feat: make cert auth mount path configurable#5400
Merged
Skarlso merged 4 commits intoexternal-secrets:mainfrom Oct 3, 2025
Merged
feat: make cert auth mount path configurable#5400Skarlso merged 4 commits intoexternal-secrets:mainfrom
Skarlso merged 4 commits intoexternal-secrets:mainfrom
Conversation
8b57626 to
a42a78c
Compare
Signed-off-by: Zbigniew Mandziejewicz <shaxbee@gmail.com>
a42a78c to
97d0c86
Compare
Skarlso
reviewed
Oct 3, 2025
Signed-off-by: Zbigniew Mandziejewicz <shaxbee@gmail.com>
d2f5de5 to
90ff639
Compare
Contributor
|
/ok-to-test sha=90ff63941065cf1eac0d266e0929026f8959651d |
Contributor
Skarlso
reviewed
Oct 3, 2025
Signed-off-by: Zbigniew Mandziejewicz <shaxbee@gmail.com>
66aa4a8 to
f7f45c6
Compare
Contributor
|
/ok-to-test sha=f7f45c616c4ce4b3176aa0cb16c998d747e0b013 |
Contributor
|
[Bot] - ✅ e2e for passed |
Contributor
Skarlso
approved these changes
Oct 3, 2025
|
SamuelMolling
pushed a commit
to SamuelMolling/external-secrets
that referenced
this pull request
Oct 24, 2025
* feat: vault auth cert path Signed-off-by: Zbigniew Mandziejewicz <shaxbee@gmail.com> * chore: mark VaultCertAuth.Path as optional Signed-off-by: Zbigniew Mandziejewicz <shaxbee@gmail.com> * chore: set default VaultCertAuth path if not specified Signed-off-by: Zbigniew Mandziejewicz <shaxbee@gmail.com> --------- Signed-off-by: Zbigniew Mandziejewicz <shaxbee@gmail.com> Co-authored-by: Gergely Brautigam <skarlso777@gmail.com> Signed-off-by: Samuel Molling <samuelmolling@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem Statement
Hardcoded Vault Cert auth path prevents authentication when the Cert auth method is mounted at a non-default path. Current code targets auth/cert/login only, causing failures in clusters where the backend is mounted elsewhere
Related Issue
Proposed Changes
VaultCertAuthspec with a safe default (cert).Checklist
git commit --signoffmake testmake reviewable