fcf272ce0 Refactoring vault provider. Removing RawRequest in favor of Logical
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-04-13 07:13:25 -03:00
Gustavo Carvalho
b5220fa618 Adding some options for webhook deployment:
* hostNetwork for webhook pod
 * FailurePolicy for validatingwebhook definition
 * Changed webhook port to a configurable value
 * Defined default value as 9443
Fixes #944

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-04-11 15:16:20 -03:00
Docs
2c246c6d56 feat: gcp getall implementaion 2022-04-06 18:29:27 +02:00
Moritz Johner
c2bcceb057
feat: implement deletionPolicy (#900)
* feat: implement deletionPolicy

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gustavo.carvalho@container-solutions.com>
2022-04-05 13:38:06 +02:00
Alfred Krohmer
d7022b1bef
feat(vault): add option for JWT backend to authenticate with Kubernetes service account token (#768) 2022-04-04 21:20:58 +02:00
Gustavo Carvalho
c779ef59e7 Marking v1alpha1 as deprecated.
Improving docs and menu order.
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-03-29 11:21:32 -03:00
Gustavo Carvalho
a2a4effa4a Adding docs for v1beta1 vs v1alpha1. Added one test for v1alpha1 compatibility
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-03-29 11:11:07 -03:00
Moritz Johner
56c69a1063
feature: aws getallsecrets (#820)
* feature: aws getallsecrets

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: e2e test / find by name

* feat: add get-by-tags tests, consolidate with existing ones

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add path tests

* fix: revert azure

* fix: secretsmanager prealloc

* feat: aws sm path tests

* feat: implement secretsmanager path filter

* fix: use low refresh interval due to eventual consistency

* revert makefile changes

* fix: add path test cases to managed

Co-authored-by: Docs <docs@external-secrets.io>
2022-03-24 17:09:32 +01:00
Gustavo Carvalho
bae43b39c4 Adding mutexes only for GCP provider
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-03-24 06:34:07 -03:00
Daniel Hix
324c7def06
feat: implement ClusterExternalSecret (#542)
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2022-03-20 09:32:27 +01:00
paul-the-alien[bot]
fb056cc9b5
Merge pull request #784 from external-secrets/feature/hashivault-getallsecrets
Implements Hashicorp Vault GetAllSecrets
2022-03-12 11:19:04 +00:00
Gustavo Carvalho
caf00a43aa Chore: bumping gitlab-go to 0.58.0
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-03-10 08:46:17 -03:00
Gustavo Carvalho
94d68f6a18 Adding EngineVersion=v1 to GCP e2e tests
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-03-09 14:42:41 -03:00
Gustavo Carvalho
10c3ba355d Changes e2e test default api to v1beta1. Adds GetAllSecrets test
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-03-09 13:43:37 -03:00
Gustavo Carvalho
40ec693479 Merge branch 'main' into feature/conversion-webhook
Fixed conflicts and implemented necessary changes for v1beta1
2022-02-16 16:00:32 -03:00
Gustavo Carvalho
2e6017dd4b Using cobra commands instead of several binaries
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-02-15 08:52:52 -03:00
Gustavo Carvalho
23eb831571 Fixing cert-controller image tag
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-02-13 19:08:30 -03:00
Gustavo Carvalho
0db78819bb Fixing lints and adding correct image names in eso.go
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-02-13 16:37:32 -03:00
Gustavo Carvalho
3c167edd4b Fixing some helm linting and an error on e2e Makefile
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-02-13 16:05:34 -03:00
Gustavo Carvalho
c40aebdfba Adding variables to configure versions of webhook and certcontroller
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-02-13 15:59:18 -03:00
Gustavo Carvalho
bbedad6053 WIP: improve deployment manifests to be on a functional state
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-02-13 15:53:40 -03:00
Moritz Johner
a627e82639 chore: fix smells
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-02-11 08:26:32 +01:00
Moritz Johner
54e68399ec feat: implement template engine v2
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-02-11 08:26:31 +01:00
paul-the-alien[bot]
027f28ec97
Merge pull request #700 from EladGabay/elad/oci-secret-by-name
oracle vault: Use instance principal if auth is empty
2022-02-10 10:34:40 +00:00
Moritz Johner
5b8ab034ec feat(vault): marshal nested value as json, add docs
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-02-08 08:05:10 +01:00
Elad Gabay
fe416890b1 oracle vault: Use instance principal if auth is empty
Currently the oracle vault's secretstore uses a specific user credentials.
This commit introduce a new way to access the vault, using the instance principal.

All user's details moved to "auth" section in the OracleProvider which now is optional.
If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them.

