1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

2558 commits

Author SHA1 Message Date
Tom Elliot
0612404f64
Add Support for fips regions. (#2805)
Signed-off-by: Tom Elliot <thomas.elliot@acquia.com>
2023-10-26 00:32:59 +02:00
Gergely Brautigam
7fbae000d6
feat: add namespace list selector to ClusterExternalSecrets (#2803)
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-10-25 13:58:05 +02:00
Sonny Alves Dias
0a0fd050c0
add directive to apply template on secret names (#2802)
Signed-off-by: Sonny Alves Dias <sonny.dias@superevilmegacorp.com>
2023-10-25 13:45:38 +02:00
Gergely Brautigam
762f6dc4fc
fix: also fix the ci jobs linter version (#2807)
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-10-24 22:18:13 +02:00
Gergely Brautigam
efb6157195
fix: update the linter so that it runs latest and disable debguard (#2806)
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
2023-10-24 21:49:20 +02:00
Anders Swanson
b1bad77eb3
Oracle: Workload Identity authentication (#2781)
* Oracle: Workload Identity authentication

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Merge main

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Cleanup go.mod

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Lint

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

* Use mutex for environment variables

Signed-off-by: anders-swanson <anders.swanson@oracle.com>

---------

Signed-off-by: anders-swanson <anders.swanson@oracle.com>
Signed-off-by: Anders Swanson <91502735+anders-swanson@users.noreply.github.com>
2023-10-24 21:48:25 +02:00
Moritz Johner
818eddd220
fix: do not iterate on the raw response value (#2801)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-10-24 12:13:11 +02:00
dependabot[bot]
8649f907ee
chore(deps): bump fkirc/skip-duplicate-actions from 5.3.0 to 5.3.1 (#2797)
Bumps [fkirc/skip-duplicate-actions](https://github.com/fkirc/skip-duplicate-actions) from 5.3.0 to 5.3.1.
- [Release notes](https://github.com/fkirc/skip-duplicate-actions/releases)
- [Commits](https://github.com/fkirc/skip-duplicate-actions/compare/v5.3.0...v5.3.1)

---
updated-dependencies:
- dependency-name: fkirc/skip-duplicate-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-23 22:22:57 +02:00
Lucas Severo Alves
5639d26f9f
bump 0.9.7 chart (#2796) 2023-10-22 15:53:51 +02:00
Moritz Johner
9e6a69fd51
feat: bump go + deps (#2794)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-10-20 09:28:14 +09:00
dependabot[bot]
96c4f0c160
chore(deps): bump golang from 1.21.2-alpine to 1.21.3-alpine (#2787)
Bumps golang from 1.21.2-alpine to 1.21.3-alpine.
2023-10-17 19:32:18 +02:00
eso-service-account-app[bot]
1f1d738b22
update dependencies (#2788) 2023-10-17 19:30:09 +02:00
Lucas Severo Alves
7b8f36b2f0
bump chart to 0.9.6 (#2786)
* bump chart to 0.9.6

Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com>
2023-10-15 16:43:26 +02:00
Moritz Johner
d42ccaaf78
docs: mention auth-delegator role in vault provider (#2734)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-10-13 15:50:40 +02:00
Shuhei Kitagawa
7b57943c55
Fix the k8s double encoding problem (#2760)
https://github.com/external-secrets/external-secrets/issues/2745

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-10-12 21:45:01 +02:00
Kevin van den Broek
f0ae0e81ee
fix: enable sharedConfigState in AWS auth provider (#2777)
The value `session.SharedConfigDisable` prevented the AWS SDK to use the
default provider chain. By removing this value from the getAWSSession
function the default SDK provider chain is used. This enables the SDK to
use the shared config file:
https://github.com/aws/aws-sdk-go/blob/main/aws/session/env_config.go#L84
as well as the shared credentials file:
https://github.com/aws/aws-sdk-go/blob/main/aws/session/env_config.go#L76

This fixes the code to be correct with the documentation of
NewGeneratorSession which notes that it uses the authentication order:

1. service-account token.
2. static credentials.
3. sdk default provider.

