mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.

external-secrets hacktoberfest kubernetes kubernetes-secrets secrets-manager

Find a file

Diego Tejada 4dfa4d2622 feat: Add API key auth support on BeyondTrust provider (#4101 ) * chore: bump BeyondTrust/go-client-library-passwordsafe version v0.9.1 Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * feat: add ApiKey attribute to BeyondtrustAuth Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: update docs with ApiKey reference, add extra help comments Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * feat: conditionally using API Key or Client Credentials Auth on BeyondTrust provider Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * test: Add API key tests for BeyondTrust provider Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: add apiKey to spec.md Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: make reviewable files Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: ensured fmt Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: update APIKey variable case Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: fix typo Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: fix typo Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: fix typo Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump watchdog from 5.0.3 to 6.0.0 in /hack/api-docs (#4067) Bumps [watchdog](https://github.com/gorakhargosh/watchdog) from 5.0.3 to 6.0.0. - [Release notes](https://github.com/gorakhargosh/watchdog/releases) - [Changelog](https://github.com/gorakhargosh/watchdog/blob/master/changelog.rst) - [Commits](https://github.com/gorakhargosh/watchdog/compare/v5.0.3...v6.0.0) --- updated-dependencies: - dependency-name: watchdog dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump pymdown-extensions in /hack/api-docs (#4068) Bumps [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions) from 10.11.2 to 10.12. - [Release notes](https://github.com/facelessuser/pymdown-extensions/releases) - [Commits](https://github.com/facelessuser/pymdown-extensions/compare/10.11.2...10.12) --- updated-dependencies: - dependency-name: pymdown-extensions dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump mkdocs-material in /hack/api-docs (#4069) Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.5.42 to 9.5.43. - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.42...9.5.43) --- updated-dependencies: - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump softprops/action-gh-release from 2.0.8 to 2.0.9 (#4070) Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.8 to 2.0.9. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](`c062e08bd5...e7a8f85e1c`) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: move inactive maintainers to emeritus (#4073) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: update dependencies (#4071) * update dependencies Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> * removed updating sigs.k8s.io/structured-merge-diff/v4 because that broke compilation and fixed two lint issues Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Update VaultAppRole documentation to show/use roleRef in its examples (#4035) Signed-off-by: Mike Tougeron <tougeron@adobe.com> Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * feat: add option to configure topic information for GCM (#4055) * feat: add option to configure topic information for GCM Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * fix the comparison logic for updates to include topics Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * feat: add AWS STS Session token generator (#4041) * feat: add AWS STS Session token generator Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * version update for the generated CRD Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(helm): Add extra labels to the validating webhooks (#4074) It should add a bunch of app.kubernetes.io labels Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Reduce refreshInterval example for ACR (#4078) The old example used a `refreshInterval` value of 12h for the ACR access token. This change reduces that to 3h instead, since that is the expiration time for Service Principal authentication tokens: https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli#service-principal Service principals are not the only way to authenticate towards ACR. In fact, two other ways (`managedIdentity` and `workloadIdentity`) are also outlined in the docs. I was unable to find any documentation in Azure for the default expiration time for those tokens, so as far as I know it is always 3 hours. Thus I think we should reflect this in our examples. Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Fix PushSecret lookup in keepersecurity provider (#4077) * Fixed Keeper Security custom record type name in docs Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> * Fixed Keeper records lookup in PushSecret Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> * Improved Keeper record lookup to search only for records of the expected type Improved PushSecret and DeleteSecret Fixed "nil pointer dereference" errors Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> * Fixed tests Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> * chore(helm): Add extra labels to the validating webhooks (#4074) It should add a bunch of app.kubernetes.io labels Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> * Added tests for secrets with multiple matches Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> --------- Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com> Co-authored-by: Tete17 <miguel_tete17@hotmail.