Feature: initial generator implementation + Github Actions OIDC/AWS by moolen · Pull Request #1539 · external-secrets/external-secrets

moolen · 2022-09-10T15:07:34Z

This PR adds the generators.external-secrets.io api group. It contains a set of new CRDs: Password, Fake, ACRAccessToken, ECRAuthorizationToken, GCRAccessToken.

Design: #1338
Fixes: #1588

TODO:

figure out a way to re-use client here. Ideally we want to construct it once and re-use where ever possible. However: using GCP we can not do that due to the locking mechanism. It would actually deadlock.

Feature Details

a generator can be used from both .data and .dataFrom by specifying a sourceRef.
every invocation of a generator yields a new value, i.e. having multiple generators in .spec.data[] or .spec.dataFrom[] may result in different secret values.
generators are not compatible with dataFrom[].find or dataFrom[].Extract.

Test coverage

e2e tests for generator: Password, Fake and ECRAuthorizationToken
missing: GCRAccessToken and ACRAccessToken - will be added once we migrate the cloud accounts - also need to take costs into consideration
e2e tests that cover clientmanager close behaviour for reusing clients are already present
e2e tests that cover using different stores are not there yet. But we have decent unit/controller test coverage for that. If i find the time i'll add them.

Sample Resources

toggle details

Inline generator password

apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: otherpass
spec:
  refreshInterval: "5m"
  target:
    name: otherpass
  dataFrom:
  - sourceRef:
      generator:
        apiVersion: generators.external-secrets.io/v1alpha1
        kind: Password
        spec:
          length: 24

Azure acr access token

apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: "hello-world"
spec:
  refreshInterval: "5m"
  target:
    name: my-secret
  dataFrom:
  - generator:
      apiVersion: generators.external-secrets.io/v1alpha1
      kind: ACRAccessToken
      spec:
        tenantId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
        registry: esoe2e.azurecr.io
        scope: "repository:foo:pull,push"
        auth:
          servicePrincipal:
            secretRef:
              clientSecret:
                name: az-secret
                key: clientsecret
              clientId:
                name: az-secret
                key: clientid

Documentation Changes

toggle details

Notable Changes

aws provider needs a new field to allow setting a AWS_SESSION_TOKEN which is mandatory when using temporary credentials (as we do with GH OIDC)
both e2e and managed e2e tests run with the new AWS account using GitHub OIDC see run
- e2e tests for Password, Fake and ECRAuthorizationToken implemented ✔️
⚠️ i had to implement a clientmanager that takes care of creating/reusing/closing clients for the duration of the reconciliation (it is just a local cache for a single reconciliation)
DRY'ed the e2e and e2e-managed GH actions
restructured docs - feedback welcome! (see screenshots above)
- added cli args for all controllers to the docs
- added overview page for different components (cert controller, core controller, webhook)

ghost · 2022-09-10T15:08:33Z

👇 Click on the image for a new way to code review

Make big changes easier — review code in small groups of related files
Know where to start — see the whole change at a glance
Take a code tour — explore the change with an interactive tour
Make comments and review — all fully sync’ed with github

Try it now!

Legend

gusfcarvalho · 2022-10-25T08:54:28Z

apis/generators/v1alpha1/generator_acr.go

+	EnvironmentType v1beta1.AzureEnvironmentType `json:"environmentType,omitempty"`
+}
+
+type ACRAuth struct {


Is there any reason why the ACRAuth does not share the same SecretStore types as ECR and GCR does with AWS/GCP Secret Stores? Is it a different mechanism?

IMO it might be worth to use the standard from this one to the others (having the auth credentials defined in the generator), as it means we would be able to change them without coupling the code - I think it might be too soon to bind them together 😅 (as SecretStores are v1beta1, so changes there would be more difficult to go handle)

docs/api/generator/ecr.md

docs/api/generator/gcr.md

pkg/generator/password/password.go

docs/api/generator/gcr.md

gusfcarvalho · 2022-10-25T14:14:23Z

Sorry for the delay @moolen and thanks for this contribution! It looks very awesome!

