mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
1586 commits 135 branches 173 tags 201 MiB
Commit graph

110 commits

Author SHA1 Message Date
Gonzalo Servat
db7fd4a037
Fix casing on Gitlab 2022-04-28 21:43:42 +10:00
Gustavo Carvalho
3bd0d2d04f Making spec.target optional 
fixes #996

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-20 13:27:13 -03:00
Jeroen Op 't Eynde
c04350d0d0
fix(helm-chart): remove caBundle and set name/namespace (#1001) 
Do not set caBundle to avoid issues with GitOps tools.
 2022-04-19 21:43:19 +02:00
Merlin
4820cc9165 Ignore ExternalSecret processing if the store is not usuable (e.g. 
NotReady).
 2022-04-13 23:24:39 +02:00
Moritz Johner
c2bcceb057
feat: implement deletionPolicy (#900) 
* feat: implement deletionPolicy

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gustavo.carvalho@container-solutions.com>
 2022-04-05 13:38:06 +02:00
Alfred Krohmer
d7022b1bef
feat(vault): add option for JWT backend to authenticate with Kubernetes service account token (#768) 2022-04-04 21:20:58 +02:00
Gustavo Carvalho
c779ef59e7 Marking v1alpha1 as deprecated. 
Improving docs and menu order.
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-29 11:21:32 -03:00
Moritz Johner
cf7e3832ae
feat(azure): implement workload identity (#738) 
* feat(azure): implement workload identity

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Henning Eggers <henning.eggers@inovex.de>
 2022-03-22 21:59:01 +01:00
Docs
bdc5d9b378 fix: update CRDs 2022-03-20 09:34:03 +01:00
Daniel Hix
324c7def06
feat: implement ClusterExternalSecret (#542) 
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
 2022-03-20 09:32:27 +01:00
Gustavo Carvalho
164e8776ec Adding docs and implementing ConversionStrategy 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 06:59:54 -03:00
Gustavo Carvalho
2f23fd28ed Adding GetAllSecrets for Hashicorp Vault 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-09 05:40:09 -03:00
paul-the-alien[bot]
439ecfaf9d
Merge pull request #783 from AtzeDeVries/allow-gcp-cross-project-secrets 
GCP: allow cluster to be in different project
 2022-03-09 10:03:20 +00:00
Atze de Vries
2f53ab8220 also make optional for v1beta1 and add note to docs 2022-03-03 19:35:38 +01:00
Atze de Vries
739043283c make clusterProjectID omitemtpy 2022-03-02 18:03:45 +01:00
Atze de Vries
da47ad2cac GCP: allow cluster to be in different project 2022-03-02 11:24:04 +01:00
Moritz Johner
8fc4484cc6 feat: implement validating webhook 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-03-01 21:25:15 +01:00
Moritz Johner
fb8f496204 Merge branch 'main' into feature/conversion-webhook 2022-02-23 08:15:03 +01:00
rodrmartinez
39038b03c8 enforce that exactly one auth property is used 2022-02-22 15:45:45 -03:00
rodrmartinez
0392777965 Merge branch 'main' into feature/kubernetes-provider 2022-02-22 14:57:50 -03:00
rodrmartinez
7c4a17a9c3 Merge branch 'main' into feature/kubernetes-provider 2022-02-17 15:38:45 -03:00
rodrmartinez
86d7710727 changing kubernetes api struct 2022-02-17 14:45:43 -03:00
Gustavo Carvalho
c0ed7de5f7 Adding status information to kubectl get css 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-17 13:13:59 -03:00
Gustavo Carvalho
40ec693479 Merge branch 'main' into feature/conversion-webhook 
Fixed conflicts and implemented necessary changes for v1beta1
 2022-02-16 16:00:32 -03:00
Gustavo Carvalho
1d8cfc4a12 Changed logic of Webhook check for certs. 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-14 15:46:10 -03:00
Gustavo Carvalho
024b64fe39 Added Readiness Probe for helm charts. 
Fixed make generate command to not use kubectl
Fixed lint