In addition:
- Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference.
- Bump OCI SDK version.
2022-02-07 18:38:10 +02:00
Lucas Severo Alves
5a464df585
Revert "GetAllSecrets CRD and Azure implementation" 2022-02-01 16:52:18 +01:00
paul-the-alien[bot]
ca0cda7c16
Merge pull request #613 from external-secrets/getall-Secrets
GetAllSecrets CRD and Azure implementation
2022-02-01 13:18:20 +00:00
paul-the-alien[bot]
b54b8c7588
Merge pull request #653 from external-secrets/chore/update-k8s
chore: update k8s / envtest
2022-01-29 16:25:32 +00:00
Moritz Johner
d651f689e7 feat(e2e): add tests for type=cert and type=key
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-01-28 20:24:37 +01:00
Moritz Johner
e015bed08d chore: update k8s / envtest 2022-01-28 19:51:07 +01:00
Sebastian Gomez
43e4eb320a Merge branch 'main' into getall-Secrets 2022-01-27 16:44:29 -05:00
Moritz Johner
64589cddda chore: implement aws parameterstore e2e tests
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-01-27 08:36:45 +01:00
Sebastian Gomez
dd23a813d6 Merge branch 'main' into getall-Secrets 2022-01-26 12:35:35 -05:00
Sebastian Gomez
48ac7b991f Created new struct for dataFrom 2022-01-25 16:01:33 -05:00
Moritz Johner
5d396e1351 chore: test e2e-managed
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-01-25 08:04:17 +01:00
Sebastian Gomez
d607eb60df main conflict resolution 2022-01-24 16:52:20 -05:00
Sebastian Gomez
0cc03caae4 Fixed lint issues 2022-01-24 16:17:18 -05:00
Moritz Johner
759d241cd9 chore: test e2e
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-01-24 21:28:37 +01:00
Moritz Johner
ea5689a945 chore: test e2e
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-01-24 20:23:33 +01:00
Moritz Johner
008268ee00 feat(e2e): implement aws tests, enhance gcp tests
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-01-21 23:37:50 +01:00
Moritz Johner
e392839e43 fix(e2e): use correct auth compsition 2022-01-14 20:37:02 +01:00
paul-the-alien[bot]
4c6b6a1e84
Merge pull request #525 from HanseMerkur/vault_optional_path
Optional path for Vault SecretStore
2022-01-14 19:33:29 +00:00
paul-the-alien[bot]
6acb8852b5
Merge pull request #469 from external-secrets/chore/specific_e2e_setup
Initial setup for wi gcp testing
2022-01-14 19:27:54 +00:00
Lucas Severo Alves
e88ec163e0 Add a methods for gcp and aws prep
Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com>
2022-01-14 20:15:30 +01:00
Moritz Johner
73472be795
fix: try to fix cluster location 2022-01-12 23:43:45 +01:00
Lennart Weller
23c859eaf9 Pull changes from linter 2022-01-10 10:12:17 +01:00
Lennart Weller
0d06247163 Made SecretStore path for Vault optional
* Backwards compatible change
  * Added tests to check for a range of possible combinations for paths
2022-01-10 10:12:17 +01:00
Brent Spector
f76188026d proposed fix for JWT tests 2022-01-07 13:09:22 -08:00
Lucas Severo Alves
ae6cadf70c Use ClusterSecretStore so we set namespace of SA 2021-12-31 11:26:14 +01:00
Lucas Severo Alves
25763fde81 e2e testing for gcp Workload Identity 2021-12-30 22:08:00 +01:00
Hao Xin
9b9d2d1a33 chore: fix git ignore 2021-12-27 11:13:03 +08:00
Moritz Johner
9c7abdfdac chore: update go to 1.17 2021-12-17 12:23:57 +01:00
Moritz Johner
80fac0f697 feat: add gcp workload identity via SA
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2021-12-17 12:20:12 +01:00
Lucas Severo Alves
8a99845d70 chore: replace alpine by distroless 2021-12-06 14:17:24 +01:00
Lucas Severo Alves
2c07e7d49a
Merge pull request #475 from renanaAkeyless/main
Add Akeyless provider
2021-11-16 13:09:20 +01:00
Lucas Severo Alves
d112e6c67a Bump jwt module 2021-11-11 14:45:31 +01:00
renanaAkeyless
5d400f4a43
Merge branch 'external-secrets:main' into main 2021-11-10 17:18:51 +02:00
renanaAkeyless
91a34bbbc6 PR Suggested change 2021-11-10 15:57:37 +02:00
Lucas Severo Alves
e37c429d44 Add --load to docker build 2021-11-10 14:51:16 +01:00
renanaAkeyless
ecef240319
Merge branch 'external-secrets:main' into main 2021-11-09 20:43:31 +02:00
renanaAkeyless
0348bbb59d lint 2021-11-08 13:27:12 +02:00
renanaAkeyless
67541a843d e2e 2021-11-07 17:37:22 +02:00
Cameron McAvoy
ed3e62f400 Bump e2e kind & tools versions, remove dep on ginkgo on path 2021-11-06 15:20:40 -05:00
Lucas Severo Alves
54c1a3d9d8
Merge pull request #460 from jmhobbs/golangci-lint-update
golangci-lint install and version update
2021-11-02 20:05:20 -03:00
Lucas Severo Alves
8dd81df1f3 Remove cred dependency if you wanna run less tests 2021-11-01 18:58:33 +01:00
andreabenf
a0385ef7f2 Changing variables names 2021-10-28 14:11:14 -03:00
andreabenf
565e509282 adjusting lint 2021-10-28 14:09:19 -03:00
andreabenf
460de06636 adjusting code smells 2021-10-28 14:09:19 -03:00
John Hobbs
3fa562dd14 Silence gocritic lint on e2e test file. 2021-10-27 17:03:39 -05:00
Opeyemi Alao
511154f0f9 refactor vault e2e test 2021-10-25 17:05:15 +01:00
Mateus Oliveira Patrício
adb8a0bc4b create const for "provider-secret" 2021-10-07 09:24:31 -03:00
Mateus Oliveira Patrício
67ba8d597b create const for "RSA PRIVATE KEY" 2021-10-07 09:24:21 -03:00
Mateus Oliveira Patrício
4b1f974d90 fix: edit proper func 2021-09-23 14:22:27 -03:00
Mateus Oliveira Patrício
f4fa26e375 fix: change tests message. 2021-09-23 14:07:21 -03:00
Mateus Oliveira Patrício
e38481b748 e2e: add json test case to providers and vault 2021-09-23 14:01:06 -03:00
Mateus Oliveira Patrício
4c12ce0333 e2e: created JSONDataWithoutTargetName() test case 2021-09-23 14:00:24 -03:00
Mateus Oliveira Patrício
bf43f7604d test: add entry to oracle provider 2021-09-22 23:57:36 +02:00
Mateus Oliveira Patrício
3b1fc13079 test: add compose for each vault case 2021-09-22 23:57:36 +02:00
Mateus Oliveira Patrício
5b468c4b4f test: add test entries to provider 2021-09-22 23:57:36 +02:00
Mateus Oliveira Patrício
5284aca883 test: create e2e test to SyncWithoutTargetName 2021-09-22 23:57:36 +02:00
Lucas Severo Alves
9d3b05a2c7
Merge pull request #365 from KianTigger/oracle-provider
Oracle provider
2021-09-10 12:17:37 +01:00
Kian
8dd4a19778 Fixing assignment issues 2021-09-09 23:57:43 +01:00
Alexander Chernov
280964f84e
fix: dependent kind=secret are not recreated in case of deletion. (#349)
* chore: whitespace, typos, superflous aliases

