mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
1249 commits 135 branches 173 tags 201 MiB
Commit graph

347 commits

Author SHA1 Message Date
paul-the-alien[bot]
b9de64b967
Merge pull request #750 from external-secrets/feature/validating-webhook 
Feature: validating webhook
 2022-03-02 17:10:56 +00:00
Moritz Johner
8fc4484cc6 feat: implement validating webhook 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-03-01 21:25:15 +01:00
Marc Billow
6de9399126 Fix template fallback logic to handle TemplateFrom syntax 2022-02-23 16:34:50 -06:00
Moritz Johner
fb8f496204 Merge branch 'main' into feature/conversion-webhook 2022-02-23 08:15:03 +01:00
rodrmartinez
045e056719 Fix sonarcloud code smells 2022-02-22 15:55:31 -03:00
rodrmartinez
e887e49436 leaves Validate() method empty for now 2022-02-22 15:46:58 -03:00
rodrmartinez
7c4a17a9c3 Merge branch 'main' into feature/kubernetes-provider 2022-02-17 15:38:45 -03:00
rodrmartinez
86d7710727 changing kubernetes api struct 2022-02-17 14:45:43 -03:00
Gustavo Carvalho
847b95e4fd Merge branch 'main' into feature/conversion-webhook 
Disabled secrets cache for cert controller.

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-17 09:35:20 -03:00
paul-the-alien[bot]
18b4f2be8b
Merge pull request #703 from external-secrets/chore/cleanup-azure-provider 
chore: cleanup az/keyvault provider
 2022-02-17 11:56:00 +00:00
paul-the-alien[bot]
4cca87b6d7
Merge pull request #729 from external-secrets/fix/disable-sec-cm-cache 
feat: avoid caching secrets/configmaps
 2022-02-17 09:15:31 +00:00
Gustavo Carvalho
40ec693479 Merge branch 'main' into feature/conversion-webhook 
Fixed conflicts and implemented necessary changes for v1beta1
 2022-02-16 16:00:32 -03:00
paul-the-alien[bot]
86aedda434
Merge pull request #701 from external-secrets/feature/template-string-interface 
feat: implement template engine v2
 2022-02-16 17:16:24 +00:00
Moritz Johner
899cf72f22 feat: avoid caching secrets/configmaps 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-16 14:37:42 +01:00
paul-the-alien[bot]
ff4af57a7b
Merge pull request #727 from external-secrets/fix/vault-key-with-dot 
fix: vault keys should take precedence over gjson
 2022-02-15 18:28:41 +00:00
Moritz Johner
094bcf0332 fix: vault keys should take precedence over gjson 2022-02-15 17:28:14 +01:00
castaneai
3fd3cc0186
Fix the leak in GCPSM when the secret operator cannot find the secret. (#722) 
* fix(gcp): Fix the leak in GCPSM when the secret operator cannot find the secret.

The IAM client has an internal gRPC connection,
but if the secret fetch fails, the goroutine created by the gRPC connection will leak.

Therefore, close the IAM client when the creation of the GCPSM client fails.

* test: fix build error on fakeIAMClient
 2022-02-15 16:54:11 +01:00
Gustavo Carvalho
96cb340ace Implementing Requeue Interval for certController. Fixing unit tests and check-diff 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 16:05:17 -03:00
Gustavo Carvalho
1d8cfc4a12 Changed logic of Webhook check for certs. 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 15:46:10 -03:00
Gustavo Carvalho
31eedfbb26 Fixing up some code smells 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 10:36:12 -03:00
Gustavo Carvalho
1587fa02b1 Improved deployments and crd logic. Added cert-controller reconcile tests 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 10:08:27 -03:00
Gustavo Carvalho
3d9e5a9fdb Adding controller tests for cert-controller 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 09:01:21 -03:00
Gustavo Carvalho
e776f6d843 WIP: implementing separate deployments 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-13 09:14:41 -03:00
Gustavo Carvalho
ab03bcdcc7 Making reviewable 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-11 15:17:20 -03:00
Gustavo Carvalho
a85e487d1d Added unit tests for crd controller methods. 
Added simple GetAllSecrets logic test
Starting (and failing to) test on controller level