Aside from the theoretical discussion around the inline generator, it looks good to me! Just one point regarding parseSpec in Password generator that we might want to take a look (and the usual nits here and there)

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com>

ecr/gcr do not re-use types from v1beta1/secretstore Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

sonarqubecloud · 2022-10-27T07:27:11Z

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities
0 Security Hotspots
6 Code Smells

No Coverage information
0.0% Duplication

gusfcarvalho · 2022-10-27T08:44:30Z

/approve

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://togithub.com/external-secrets/external-secrets) | minor | `0.6.1` -> `0.7.0` | --- ### Release Notes <details> <summary>external-secrets/external-secrets</summary> ### [`v0.7.0`](https://togithub.com/external-secrets/external-secrets/releases/tag/v0.7.0) [Compare Source](https://togithub.com/external-secrets/external-secrets/compare/v0.6.1...v0.7.0) Image: `ghcr.io/external-secrets/external-secrets:v0.7.0` Image: `ghcr.io/external-secrets/external-secrets:v0.7.0-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.7.0-ubi-boringssl` \#-# Changes - ✨PushSecret feature ([https://github.com/external-secrets/external-secrets/pull/1315](https://togithub.com/external-secrets/external-secrets/pull/1315)) - ✨ Secret Generators feature ([https://github.com/external-secrets/external-secrets/pull/1539](https://togithub.com/external-secrets/external-secrets/pull/1539)) - ✨ gitlab: getAllSecrets ([https://github.com/external-secrets/external-secrets/pull/1681](https://togithub.com/external-secrets/external-secrets/pull/1681)) - ✨ gitlab: support for CI/CD group variables ([https://github.com/external-secrets/external-secrets/pull/1692](https://togithub.com/external-secrets/external-secrets/pull/1692)) - ✨ release manifests added to each release ([https://github.com/external-secrets/external-secrets/pull/1728](https://togithub.com/external-secrets/external-secrets/pull/1728)) - ✨ FIPS compliant build using boringcrypto ([https://github.com/external-secrets/external-secrets/pull/1731](https://togithub.com/external-secrets/external-secrets/pull/1731)) - ✨ gitlab: support environment_scope tag for findAll ([https://github.com/external-secrets/external-secrets/pull/1732](https://togithub.com/external-secrets/external-secrets/pull/1732)) - ✨ Add secret metadata templating from secret values ([https://github.com/external-secrets/external-secrets/pull/1740](https://togithub.com/external-secrets/external-secrets/pull/1740)) - ✨ Allow chart to configure metrics-addr flag based on metric port values ([#1764](https://togithub.com/external-secrets/external-secrets/issues/1764)) - 🐛 Fixing release pipeline for boringssl ([#1763](https://togithub.com/external-secrets/external-secrets/issues/1763)) - 🐛 gitlab: allow fallback to wildcard variable, when no environment specific value is defined ([#1772](https://togithub.com/external-secrets/external-secrets/issues/1772)) - 🐛 fix sync calls metrics & defer patch status ([#1770](https://togithub.com/external-secrets/external-secrets/issues/1770)) - 📚 chore: improve naming in examples, regenerate api doc spec ([#1746](https://togithub.com/external-secrets/external-secrets/issues/1746)) - 📚Update getallsecrets.md ([#1774](https://togithub.com/external-secrets/external-secrets/issues/1774)) - 📚 fix: SecretStore link ([#1773](https://togithub.com/external-secrets/external-secrets/issues/1773)) - 📚 feat: improve docs ([#1749](https://togithub.com/external-secrets/external-secrets/issues/1749)) - 📚 fix: broken links in reference doc ([#1778](https://togithub.com/external-secrets/external-secrets/issues/1778)) - 📚 Added KCD UK 2022 talk ([#1795](https://togithub.com/external-secrets/external-secrets/issues/1795)) - 🧹 Several version bumps </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate).  Co-authored-by: lumiere-bot <98047013+lumiere-bot[bot]@users.noreply.github.com>

