mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.

external-secrets hacktoberfest kubernetes kubernetes-secrets secrets-manager

Find a file

Gergely Brautigam 82d419e2ee feat: add CAProvider to Bitwarden provider (#3699 ) * feat: add CAProvider to bitwarden This change introduces a refactor as well since CAProvider was used by multiple providers with diverging implementations. The following providers were affected: - webhook - akeyless - vault - conjur - kubernetes Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * refactored the Kubernetes provider to use create ca Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * refactor webhook, vault and kubernetes provider Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * rename CreateCACert to FetchCACertFromSource Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * addressed comments and autodecoding base64 data Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> * check if the decoded value is a valid certificate Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> --------- Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>		2024-08-16 12:32:35 +02:00
.github	chore(deps): bump fossas/fossa-action from 1.3.3 to 1.4.0 (#3785 )	2024-08-13 11:00:31 +02:00
apis	feat: add CAProvider to Bitwarden provider (#3699 )	2024-08-16 12:32:35 +02:00
assets	chore: add pento to sponsors	2022-04-29 20:58:09 +02:00
cmd	feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache (#3588 )	2024-06-16 12:52:10 +02:00
config/crds/bases	feat: add CAProvider to Bitwarden provider (#3699 )	2024-08-16 12:32:35 +02:00
deploy	feat: add CAProvider to Bitwarden provider (#3699 )	2024-08-16 12:32:35 +02:00
design	docs: add proposal for PushSecret metadata (#3612 )	2024-07-03 20:57:53 -03:00
docs	feat: add CAProvider to Bitwarden provider (#3699 )	2024-08-16 12:32:35 +02:00
e2e	update dependencies (#3786 )	2024-08-13 17:33:12 +02:00
hack	chore(deps): bump watchdog from 4.0.1 to 4.0.2 in /hack/api-docs (#3782 )	2024-08-13 11:29:54 +02:00
overrides	Using new syntax for overrides	2022-02-01 15:41:50 -03:00
pkg	feat: add CAProvider to Bitwarden provider (#3699 )	2024-08-16 12:32:35 +02:00
terraform	feat: add AKS e2e managed (#2811 )	2023-10-29 21:51:39 +01:00
.clomonitor.yml	feat: attach sbom/provenance files to GH release, fix clomonitor (#1656 )	2022-10-27 08:59:19 +02:00
.dockerignore	✨Add standalone Dockerfile (#1328 )	2022-07-12 05:55:22 -03:00
.editorconfig	cleanup: add lint and editorconfig	2020-12-21 14:38:48 -05:00
.gitignore	Add Conjur provider (#2412 )	2023-06-21 11:17:00 +02:00
.golangci.yaml	Update Go and golangci-lint version (#3396 )	2024-04-25 06:36:11 -03:00
ADOPTERS.md	Add Grafana Labs to ADOPTERS.md (#3787 )	2024-08-12 10:16:54 -03:00
changelog.json	feat: helm release workflow	2021-05-03 22:12:39 +02:00
CNAME	Create CNAME	2021-03-05 18:26:07 +01:00
codecov.yml	Configure codecov (#2995 )	2024-01-05 23:26:39 +01:00
CONTRIBUTING.md	Add CONTRIBUTING.md file (#2925 )	2023-12-04 21:43:05 +01:00
Dockerfile	chore(deps): bump distroless/static from `4197211` to `ce46866` (#3663 )	2024-07-08 11:57:46 +03:00
Dockerfile.standalone	chore(deps): bump golang from 1.22.5 to 1.22.6 (#3778 )	2024-08-13 10:56:28 +02:00
Dockerfile.ubi	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00
go.mod	update dependencies (#3786 )	2024-08-13 17:33:12 +02:00
go.sum	update dependencies (#3786 )	2024-08-13 17:33:12 +02:00
GOVERNANCE.md	Update documentation to add CyberArk Conjur provider (#2473 )	2023-07-07 19:17:50 +02:00
LICENSE	initial commit	2020-11-19 16:34:16 +01:00
main.go	feat: add push secret to e2e tests (#3017 )	2024-02-12 16:44:45 +01:00
MAINTAINERS.md	feat: kick github actions on main (#3572 )	2024-06-12 06:42:04 +02:00
Makefile	feat: add bitwarden secret manager support (#3603 )	2024-06-28 06:04:25 +02:00
PROJECT	feat: implement ClusterExternalSecret (#542 )	2022-03-20 09:32:27 +01:00
README.md	feat: add support for Pulumi ESC (#2997 )	2024-02-14 19:56:06 +01:00
SECURITY.md	docs: add security response process (#3037 )	2024-01-20 07:25:20 +01:00
SECURITY_RESPONSE.md	chore: fixup security response suggestions (#3056 )	2024-01-21 19:57:15 +01:00
tilt.debug.dockerfile	chore(deps): bump golang from 1.22.5 to 1.22.6 (#3778 )	2024-08-13 10:56:28 +02:00
tilt.dockerfile	chore(deps): bump alpine from `77726ef` to `0a4eaa0` (#3733 )	2024-07-29 10:37:44 +02:00
Tiltfile	fix: location of secruity context when updating deploying using Tilt (#3245 )	2024-03-11 10:26:17 +01:00
tools.go	✨Feature/push secret (#1315 )	2022-11-29 16:04:46 -03:00
ubi-build-files-amd64.txt	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00
ubi-build-files-arm64.txt	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00
ubi-build-files-ppc64le.txt	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00
ubi-build-files-s390x.txt	Make UBI more tolerable from OS vulnerabilities (#3607 )	2024-06-20 17:50:49 +02:00

README.md

External Secrets

External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, Akeyless, CyberArk Conjur, Pulumi ESC and many more. The operator reads information from external APIs and automatically injects the values into a Kubernetes Secret.

Multiple people and organizations are joining efforts to create a single External Secrets solution based on existing projects. If you are curious about the origins of this project, check out this issue and this PR.

Documentation

External Secrets Operator guides and reference documentation is available at external-secrets.io. Also see our stability and support policy.

Contributing

We welcome and encourage contributions to this project! Please read the Developer and Contribution process guides. Also make sure to check the Code of Conduct and adhere to its guidelines.

Sponsoring

Please consider sponsoring this project, there are many ways you can help us with: engineering time, providing infrastructure, donating money, etc. We are open to cooperations, feel free to approach as and we discuss how this could look like. We can keep your contribution anonymized if that's required (depending on the type of contribution), and anonymous donations are possible inside Opencollective.

Bi-weekly Development Meeting

We host our development meeting every odd wednesday on Jitsi. We run the meeting with alternating times 8:00 PM Berlin Time and 1:00 PM Berlin Time, we'll announce the time in our Kubernetes Slack channel. Meeting notes are recorded on hackmd.

Anyone is welcome to join. Feel free to ask questions, request feedback, raise awareness for an issue, or just say hi. ;)

Security

Please report vulnerabilities by email to cncf-ExternalSecretsOp-maintainers@lists.cncf.io. Also see our SECURITY.md file for details.

software bill of materials

We attach SBOM and provenance file to our GitHub release. Also, they are attached to container images.

Adopters

Please create a PR and add your company or project to our ADOPTERS.md file if you are using our project!

Roadmap

You can find the roadmap in our documentation: https://external-secrets.io/main/contributing/roadmap/