mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
2193 commits 135 branches 173 tags 201 MiB
Commit graph

52 commits

Author SHA1 Message Date
Moritz Johner
6b576fadf1
feat: add provider metrics (#2024) 
* feat: add provider metrics

This adds a counter metric `provider_api_calls_count` that observes
the results of upstream secret provider api calls.

(1) Observability
It allows an user to break down issues by provider and api call by
observing the status=error|success label. More details around the error
can be found in  the logs.

(2) Cost Management
Some providers charge by API calls issued. By providing observability
for the number of calls issued helps users to understand the impact of
deploying ESO and fine-tuning `spec.refreshInterval`.

(3) Rate Limiting
Some providers implement rate-limiting for their services. Having
metrics
for success/failure count helps to understand how many requests are
issued by a given ESO deployment per cluster.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: add service monitor for cert-controller and add SLIs

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2023-02-27 22:56:36 +01:00
Gustavo Fernandes de Carvalho
ed173dcf77
chore: bumps (#1852) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2023-01-03 22:11:59 +01:00
Gustavo Fernandes de Carvalho
2f5fe6c594
🧹chore: bumps (#1792) 
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
 2022-12-07 14:40:51 -03:00
Gustavo Fernandes de Carvalho
0cb799b5cf
Feature/push secret (#1315) 
Introduces Push Secret feature with implementations for the following providers:

* GCP Secret Manager
* AWS Secrets Manager
* AWS Parameter Store
* Hashicorp Vault KV

Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com>
Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com>
Signed-off-by: William Young <will.young@engineerbetter.com>
Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com>
Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com>
Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com>
Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com>
 2022-11-29 16:04:46 -03:00
dependabot[bot]
27d0cd72f5
chore(deps): bump sigs.k8s.io/controller-runtime from 0.12.3 to 0.13.0 (#1547) 
* chore(deps): bump sigs.k8s.io/controller-runtime from 0.12.3 to 0.13.0

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.12.3 to 0.13.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.12.3...v0.13.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: remove dependency on crossplane-runtime/pkg/test

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-10-13 20:24:56 +02:00
Moritz Johner
ed0ceb8d84
fix: aws parameter store json decode, bump go 1.19 (#1525) 
* fix: parameter store should decode complex json values

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-09-06 19:46:36 +02:00
Mike
fdf1f9ce6f
feat: Add support for container auth to IBM provider. (#1177) 2022-07-26 22:48:07 +02:00
Nitzan Nissim
97126d9798
Add support for IBM Secrets Manager's Private Certificate (#1160) 
* Use gsed on macos.