…ts main branch (#8) * Add DaangnPay to ADOPTERS.md (external-secrets#1668) Signed-off-by: Byungjin Park (Claud) <posquit0.bj@gmail.com> Signed-off-by: Byungjin Park (Claud) <posquit0.bj@gmail.com> * 🐛 Implements new buildPath logic (external-secrets#1636) Signed-off-by: Gustavo <gusfcarvalho@gmail.com> * fix: allow controller to `delete` delete externalsecrets (external-secrets#1670) When using ClusterExternalSecret the controller needs to delete external-secret resources Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: attach sbom/provenance files to GH release, fix clomonitor (external-secrets#1656) * feat: attach sbom/provenance files to GH release, fix clomonitor Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: remove codesee Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * chore: bump 0.6.1 (external-secrets#1678) * chore: bump 0.6.1 Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: increase timeout for azure/e2e test Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Link to video was broken (external-secrets#1680) Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com> Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com> * Feature: initial generator implementation + Github Actions OIDC/AWS (external-secrets#1539) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> * 🧹 chore: bumping versions (external-secrets#1688) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * ✨gitlab: getAllSecrets (external-secrets#1681) * gitlab: getAllSecrets Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * Update pkg/provider/gitlab/gitlab.go Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Dominik Zeiger <domizei385@users.noreply.github.com> Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * gitlab: added some test coverage Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Signed-off-by: Dominik Zeiger <domizei385@users.noreply.github.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> * 🧹Update index.md (external-secrets#1689) Signed-off-by: Idan Adar <iadar@il.ibm.com> Signed-off-by: Idan Adar <iadar@il.ibm.com> * 🧹Bumping versions (external-secrets#1708) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * 📚Update hashicorp-vault.md (external-secrets#1690) * Update hashicorp-vault.md Vault with HA setup does not have kv engine enabled by default, have added step to enable kv engine with correct version and enabling version if already added. Signed-off-by: Jeet <jeetdesai2342@gmail.com> * Update hashicorp-vault.md Signed-off-by: Jeet <jeetdesai2342@gmail.com> * Update hashicorp-vault.md Add comment on SecretStore.yaml Signed-off-by: Jeet <jeetdesai2342@gmail.com> Signed-off-by: Jeet <jeetdesai2342@gmail.com> * feat: bump deps (external-secrets#1729) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Update getting-started.md (external-secrets#1716) Delete 1 whitespace Signed-off-by: Seonggwon Yoon <keyakoto@gmail.com> Signed-off-by: Seonggwon Yoon <keyakoto@gmail.com> * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.141 to 1.44.142 (external-secrets#1730) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.141 to 1.44.142. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](aws/aws-sdk-go@v1.44.141...v1.44.142) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com> * gitlab: support for CI/CD group variables (external-secrets#1692) * gitlab: support for ci/cd group variables Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * gitlab: support for ci/cd group variables (automatically discover project groups) Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * gitlab: support for ci/cd group variables (documentation) Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * chore: bump dependencies (external-secrets#1741) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: add manual build trigger (external-secrets#1742) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Proposal Draft for Secret Generators (external-secrets#1338) * Proposal Draft for Secret Generators Signed-off-by: Christian Hüning <christian.huening@finleap.