* fix: deleted child secret is not recreated straight away.

* fix: e2e run
2021-09-09 11:14:17 +02:00
Kian
af4c10bd0c Adding environment variables for e2e tests and fixed incorrectly used arguments in 2 functions 2021-09-07 11:20:09 +01:00
Kian
e448c77833 Fixing incorrect naming of services 2021-09-03 17:28:20 +01:00
Kian
e2480d81b0 Fixing unecessary type conversion for secret creation and deletion 2021-09-03 11:23:59 +01:00
Kian
8f4f95102e Fixing doc and lint issues. Adding necessary documentation 2021-09-02 16:06:52 +01:00
KianTigger
9d6f7ac46f Merge branch 'main' of https://github.com/external-secrets/external-secrets into external-secrets-main 2021-09-02 15:23:54 +01:00
Kian
baa91c75c8 Completed Oracle provider, e2e tests non functional due to lack of company OCI account 2021-09-02 15:19:47 +01:00
Elsa Chelala
db5b4c5044 eat: add status printcolumn to ES CRD (#318)
Formatting changes
2021-08-31 13:14:09 -04:00
Elsa Chelala
d3bcf021a7 e2e tests 2021-08-30 16:22:00 -04:00
Elsa Chelala
ab1b51534f Remove old non working e2e tests 2021-08-30 16:04:16 -04:00
Elsa Chelala
882b348ff5 WiP: e2e and unit tests 2021-08-30 15:25:33 -04:00
Kian
926e37448a Developing unit tests and fixing provider files. In process of starting to write e2e test files 2021-08-27 16:09:39 +01:00
jabray5
aca08e09d9 fixed E2E and unit tests 2021-08-25 16:47:06 +02:00
jabray5
cac9a72797 e2e tests pass 2021-08-25 16:47:06 +02:00
jabray5
f83926c5e6 passes 1st e2e test 2021-08-25 16:47:06 +02:00
Lucas Severo Alves
7fbbb37b59
Merge pull request #320 from spirosoik/feat/iss-289
Add the ability of ESO to reconcile only in scoped namespace
2021-08-24 18:49:50 +02:00
Spiros Economakis
5e3b2a0ad0
Add the ability of ESO to reconcile only in scoped namespace
By default ESO reconciles `Kind=ExternalSecret` across every namespace
in a k8s cluster. With the new flag `--nameespace` we can scope the
reconciling only to the provided namespace.

