mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-15 17:51:01 +00:00
Code Activity
1180 commits 135 branches 173 tags 201 MiB
Commit graph

328 commits

Author SHA1 Message Date
rodrmartinez
045e056719 Fix sonarcloud code smells 2022-02-22 15:55:31 -03:00
rodrmartinez
e887e49436 leaves Validate() method empty for now 2022-02-22 15:46:58 -03:00
rodrmartinez
7c4a17a9c3 Merge branch 'main' into feature/kubernetes-provider 2022-02-17 15:38:45 -03:00
rodrmartinez
86d7710727 changing kubernetes api struct 2022-02-17 14:45:43 -03:00
paul-the-alien[bot]
18b4f2be8b
Merge pull request #703 from external-secrets/chore/cleanup-azure-provider 
chore: cleanup az/keyvault provider
 2022-02-17 11:56:00 +00:00
paul-the-alien[bot]
4cca87b6d7
Merge pull request #729 from external-secrets/fix/disable-sec-cm-cache 
feat: avoid caching secrets/configmaps
 2022-02-17 09:15:31 +00:00
paul-the-alien[bot]
86aedda434
Merge pull request #701 from external-secrets/feature/template-string-interface 
feat: implement template engine v2
 2022-02-16 17:16:24 +00:00
Moritz Johner
899cf72f22 feat: avoid caching secrets/configmaps 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-16 14:37:42 +01:00
paul-the-alien[bot]
ff4af57a7b
Merge pull request #727 from external-secrets/fix/vault-key-with-dot 
fix: vault keys should take precedence over gjson
 2022-02-15 18:28:41 +00:00
Moritz Johner
094bcf0332 fix: vault keys should take precedence over gjson 2022-02-15 17:28:14 +01:00
castaneai
3fd3cc0186
Fix the leak in GCPSM when the secret operator cannot find the secret. (#722) 
* fix(gcp): Fix the leak in GCPSM when the secret operator cannot find the secret.

The IAM client has an internal gRPC connection,
but if the secret fetch fails, the goroutine created by the gRPC connection will leak.

Therefore, close the IAM client when the creation of the GCPSM client fails.

* test: fix build error on fakeIAMClient
 2022-02-15 16:54:11 +01:00
Moritz Johner
74fca707b3 feat(template): add filterPEM function 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:32:37 +01:00
Moritz Johner
9486dd85dd fix(template): extract multiple certs/keys from PKCS#12 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
009b60de19 fix(webhook): use v2 template funcs with webhook provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
a627e82639 chore: fix smells 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:32 +01:00
Moritz Johner
54e68399ec feat: implement template engine v2 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-11 08:26:31 +01:00
paul-the-alien[bot]
027f28ec97
Merge pull request #700 from EladGabay/elad/oci-secret-by-name 
oracle vault: Use instance principal if auth is empty
 2022-02-10 10:34:40 +00:00
rodrmartinez
dc41b40dda Adds linting changes 2022-02-09 17:33:54 -03:00
rodrmartinez
a318978afd Adds setAuth test func 2022-02-09 15:23:03 -03:00
rodrmartinez
da858878d8 refactor setAuth method 2022-02-09 15:22:37 -03:00
paul-the-alien[bot]
31efb94b20
Merge pull request #674 from external-secrets/feat/vault-nested-values 
allow nested json in vault
 2022-02-08 15:29:20 +00:00
Moritz Johner
4b5d047934 chore: cleanup az/keyvault provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-08 13:04:18 +01:00
Moritz Johner
5b8ab034ec feat(vault): marshal nested value as json, add docs 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
 2022-02-08 08:05:10 +01:00
Elad Gabay
fe416890b1 oracle vault: Use instance principal if auth is empty 
Currently the oracle vault's secretstore uses a specific user credentials.
This commit introduce a new way to access the vault, using the instance principal.

All user's details moved to "auth" section in the OracleProvider which now is optional.
If "auth" is empty, by default, we use the instance principal, otherwise if specified user's auth details, we use them.