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: add release manifests (external-secrets#1728) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: fips compliant build using boringcrypto (external-secrets#1731) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * gitlab: support "environment_scope" tag for findAll (external-secrets#1732) Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> * Feature: Add secret metadata templating from secret values (external-secrets#1740) * handle template data for secret labels & annotations Signed-off-by: Steven Bressey <steven.bressey@artifakt.io> * gitlab: small documentation updates (external-secrets#1747) Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * 🧹chore: bumps (external-secrets#1758) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * ✨Feature/push secret (external-secrets#1315) Introduces Push Secret feature with implementations for the following providers: * GCP Secret Manager * AWS Secrets Manager * AWS Parameter Store * Hashicorp Vault KV Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com> * Fixing release pipeline for boringssl (external-secrets#1763) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * chore: bump 0.7.0-rc1 (external-secrets#1765) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * chore: improve naming in examples, regenerate api doc spec (external-secrets#1746) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Update getallsecrets.md (external-secrets#1774) typo Signed-off-by: Pascal Bro <git@pascalbrokmeier.de> Signed-off-by: Pascal Bro <git@pascalbrokmeier.de> * gitlab: allow fallback to wildcard variable, when no environment specific value is defined (external-secrets#1772) Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * fix: SecretStore link (external-secrets#1773) Signed-off-by: czomo <tomaszjdul@gmail.com> Signed-off-by: czomo <tomaszjdul@gmail.com> * fix sync calls metrics & defer patch status (external-secrets#1770) * fix: increment sync_calls_total metric once per reconciliation Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: patch status only if not skipped Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: unit tests Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * 📚 feat: improve docs (external-secrets#1749) Signed-off-by: Djerfy <djerfy@gmail.com> * chore(deps): bump fkirc/skip-duplicate-actions from 5.2.0 to 5.3.0 (external-secrets#1777) Bumps [fkirc/skip-duplicate-actions](https://github.com/fkirc/skip-duplicate-actions) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/fkirc/skip-duplicate-actions/releases) - [Commits](fkirc/skip-duplicate-actions@v5.2.0...v5.3.0) --- updated-dependencies: - dependency-name: fkirc/skip-duplicate-actions dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Allow chart to configure metrics-addr flag based on metric port values (external-secrets#1764) * add cmd option to configure metrics port Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * 🧹chore: bumps (external-secrets#1758) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * ✨Feature/push secret (external-secrets#1315) Introduces Push Secret feature with implementations for the following providers: * GCP Secret Manager * AWS Secrets Manager * AWS Parameter Store * Hashicorp Vault KV Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * Fixing release pipeline for boringssl (external-secrets#1763) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com> Co-authored-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> * fix: broken links in reference doc (external-secrets#1778) Signed-off-by: Jiacheng Cheng <jiacheng.cheng@sap.com> Signed-off-by: Jiacheng Cheng <jiacheng.cheng@sap.com> * 🧹chore: bumps (external-secrets#1792) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * Added KCD UK 2022 talk (external-secrets#1795) I've added the talk we have delivered with Ben Gurney at Kubernetes Community Days UK 2022 conference. Signed-off-by: Emin Alemdar <77338109+eminalemdar@users.noreply.github.com> Signed-off-by: Emin Alemdar <77338109+eminalemdar@users.noreply.github.com> * 🧹chore:bumps (external-secrets#1797) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * 🐛 fixing docs release (external-secrets#1799) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * 🧹chore:bump 0.7.0 (external-secrets#1800) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * 🧹chore(deps): bump actions/setup-python from 4.3.0 to 4.3.1 (external-secrets#1802) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.3.0 to 4.3.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v4.3.0...v4.3.1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 🧹chore(deps): bump golang from 1.19.3-alpine to 1.19.4-alpine (external-secrets#1801) Bumps golang from 1.19.3-alpine to 1.19.4-alpine. