Moritz Johner
6b576fadf1
feat: add provider metrics ( #2024 )
...
* feat: add provider metrics
This adds a counter metric `provider_api_calls_count` that observes
the results of upstream secret provider api calls.
(1) Observability
It allows an user to break down issues by provider and api call by
observing the status=error|success label. More details around the error
can be found in the logs.
(2) Cost Management
Some providers charge by API calls issued. By providing observability
for the number of calls issued helps users to understand the impact of
deploying ESO and fine-tuning `spec.refreshInterval`.
(3) Rate Limiting
Some providers implement rate-limiting for their services. Having
metrics
for success/failure count helps to understand how many requests are
issued by a given ESO deployment per cluster.
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: add service monitor for cert-controller and add SLIs
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
---------
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-02-27 22:56:36 +01:00
Gustavo Fernandes de Carvalho
2f5fe6c594
🧹 chore: bumps ( #1792 )
...
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-12-07 14:40:51 -03:00
Gustavo Fernandes de Carvalho
0cb799b5cf
✨ Feature/push secret ( #1315 )
...
Introduces Push Secret feature with implementations for the following providers:
* GCP Secret Manager
* AWS Secrets Manager
* AWS Parameter Store
* Hashicorp Vault KV
Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com>
Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com>
Signed-off-by: William Young <will.young@engineerbetter.com>
Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com>
Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com>
Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com>
Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com>
2022-11-29 16:04:46 -03:00
Moritz Johner
ed0ceb8d84
fix: aws parameter store json decode, bump go 1.19 ( #1525 )
...
* fix: parameter store should decode complex json values
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-09-06 19:46:36 +02:00
Mike
fdf1f9ce6f
feat: Add support for container auth to IBM provider. ( #1177 )
2022-07-26 22:48:07 +02:00
Nitzan Nissim
97126d9798
Add support for IBM Secrets Manager's Private Certificate ( #1160 )
...
* Use gsed on macos.
Signed-off-by: Marcin Kubica <marcin.kubica@engineerbetter.com>
* Add private_cert support
* Add private_cert support
Co-authored-by: Marcin Kubica <marcin.kubica@engineerbetter.com>
2022-05-21 22:53:31 +02:00
Merlin
4820cc9165
Ignore ExternalSecret processing if the store is not usuable (e.g.
...
NotReady).
2022-04-13 23:24:39 +02:00
Docs
f73c8be5af
chore: force interface validation
2022-04-07 14:29:44 +02:00
Gustavo Fernandes de Carvalho
4ca3cd6636
Merge pull request #870 from haf-tech/ibmcloud-sm-kv2
...
Enhance IBM Secrets Manager support with kv secretType
2022-03-31 04:18:11 -03:00
Hafid.Haddouti
a29a652837
Fix lint/fmt issues
2022-03-26 12:37:30 +01:00
Hafid.Haddouti
763019d1ff
Enhance IBM SM provider for SecretMap
2022-03-26 12:28:26 +01:00
Hafid.Haddouti
9f67c187ca
Fix lint/fmt issues
2022-03-24 20:21:29 +01:00
Hafid.Haddouti
aed6ec295b
Enhance logic support . in key and returning entire payload if no property is set
2022-03-24 20:06:32 +01:00
paul-the-alien[bot]
ed56410b47
Merge pull request #868 from external-secrets/chore/validate-store-for-providers
...
Adds ValidateStore for some providers
2022-03-24 09:29:24 +00:00
Hafid.Haddouti
4bc0b2a12a
Merge from main
2022-03-23 19:20:00 +01:00
Gustavo Carvalho
5f608594a4
Removing Key checks from utils.go and passing them to IBM provider
...