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Add ability to use RetrySettings in the VaultDynamicSecret generator (#4076) Signed-off-by: Oleksij Samorukov <samm@net-art.cz> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: make reviewable format Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * refactor: reduced complexity in NewClient Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * refactor: reduced function parameters Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump golang from 1.23.2 to 1.23.3 (#4089) Bumps golang from 1.23.2 to 1.23.3. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump packaging from 24.1 to 24.2 in /hack/api-docs (#4090) Bumps [packaging](https://github.com/pypa/packaging) from 24.1 to 24.2. - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pypa/packaging/compare/24.1...24.2) --- updated-dependencies: - dependency-name: packaging dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump mkdocs-material in /hack/api-docs (#4091) Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.5.43 to 9.5.44. - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.43...9.5.44) --- updated-dependencies: - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Update docs for ExternalSecrets's refreshInterval (#4097) Fixes #4079 Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump zipp from 3.20.2 to 3.21.0 in /hack/api-docs (#4092) Bumps [zipp](https://github.com/jaraco/zipp) from 3.20.2 to 3.21.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](https://github.com/jaraco/zipp/compare/v3.20.2...v3.21.0) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump regex from 2024.9.11 to 2024.11.6 in /hack/api-docs (#4093) Bumps [regex](https://github.com/mrabarnett/mrab-regex) from 2024.9.11 to 2024.11.6. - [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt) - [Commits](https://github.com/mrabarnett/mrab-regex/compare/2024.9.11...2024.11.6) --- updated-dependencies: - dependency-name: regex dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /e2e (#4094) Bumps golang from 1.23.2-bookworm to 1.23.3-bookworm. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * update dependencies (#4096) Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1 (#4088) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.0 to 3.27.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`662472033e...4f3212b617`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Fix typo in webhook.md (#4100) Signed-off-by: Stas Alekseev <100800+salekseev@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * docs: reformat pushsecrets documentation to be a list (#4102) * reformat pushsecrets documentation to be a list Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com> * Use sections instead of a list Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com> --------- Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * fix: refresh interval values (#4111) Signed-off-by: Gustavo <gustavo@externalsecrets.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Sign helm chart artifact in ghcr.io (#4098) * Install cosign for signing helm charts Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Fix helm push failing when GITHUB_REPOSITORY_OWNER contains Uppercase alphabets Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Sign helm chart in oci registry using cosign Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Add permissions required for cosign signing and provenance attestations Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Log helm push output Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Attest build provenance for helm artifact Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Format: break code block Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Reformat: Remove temp variable Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Verify signed helm chart after signing it Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> * Remove unnecessary helm action changes for external-secrets repository Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> --------- Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump distroless/static from `cc226ca` to `f4a57e8` (#4112) Bumps distroless/static from `cc226ca` to `f4a57e8`. --- updated-dependencies: - dependency-name: distroless/static dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump golang from `0974259` to `c694a4d` (#4113) Bumps golang from `0974259` to `c694a4d`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump alpine from `beefdbd` to `1e42bbe` (#4114) Bumps alpine from `beefdbd` to `1e42bbe`. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump github/codeql-action from 3.27.1 to 3.27.4 (#4115) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.1 to 3.27.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`4f3212b617...ea9e4e3799`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump codecov/codecov-action from 4.6.0 to 5.0.2 (#4116) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.6.0 to 5.0.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](`b9fd7d16f6...5c47607acb`) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump softprops/action-gh-release from 2.0.9 to 2.1.0 (#4117) Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.9 to 2.1.0. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](`e7a8f85e1c...01570a1f39`) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump alpine from `beefdbd` to `1e42bbe` in /hack/api-docs (#4118) Bumps alpine from `beefdbd` to `1e42bbe`. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump alpine from `beefdbd` to `1e42bbe` in /e2e (#4119) Bumps alpine from `beefdbd` to `1e42bbe`. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore(deps): bump golang from `0e3377d` to `3f3b9da` in /e2e (#4120) Bumps golang from `0e3377d` to `3f3b9da`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * fix: re-enable signing helm release (#4109) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * update dependencies (#4122) Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Update apis/externalsecrets/v1beta1/secretstore_beyondtrust_types.