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 🧹 chore: bumps (external-secrets#1807) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * Add flag to set CRD names in cert controller (external-secrets#1811) * added new crd-names flag to reconcile only installed CRDs in cert controller Signed-off-by: Steven Bressey <sbressey@bressey.me> * add guide to disable cluster features Signed-off-by: Steven Bressey <sbressey@bressey.me> * fix fmt Signed-off-by: Steven Bressey <sbressey@bressey.me> Co-authored-by: Steven Bressey <sbressey@bressey.me> * [FEATURE] Customizable encoding of logging timestamp (external-secrets#1808) Objective of this commit is to allow logs to be more readable. Default log ts encoding in the logger employed (zap) is unix time. This leads to logs not much human-readable. This change introduces the possibility to customize the ts with a set of preconfigured encodings: one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano' Default value does not change Signed-off-by: RiccardoColella <colella.git@outlook.com> Signed-off-by: RiccardoColella <colella.git@outlook.com> * Add note on required Service Account roles. (external-secrets#1814) I wasted a couple of hours to figure out that this documentation only works with the correct roles attached to the GCP Service account as described here: https://stackoverflow.com/a/63240340 Adding a hint to the docs here, could make it more accessible for others. Signed-off-by: Jakob Kolb <jakob.j.kolb@gmail.com> Signed-off-by: Jakob Kolb <jakob.j.kolb@gmail.com> * fix: add status checks permission (external-secrets#1813) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * fix: replace bad URLs (external-secrets#1815) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Add license scan report and status (external-secrets#1818) Signed-off-by: fossabot <badges@fossa.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Fix typo (external-secrets#1826) Signed-off-by: dubs11kt <dubs11kt@gmail.com> Signed-off-by: dubs11kt <dubs11kt@gmail.com> * feat: add fossa check (external-secrets#1819) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * chore: bumps (external-secrets#1852) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * ✨ Templates from string (external-secrets#1748) * Adds templates from string Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * chore: bump golang-jwt (external-secrets#1858) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: add ability to set automount to false (external-secrets#1859) Signed-off-by: Moritz Johner <Moritz.Johner@form3.tech> Signed-off-by: Moritz Johner <Moritz.Johner@form3.tech> * 🐛 gitlab: Fallback to wildcard variables and use pagination (bugfix) (external-secrets#1838) * gitlab: fallback to wildcard variables when using "GetAllSecrets" Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> * 🐛 Use the right metrics annotations for the webhook service (external-secrets#1841) * 🧹 chore(deps): Bump github.com/aws/aws-sdk-go from 1.44.171 to 1.44.172 (external-secrets#1857) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.171 to 1.44.172. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](aws/aws-sdk-go@v1.44.171...v1.44.172) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 🧹 bump 0.7.1 (external-secrets#1861) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Fixing links and adding stability support for 0.7.x (external-secrets#1863) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * 🐛 Fixes vault PushSecret logic (external-secrets#1866) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * ✨ Implements Deletion policy for Hashicorp vault. (external-secrets#1879) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * ✨ AWS Role Chaining (external-secrets#1855) Signed-off-by: cspargo <colinspargo@gmail.com> * fix: typo (external-secrets#1894) Signed-off-by: cDR (Taco) <me@codar.nl> Signed-off-by: cDR (Taco) <me@codar.nl> * 🧹 chore: bumps (external-secrets#1896) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * feat: referent auth for gcp (external-secrets#1887) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Update 1password-automation.md (external-secrets#1895) updating docs to reflect the correct command and template format as per https://developer.1password.com/docs/cli/create-item Signed-off-by: Ahsan Gondal <ahsangondal15@gmail.com> Signed-off-by: Ahsan Gondal <ahsangondal15@gmail.com> * fix: explicitly use new kubectl gcp auth (external-secrets#1904) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * 🐛 GCP: prevent goroutine leak on workload identity reconciliation (external-secrets#1902) Signed-off-by: Hiroshi Muraoka <h.muraoka714@gmail.com> * aws secretsmanager/parameterstore referent auth (external-secrets#1884) * feat: implement referentAuth for aws Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * feat: e2e tests Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Update pkg/provider/aws/provider.go Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> * Update pkg/provider/aws/provider.go Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> * feat: allow each credential to be referent Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> * ✨ Adds Keyvault PushSecret (external-secrets#1883) * Adds Keyvault PushSecret Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * Added my new blog post (external-secrets#1909) I've added my new blog post about Push Secret feature. Signed-off-by: Emin Alemdar <77338109+eminalemdar@users.noreply.github.com> Signed-off-by: Emin Alemdar <77338109+eminalemdar@users.noreply.github.com> * ✨ implement azure referent auth (external-secrets#1886) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * 🧹 chore: bumps (external-secrets#1913) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * 🧹 chore: bumps (external-secrets#1923) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * 🧹 chore: bumps (external-secrets#1925) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * 🧹 bump: 0.7.2 (external-secrets#1926) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * Update README.md (external-secrets#1930) Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com> Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com> * Set GOOS and GOARCH from TARGETPLATFORM (external-secrets#1915) Removed hardcoded, single platform values for GOOS and GOARCH. Set GOOS and GOARCH from TARGETPLATFORM to build multi-platform images. Ref: https://docs.docker.com/engine/reference/builder/#automatic-platform-args-in-the-global-scope Ref: https://docs.docker.com/build/building/multi-platform/ Build a multi-platform image `docker buildx build --push --platform linux/arm64,linux/amd64 --tag external-secrets:dev --file Dockerfile.standalone .` Signed-off-by: a27kash <a27kash@gmail.com> Signed-off-by: a27kash <a27kash@gmail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> * 🐛 fixing image rebuild pipeline (external-secrets#1934) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * Update aws-parameter-store.md (external-secrets#1931) Signed-off-by: Denis Policastro <denis.policastro@gmail.com> Signed-off-by: Denis Policastro <denis.policastro@gmail.com> * ✨ Feature/deletion policies (external-secrets#1914) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * feat: make cache generic, refactor feature flags (external-secrets#1640) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * 📚 use more inclusive language (external-secrets#1927) Signed-off-by: Gareth Evans <gareth@bryncynfelin.co.uk> * ✨ Support template for webhook jsonpath (external-secrets#1939) * Support template for webhook jsonpath Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com> * Add jsonpath filter support to webhook (external-secrets#1940) * Add jsonpath filter support to webhook Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com> * Fix tests Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com> Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com> * Fix wrong IAM permissions in docs for the AWS Parameter Store (external-secrets#1949) Signed-off-by: Tobias Germer <tobias.germer@tui.com> * 🐛 no need to use cgo (external-secrets#1935) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * 🐛 Fixing PushSecret CRD generation (external-secrets#1967) * Fixing PushSecret CRD generation Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> * fix: increase hashicorp vault cache size to prevent eviction Also remove tiny cache size from e2e tests Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com> * feat: bump packages (external-secrets#1976) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Update full-cluster-secret-store.yaml (external-secrets#1953) Add Oracle provider Signed-off-by: Evert Ramos <evert.ramos@gmail.com> * 🐛 remove ability to call env and expandenv in webhook (external-secrets#1977) This allows an attacker to exfiltrate environment variables. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * ✨ enhance ServiceMonitor configuration (external-secrets#1973) * Fix external-secrets#1971 Signed-off-by: mikhailadvani <mikhail.advani@gmail.com> * PR feedback Signed-off-by: mikhailadvani <mikhail.advani@gmail.com> * fix: generate helm docs --------- Signed-off-by: mikhailadvani <mikhail.advani@gmail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> * ✨ add ability to configure `revisionHistoryLimit` in helm chart (external-secrets#1979) * feat: add ability to configure `revisionHistoryLimit` for all Deployment resources of the helm chart This enables to turn ReplicaSet revisions off completely, e.g. when deploying ExternalSecrets with GitOps approach. Signed-off-by: Marcel Hoyer <mhoyer@pixelplastic.de> * fix: generate helm docs Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Marcel Hoyer <mhoyer@pixelplastic.de> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> * ✨ add-keeper-security-provider (external-secrets#1768) * add keepersecurity provider Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * 🧹chore: bumps (external-secrets#1758) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * ✨Feature/push secret (external-secrets#1315) Introduces Push Secret feature with implementations for the following providers: * GCP Secret Manager * AWS Secrets Manager * AWS Parameter Store * Hashicorp Vault KV Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * Fixing release pipeline for boringssl (external-secrets#1763) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * chore: bump 0.7.0-rc1 (external-secrets#1765) Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * added documentation Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * added pushSecret first iteration Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * added pushSecret and updated documentation Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * refactor client Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * update code and unit tests Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * fix code smells Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * fix code smells Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * fix custom fields Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> * making it reviewable Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * fix custom field on secret map Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * Update docs/snippets/keepersecurity-push-secret.yaml Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * fixed edge case, improved validation errors and updated docs Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * fix logic retrieving secrets Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * Update pkg/provider/keepersecurity/client.go Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * lint code Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * linting code Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * go linter fixed Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> * fix crds and documentation Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> --------- Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com> Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> Co-authored-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> * 🐛 fix panic when using jwt without secretRef/saRef (external-secrets#1980) Fixes external-secrets#1957 Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * 🧹 bump dependencies & regenerate CRDs (external-secrets#1990) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * Fixed broken link (external-secrets#1992) * fix: fix validation method in kubernetes provider (external-secrets#2000) RBAC allows a user to define a wildcard `*` for a given field in the Resource Rule. Prefix/Suffix matching or globbing is not supported, just simple wildcards. For example the cluster-admin role has a `*` on all apiVersion/resource/verbs and hence validation would fail. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Byungjin Park (Claud) <posquit0.bj@gmail.com> Signed-off-by: Gustavo <gusfcarvalho@gmail.com> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com> Signed-off-by: Gustavo Carvalho <gusfcarvalho@gmail.com> Signed-off-by: Dominik Zeiger <dominik@zeiger.biz> Signed-off-by: Dominik Zeiger <domizei385@users.noreply.github.com> Signed-off-by: Idan Adar <iadar@il.ibm.com> Signed-off-by: Jeet <jeetdesai2342@gmail.com> Signed-off-by: Seonggwon Yoon <keyakoto@gmail.com> Signed-off-by: Christian Hüning <christian.huening@finleap.com> Signed-off-by: Steven Bressey <steven.bressey@artifakt.io> Signed-off-by: Dominic Meddick <dominic.meddick@engineerbetter.com> Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com> Signed-off-by: William Young <will.young@engineerbetter.com> Signed-off-by: James Cleveland <james.cleveland@engineerbetter.com> Signed-off-by: Lilly Daniell <lilly.daniell@engineerbetter.com> Signed-off-by: Adrienne Galloway <adrienne.galloway@engineerbetter.com> Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com> Signed-off-by: Nick Ruffles <nick.ruffles@engineerbetter.com> Signed-off-by: Pascal Bro <git@pascalbrokmeier.de> Signed-off-by: czomo <tomaszjdul@gmail.com> Signed-off-by: Djerfy <djerfy@gmail.