external-secrets

mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

Author	SHA1	Message	Date
Charl Klein	06301854d0	docs: - Minor Note to assist future readers (#2839 ) Signed-off-by: CharlKlein <19486531+CharlKlein@users.noreply.github.com>	2023-11-02 20:36:09 +01:00
Moritz Johner	9ff86eab51	fix: remove sourceRef.generatorRef from .data[] (#2735 ) fix: deprecate sourceRef.generatorRef from .data[] A generator is supposed to be used via .dataFrom[]. Usage in .data[] is not implemented and doesn't make sense, see #2720. This commit splits the SourceRef into two types: - one that only defines a secretStoreRef - one that allows to define either secretStoreRef or generatorRef The former is used in .data[] and the latter is used in .dataFrom[]. The Deprecated field is going to be removed with v1. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-11-02 14:37:59 +01:00
Moritz Johner	22ca0ad35d	feat: add design doc for PushSecret `updatePolicy` (#2664 ) feat: add pushsecret updatePolicy design doc Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>	2023-11-02 10:22:54 +01:00
Gergely Brautigam	8f3cd55191	ref: cleanup condition handling for objects (#2829 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-11-02 10:19:03 +01:00
Anders Swanson	8dd934ceed	feat: Oracle provider service account masquerade (#2817 ) * feat: Oracle provider service account masquerade Signed-off-by: anders-swanson <anders.swanson@oracle.com>	2023-11-02 08:34:18 +01:00
Minho Ryang	99194e0237	feat: k8s provider can handle all types of secret, fix #2709 (#2792 ) Signed-off-by: Minho Ryang <minho@comcom.ai>	2023-11-01 22:42:49 +01:00
Moritz Johner	caa0acd5cc	fix: wrap errors in data[] (#2834 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: HamzaMasood1 <hamzamasood183@gmail.com>	2023-11-01 22:31:56 +01:00
Shuhei Kitagawa	c90c53b031	Let setup-go handle go module cache (#2828 ) Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2023-11-01 16:54:27 +01:00
Moritz Johner	22bb26cfa1	chore: release 0.9.8 (#2826 ) also downgrade `chart-testing-action`: CI pipeline [1] fails with "Unable to validate cosign version v2.0.0". That is because the v2.0.0 bootstrap version [2] is not accessible any more, it either got deleted or permissions got changed. [1] https://github.com/external-secrets/external-secrets/actions/runs/6705828636/job/18221053949?pr=2826 [2] https://storage.googleapis.com/cosign-releases/v2.0.0/cosign-linux-amd64 Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-10-31 13:42:55 +01:00
Moritz Johner	c5d647bae1	feat: give @Skarlso maintainer permissions (#2823 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-10-30 13:49:34 +01:00
Shuhei Kitagawa	ff0ef2e6d9	Add validations for the enum values (#2819 ) Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2023-10-30 13:30:04 +01:00
eso-service-account-app[bot]	faac47d83c	update dependencies (#2822 ) Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>	2023-10-30 13:20:26 +01:00
Moritz Johner	868c8ad2f1	chore: test e2e-managed & fixup docs (#2818 ) * fix: remove dead job * chore: mention azure managed tests Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-10-29 22:38:20 +01:00
Moritz Johner	51532ca8a1	feat: add AKS e2e managed (#2811 ) Migrate azure e2e tests to use the new TFC_* secrets which are provisioned through external-secrets/infrastructure. Also enable the use of `/ok-to-test-managed provider=azure` command to run e2e managed tests that verify integration with AKS and Azure Workload Identity (AZWI). Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-10-29 21:51:39 +01:00