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-03-23 08:06:07 -03:00
Hafid.Haddouti
3b43592cc6
Optimize lint/fmt issues
2022-03-23 07:33:21 +01:00
Hafid.Haddouti
ff19991e27
Optimize lint/fmt issues
2022-03-22 20:30:55 +01:00
Hafid.Haddouti
106508701a
Optimize lint/fmt issues
2022-03-22 20:16:06 +01:00
Hafid.Haddouti
6dd2cc6fe2
Optimize lint/fmt issues
2022-03-22 19:44:46 +01:00
Hafid.Haddouti
97fc95cab5
Optimize lint/fmt issues
2022-03-22 19:24:58 +01:00
Hafid.Haddouti
004e4280b6
Optimize lint/fmt issues
2022-03-22 19:10:43 +01:00
Hafid.Haddouti
e6554fa34b
Finalize kv secretType support for IBM Cloud SM. Fix fmt
2022-03-22 18:21:13 +01:00
Hafid.Haddouti
03da4458af
Finalize kv secretType support for IBM Cloud SM
2022-03-22 18:01:14 +01:00
Hafid Haddouti
0a5a9d32af
After make fmt
2022-03-21 19:43:01 +01:00
Hafid Haddouti
eb88e696ea
Remove unused ref
2022-03-21 19:28:29 +01:00
Hafid Haddouti
1bbc02daaf
Enhance IBM Secrets Manager support with kv secretType
2022-03-21 19:07:48 +01:00
Gustavo Carvalho
86795c0a5e
Adding ValidateStore for IBM provider. Improving util check
...
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-03-21 14:54:43 -03:00
nitzann
951acdc4bb
Add public_cert support
2022-03-20 10:35:17 +02:00
Moritz Johner
8fc4484cc6
feat: implement validating webhook
...
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-03-01 21:25:15 +01:00
Gustavo Carvalho
0530385992
v1beta1 initial commit
...
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
2022-02-08 14:07:34 -03:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter ( #466 )
...
* Initial draft of reporter
* Test out reporter in AWS provider
* trying out different events approach
* feat: implement store reconciler and events
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* feat: add validate() method to provider interface
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
* fix: use static requeue interval in store ctrl
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-02-07 11:42:18 +01:00
Lucas Severo Alves
5a464df585
Revert "GetAllSecrets CRD and Azure implementation"
2022-02-01 16:52:18 +01:00
Sebastian Gomez
0a1ef6c1a9
return an error instead of empty map on not implemented GetAllSecret functions
2022-01-26 15:05:08 -05:00
Sebastian Gomez
48ac7b991f
Created new struct for dataFrom
2022-01-25 16:01:33 -05:00
Sebastian Gomez
f4d1b8dd22
Modified CRD according to the discussion
2022-01-24 15:54:34 -05:00
Sebastian Gomez
18a9bb1745
Update with main branch
2022-01-17 16:33:40 -05:00
Daniel Hix
082cee230f
Merge branch 'main' into ibm-enable-retries
2021-12-13 13:27:57 -06:00
Ahmed MUSTAFA
257f6e8ea5
Add GetAllSecrets method to the provider interface
2021-11-25 16:26:14 +01:00
Daniel Hix
3b743a39b8
Enable retries on the IBM provider
2021-10-20 18:50:21 -05:00
Arthur
7649fe2c47
create function for each ibm provider secret get case
2021-10-07 15:45:37 -03:00
Arthur
6eba9df3b1
separate function to remap secret data on ibm.GetSecretMap to reduce cognitive complexity
2021-10-07 15:22:19 -03:00
zamysel
7017935888
Add support for Yandex Lockbox
2021-08-12 20:05:02 +03:00
Tymofii Polekhin
cf694874c3
Feature/ibm support more secret types ( #271 )
...
* ibm: add username_password, iam_credentials, imported_cert secret types. Update secrets-manager-go-sdk to v1.0.23.
* ibm: fix secret type test
* Fix lint issues
* run go mod tidy
* add tests for new secret types
2021-07-22 00:07:25 +02:00
ric
fd53e76247
feat: ibm provider implementation
...
Co-authored-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>
Co-authored-by: Lucas Severo <lucassalves65@gmail.com>
Co-authored-by: Joey Brayshaw <joeybrayshaw@gmail.com>
Co-authored-by: Elsa Chelala <elsachelala@gmail.com>
Co-authored-by: choilmto <choilmto@gmail.com>
Co-authored-by: Adrian Mouat <adrian.mouat@gmail.com>
Co-authored-by: ricardoptcosta <ricardoptcosta@gmail.com>
Co-authored-by: Gabi Beyer <Gabrielle.Beyer@container-solutions.com>
Co-authored-by: Tomasz Tarczynski <ttarczynski@users.noreply.github.com>
Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
2021-07-02 16:00:05 +02:00