In addition:
- Fixed the fingerprint secret reference which until now used the privatekey secret instead of its reference.
- Bump OCI SDK version.
 2022-02-07 18:38:10 +02:00
Lucas Severo Alves
6630ab7494
Initial draft of reporter (#466) 
* Initial draft of reporter

* Test out reporter in AWS provider

* trying out different events approach

* feat: implement store reconciler and events

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add validate() method to provider interface

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: use static requeue interval in store ctrl

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Mircea Cosbuc <mircea.cosbuc@container-solutions.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-07 11:42:18 +01:00
Moritz Johner
2ac4053648 feat(vault): allow using nested json 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-05 22:11:41 +01:00
Moritz Johner
fe1cb8bc69 feat(provider): implement fake provider 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-02-01 11:18:43 +01:00
Moritz Johner
e015bed08d chore: update k8s / envtest 2022-01-28 19:51:07 +01:00
paul-the-alien[bot]
6f4c03a75d
Merge pull request #645 from external-secrets/fix/delete-secret-using-tpl 
fix: ensure that data is being deleted when using tpl
 2022-01-27 14:49:00 +00:00
Jeroen Op 't Eynde
83afebe9b3
fix(metrics): ensure status_condition metrics reflect the status (#612) 
* fix(metrics): ensure status_condition metrics reflect the status

* lint fixes

* fix(metrics): remove condition=deleted metric (+lint fixes)
 2022-01-27 14:26:09 +01:00
Moritz Johner
e2701fa35a fix: ensure that data is being deleted when using tpl 2022-01-26 20:14:59 +01:00
rodrmartinez
cbd350fef6 Adds lockbox again to register 2022-01-26 15:41:09 -03:00
rodrmartinez
5a766c1995 Adds GetSecret and GetSecretMaps methods 2022-01-26 15:29:14 -03:00
rodrmartinez
8620174449 Adds kubernetes provider to register 2022-01-26 15:28:37 -03:00
paul-the-alien[bot]
5a8df8cb18
Merge pull request #642 from external-secrets/fix/webhook-test-race 
fix: webhook test race
 2022-01-26 18:14:48 +00:00
rodrmartinez
1c5ce19a20 Adds Kubernetes Provider 2022-01-25 17:14:48 -03:00
Moritz Johner
edb2c290f4 fix(gcp): use gax-go v2 package 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-25 21:09:33 +01:00
Moritz Johner
ce6f5b1653 fix: webhook test race 2022-01-25 20:45:45 +01:00
paul-the-alien[bot]
0b9c142a22
Merge pull request #618 from external-secrets/feature/aws-e2e-managed 
feat(e2e): implement aws tests, enhance gcp tests
 2022-01-24 10:46:02 +00:00
Moritz Johner
008268ee00 feat(e2e): implement aws tests, enhance gcp tests 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-21 23:37:50 +01:00
Marc Ingram
07415bdabf improve test? 2022-01-21 14:01:45 -07:00
Marc Ingram
e93a1716f5 fix format and lint 2022-01-21 13:36:41 -07:00
Marc Ingram
705ffbbd95 Optimise patching so as changes only happen with something changes 2022-01-21 12:36:05 -07:00
Marc Billow
01355b7653 Formatting and linting fixes 2022-01-19 16:28:23 -06:00
Marc Billow
0753da1cbd Support for eventual consistency in Vault Enterprise 2022-01-19 16:25:01 -06:00
Lucas Severo Alves
16948ed572
Merge pull request #596 from EladGabay/elad/oci-secret-by-name 
OCI Vault: Get secret by name from a specific Vault
 2022-01-16 17:20:46 +00:00
Elad Gabay
dbedbedb96 make fmt 2022-01-16 13:30:21 +02:00
Lucas Severo Alves
2bacd30313
Merge pull request #569 from rodrmartinez/oci-patch 
Replace vaults with secrets package to retrieve secrets
 2022-01-16 11:13:50 +00:00
Elad Gabay
cab49e57f7 oracle: Get secret by name from a specific vault 2022-01-16 13:11:46 +02:00
Moritz Johner
27854adaa5 fix: force ownership when merging secrets 
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2022-01-14 22:27:27 +01:00