1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-15 17:51:01 +00:00
Commit graph

215 commits

Author SHA1 Message Date
Gustavo Fernandes de Carvalho
27c5f1f1f2
fix: refresh interval values (#4111)
Signed-off-by: Gustavo <gustavo@externalsecrets.com>
2024-11-18 07:50:16 +01:00
Andreas Lindhé
51fabd49a5
Reduce refreshInterval example for ACR (#4078)
The old example used a `refreshInterval` value of 12h for the ACR access token. This change reduces that to 3h instead, since that is the expiration time for Service Principal authentication tokens:

https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli#service-principal

Service principals are not the only way to authenticate towards ACR. In fact, two other ways (`managedIdentity` and `workloadIdentity`) are also outlined in the docs. I was unable to find any documentation in Azure for the default expiration time for those tokens, so as far as I know it is always 3 hours. Thus I think we should reflect this in our examples.

Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
2024-11-06 15:23:57 +01:00
Gergely Brautigam
d4d4f4bc4b
feat: add AWS STS Session token generator (#4041)
* feat: add AWS STS Session token generator

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* version update for the generated CRD

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-11-05 13:22:00 +01:00
Mike Tougeron
9113bced5b
Update VaultAppRole documentation to show/use roleRef in its examples (#4035)
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com>
2024-11-05 06:08:01 -03:00
Konradas Bunikis
c51ad8d98f
feat: Support repositories and permissions in GitHub generator (#4039)
* feat: Support repositories and permissions in GitHub generator

Signed-off-by: konradasb <konradasb0@gmail.com>

* fix: Correct typo ommited->omitted

Signed-off-by: konradasb <konradasb0@gmail.com>

* fix: Optimize http req body

Signed-off-by: konradasb <konradasb0@gmail.com>

* fix: Optimize body var usage

Signed-off-by: konradasb <konradasb0@gmail.com>

* fix: Correct typo marshalling->marshaling

Signed-off-by: konradasb <konradasb0@gmail.com>

---------

Signed-off-by: konradasb <konradasb0@gmail.com>
2024-10-28 12:02:06 +01:00
btfhernandez
a0be752c8a
chore: upgrade beyondtrust go client library (#4027)
* chore: upgrade beyondtrust go client library

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: fix attribute name in secret store file and push go.sum file

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: run go mod tidy and push changes

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

---------

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
2024-10-25 06:57:57 +02:00
Tchoupinax
0dd419a738
feat: edit all required changes for recursive option (#3939)
* feat: edit all required changes for recursive option

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

* chore: make reviewable

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

* feat: add missing param

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

* feat: change property type to boolean

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

* docs: new doc version

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>

---------

Signed-off-by: Tchoupinax <corentinfiloche@hotmail.fr>
2024-10-14 09:24:48 +02:00
Moritz Johner
76cf8ad263
feat: allow generators to be referenced from a PushSecret (#3965)
This removes the need for an intermediary Kind=ExternalSecret and
Kind=Secret when using a generator.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2024-10-02 06:43:00 +00:00
Michael Malov
5d83bd4d93
docs: pin CRDs version in FluxCD example, bump api versions (#3940)
Signed-off-by: Michael Malov <14035243+malovme@users.noreply.github.com>
2024-09-24 22:20:12 +02:00
dan-akeyless
680a3a4b8d
Feature/asm 11630 akeyless push secret (#3907)
* feat[ASM-11630]- Akeyless PushSecret: implement push, delete, exists

Signed-off-by: Dan Barak <dan.b@akeyless.io>

* feat[ASM-11630]- Akeyless PushSecret: contextualise token, add metrics, make new function interface friendly

Signed-off-by: Dan Barak <dan.b@akeyless.io>

* feat[ASM-11630]- Akeyless PushSecret: add test on SecretExists, PushSecret, DeleteSecret