Nícolas Roberto	8a60df68f7	add missing commands to the getting started guide (#2751 ) * add missing commands to the getting started guide Update "Create your first SecretStore" and "Create your first ExternalSecret" topics to be easy to understand Signed-off-by: Nícolas Roberto <66215835+Nicolas-Roberto@users.noreply.github.com> Signed-off-by: nicolas.queiroz <nicolas.roberto987@gmail.com> * change nano command to echo command Signed-off-by: Nícolas Roberto <66215835+Nicolas-Roberto@users.noreply.github.com> Signed-off-by: nicolas.queiroz <nicolas.roberto987@gmail.com> * fix changes in getting started file Signed-off-by: nicolas.queiroz <nicolas.roberto987@gmail.com> --------- Signed-off-by: Nícolas Roberto <66215835+Nicolas-Roberto@users.noreply.github.com> Signed-off-by: nicolas.queiroz <nicolas.roberto987@gmail.com> Signed-off-by: Shuhei Kitagawa <shuheiktgw@users.noreply.github.com> Co-authored-by: Shuhei Kitagawa <shuheiktgw@users.noreply.github.com>	2023-10-29 10:49:08 +09:00
Valentin Torikian	0c76b1ffd3	fix: requeue ExternalSecret based on delta to last refreshTime (#2815 ) * Fix skew between refreshInterval and refreshTime that can lead to skipped refresh when backend provider is slow to answer. See https://github.com/external-secrets/external-secrets/issues/2812. Signed-off-by: Valentin Torikian <vtorikian@upgrade.com>	2023-10-27 21:41:10 +02:00
Tom Elliot	0612404f64	Add Support for fips regions. (#2805 ) Signed-off-by: Tom Elliot <thomas.elliot@acquia.com>	2023-10-26 00:32:59 +02:00
Gergely Brautigam	7fbae000d6	feat: add namespace list selector to ClusterExternalSecrets (#2803 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-10-25 13:58:05 +02:00
Sonny Alves Dias	0a0fd050c0	add directive to apply template on secret names (#2802 ) Signed-off-by: Sonny Alves Dias <sonny.dias@superevilmegacorp.com>	2023-10-25 13:45:38 +02:00
Gergely Brautigam	762f6dc4fc	fix: also fix the ci jobs linter version (#2807 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-10-24 22:18:13 +02:00
Gergely Brautigam	efb6157195	fix: update the linter so that it runs latest and disable debguard (#2806 ) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>	2023-10-24 21:49:20 +02:00
Anders Swanson	b1bad77eb3	Oracle: Workload Identity authentication (#2781 ) * Oracle: Workload Identity authentication Signed-off-by: anders-swanson <anders.swanson@oracle.com> * Merge main Signed-off-by: anders-swanson <anders.swanson@oracle.com> * Cleanup go.mod Signed-off-by: anders-swanson <anders.swanson@oracle.com> * Lint Signed-off-by: anders-swanson <anders.swanson@oracle.com> * Use mutex for environment variables Signed-off-by: anders-swanson <anders.swanson@oracle.com> --------- Signed-off-by: anders-swanson <anders.swanson@oracle.com> Signed-off-by: Anders Swanson <91502735+anders-swanson@users.noreply.github.com>	2023-10-24 21:48:25 +02:00
Moritz Johner	818eddd220	fix: do not iterate on the raw response value (#2801 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-10-24 12:13:11 +02:00
dependabot[bot]	8649f907ee	chore(deps): bump fkirc/skip-duplicate-actions from 5.3.0 to 5.3.1 (#2797 ) Bumps [fkirc/skip-duplicate-actions](https://github.com/fkirc/skip-duplicate-actions) from 5.3.0 to 5.3.1. - [Release notes](https://github.com/fkirc/skip-duplicate-actions/releases) - [Commits](https://github.com/fkirc/skip-duplicate-actions/compare/v5.3.0...v5.3.1) --- updated-dependencies: - dependency-name: fkirc/skip-duplicate-actions dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-23 22:22:57 +02:00
Lucas Severo Alves	5639d26f9f	bump 0.9.7 chart (#2796 )	2023-10-22 15:53:51 +02:00
Moritz Johner	9e6a69fd51	feat: bump go + deps (#2794 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-10-20 09:28:14 +09:00
dependabot[bot]	96c4f0c160	chore(deps): bump golang from 1.21.2-alpine to 1.21.3-alpine (#2787 ) Bumps golang from 1.21.2-alpine to 1.21.3-alpine.	2023-10-17 19:32:18 +02:00
eso-service-account-app[bot]	1f1d738b22	update dependencies (#2788 )	2023-10-17 19:30:09 +02:00