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * Update pkg/provider/beyondtrust/provider.go Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * chore: fix linter errors Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * refactor: split credentials/certificate reading functionality Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> * style: apply make fmt Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> --------- Signed-off-by: Diego Tejada <dtejada@beyondtrust.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Signed-off-by: Mike Tougeron <tougeron@adobe.com> Signed-off-by: Miguel Sacristán Izcue <miguel_tete17@hotmail.com> Signed-off-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com> Signed-off-by: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> Signed-off-by: Oleksij Samorukov <samm@net-art.cz> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Stas Alekseev <100800+salekseev@users.noreply.github.com> Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com> Signed-off-by: Gustavo <gustavo@externalsecrets.com> Signed-off-by: Aruuunn <arunmurugan.official@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Co-authored-by: eso-service-account-app[bot] <85832941+eso-service-account-app[bot]@users.noreply.github.com> Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com> Co-authored-by: Mike Tougeron <mtougeron@users.noreply.github.com> Co-authored-by: Gustavo Fernandes de Carvalho <17139678+gusfcarvalho@users.noreply.github.com> Co-authored-by: Tete17 <miguel_tete17@hotmail.com> Co-authored-by: Andreas Lindhé <7773090+lindhe@users.noreply.github.com> Co-authored-by: idimov-keeper <78815270+idimov-keeper@users.noreply.github.com> Co-authored-by: Alex Samorukov <samm@net-art.cz> Co-authored-by: Stas Alekseev <100800+salekseev@users.noreply.github.com> Co-authored-by: Tobi <22715034+twobiers@users.noreply.github.com> Co-authored-by: Arun Murugan <arunmurugan.official@gmail.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com>		2024-11-26 21:54:58 +01:00
.github	chore(deps): bump github/codeql-action from 3.27.4 to 3.27.5 (#4147 )	2024-11-25 10:54:56 +01:00
apis	feat: Add API key auth support on BeyondTrust provider (#4101 )	2024-11-26 21:54:58 +01:00
assets	chore: update docs sponsors & broken links (#3877 )	2024-09-06 10:12:14 -03:00
cmd	feat: significantly reduce api calls and introduce partial secret cache (#4086 )	2024-11-24 22:53:53 +01:00
config/crds/bases	feat: Add API key auth support on BeyondTrust provider (#4101 )	2024-11-26 21:54:58 +01:00
deploy	feat: Add API key auth support on BeyondTrust provider (#4101 )	2024-11-26 21:54:58 +01:00
design	fix: refresh interval values (#4111 )	2024-11-18 07:50:16 +01:00
docs	feat: Add API key auth support on BeyondTrust provider (#4101 )	2024-11-26 21:54:58 +01:00
e2e	update dependencies (#4148 )	2024-11-25 12:30:34 +01:00
hack	feat: implement a cluster-wide generator (#4140 )	2024-11-26 15:32:26 +01:00
overrides	feat: adds scarf to docs (#3876 )	2024-09-06 09:22:39 -03:00
pkg	feat: Add API key auth support on BeyondTrust provider (#4101 )	2024-11-26 21:54:58 +01:00
terraform	feat: add AKS e2e managed (#2811 )	2023-10-29 21:51:39 +01:00
.clomonitor.yml	feat: attach sbom/provenance files to GH release, fix clomonitor (#1656 )	2022-10-27 08:59:19 +02:00
.dockerignore	✨Add standalone Dockerfile (#1328 )	2022-07-12 05:55:22 -03:00
.editorconfig	cleanup: add lint and editorconfig	2020-12-21 14:38:48 -05:00
.gitattributes	Add support for Vault kvv1 (#3790 )	2024-09-17 17:57:08 -03:00
.gitignore	Add Conjur provider (#2412 )	2023-06-21 11:17:00 +02:00
.golangci.yaml	update dependencies (#4096 )	2024-11-12 22:50:43 +00:00
ADOPTERS.md	chore: Add Hostinger to ADOPTERS.md (#4053 )	2024-10-29 06:36:30 +01:00
changelog.json	feat: helm release workflow	2021-05-03 22:12:39 +02:00
CNAME	Create CNAME	2021-03-05 18:26:07 +01:00
codecov.yml	Configure codecov (#2995 )	2024-01-05 23:26:39 +01:00
CONTRIBUTING.md	Add CONTRIBUTING.md file (#2925 )	2023-12-04 21:43:05 +01:00
Dockerfile	chore(deps): bump distroless/static from `cc226ca` to `f4a57e8` (#4112 )	2024-11-18 10:15:28 +01:00
Dockerfile.standalone	chore(deps): bump golang from `0974259` to `c694a4d` (#4113 )	2024-11-18 11:04:32 +01:00
Dockerfile.ubi	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00
go.mod	feat: add ability to push expiration date to secret in azure key vault (#4149 )	2024-11-26 10:15:40 +01:00
go.sum	feat: add ability to push expiration date to secret in azure key vault (#4149 )	2024-11-26 10:15:40 +01:00
GOVERNANCE.md	Update documentation to add CyberArk Conjur provider (#2473 )	2023-07-07 19:17:50 +02:00
LICENSE	initial commit	2020-11-19 16:34:16 +01:00
main.go	feat: add push secret to e2e tests (#3017 )	2024-02-12 16:44:45 +01:00
MAINTAINERS.md	chore: move inactive maintainers to emeritus (#4073 )	2024-11-04 16:13:14 +01:00
Makefile	chore: update dependencies (#4071 )	2024-11-05 08:49:29 +01:00
PROJECT	feat: implement ClusterExternalSecret (#542 )	2022-03-20 09:32:27 +01:00
README.md	fix: build a second image to fix the flux managed and unmanaged test (#3931 )	2024-09-20 14:08:29 +02:00
SECURITY.md	docs: add security response process (#3037 )	2024-01-20 07:25:20 +01:00
SECURITY_RESPONSE.md	chore: fixup security response suggestions (#3056 )	2024-01-21 19:57:15 +01:00
tilt.debug.dockerfile	chore(deps): bump golang from `0974259` to `c694a4d` (#4113 )	2024-11-18 11:04:32 +01:00
tilt.dockerfile	chore(deps): bump alpine from `beefdbd` to `1e42bbe` (#4114 )	2024-11-18 11:15:57 +01:00
Tiltfile	feat: update Pulumi provider for GA (#3917 )	2024-09-21 09:54:12 +02:00
tools.go	✨Feature/push secret (#1315 )	2022-11-29 16:04:46 -03:00
ubi-build-files-amd64.txt	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00
ubi-build-files-arm64.txt	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00
ubi-build-files-ppc64le.txt	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00
ubi-build-files-s390x.txt	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00