Signed-off-by: Dan Barak <dan.b@akeyless.io>

* feat[ASM-11630]- Akeyless PushSecret: update documentations

Signed-off-by: Dan Barak <dan.b@akeyless.io>

* feat[ASM-11630]- Akeyless PushSecret: refactor metrics func names

Signed-off-by: Dan Barak <dan.b@akeyless.io>

* feat[ASM-11630]- Akeyless PushSecret: linting

Signed-off-by: Dan Barak <dan.b@akeyless.io>

* feat[ASM-11630]- Akeyless PushSecret: simplify push

Signed-off-by: Dan Barak <dan.b@akeyless.io>

* feat[ASM-11630]- Akeyless PushSecret: decrease code complexity and deduplicate

Signed-off-by: Dan Barak <dan.b@akeyless.io>

* feat[ASM-11630]- Akeyless PushSecret: check for token type assertion and decrease PushSecret complexity

Signed-off-by: Dan Barak <dan.b@akeyless.io>

---------

Signed-off-by: Dan Barak <dan.b@akeyless.io>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-20 21:14:03 +02:00
KAZY
665f112570
update label (#3898)
Signed-off-by: KAZYPinkSaurus <kazuya.arai@sansan.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-16 13:43:29 +02:00
Alexander Schaber
f73187dabb
New Generator for UUIDs (#3296)
* feat(generator/uuid): initial version

Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>

* fix(generator/uuid): rename symbols in compliance with lint

Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>

* fix(generator/uuid): rename unused vars to `_` to fix lint

Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>

* docs(generator/uuid): initial documentation for uuid generator

Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>

---------

Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>
2024-09-08 19:54:47 +02:00
Gergely Brautigam
c3dcd9adcd
fix: bitwarden API url to point to the correct default location (#3848)
* fix: bitwarden API url to point to the correct default location

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* explicitly remove trailing slashes to prevent not found error

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-09-02 07:04:48 +02:00
btfhernandez
77f5d0ad91
feat: add beyondtrust provider (#3683)
* feat: add beyondtrust provider

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* feat: edit go.mod and go.sum files

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* feat: change test file name (provider_test.go)

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* feat: solve PR comments

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* feat: organize attributes in a higher hierarchy

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: fix sonar cloud issues and go.mod file conflicts

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: fix PR comments and apply table driven tests

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: fix PR comments

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: fix lint issues

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: fix lint issues on tests

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: run make fmt

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: apply camelCase to yaml attributes

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: solve go.mod file conflict

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

* fix: run make check-diff

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>

---------

Signed-off-by: Felipe Hernandez <fhernandez@beyondtrust.com>
Signed-off-by: btfhernandez <133419363+btfhernandez@users.noreply.github.com>
2024-08-07 09:27:04 +02:00
Carlos Neto
d10a66ee68
docs: add more details in the externalsecret comments in the API section (creationPolicy + deletionPolicy) (#3725)
Signed-off-by: c-neto <carlos.neto.dev@gmail.com>
2024-07-29 22:47:48 +02:00
Tyler Renslow
a2c7923e35
docs: Remove references to pemCertificate and pemPrivateKey functions (#3744)
* Update docs

Fixes #3260 Removes old deprecated template function 

Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>

* Update templating-v1.md

Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>

---------

Signed-off-by: Tyler Renslow <tdrenslow@gmail.com>
2024-07-29 22:33:34 +02:00
Mike Tougeron
7f71b4717a
Update docs for namespaceSelectors usage and namespaceSelector deprecation (#3695)
Signed-off-by: Mike Tougeron <tougeron@adobe.com>
2024-07-21 16:37:48 -03:00
Arthur Kepler
14e6d78d25
namespacesRegexdocs: Fix namespaceRegexes in full-cluster-secret-store.yaml (#3681)
This fixes a typo on https://external-secrets.io/v0.9.20/api/clustersecretstore/, in which the property is incorrectly called `namespacesRegex`

Signed-off-by: Arthur Kepler <610274+excalq@users.noreply.github.com>
2024-07-11 07:09:30 -03:00
Sverre Boschman
00cf351548
docs: fix dataFrom.find in ExternalSecret api example (#3633)
Signed-off-by: Sverre Boschman <1142569+sboschman@users.noreply.github.com>
2024-06-29 19:21:16 +02:00
Gergely Brautigam
095537e6ad
feat: add bitwarden secret manager support (#3603) 2024-06-28 06:04:25 +02:00
Nathan Ellenfield
907e8ebc82
Fix ACR External Secret example (#3626)
* Fix ACR External Secret example

Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>

* Fix typos in acr generator docs

Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>

---------

Signed-off-by: Nathan Ellenfield <nathan.ellenfield@allscripts.com>
2024-06-26 19:50:24 +02:00
Idan Adar
e13e09413e
Fix typo privatKey in multiple files (#3578)
* Update generators.external-secrets.io_githubaccesstokens.yaml

Fixes https://github.com/external-secrets/external-secrets/issues/3556

Signed-off-by: Idan Adar <iadar@il.ibm.com>

* Update generator_github.go

Signed-off-by: Idan Adar <iadar@il.ibm.com>

* Update github.go

Signed-off-by: Idan Adar <iadar@il.ibm.com>

* Update generator-github.yaml

Signed-off-by: Idan Adar <iadar@il.ibm.com>

* Update github_test.go

Signed-off-by: Idan Adar <iadar@il.ibm.com>

* fix: rename property

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Idan Adar <iadar@il.ibm.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2024-06-17 11:12:03 +02:00
Geoffrey MUSELLI
f74e08546c
Support glob for namespaces condition in ClusterSecretStore (#2920)
* feat(ClusterSecretStore): Support glob for conditions.namespaces

Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>

* feat(ClusterSecretStore): Fix diff

Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>

* feat(ClusterSecretStore): Fix code smell

Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>

* feat(ClusterSecretStore): First code review

Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>

* feat(ClusterSecretStore): Second code review

Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>

* feat(ClusterSecretStore): Generate

Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>

* feat(ClusterSecretStore): Fix Sonar method complexity

Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>

* addressed comments

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* renamed namedspacesregexes because it sounded funny

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: gmuselli <geoffrey.muselli@gmail.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-06-17 08:36:05 +02:00
smcavallo
d29c001d37
Add device42 provider (#3571) 2024-06-14 06:04:19 +02:00
Victor Santos
dd8c004f47
feat: add support to set Type for AWS parameter store (#3576)
Signed-off-by: Victor Santos <vsantos.py@gmail.com>
2024-06-12 10:24:52 +02:00
Akhil Mohan
ace1ff595f
Infisical provider (#3477)
* feat: added crds for infisical provider

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: implemented infisical provider logic

Signed-off-by: = <akhilmhdh@gmail.com>

* fix: resolved broken doc building due to vault doc error

Signed-off-by: = <akhilmhdh@gmail.com>

* docs: added doc for infisical provider

Signed-off-by: = <akhilmhdh@gmail.com>

* docs: fixed a warning in mkdocs on link

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: resolved all lint issues

Signed-off-by: = <akhilmhdh@gmail.com>

* doc: removed k8s auth release banner from infisical doc

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: added support for property to infisical provider

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: removed auth type and made implicit ordering of authentication based on feedback

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: support for referent authentication

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: added error for tag not supported in find

Signed-off-by: = <akhilmhdh@gmail.com>

* fix: resolved failing build

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: updated doc and added stability matrix for infisical

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: switched to less error prone use and revoke token strategy and added validate interface logic

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: code lint issue fixes

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: resolved review comments for infisical client

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: improved test cases and resolved sonar issues

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: resolved sonar suggestions

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: resolved sonar suggestions for test const ids

Signed-off-by: = <akhilmhdh@gmail.com>

* feat: store changes to assertError

Signed-off-by: = <akhilmhdh@gmail.com>

---------

Signed-off-by: = <akhilmhdh@gmail.com>
2024-06-11 22:27:31 +02:00
Anders Swanson
8fb0fec6ca
Oracle Vault Provider Documentation (#3551)
* Oracle Vault Provider Documentation

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Oracle Vault Provider Documentation

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

---------

Signed-off-by: anders-swanson <anders.swanson@oracle.com>
2024-06-06 21:20:45 +02:00
Andreas Lindhé
d7c0b55880
Fix typo: temaplate --> template (#3554)
Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com>
2024-06-06 00:31:38 +03:00
Antoine Colombier
ef4fa28e0e
doc(BitWarden): extends the liveness timeout (#3542)
The liveness command perform a vault re-sync which usually takes a few second to perform. This commit replace the current value which is too low and lead to timeout and pod termination.

