chore(actions): always run helm test and update make check-diff#5440
Merged
Skarlso merged 2 commits intoexternal-secrets:mainfrom Oct 9, 2025
Merged
chore(actions): always run helm test and update make check-diff#5440Skarlso merged 2 commits intoexternal-secrets:mainfrom
Skarlso merged 2 commits intoexternal-secrets:mainfrom
Conversation
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
moolen
approved these changes
Oct 9, 2025
|
5 tasks
SamuelMolling
pushed a commit
to SamuelMolling/external-secrets
that referenced
this pull request
Oct 24, 2025
…rnal-secrets#5440) Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Signed-off-by: Samuel Molling <samuelmolling@gmail.com>
schwarlex
pushed a commit
to la-demos/vcluster-workshop-prep
that referenced
this pull request
Feb 11, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://github.com/external-secrets/external-secrets) | patch | `0.20.1` -> `0.20.3` | --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v0.20.3`](https://github.com/external-secrets/external-secrets/releases/tag/v0.20.3) [Compare Source](external-secrets/external-secrets@v0.20.2...v0.20.3) Image: `ghcr.io/external-secrets/external-secrets:v0.20.3` Image: `ghcr.io/external-secrets/external-secrets:v0.20.3-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.20.3-ubi-boringssl` <!-- Release notes generated using configuration in .github/release.yml at main --> #### What's Changed ##### General - chore: release helm chart for v0.20.2 by [@​Skarlso](https://github.com/Skarlso) in [#​5403](external-secrets/external-secrets#5403) - fix(ci): Remove PAUL by [@​evrardjp](https://github.com/evrardjp) in [#​5406](external-secrets/external-secrets#5406) - docs: add note on Vault 1.21 audience requirement for roles by [@​AddRain1](https://github.com/AddRain1) in [#​5411](external-secrets/external-secrets#5411) - docs: extend bitwarden example and integration to accomodate the ssh key feature by [@​luilegeant](https://github.com/luilegeant) in [#​5414](external-secrets/external-secrets#5414) - chore: update dependencies by [@​eso-service-account-app](https://github.com/eso-service-account-app)\[bot] in [#​5427](external-secrets/external-secrets#5427) - docs(getting-started): Change apply to use File (-f) instead of Kustomize (-k) by [@​smellems](https://github.com/smellems) in [#​5433](external-secrets/external-secrets#5433) - docs(release): Resolve incorrect references in documentation samples by [@​blast-hardcheese](https://github.com/blast-hardcheese) in [#​5431](external-secrets/external-secrets#5431) - docs: Update scaleway json doc by [@​RobinFrcd](https://github.com/RobinFrcd) in [#​5429](external-secrets/external-secrets#5429) - chore(previder): Update Previder Provider dependency and fix ReadOnly token by [@​gkwmiddelkamp](https://github.com/gkwmiddelkamp) in [#​5327](external-secrets/external-secrets#5327) - chore(linter): fix revive linter issues in `pkg` by [@​Lumexralph](https://github.com/Lumexralph) in [#​5412](external-secrets/external-secrets#5412) - chore: move to new GCP account, temporarily disable delinea by [@​moolen](https://github.com/moolen) in [#​5438](external-secrets/external-secrets#5438) - chore(actions): always run helm test and update make check-diff by [@​Skarlso](https://github.com/Skarlso) in [#​5440](external-secrets/external-secrets#5440) - fix: make port in the schema file either a string of an integer by [@​Skarlso](https://github.com/Skarlso) in [#​5439](external-secrets/external-secrets#5439) - fix: use maps.Equal instead of bytes.Compare for JSON value by [@​Skarlso](https://github.com/Skarlso) in [#​5448](external-secrets/external-secrets#5448) - chore(docs): update refresh interval format by [@​Skarlso](https://github.com/Skarlso) in [#​5447](external-secrets/external-secrets#5447) - chore(docs): update ADOPTERS.md to include Criteo by [@​alikhil](https://github.com/alikhil) in [#​5446](external-secrets/external-secrets#5446) ##### Dependencies - chore(deps): bump softprops/action-gh-release from 2.3.3 to 2.3.4 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5417](external-secrets/external-secrets#5417) - chore(deps): bump