README.md

External Secrets

External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, Akeyless, CyberArk Conjur, Pulumi ESC and many more. The operator reads information from external APIs and automatically injects the values into a Kubernetes Secret.

Multiple people and organizations are joining efforts to create a single External Secrets solution based on existing projects. If you are curious about the origins of this project, check out this issue and this PR.

Documentation

External Secrets Operator guides and reference documentation is available at external-secrets.io. Also see our stability and support policy.

Contributing

We welcome and encourage contributions to this project! Please read the Developer and Contribution process guides. Also make sure to check the Code of Conduct and adhere to its guidelines.

Sponsoring

Please consider sponsoring this project, there are many ways you can help us with: engineering time, providing infrastructure, donating money, etc. We are open to cooperations, feel free to approach as and we discuss how this could look like. We can keep your contribution anonymized if that's required (depending on the type of contribution), and anonymous donations are possible inside Opencollective.

Bi-weekly Development Meeting

We host our development meeting every odd wednesday on Jitsi. We run the meeting with alternating times 8:00 PM Berlin Time and 1:00 PM Berlin Time, we'll announce the time in our Kubernetes Slack channel. Meeting notes are recorded on hackmd.

Anyone is welcome to join. Feel free to ask questions, request feedback, raise awareness for an issue, or just say hi. ;)

Security

Please report vulnerabilities by email to cncf-ExternalSecretsOp-maintainers@lists.cncf.io. Also see our SECURITY.md file for details.

software bill of materials

We attach SBOM and provenance file to our GitHub release. Also, they are attached to container images.

Adopters

Please create a PR and add your company or project to our ADOPTERS.md file if you are using our project!

Roadmap

You can find the roadmap in our documentation: https://external-secrets.io/main/contributing/roadmap/