Signed-off-by: Antoine Colombier <7086688+acolombier@users.noreply.github.com>
2024-06-02 15:53:25 +02:00
Michael Serchenia
34444280bb
GitHub token gen doc (#3463)
* added tempalte example for github token gen + doc

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* added tempalte example for github token gen + doc

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* build doc success, added github with template example

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

---------

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
2024-05-10 05:00:57 -03:00
Steven I
297e55d3af
Improve bitwarden example (#3435)
* Add bitwarden-attachment example

Signed-off-by: Steven I. <commits@imsteven.xyz>

* Fix nav list

Signed-off-by: Steven I. <commits@imsteven.xyz>

---------

Signed-off-by: Steven I. <commits@imsteven.xyz>
2024-04-30 15:04:14 -03:00
Shlomo Zalman Heigh
02c6f625bd
Add Conjur Support for FindByName, FindByTag (#3364) 2024-04-28 19:01:00 +02:00
Parth Patel
f893a246e7
Fix Azure Container Registry Generator invalid YAML (#3414)
Signed-off-by: Parth Patel <p.patel81@yahoo.com>
2024-04-25 06:11:29 -03:00
Mykhailo Zahlada
47cc50a9ed
Workloadidentity clientid from secret ref (#3367)
* updates documentation: extends workloadIdentity auth configuration

Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>

* adds and updates tests

Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>

* extends provider configuration to accept clientId and tenantId as auth SecretRef

Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>

* updates service account example

Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>

* updates docs

Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>

---------

Signed-off-by: Mykhailo Zahlada <myzahlad@microsoft.com>
Co-authored-by: Mykhailo Zahlada <myzahlad@microsoft.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-04-18 05:09:53 -03:00
Thorben Below
432c6bf9ab
Feat: Add Passbolt Provider (#3334)
* add passbolt provider

Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>

* Fix: return err for unimplemented methods

Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>

---------

Signed-off-by: Thorben Below <56894536+thorbenbelow@users.noreply.github.com>
2024-04-18 09:58:25 +02:00
Rodrigo Fior Kuntzer
9ff2354213
fix: introducing support for conversion strategy for PushSecret. (#3292)
* fix: introducing support for conversion strategy for PushSecret.

Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>

* fix: unit tests code quality.

Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>

---------

Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
2024-04-04 16:31:28 +02:00
Michael Serchenia
84731616f4
GitHub provider (supersedes #3014) (#3115)
* github provider signed, supersedes #3014

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* tests pass, + crd + docs

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* fix sonarLint alert

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* refactoring, replace secretStore with generator

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* cosmetics + tst + lint pass

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* docs

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* clean-up + lint + test

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

* small refactor, fix issues left in comments

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>

---------

Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
2024-04-03 09:19:57 +02:00
Ben Skelker
47c0f6c759
Update the CyberArk Provider docs (#3261)
* updates conjur provider doc

Signed-off-by: Ben Skelker <ben.skelker@cyberark.com>

* edits

Signed-off-by: Ben Skelker <ben.skelker@cyberark.com>

* more edits

Signed-off-by: Ben Skelker <ben.skelker@cyberark.com>

* more edits3

Signed-off-by: Ben Skelker <ben.skelker@cyberark.com>

* even more edits

Signed-off-by: Ben Skelker <ben.skelker@cyberark.com>

* Update docs/provider/conjur.md

Signed-off-by: Ben Skelker <54019610+benskelker@users.noreply.github.com>
Signed-off-by: Ben Skelker <ben.skelker@cyberark.com>