See also the AWS documentation:
https://github.com/aws/aws-sdk-go/blob/main/aws/session/session.go#L158

Signed-off-by: Kevin van den Broek <info@kevinvandenbroek.nl>
2023-10-12 09:18:17 +02:00
Sebastián Gómez
f5a4107b3f
Updated docum of PushSecret (#2391)
* Updated docum of PushSecret

Closes #2242

Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>

* Updated image and completed diagram file

Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>

---------

Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>
2023-10-11 21:20:50 +02:00
Shuhei Kitagawa
5421ec503f
Oracle provider retry (#2762)
* add oracle provider retry capabilities

Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com>

* add oracle provider retry capabilities unit test

Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com>

* Update unit tests for the Oracle provider retry config

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com>
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Co-authored-by: Andrei Ilas <andrei.ilas@oracle.com>
Co-authored-by: Andrei Ilas <andrei.cva@gmail.com>
2023-10-11 08:49:32 +02:00
Shanti G
583b919cb7
leverage IBM provider's latest API to get the secret by name (#2750) 2023-10-11 07:35:53 +03:00
Bradley Jenkins
6aa1318cc5
[adopters] Adding Pets at home (#2773) 2023-10-10 19:15:19 +02:00
dependabot[bot]
ab67573f1d
chore(deps): bump golang from 1.21.1-alpine to 1.21.2-alpine (#2766)
Bumps golang from 1.21.1-alpine to 1.21.2-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 10:33:12 +02:00
dependabot[bot]
b28da8f61c
chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 (#2765)
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.0 to 4.7.1.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.7.0...v4.7.1)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 10:19:20 +02:00
eso-service-account-app[bot]
c3c803bfe7
update dependencies (#2749)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2023-10-02 13:19:34 +02:00
Gary Hodgson
bb63bad38c
add force flag to bitwarden sync (#2742)
Whilst implementing integration with Vaultwarden I noticed that the local vault was not being updated.  I had to add  "force=true" to the sync api call for it to work as expected.

Signed-off-by: Gary Hodgson <gary.s.hodgson@gmail.com>
2023-09-29 12:41:03 +02:00
Florent Viel
24f1a093e5
Scaleway secret path (#2737)
* feat: add path support for scaleway provider

Signed-off-by: Florent Viel <fviel@scaleway.com>

* feat: update scaleway testcases for path support

Signed-off-by: Florent Viel <fviel@scaleway.com>

* docs: update scaleway doc to add path support

Signed-off-by: Florent Viel <fviel@scaleway.com>

* fix: change func signature to make linter pass

Signed-off-by: Florent Viel <fviel@scaleway.com>

---------

Signed-off-by: Florent Viel <fviel@scaleway.com>
2023-09-28 21:00:16 +02:00
Adrian Rico
5fdcba0f14
doc: add remember note for clusterLocation (#2741)
Signed-off-by: Adrian Rico <adrian.rico@ackstorm.com>
Co-authored-by: Adrian Rico <adrian.rico@ackstorm.com>
2023-09-28 17:16:53 +02:00
Ben Bertrands
cfb629c020
Support PushSecret Property for AWS SM (#2623)
* Support PushSecret Property for AWS SM

Signed-off-by: Ben Bertrands <public@bb-it.dev>

* Support PushSecret Property for AWS SM: leverage the VersionId field to prevent a "LostUpdate" concurrency problem

Signed-off-by: Ben Bertrands <public@bb-it.dev>

* Support PushSecret Property for AWS SM: errors.Join doesn't exist in go 1.19

Signed-off-by: Ben Bertrands <public@bb-it.dev>

* Support PushSecret Property for AWS SM: use an incrementing uuid for the secret version

Signed-off-by: Ben Bertrands <public@bb-it.dev>

---------

Signed-off-by: Ben Bertrands <public@bb-it.dev>
Signed-off-by: Ben Bertrands <8938515+benbertrands@users.noreply.github.com>
2023-09-26 13:18:18 +02:00
Shuhei Kitagawa
953af0d1a2
Reflect certController.readinessProbe.port to readinessProbe (#2732)
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-09-26 12:21:19 +02:00
Shuhei Kitagawa
a8eff34d49
Fix helm.test by reflecting recent changes (#2733)
Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-09-26 08:58:34 +02:00
antoniolago
1b48459951
Complement full-cluster-secret-store oracle example (#2731)
Add namespace to secretRef.privatekey and secretRef.fingerprint in oracle provider example at full-cluster-secret-store.yaml to avoid confusion like in #2727

Signed-off-by: antoniolago <45375617+antoniolago@users.noreply.github.com>
2023-09-25 21:23:55 +02:00
eso-service-account-app[bot]
b9ecb18cb7
update dependencies (#2729)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2023-09-25 13:30:59 +02:00
Kieran Bristow
d9eaeb40dc
Conjur JWT support (#2591)
* Add JWT Auth to Conjur Provider

