1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Commit graph

28 commits

Author SHA1 Message Date
Bill Hamilton
1876ff88d7
Add support for Delinea Secret Server (#3468)
* implements secretserver

Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com>

* bump to align e2e

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

* bump

Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>

---------

Signed-off-by: Bill Hamilton <bill.hamilton@delinea.com>
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
Co-authored-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2024-07-10 14:32:17 -03:00
Moritz Johner
51532ca8a1
feat: add AKS e2e managed (#2811)
Migrate azure e2e tests to use the new TFC_* secrets which are
provisioned through external-secrets/infrastructure.
Also enable the use of `/ok-to-test-managed provider=azure` command
to run e2e managed tests that verify integration with AKS and
Azure Workload Identity (AZWI).

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-10-29 21:51:39 +01:00
Michael Sauter
bdf437c2e1
Add support for Delinea DevOps Secrets Vault (#2415)
* Add support for Delinea DevOps Secrets Vault

Closes #1709.

Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>

* fix: remove merge conflict

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Improve documentation

Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>

---------

Signed-off-by: Michael Sauter <michael.sauter@boehringer-ingelheim.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>
2023-07-06 18:01:43 +02:00
Moritz Johner
05803f7aff
feat: add e2e tests for aws role-based auth (#2376)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-06-12 12:58:29 +02:00
azert9
f181500e98
Feature/scaleway provider (#2086)
* wip: basic structure of scaleway provider

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: add some tests for GetAllSecrets

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: implement PushSecret

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: improved test fixtures

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: allow finding secrets by project using the path property

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: add delete secret method

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* Delete dupplicate of push remote ref test implem

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: add capability to use a secret for configuring access token

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: implement GetSecretMap

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: filtering by name and projetc id

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: add test for finding secret by name regexp

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: config validation

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: handle situation where no namespace is specified and we cannot provide a default

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: reference secrets by id or name

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: invalid request caused by pagination handling

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: log the error when failing to access secret version

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: pass context to sdk where missing

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: add a cache for reducing AccessSecretVersion() calls

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* refacto: use GetSecret with name instead of ListSecrets

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: allow using secret name in ExternalSecrets

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: use latest_enabled instead of latest

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* refacto: optimized PushSecret and improved its test coverage

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: doesConfigDependOnNamespace was always true

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: use new api with refactored name-based endpoints

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* remove useless todo

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* fix: use secret names as key for GetAllSecrets

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: support gjson propery lookup

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: e2e tests

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: e2e test using secret to store api key

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: cleanup left over resources on the secret manager before each e2e run

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* doc: add doc for scaleway provider

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* refacto: fix lint issues

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* test: cleanup code in e2e was commented

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: the previous version is disabled when we push to a secret

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* doc: add comments to ScalewayProvider struct to point to console and doc

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>

* feat: add missing e2e env vars for scaleway

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* docs: add scaleway to support/stability table

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: Julien Loctaux <no.mail@jloc.fr>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-03-16 01:03:52 +01:00
Moritz Johner
dabfa5a589
Feature: initial generator implementation + Github Actions OIDC/AWS (#1539)
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2022-10-29 20:15:50 +02:00
Moritz Johner
1672dfd556
feat: test UBI image build (#1574)
* feat: test UBI image build

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-Authored-By: Idan Adar <iadar@il.ibm.com>
Co-Authored-By: mrgadgil
2022-10-06 19:14:13 +02:00
Dominik Zeiger
fa38fe1e60
enable configuration of environment_scope for gitlab provider (#1565)
* enable configuration of environment_scope for gitlab provider

Signed-off-by: Dominik Zeiger <dominik@zeiger.biz>
2022-09-27 22:08:38 +02:00
dependabot[bot]
67fedc840e
Kubernetes v1.24 upgrade (#1345)
* build(deps): bump sigs.k8s.io/controller-runtime from 0.11.2 to 0.12.3

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.11.2 to 0.12.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.11.2...v0.12.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* feat: bump kubernetes 1.24

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: backwards-compatible vault implementation

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add audiences field to serviceAccountRef

This will be used by aws, azure, gcp, kubernetes & vault providers
in combination with TokenRequest API: it will _append_ audience claims
to provider-specific audiences.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: refactor kubernetes client to match provider/client interfaces

the kubernetes provider mixed up provider and client interfaces which
made it really hard to reason about. This commit separates into two
structs, each implements one interface.
The client struct fields have been renamed and annotated so their use
and scope is clear.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: deprecate expirationSeconds

expirationSeconds is not needed because we generate a
service account token on the fly for a single use.
There will be no replacement for this.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: rename token fetch audiences field

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: generate CRDs

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2022-08-19 17:32:06 +02:00
Gustavo Fernandes de Carvalho
a99628eb06
🐛fixes e2e tests (#1420)
Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>
2022-08-02 16:58:46 -03:00
Moritz Johner
8e0a5b96c6
ArgoCD & Flux e2e suites (#1041)
* feat: add gitops suite

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* feat: add flux tests

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* fix: pin to v1.23 kubectl version to avoid invalid apiVersion issue

see: https://github.com/aws/aws-cli/issues/6920
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

* Revert "fix: pin to v1.23 kubectl version to avoid invalid apiVersion issue"

This reverts commit 2f78226cdce1683a0255457b41199d10dd30509f.

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-05-23 16:14:21 +02:00
Alfred Krohmer
d7022b1bef
feat(vault): add option for JWT backend to authenticate with Kubernetes service account token (#768) 2022-04-04 21:20:58 +02:00
Moritz Johner
ea5689a945 chore: test e2e
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-01-24 20:23:33 +01:00
Moritz Johner
008268ee00 feat(e2e): implement aws tests, enhance gcp tests
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2022-01-21 23:37:50 +01:00
Lucas Severo Alves
25763fde81 e2e testing for gcp Workload Identity 2021-12-30 22:08:00 +01:00
renanaAkeyless
91a34bbbc6 PR Suggested change 2021-11-10 15:57:37 +02:00
renanaAkeyless
ecef240319
Merge branch 'external-secrets:main' into main 2021-11-09 20:43:31 +02:00
renanaAkeyless
67541a843d e2e 2021-11-07 17:37:22 +02:00
Cameron McAvoy
ed3e62f400 Bump e2e kind & tools versions, remove dep on ginkgo on path 2021-11-06 15:20:40 -05:00
Kian
8dd4a19778 Fixing assignment issues 2021-09-09 23:57:43 +01:00
Kian
af4c10bd0c Adding environment variables for e2e tests and fixed incorrectly used arguments in 2 functions 2021-09-07 11:20:09 +01:00
jabray5
f83926c5e6 passes 1st e2e test 2021-08-25 16:47:06 +02:00
Moritz Johner
ea46ec1911 fix(e2e): refactor e2e tests 2021-07-12 22:03:59 +02:00
Lucas Severo Alves
6637f7746a increase pod-running-timeout 2021-07-02 16:00:05 +02:00
Lucas Severo Alves
be0ae67e24 fix: increase kind timeout 2021-07-02 15:06:36 +02:00
ric
e4e90123b3 test: e2e test setup for azure 2021-06-29 16:01:11 +02:00
Lucas Severo Alves
0655e600d5 test: Add e2e initial test for gcp 2021-06-18 12:09:22 +02:00
Moritz Johner
7beec56522 feat: add basic e2e test 2021-04-25 15:44:15 +02:00