* and more edits

Signed-off-by: Ben Skelker <ben.skelker@cyberark.com>

---------

Signed-off-by: Ben Skelker <ben.skelker@cyberark.com>
Signed-off-by: Ben Skelker <54019610+benskelker@users.noreply.github.com>
Co-authored-by: Ben Skelker <ben.skelker@cyberark.com>
2024-03-16 09:51:46 +09:00
Burgs Del
f4050ca93f
adjust position of principalType (#3252)
Signed-off-by: Hayden-Chang <shenshuoyouguang@outlook.com>
2024-03-13 08:43:26 +09:00
Sulfixx
e57e4b72ca
Integrate Passworddepot (#2799)
* PLAT-1179 | updated to beta1

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Updating External Secrets fixes

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Fix to Passworddepots-crds-generation

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | apiextensionsv1 removal

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>

* Update apis/externalsecrets/v1beta1/secretstore_passworddeport_types.go

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>

* Update apis/externalsecrets/v1beta1/secretstore_types.go

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>

* PLAT-1179 | Removed insecureverify and other fixes

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Fixed Linter and Sonar Issues

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Fixed Typo in Passworddepot_api.go

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Resolved go.mod Conflict

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Resolved go.mod conflict typo

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | admission.Warnings error fix

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Added nolint:bodyclose // linters bug

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Removed <= Head arrow from mkdocs.yml

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Added Make Check-Diff Changes

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Changed Error Package, Added Context, API Refactor

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Added const DoRequestError to reduce Codesmell

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Moved defer body close func into ReadAndUnmarshal

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Moved Status Check into ReadAndUnmarshal

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Removed Response.body from ReadAndUnmarshal

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* Update apis/externalsecrets/v1alpha1/secretstore_passworddepot_types.go

Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>

* PLAT-1179 | Go mod tidy and Make generate

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Added empty SecretExists Method

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

* PLAT-1179 | Renamed unsed ctx to _

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>

---------

Signed-off-by: Simon Becker <simon.becker@fastleansmart.com>
Signed-off-by: Sulfixx <135371229+Sulfixx@users.noreply.github.com>
Co-authored-by: Sören Rohweder <soeren.rohweder@fastleansmart.com>
Co-authored-by: Simon Becker <simon.becker@fastleansmart.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2024-03-12 13:33:08 +01:00
Gergely Brautigam
1d5177c8c7
feat: add secret push format to AWS secrets manager (#3189) 2024-03-10 08:12:50 +01:00
Carolin Dohmen
29e5f71d8b
Add PushSecret UpdatePolicy (to replace PR #3100) (#3117)
* Add PushSecret UpdatePolicy

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>

* Adjust description of UpdatePolicy in PushSecret Spec

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>

* Restructure PushSecret Status

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>

* Refactor PushSecret controller method

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>

* Add missing methods for new providers

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>

* Add missing method to onboardbase client

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>

* Add docs on PushSecret UpdatePolicy

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>

* Use constant for error message

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>

---------

Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
2024-03-08 11:17:31 +01:00
Aleem Isiaka
52f6655345
Onboardbase (#2697)
* Commit and Save

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Pull secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Integrate Onboardbase Into ESO

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Minor Fix And Cleanups

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Attend to review comments

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Commit and Save

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Pull secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Integrate Onboardbase Into ESO

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Minor Fix And Cleanups

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Attend to review comments

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Commit and Save

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Pull secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Integrate Onboardbase Into ESO

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Minor Fix And Cleanups

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Attend to review comments

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Commit and Save

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Pull secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Integrate Onboardbase Into ESO

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Minor Fix And Cleanups

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Attend to review comments

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Run decrypt with error

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Commit and Save

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Pull secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Integrate Onboardbase Into ESO

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Minor Fix And Cleanups

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Attend to review comments

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Commit and Save

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Pull secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Integrate Onboardbase Into ESO

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Minor Fix And Cleanups

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Attend to review comments

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Commit and Save

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Pull secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Integrate Onboardbase Into ESO

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Minor Fix And Cleanups

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Attend to review comments

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Commit and Save

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Pull secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Integrate Onboardbase Into ESO

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Minor Fix And Cleanups

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Attend to review comments

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Install deps

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Improved docs

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Improved docs

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Update hack/crd.generate.sh

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com>

* address issues with running the code

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* decrypt library into code

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* add docs to onboardbase provider

