external-secrets

mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

Author	SHA1	Message	Date
Mathew Wicks	0656bf33c5	fix: issues with generators (#4163 ) * fix: issues with generators Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * fix generator RBAC permissions for controller Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * fix docs for UUID generator Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * update tilt to 0.33.10 Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * explicitly specify generator RBAC roles Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> * update helm test with new entries Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com> Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-12-01 08:52:39 +01:00
Dmytro Bondar	08566af7c1	fix: handle managed identity ClientID or ResourceID in acr generator (#4150 ) * fix: use ClientID instead of ResourceID in acr generator Signed-off-by: Dmytro Bondar <git@bonddim.com> * Handle both cases: with ClientID and ResourceID Signed-off-by: Dmytro Bondar <git@bonddim.com> * Update ACR docs Signed-off-by: Dmytro Bondar <git@bonddim.com> --------- Signed-off-by: Dmytro Bondar <git@bonddim.com>	2024-11-28 10:44:30 -03:00
Alex Samorukov	ebbc3a0e27	Add ability to use RetrySettings in the VaultDynamicSecret generator (#4076 ) Signed-off-by: Oleksij Samorukov <samm@net-art.cz>	2024-11-07 07:58:23 +01:00
Gergely Brautigam	d4d4f4bc4b	feat: add AWS STS Session token generator (#4041 ) * feat: add AWS STS Session token generator Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * version update for the generated CRD Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-11-05 13:22:00 +01:00
Konradas Bunikis	c51ad8d98f	feat: Support repositories and permissions in GitHub generator (#4039 ) * feat: Support repositories and permissions in GitHub generator Signed-off-by: konradasb <konradasb0@gmail.com> * fix: Correct typo ommited->omitted Signed-off-by: konradasb <konradasb0@gmail.com> * fix: Optimize http req body Signed-off-by: konradasb <konradasb0@gmail.com> * fix: Optimize body var usage Signed-off-by: konradasb <konradasb0@gmail.com> * fix: Correct typo marshalling->marshaling Signed-off-by: konradasb <konradasb0@gmail.com> --------- Signed-off-by: konradasb <konradasb0@gmail.com>	2024-10-28 12:02:06 +01:00
Alexander Schaber	f73187dabb	New Generator for UUIDs (#3296 ) * feat(generator/uuid): initial version Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * fix(generator/uuid): rename symbols in compliance with lint Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * fix(generator/uuid): rename unused vars to `_` to fix lint Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> * docs(generator/uuid): initial documentation for uuid generator Signed-off-by: Alexander Schaber <a.schaber@cuegee.com> --------- Signed-off-by: Alexander Schaber <a.schaber@cuegee.com>	2024-09-08 19:54:47 +02:00
Gergely Brautigam	a5ddd97c21	chore: update go version of the project to 1.23 (#3829 ) * chore: update go version of the project to 1.23 Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * fixed an absurd amount of linter issues Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-08-26 11:10:58 +02:00
Gergely Brautigam	82d419e2ee	feat: add CAProvider to Bitwarden provider (#3699 ) * feat: add CAProvider to bitwarden This change introduces a refactor as well since CAProvider was used by multiple providers with diverging implementations. The following providers were affected: - webhook - akeyless - vault - conjur - kubernetes Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * refactored the Kubernetes provider to use create ca Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * refactor webhook, vault and kubernetes provider Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * rename CreateCACert to FetchCACertFromSource Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * addressed comments and autodecoding base64 data Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * check if the decoded value is a valid certificate Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2024-08-16 12:32:35 +02:00
Idan Adar	e13e09413e	Fix typo privatKey in multiple files (#3578 ) * Update generators.external-secrets.io_githubaccesstokens.yaml Fixes https://github.com/external-secrets/external-secrets/issues/3556 Signed-off-by: Idan Adar <iadar@il.ibm.com> * Update generator_github.go Signed-off-by: Idan Adar <iadar@il.ibm.com> * Update github.go Signed-off-by: Idan Adar <iadar@il.ibm.com> * Update generator-github.yaml Signed-off-by: Idan Adar <iadar@il.ibm.com> * Update github_test.go Signed-off-by: Idan Adar <iadar@il.ibm.com> * fix: rename property Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Idan Adar <iadar@il.ibm.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2024-06-17 11:12:03 +02:00
Shuhei Kitagawa	43a7a16baf	Update Go and golangci-lint version (#3396 ) Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2024-04-25 06:36:11 -03:00
Michael Serchenia	84731616f4	GitHub provider (supersedes #3014 ) (#3115 ) * github provider signed, supersedes #3014 Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * tests pass, + crd + docs Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * fix sonarLint alert Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * refactoring, replace secretStore with generator Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * cosmetics + tst + lint pass Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * docs Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * clean-up + lint + test Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> * small refactor, fix issues left in comments Signed-off-by: Mike Serchenia <michael_serchenia@epam.com> --------- Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>	2024-04-03 09:19:57 +02:00
Marco Singer	983488ca57	feat(generator/webhook): Improve error message (#3190 ) Signed-off-by: Marco Singer <marcosinger@users.noreply.github.com>	2024-02-28 09:23:08 +09:00
Gustavo Fernandes de Carvalho	1cf8f68276	Implements Webhook Generator (#3121 ) * adding webhook generators Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * bumping bundle Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * linting Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * fixing copy-paste error Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * common webhook functions Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * removing duplicates. Adding tests for generator Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * docs Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> --------- Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2024-02-17 06:49:31 -03:00