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-11 15:14:14 -03:00
Gustavo Carvalho
024b64fe39 Added Readiness Probe for helm charts. 
Fixed make generate command to not use kubectl
Fixed lint

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-11 08:10:11 -03:00
Moritz Johner
74fca707b3 feat(template): add filterPEM function 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:32:37 +01:00
Moritz Johner
9486dd85dd fix(template): extract multiple certs/keys from PKCS#12 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
009b60de19 fix(webhook): use v2 template funcs with webhook provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
a627e82639 chore: fix smells 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
54e68399ec feat: implement template engine v2 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:31 +01:00
Gustavo Carvalho
23784803ff Merge branch 'main' into feature/conversion-webhook 
Updated Oracle provider new specs for v1beta1
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 16:55:37 -03:00
Gustavo Carvalho
fd9e09a1ee WIP: Structured reconciliation loops for CRDs 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 14:12:13 -03:00
paul-the-alien[bot]
027f28ec97
Merge pull request #700 from EladGabay/elad/oci-secret-by-name 
oracle vault: Use instance principal if auth is empty
 2022-02-10 10:34:40 +00:00
rodrmartinez
dc41b40dda Adds linting changes 2022-02-09 17:33:54 -03:00
rodrmartinez
a318978afd Adds setAuth test func 2022-02-09 15:23:03 -03:00
rodrmartinez
da858878d8 refactor setAuth method 2022-02-09 15:22:37 -03:00
Gustavo Carvalho
82ddeb9de5 Merge branch 'main' into feature/conversion-webhook 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 16:40:06 -03:00
Gustavo Carvalho
0530385992 v1beta1 initial commit 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 14:07:34 -03:00
paul-the-alien[bot]
31efb94b20
Merge pull request #674 from external-secrets/feat/vault-nested-values 
allow nested json in vault
 2022-02-08 15:29:20 +00:00
Moritz Johner
4b5d047934 chore: cleanup az/keyvault provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-08 13:04:18 +01:00
Moritz Johner
5b8ab034ec feat(vault): marshal nested value as json, add docs 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 08:05:10 +01:00
Elad Gabay
fe416890b1 oracle vault: Use instance principal if auth is empty 
Currently the oracle vault's secretstore uses a specific user credentials.
This commit introduce a new way to access the vault, using the instance principal.

All user's details moved to "auth" section in the OracleProvider which now is optional.
If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them.

In addition:
- Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference.
- Bump OCI SDK version.
 2022-02-07 18:38:10 +02:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter (#466) 
* Initial draft of reporter

* Test out reporter in AWS provider

* trying out different events approach

* feat: implement store reconciler and events

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add validate() method to provider interface

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: use static requeue interval in store ctrl

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-07 11:42:18 +01:00
Moritz Johner
2ac4053648 feat(vault): allow using nested json 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-05 22:11:41 +01:00
Moritz Johner
fe1cb8bc69 feat(provider): implement fake provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-01 11:18:43 +01:00
Moritz Johner
e015bed08d chore: update k8s / envtest 2022-01-28 19:51:07 +01:00
paul-the-alien[bot]
6f4c03a75d
Merge pull request #645 from external-secrets/fix/delete-secret-using-tpl 
fix: ensure that data is being deleted when using tpl
 2022-01-27 14:49:00 +00:00
Jeroen Op 't Eynde
83afebe9b3
fix(metrics): ensure status_condition metrics reflect the status (#612) 
* fix(metrics): ensure status_condition metrics reflect the status

* lint fixes

* fix(metrics): remove condition=deleted metric (+lint fixes)
 2022-01-27 14:26:09 +01:00
Moritz Johner
e2701fa35a fix: ensure that data is being deleted when using tpl 2022-01-26 20:14:59 +01:00