Ticket: #289
2021-08-20 14:29:44 +03:00
Moritz Johner
9c5c0415c1 feat: add vault e2e tests 2021-08-06 22:25:55 +02:00
Kian
6feafe9043 Changing secret types to match test 2021-08-01 10:30:26 +02:00
Kian
77e910af97 Removing irrelevant comment change 2021-07-29 12:35:38 +01:00
Kian
7be8db468e fixing local changes 2021-07-29 12:25:08 +01:00
Kian
db6b9297cd fixing conflicts and pulling changes 2021-07-29 11:43:57 +01:00
Kian
7b40930aba SSHKey Property test removed for vault as it has a certificate/key specific secret type/plugin that is at this moment unsupported. SSHKey Property test added to other providers. All tests pass 2021-07-28 12:43:45 +01:00
Kian
25d53fb805 Added SSHKey data property test that works with vault. Updated tests that run on all providers. 2021-07-27 16:16:26 +01:00
Kian
e179bca70e fixed vault docker JSON configuration test. Also works with all providers. 2021-07-26 11:12:08 +01:00
Kian Kordtomeikel
723d8b53b6 fixed error messages and switch case in vault provider. Attempted fixes for vault JSON syncing errors 2021-07-23 16:01:08 +01:00
Kian Kordtomeikel
4d644f847c Playing around with vault errors 2021-07-23 09:27:23 +01:00
Kian Kordtomeikel
621f5fbefd reversing changes to simpledatasync 2021-07-22 15:23:31 +01:00
Kian Kordtomeikel
41d5ad4dc1 Testing changing secret value to JSON to work with vault 2021-07-22 14:50:54 +01:00
Kian Kordtomeikel
686cad9234 SSH Key common sync test, JSON Parsing error with vault. 2021-07-22 13:00:21 +01:00
Kian Kordtomeikel
65475983e2 updating message, doesn't work with vault 2021-07-21 19:47:35 +01:00
KianTigger
fcf1f84cf3 Docker json template test added to common 2021-07-21 17:35:08 +01:00
Kian Kordtomeikel
c1ed066c45 common dockerjson config test 2021-07-21 16:41:32 +01:00
Moritz Johner
466938522c feat(aws): add jwt authentication 2021-07-17 20:39:24 +02:00
Moritz Johner
ea46ec1911 fix(e2e): refactor e2e tests 2021-07-12 22:03:59 +02:00
Lucas Severo Alves
6637f7746a increase pod-running-timeout 2021-07-02 16:00:05 +02:00
Lucas Severo Alves
be0ae67e24 fix: increase kind timeout 2021-07-02 15:06:36 +02:00
Lucas Severo Alves
f082019b1d test: add ci variables 2021-06-29 16:01:13 +02:00
ric
e4e90123b3 test: e2e test setup for azure 2021-06-29 16:01:11 +02:00
Moritz Johner
73ca014cfb feat: implement templateFrom 2021-06-28 21:29:09 +02:00
Lucas Severo Alves
3c26b806bc feat: add property feature to gcp 2021-06-25 14:14:01 +02:00
Lucas Severo Alves
475f835efd test: Add inner key e2e test to aws 2021-06-22 12:14:47 +02:00
ric
b1942ecac6 add deleteGCPSecretsManagerSecret for GCP test 2021-06-18 12:09:22 +02:00
Lucas Severo Alves
86ffe1028d Add dataFrom test in aws 2021-06-18 12:09:22 +02:00
Lucas Severo Alves
3f91d2f4a1 Add dataFrom test in gcp 2021-06-18 12:09:22 +02:00
Lucas Severo Alves
b8c9c3c7d4 Add SA json creds as env var 2021-06-18 12:09:22 +02:00
Lucas Severo Alves
0655e600d5 test: Add e2e initial test for gcp 2021-06-18 12:09:22 +02:00
Moritz Johner
7beec56522 feat: add basic e2e test 2021-04-25 15:44:15 +02:00