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* refactor duplicates

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Address Issues with tests

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Address issues with delete policy and json secrets

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Fix lint errors

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* error out when there is tags in the find field

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* execute delete request with the right data

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* ignore deletion policy

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* improve lint errors

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* remove cryptojs decrypt libs

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* Get secret value if property is set

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* run obb operator

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* 👌 IMPROVE: supports request deadline, esv1beta1 api updates

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* use same timeout

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* fix sonar cloud issues

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* fix sonar cloud issues

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* fix sonar cloud issues

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* fix failing test

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* add improve docs

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

* add improve docs

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>

---------

Signed-off-by: Aleem Isiaka <aleemisiaka@gmail.com>
Signed-off-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com>
Signed-off-by: Aleem Isiaka <30846935+limistah@users.noreply.github.com>
Co-authored-by: Nasirudeen Olohundare <iamnasirudeen@gmail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2024-02-29 21:28:17 +01:00
Maxence Boutet
57967813d1
fix(docs): Fix indentation in vault-pushsecret.yaml (#3156)
Signed-off-by: Maxence Boutet <52334444+mboutet@users.noreply.github.com>
2024-02-17 07:06:02 -03:00
Gustavo Fernandes de Carvalho
1cf8f68276
Implements Webhook Generator (#3121)
* adding webhook generators

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* bumping bundle

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* linting

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* fixing copy-paste error

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* common webhook functions

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* removing duplicates. Adding tests for generator

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* docs

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

---------

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-02-17 06:49:31 -03:00
Sourav Patnaik
a012f4829c
Implementation of Chef External Secrets Provider (#3127)
* Adding the details for chef provider secret store.

Issue: https://github.com/external-secrets/external-secrets/issues/2905

This commit intends to add the chef provider structure to the existing list of external-secrets providers.
It defines the structure of the SecretStore and ClusterSecretStore for chef Provider.
The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are:
1. serverurl: This is the URL to the chef server.
2. username: The username to connect to the chef server.
3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password.

This commit also contains the auto generated CRDs using the `make generate` command.

Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>

* Implementation for Chef ESO provided

Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>

* - implemented Chef eso, added required methods
- added unit test cases
- added sample documentation
Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* Added Documentation for Authentication

Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>

* added documentation for Chef eso
Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* Updated chef ESO documentation

Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>

* updated ValidateStore method signature
Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* made changes in chef provider to satisfy 'make docs'

Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* - updated code as per review comment, make reviewable suggestions
Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

* modified chef provider code as per review comment

Issue: https://github.com/external-secrets/external-secrets/issues/2905

Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>

---------

Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
Co-authored-by: Subroto Roy <subrotoroy007@gmail.com>
Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
2024-02-14 09:54:08 +01:00
Shanti G
5f8d24000a
IBM provider: remove deprecated code for fetching secret by name (#3078)
* remove deprecated code for fetching secret by name

Signed-off-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com>

* update the documentation

Signed-off-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com>

* fix linting

Signed-off-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com>

---------

Signed-off-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com>
Co-authored-by: shanti.gundumalla@ibm.com <shanti.gundumalla@ibm.com>
2024-01-26 17:46:24 +01:00
Rodrigo Fior Kuntzer
31cecaa62b
feat: add support for Hashicorp Vault mTLS (#3018)
* feat: adding support for mTLS to the Vault provider

Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>
2024-01-19 00:43:28 +01:00
Pedro Parra Ortega
ba8cf6bde5
Feat/allow keeper to work with complex types (#3016)
* update dependencies (#3005)

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

* feat: allow keeper to work with complex types

Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>

---------

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com>
Co-authored-by: eso-service-account-app[bot] <85832941+eso-service-account-app[bot]@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2024-01-12 00:30:58 +01:00
Robert Paschedag
45e2bd3796
added some example for v2 literal templating (#3007)
Signed-off-by: Robert Paschedag <robert.paschedag@sap.com>
Co-authored-by: Robert Paschedag <robert.paschedag@sap.com>
2024-01-09 09:38:23 +01:00