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-11 08:10:11 -03:00
Moritz Johner
54e68399ec feat: implement template engine v2 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:31 +01:00
Gustavo Carvalho
23784803ff Merge branch 'main' into feature/conversion-webhook 
Updated Oracle provider new specs for v1beta1
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 16:55:37 -03:00
Gustavo Carvalho
f1d3802604 Attempting to separate webhook in a new container 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 15:38:54 -03:00
Gustavo Carvalho
b8ef9e8dba Now adding appropriate bundle 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 14:53:18 -03:00
Gustavo Carvalho
fd9e09a1ee WIP: Structured reconciliation loops for CRDs 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-10 14:12:13 -03:00
Gustavo Carvalho
0530385992 v1beta1 initial commit 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 14:07:34 -03:00
Elad Gabay
fe416890b1 oracle vault: Use instance principal if auth is empty 
Currently the oracle vault's secretstore uses a specific user credentials.
This commit introduce a new way to access the vault, using the instance principal.

All user's details moved to "auth" section in the OracleProvider which now is optional.
If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them.

In addition:
- Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference.
- Bump OCI SDK version.
 2022-02-07 18:38:10 +02:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter (#466) 
* Initial draft of reporter

* Test out reporter in AWS provider

* trying out different events approach

* feat: implement store reconciler and events

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add validate() method to provider interface

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: use static requeue interval in store ctrl

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-07 11:42:18 +01:00
Moritz Johner
fe1cb8bc69 feat(provider): implement fake provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-01 11:18:43 +01:00
rodrmartinez
fad68e163a Update CRDs 2022-01-26 15:27:59 -03:00
rodrmartinez
b6b74350d5 Creates Kubernetes Provider secretstore 2022-01-25 17:11:12 -03:00
Marc Billow
0753da1cbd Support for eventual consistency in Vault Enterprise 2022-01-19 16:25:01 -06:00
Moritz Johner
40ff991e17 fix: remove support for v1beta1 crds 2022-01-17 21:44:33 +01:00
Lucas Severo Alves
16948ed572
Merge pull request #596 from EladGabay/elad/oci-secret-by-name 
OCI Vault: Get secret by name from a specific Vault
 2022-01-16 17:20:46 +00:00
Elad Gabay
f50438353e oracle: Add Vault OCID to provider 2022-01-16 12:05:58 +02:00
Elad Gabay
137ce182c1 oracle: Fix provider fields docs 2022-01-16 12:02:56 +02:00
paul-the-alien[bot]
4c6b6a1e84
Merge pull request #525 from HanseMerkur/vault_optional_path 
Optional path for Vault SecretStore
 2022-01-14 19:33:29 +00:00
paul-the-alien[bot]
44d4cf061b
Merge pull request #559 from willemm/feat/generic_webhook 
Add generic webhook provider
 2022-01-11 15:50:05 +00:00
Lennart Weller
f7f521317e add generated files 2022-01-10 10:12:17 +01:00
Brent Spector
26f9be4fb1 add path to jwt vault auth 2022-01-05 15:22:00 -08:00
Brent Spector
561bd3ae56 Add support for mount path in ldap auth 2022-01-05 14:54:50 -08:00
Willem Monsuwe
d04508e974 Added generic webhook provider 
This provider allows a secretstore with a generic url (templated)
which will be called with a defined method, headers (templated)
and optional body (also templated)
The response can be parsed out with a jsonPath expression
 2021-12-29 10:53:29 +01:00
Moritz Johner
80fac0f697 feat: add gcp workload identity via SA 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2021-12-17 12:20:12 +01:00
paul-the-alien[bot]
78d046b712
Merge pull request #530 from ADustyOldMuffin/add-docs-and-fix-ca-vault 
Add documentation for CAProvider namespace and fix issue with SecretStore
 2021-12-16 19:44:24 +00:00