Moritz Johner	d246c2e082	🧹 refactor vault provider (#3072 ) * chore: split monolith into separate files Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * chore: add tests Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * chore: rename vault/auth_iam vars Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fixup: remove string duplication Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-31 22:03:32 +01:00
Moritz Johner	26f9c3f1f4	chore: refactor/centralise secretKeyRef usage (#3022 ) * chore: refactor/centralise secretKeyRef usage Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2024-01-21 08:19:57 +01:00
Moritz Johner	2b2661ebc2	fix: use service management endpoint for ACR when using WI (#2913 ) The `scope` parameter used to be the ACR url foobar.azurecr.io, but this stopped working. Turns out that you need to use the management endpoint as `scope` in order to authenticate with ACR. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-11-30 00:02:28 +01:00
Moritz Johner	c5fa8d81a6	fix: `webhook` support more types when parsing response (#2899 ) * fix: support more types in webhook response Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: properly decode json Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Update pkg/provider/webhook/webhook.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> * Update pkg/provider/webhook/webhook.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> * fix: expose errors Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-11-25 08:53:30 +01:00
Moritz Johner	416deb3303	chore: bump dependencies (#2568 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-08-02 21:42:03 +02:00
Moritz Johner	593eb13999	feat: allow to get auth data from vault response (#2325 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-05-22 10:00:41 +02:00
Moritz Johner	bbddc6f902	fix: nil check parameters (#2321 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-05-16 08:17:01 +02:00
Gustavo Fernandes de Carvalho	1cf7c3a6e3	🧹 Bumping GolangciLint version and fixing lint issues (#2304 ) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2023-05-12 05:11:33 -03:00
azert9	f181500e98	Feature/scaleway provider (#2086 ) * wip: basic structure of scaleway provider Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: add some tests for GetAllSecrets Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: implement PushSecret Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: improved test fixtures Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: allow finding secrets by project using the path property Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: add delete secret method Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * Delete dupplicate of push remote ref test implem Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: add capability to use a secret for configuring access token Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: implement GetSecretMap Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: filtering by name and projetc id Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: add test for finding secret by name regexp Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: config validation Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: handle situation where no namespace is specified and we cannot provide a default Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: reference secrets by id or name Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: invalid request caused by pagination handling Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: log the error when failing to access secret version Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: pass context to sdk where missing Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: add a cache for reducing AccessSecretVersion() calls Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * refacto: use GetSecret with name instead of ListSecrets Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: allow using secret name in ExternalSecrets Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: use latest_enabled instead of latest Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * refacto: optimized PushSecret and improved its test coverage Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: doesConfigDependOnNamespace was always true Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: use new api with refactored name-based endpoints Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * remove useless todo Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: use secret names as key for GetAllSecrets Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: support gjson propery lookup Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: e2e tests Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: e2e test using secret to store api key Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: cleanup left over resources on the secret manager before each e2e run Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * doc: add doc for scaleway provider Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * refacto: fix lint issues Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: cleanup code in e2e was commented Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: the previous version is disabled when we push to a secret Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * doc: add comments to ScalewayProvider struct to point to console and doc Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: add missing e2e env vars for scaleway Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * docs: add scaleway to support/stability table Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Julien Loctaux <no.mail@jloc.fr> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2023-03-16 01:03:52 +01:00
Kristián Leško	1eca34c94d	feat: Vault dynamic secrets Generator (#2074 ) * feat: Vault dynamic secrets Generator Signed-off-by: Kristián Leško <kristian.lesko@gooddata.com> * Update pkg/provider/vault/vault.go Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> * feat: Vault dynamic secrets Generator Signed-off-by: Kristián Leško <kristian.lesko@gooddata.com> * Update pkg/provider/vault/vault.go Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> * fix: linter Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Kristián Leško <kristian.lesko@gooddata.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2023-03-13 16:31:10 +01:00
Moritz Johner	2acc637106	fix: pass tenantID correctly to acr generator (#2010 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-02-14 21:57:31 +00:00
Gustavo Fernandes de Carvalho	ed173dcf77	chore: bumps (#1852 ) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2023-01-03 22:11:59 +01:00
Gustavo Fernandes de Carvalho	d1fa28532d	🧹 chore: bumping versions (#1688 ) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com>	2022-10-31 06:54:52 -03:00
Moritz Johner	dabfa5a589	Feature: initial generator implementation + Github Actions OIDC/AWS (#1539 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2022-10-29 20:15:50 +02:00

27 commits