Signed-off-by: Marcin Kubica <marcin.kubica@engineerbetter.com>

* Add private_cert support

* Add private_cert support

Co-authored-by: Marcin Kubica <marcin.kubica@engineerbetter.com>
 2022-05-21 22:53:31 +02:00
Merlin
4820cc9165 Ignore ExternalSecret processing if the store is not usuable (e.g. 
NotReady).
 2022-04-13 23:24:39 +02:00
Docs
f73c8be5af chore: force interface validation 2022-04-07 14:29:44 +02:00
Gustavo Fernandes de Carvalho
4ca3cd6636
Merge pull request #870 from haf-tech/ibmcloud-sm-kv2 
Enhance IBM Secrets Manager support with kv secretType
 2022-03-31 04:18:11 -03:00
Hafid.Haddouti
a29a652837 Fix lint/fmt issues 2022-03-26 12:37:30 +01:00
Hafid.Haddouti
763019d1ff Enhance IBM SM provider for SecretMap 2022-03-26 12:28:26 +01:00
Hafid.Haddouti
9f67c187ca Fix lint/fmt issues 2022-03-24 20:21:29 +01:00
Hafid.Haddouti
0fcdf2b11b Fix lint issues 2022-03-24 20:10:21 +01:00
Hafid.Haddouti
aed6ec295b Enhance logic support . in key and returning entire payload if no property is set 2022-03-24 20:06:32 +01:00
paul-the-alien[bot]
ed56410b47
Merge pull request #868 from external-secrets/chore/validate-store-for-providers 
Adds ValidateStore for some providers
 2022-03-24 09:29:24 +00:00
Hafid.Haddouti
4bc0b2a12a Merge from main 2022-03-23 19:20:00 +01:00
Gustavo Carvalho
5f608594a4 Removing Key checks from utils.go and passing them to IBM provider 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-23 08:06:07 -03:00
Hafid.Haddouti
3b43592cc6 Optimize lint/fmt issues 2022-03-23 07:33:21 +01:00
Hafid.Haddouti
ff19991e27 Optimize lint/fmt issues 2022-03-22 20:30:55 +01:00
Hafid.Haddouti
106508701a Optimize lint/fmt issues 2022-03-22 20:16:06 +01:00
Hafid.Haddouti
6dd2cc6fe2 Optimize lint/fmt issues 2022-03-22 19:44:46 +01:00
Hafid.Haddouti
97fc95cab5 Optimize lint/fmt issues 2022-03-22 19:24:58 +01:00
Hafid.Haddouti
004e4280b6 Optimize lint/fmt issues 2022-03-22 19:10:43 +01:00
Hafid.Haddouti
e6554fa34b Finalize kv secretType support for IBM Cloud SM. Fix fmt 2022-03-22 18:21:13 +01:00
Hafid.Haddouti
03da4458af Finalize kv secretType support for IBM Cloud SM 2022-03-22 18:01:14 +01:00
Hafid Haddouti
0a5a9d32af After make fmt 2022-03-21 19:43:01 +01:00
Hafid Haddouti
eb88e696ea Remove unused ref 2022-03-21 19:28:29 +01:00
Hafid Haddouti
1bbc02daaf Enhance IBM Secrets Manager support with kv secretType 2022-03-21 19:07:48 +01:00
Gustavo Carvalho
86795c0a5e Adding ValidateStore for IBM provider. Improving util check 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-03-21 14:54:43 -03:00
nitzann
951acdc4bb Add public_cert support 2022-03-20 10:35:17 +02:00
Moritz Johner
8fc4484cc6 feat: implement validating webhook 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-03-01 21:25:15 +01:00
Gustavo Carvalho
0530385992 v1beta1 initial commit 
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 14:07:34 -03:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter (#466) 
* Initial draft of reporter

* Test out reporter in AWS provider

* trying out different events approach

* feat: implement store reconciler and events

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add validate() method to provider interface

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: use static requeue interval in store ctrl

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-07 11:42:18 +01:00
Lucas Severo Alves
5a464df585
Revert "GetAllSecrets CRD and Azure implementation" 2022-02-01 16:52:18 +01:00
Sebastian Gomez
a9389c1c0c Removed duplicated code 2022-01-27 11:27:35 -05:00
Sebastian Gomez
0a1ef6c1a9 return an error instead of empty map on not implemented GetAllSecret functions 2022-01-26 15:05:08 -05:00
Sebastian Gomez
2c6dde34f7 Fix SonarCube codesmell 2022-01-26 12:30:55 -05:00
Sebastian Gomez
48ac7b991f Created new struct for dataFrom 2022-01-25 16:01:33 -05:00
Sebastian Gomez
f4d1b8dd22 Modified CRD according to the discussion 2022-01-24 15:54:34 -05:00
Sebastian Gomez
18a9bb1745 Update with main branch 2022-01-17 16:33:40 -05:00
Daniel Hix
e8791280a9 Some quick lint fixes. 2021-12-13 14:27:15 -06:00
Daniel Hix
d0a46060cc Add test to check for invalid duration input. 2021-12-13 14:14:37 -06:00
Daniel Hix
082cee230f Merge branch 'main' into ibm-enable-retries 2021-12-13 13:27:57 -06:00
Ahmed MUSTAFA
257f6e8ea5 Add GetAllSecrets method to the provider interface 2021-11-25 16:26:14 +01:00
Daniel Hix
3b743a39b8 Enable retries on the IBM provider 2021-10-20 18:50:21 -05:00
Arthur
7649fe2c47 create function for each ibm provider secret get case 2021-10-07 15:45:37 -03:00
Arthur
6eba9df3b1 separate function to remap secret data on ibm.GetSecretMap to reduce cognitive complexity 2021-10-07 15:22:19 -03:00
zamysel
7017935888 Add support for Yandex Lockbox 2021-08-12 20:05:02 +03:00