Lucas Severo Alves	7b8f36b2f0	bump chart to 0.9.6 (#2786 ) * bump chart to 0.9.6 Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com>	2023-10-15 16:43:26 +02:00
Moritz Johner	d42ccaaf78	docs: mention auth-delegator role in vault provider (#2734 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-10-13 15:50:40 +02:00
Shuhei Kitagawa	7b57943c55	Fix the k8s double encoding problem (#2760 ) https://github.com/external-secrets/external-secrets/issues/2745 Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2023-10-12 21:45:01 +02:00
Kevin van den Broek	f0ae0e81ee	fix: enable sharedConfigState in AWS auth provider (#2777 ) The value `session.SharedConfigDisable` prevented the AWS SDK to use the default provider chain. By removing this value from the getAWSSession function the default SDK provider chain is used. This enables the SDK to use the shared config file: https://github.com/aws/aws-sdk-go/blob/main/aws/session/env_config.go#L84 as well as the shared credentials file: https://github.com/aws/aws-sdk-go/blob/main/aws/session/env_config.go#L76 This fixes the code to be correct with the documentation of NewGeneratorSession which notes that it uses the authentication order: 1. service-account token. 2. static credentials. 3. sdk default provider. See also the AWS documentation: https://github.com/aws/aws-sdk-go/blob/main/aws/session/session.go#L158 Signed-off-by: Kevin van den Broek <info@kevinvandenbroek.nl>	2023-10-12 09:18:17 +02:00
Sebastián Gómez	f5a4107b3f	Updated docum of PushSecret (#2391 ) * Updated docum of PushSecret Closes #2242 Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com> * Updated image and completed diagram file Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com> --------- Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>	2023-10-11 21:20:50 +02:00
Shuhei Kitagawa	5421ec503f	Oracle provider retry (#2762 ) * add oracle provider retry capabilities Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com> * add oracle provider retry capabilities unit test Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com> * Update unit tests for the Oracle provider retry config Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> --------- Signed-off-by: Andrei Ilas <andrei.ilas@oracle.com> Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> Co-authored-by: Andrei Ilas <andrei.ilas@oracle.com> Co-authored-by: Andrei Ilas <andrei.cva@gmail.com>	2023-10-11 08:49:32 +02:00
Shanti G	583b919cb7	leverage IBM provider's latest API to get the secret by name (#2750 )	2023-10-11 07:35:53 +03:00
Bradley Jenkins	6aa1318cc5	[adopters] Adding Pets at home (#2773 )	2023-10-10 19:15:19 +02:00
dependabot[bot]	ab67573f1d	chore(deps): bump golang from 1.21.1-alpine to 1.21.2-alpine (#2766 ) Bumps golang from 1.21.1-alpine to 1.21.2-alpine. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-09 10:33:12 +02:00
dependabot[bot]	b28da8f61c	chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 (#2765 ) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.0 to 4.7.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4.7.0...v4.7.1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-09 10:19:20 +02:00
eso-service-account-app[bot]	c3c803bfe7	update dependencies (#2749 ) Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>	2023-10-02 13:19:34 +02:00
Gary Hodgson	bb63bad38c	add force flag to bitwarden sync (#2742 ) Whilst implementing integration with Vaultwarden I noticed that the local vault was not being updated. I had to add "force=true" to the sync api call for it to work as expected. Signed-off-by: Gary Hodgson <gary.s.hodgson@gmail.com>	2023-09-29 12:41:03 +02:00