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Update docs for Cyberark Conjur Provider

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Update test suite to cover new functionality

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Run make reviewable

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Set MinVersion for tls.Config to satisfy linting

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Move ca bundle config example to a yaml snippet

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* fix: consolidate naming

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: consolidate naming

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* docs: make it a working example

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Remove JWT expiration handling logic

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

* Run make fmt

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>

---------

Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-25 10:05:17 +02:00
Shuhei Kitagawa
719e8b1c82
Let ManagedField handle metadata (#2705)
https://github.com/external-secrets/external-secrets/issues/2682

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-09-25 09:33:00 +02:00
Moritz Johner
e56c9867f0
chore: bump version (#2725)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-21 23:29:11 +02:00
Moritz Johner
b9f8ddad20
chore: update dependencies (#2724)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-21 22:14:02 +02:00
Moritz Johner
d59512e604
fix: assign default value to prevent nil panic (#2722)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-21 22:01:40 +02:00
Shuhei Kitagawa
150e3dfde1
Use locks for GCP PushSecrets (#2678)
* Use locks for GCP PushSecrets

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

* Share locks among providers

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>

---------

Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>
2023-09-21 17:15:16 +02:00
Markus Lackner
a025b77e49
fix: do not recreate secret if deletion timestamp is set (#2718)
Signed-off-by: Markus Lackner <33040521+markuslackner@users.noreply.github.com>
2023-09-20 23:21:47 +02:00
rteeling
ddae00dd6d
Documentation: callout templating escapes for helm users (#2704)
* callout templating escapes for helm users

Signed-off-by: rteeling <rteeling@users.noreply.github.com>

* quote the snippet file

Signed-off-by: rteeling <rteeling@users.noreply.github.com>

---------

Signed-off-by: rteeling <rteeling@users.noreply.github.com>
Co-authored-by: rteeling <rteeling@users.noreply.github.com>
2023-09-20 21:20:14 +02:00
Joey Stout
c757319a09
docs(docs/snippets/gitops/deployment.yaml): updated the example doc to show 0.9.4 (#2715)
Signed-off-by: apollorion <joey@apollorion.com>
2023-09-20 00:00:19 +02:00
eso-service-account-app[bot]
157016b6bb
update dependencies (#2710)
Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
2023-09-18 13:58:06 +02:00
dependabot[bot]
5c8484209a
chore(deps): bump docker/setup-buildx-action from 2 to 3 (#2706)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 10:31:50 +02:00
dependabot[bot]
aa6be5883e
chore(deps): bump docker/login-action from 2 to 3 (#2708)
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 10:31:09 +02:00
dependabot[bot]
54475eb5a6
chore(deps): bump docker/setup-qemu-action from 2 to 3 (#2707)
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 10:30:36 +02:00
Moritz Johner
9559c2a124
fix: ensure to correctly encode binary data as base64 (#2681)
Also disable HTML escape.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-15 19:34:53 +02:00
Moritz Johner
b78ce75218
fix: do not swallow errors when create or update fails (#2693)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-09-15 06:21:34 +02:00
dependabot[bot]
3dcd3df41c
chore(deps): bump golang from 1.21.0-alpine to 1.21.1-alpine (#2688)
Bumps golang from 1.21.0-alpine to 1.21.1-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-11 15:10:25 +02:00
dependabot[bot]
62e96fca4c
chore(deps): bump actions/checkout from 3 to 4 (#2687)
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-09-11 12:23:07 +02:00
Parth Patel
d44dde95ed
Fix: Replaced selectorLabels with labels (#2672)
* Fix: Replaced selectorLabels with labels

Signed-off-by: Parth Patel <p.patel81@yahoo.com>

* Fix: Updated snapshot labels

Signed-off-by: Parth Patel <p.patel81@yahoo.com>

---------

Signed-off-by: Parth Patel <p.patel81@yahoo.com>
2023-09-11 12:03:38 +02:00
dependabot[bot]
64f100736f
chore(deps): bump tibdex/github-app-token from 1 to 2 (#2686)
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1 to 2.
- [Release notes](https://github.com/tibdex/github-app-token/releases)
- [Commits](https://github.com/tibdex/github-app-token/compare/v1...v2)

---
updated-dependencies:
- dependency-name: tibdex/github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-11 10:42:04 +02:00