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Signed-off-by: Jiacheng Cheng <jiacheng.cheng@sap.com> Signed-off-by: Emin Alemdar <77338109+eminalemdar@users.noreply.github.com> Signed-off-by: Steven Bressey <sbressey@bressey.me> Signed-off-by: RiccardoColella <colella.git@outlook.com> Signed-off-by: Jakob Kolb <jakob.j.kolb@gmail.com> Signed-off-by: fossabot <badges@fossa.com> Signed-off-by: dubs11kt <dubs11kt@gmail.com> Signed-off-by: Moritz Johner <Moritz.Johner@form3.tech> Signed-off-by: cspargo <colinspargo@gmail.com> Signed-off-by: cDR (Taco) <me@codar.nl> Signed-off-by: Ahsan Gondal <ahsangondal15@gmail.com> Signed-off-by: Hiroshi Muraoka <h.muraoka714@gmail.com> Signed-off-by: Moritz Johner <moolen@users.noreply.github.com> Signed-off-by: Lucas Severo Alves <lucassalves65@gmail.com> Signed-off-by: a27kash <a27kash@gmail.com> Signed-off-by: Denis Policastro <denis.policastro@gmail.com> Signed-off-by: Gareth Evans <gareth@bryncynfelin.co.uk> Signed-off-by: Thibault Cohen <47721+titilambert@users.noreply.github.com> Signed-off-by: Tobias Germer <tobias.germer@tui.com> Signed-off-by: Evert Ramos <evert.ramos@gmail.com> Signed-off-by: mikhailadvani <mikhail.advani@gmail.com> Signed-off-by: Marcel Hoyer <mhoyer@pixelplastic.de> Signed-off-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> Co-authored-by: Byungjin Park (Claud) <posquit0.bj@gmail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com> Co-authored-by: Moritz Johner <moolen@users.noreply.github.com> Co-authored-by: Sebastián Gómez <1637983+sebagomez@users.noreply.github.com> Co-authored-by: Dominik Zeiger <domizei385@users.noreply.github.com> Co-authored-by: Idan Adar <iadar@il.ibm.com> Co-authored-by: Jeet <jeetdesai2342@gmail.com> Co-authored-by: Seonggwon Yoon <keyakoto@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Christian Hüning <christianhuening@users.noreply.github.com> Co-authored-by: Steven Bressey <80676978+stevenbressey@users.noreply.github.com> Co-authored-by: Pascal Bro <git@pascalbrokmeier.de> Co-authored-by: Tomasz <35335044+czomo@users.noreply.github.com> Co-authored-by: DJΞRFY <djerfy@gmail.com> Co-authored-by: Pedro Parra Ortega <parraortega.pedro@gmail.com> Co-authored-by: Pedro Parra Ortega <pedro.parraortega@enreach.com> Co-authored-by: cjc7373 <niuchangcun@gmail.com> Co-authored-by: Emin Alemdar <77338109+eminalemdar@users.noreply.github.com> Co-authored-by: Steven Bressey <sbressey@bressey.me> Co-authored-by: Riccardo Colella <colella.git@outlook.com> Co-authored-by: Jakob Kolb <jakob.j.kolb@gmail.com> Co-authored-by: fossabot <badges@fossa.io> Co-authored-by: oddy <56793934+dubs11kt@users.noreply.github.com> Co-authored-by: Moritz Johner <100202497+moritzjohner-form3@users.noreply.github.com> Co-authored-by: Florent Baldino <Baldinof@users.noreply.github.com> Co-authored-by: cspargo <4132393+cspargo@users.noreply.github.com> Co-authored-by: cDR (Taco) <me@codar.nl> Co-authored-by: Ahsan Gondal <ahsangondal15@gmail.com> Co-authored-by: Hiroshi Muraoka <hiroshi.muraoka@outlook.com> Co-authored-by: Lucas Severo Alves <lucassalves65@gmail.com> Co-authored-by: a27kash <a27kash@gmail.com> Co-authored-by: Denis Policastro <denis.policastro@gmail.com> Co-authored-by: Gareth Evans <garethjevans@users.noreply.github.com> Co-authored-by: Thibault Cohen <47721+titilambert@users.noreply.github.com> Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de> Co-authored-by: Evert Ramos <evert.ramos@gmail.com> Co-authored-by: Mikhail Advani <mikhail.advani@gmail.com> Co-authored-by: Marcel Hoyer <mhoyer@pixelplastic.de>

moolen force-pushed the mj-generator branch 19 times, most recently from 867f526 to b4f15f4 Compare September 10, 2022 18:23

external-secrets deleted a comment from moritzjohner-form3 Sep 10, 2022

external-secrets deleted a comment from github-actions bot Sep 10, 2022

moolen force-pushed the mj-generator branch 8 times, most recently from 1376e99 to e7150e0 Compare September 11, 2022 00:46