Florent Viel	24f1a093e5	Scaleway secret path (#2737 ) * feat: add path support for scaleway provider Signed-off-by: Florent Viel <fviel@scaleway.com> * feat: update scaleway testcases for path support Signed-off-by: Florent Viel <fviel@scaleway.com> * docs: update scaleway doc to add path support Signed-off-by: Florent Viel <fviel@scaleway.com> * fix: change func signature to make linter pass Signed-off-by: Florent Viel <fviel@scaleway.com> --------- Signed-off-by: Florent Viel <fviel@scaleway.com>	2023-09-28 21:00:16 +02:00
Adrian Rico	5fdcba0f14	doc: add remember note for clusterLocation (#2741 ) Signed-off-by: Adrian Rico <adrian.rico@ackstorm.com> Co-authored-by: Adrian Rico <adrian.rico@ackstorm.com>	2023-09-28 17:16:53 +02:00
Ben Bertrands	cfb629c020	Support PushSecret Property for AWS SM (#2623 ) * Support PushSecret Property for AWS SM Signed-off-by: Ben Bertrands <public@bb-it.dev> * Support PushSecret Property for AWS SM: leverage the VersionId field to prevent a "LostUpdate" concurrency problem Signed-off-by: Ben Bertrands <public@bb-it.dev> * Support PushSecret Property for AWS SM: errors.Join doesn't exist in go 1.19 Signed-off-by: Ben Bertrands <public@bb-it.dev> * Support PushSecret Property for AWS SM: use an incrementing uuid for the secret version Signed-off-by: Ben Bertrands <public@bb-it.dev> --------- Signed-off-by: Ben Bertrands <public@bb-it.dev> Signed-off-by: Ben Bertrands <8938515+benbertrands@users.noreply.github.com>	2023-09-26 13:18:18 +02:00
Shuhei Kitagawa	953af0d1a2	Reflect certController.readinessProbe.port to readinessProbe (#2732 ) Signed-off-by: shuheiktgw <s-kitagawa@mercari.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>	2023-09-26 12:21:19 +02:00
Shuhei Kitagawa	a8eff34d49	Fix helm.test by reflecting recent changes (#2733 ) Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2023-09-26 08:58:34 +02:00
antoniolago	1b48459951	Complement full-cluster-secret-store oracle example (#2731 ) Add namespace to secretRef.privatekey and secretRef.fingerprint in oracle provider example at full-cluster-secret-store.yaml to avoid confusion like in #2727 Signed-off-by: antoniolago <45375617+antoniolago@users.noreply.github.com>	2023-09-25 21:23:55 +02:00
eso-service-account-app[bot]	b9ecb18cb7	update dependencies (#2729 ) Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>	2023-09-25 13:30:59 +02:00
Kieran Bristow	d9eaeb40dc	Conjur JWT support (#2591 ) * Add JWT Auth to Conjur Provider Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> * Update docs for Cyberark Conjur Provider Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> * Update test suite to cover new functionality Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> * Run make reviewable Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> * Set MinVersion for tls.Config to satisfy linting Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> * Move ca bundle config example to a yaml snippet Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> * fix: consolidate naming Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: consolidate naming Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * docs: make it a working example Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Remove JWT expiration handling logic Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> * Run make fmt Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> --------- Signed-off-by: Kieran Bristow <kieran.bristow@absa.africa> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>	2023-09-25 10:05:17 +02:00
Shuhei Kitagawa	719e8b1c82	Let ManagedField handle metadata (#2705 ) https://github.com/external-secrets/external-secrets/issues/2682 Signed-off-by: shuheiktgw <s-kitagawa@mercari.com>	2023-09-25 09:33:00 +02:00
Moritz Johner	e56c9867f0	chore: bump version (#2725 ) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>	2023-09-21 23:29:11 +02:00

1 2 3 4 5 ...

2524 commits