github/codeql-action from 3.30.5 to 3.30.6 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5420](external-secrets/external-secrets#5420) - chore(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5418](external-secrets/external-secrets#5418) - chore(deps): bump golang from `6ad9415` to `c423747` in /e2e by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5423](external-secrets/external-secrets#5423) - chore(deps): bump mkdocs-material from 9.6.20 to 9.6.21 in /hack/api-docs by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5425](external-secrets/external-secrets#5425) - chore(deps): bump certifi from 2025.8.3 to 2025.10.5 in /hack/api-docs by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5424](external-secrets/external-secrets#5424) - chore(deps): bump docker/login-action from 3.5.0 to 3.6.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5422](external-secrets/external-secrets#5422) - chore(deps): bump actions/stale from 10.0.0 to 10.1.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5416](external-secrets/external-secrets#5416) - chore(deps): bump peter-evans/create-or-update-comment from 4.0.0 to 5.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5421](external-secrets/external-secrets#5421) - chore(deps): bump golang from `b6ed3fd` to `b6ed3fd` by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5419](external-secrets/external-secrets#5419) #### New Contributors - [@​AddRain1](https://github.com/AddRain1) made their first contribution in [#​5411](external-secrets/external-secrets#5411) - [@​luilegeant](https://github.com/luilegeant) made their first contribution in [#​5414](external-secrets/external-secrets#5414) - [@​smellems](https://github.com/smellems) made their first contribution in [#​5433](external-secrets/external-secrets#5433) - [@​blast-hardcheese](https://github.com/blast-hardcheese) made their first contribution in [#​5431](external-secrets/external-secrets#5431) - [@​RobinFrcd](https://github.com/RobinFrcd) made their first contribution in [#​5429](external-secrets/external-secrets#5429) - [@​alikhil](https://github.com/alikhil) made their first contribution in [#​5446](external-secrets/external-secrets#5446) **Full Changelog**: <external-secrets/external-secrets@v0.20.2...v0.20.3> ### [`v0.20.2`](https://github.com/external-secrets/external-secrets/releases/tag/v0.20.2) [Compare Source](external-secrets/external-secrets@v0.20.1...v0.20.2) Image: `ghcr.io/external-secrets/external-secrets:v0.20.2` Image: `ghcr.io/external-secrets/external-secrets:v0.20.2-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.20.2-ubi-boringssl` <!-- Release notes generated using configuration in .github/release.yml at main --> #### What's Changed ##### General - fix(typo): Google misspelled by [@​evrardjp](https://github.com/evrardjp) in [#​5348](external-secrets/external-secrets#5348) - chore: update helm charts v0.20.1 by [@​Skarlso](https://github.com/Skarlso) in [#​5352](external-secrets/external-secrets#5352) - chore(docs): update stability and support table for 0.20.x by [@​jakobmoellerdev](https://github.com/jakobmoellerdev) in [#​5354](external-secrets/external-secrets#5354) - chore: update dependencies by [@​eso-service-account-app](https://github.com/eso-service-account-app)\[bot] in [#​5349](external-secrets/external-secrets#5349) - chore(docs): update the release flow by [@​Skarlso](https://github.com/Skarlso) in [#​5358](external-secrets/external-secrets#5358) - feat: add support for decryption scheme from properties in senhasegura Devops Secrets Management (DSM) provider by [@​felipeosantos](https://github.com/felipeosantos) in [#​3895](external-secrets/external-secrets#3895) - feat(ci): use separate github app for lgtm workflow. by [@​webstradev](https://github.com/webstradev) in [#​5365](external-secrets/external-secrets#5365) - fix(ci): listing required roles should NOT mention/tag the roles, just name them. by [@​webstradev](https://github.com/webstradev) in [#​5363](external-secrets/external-secrets#5363) - fix(ci): run lgtm label remover in pull\_request\_target context instead by [@​webstradev](https://github.com/webstradev) in [#​5366](external-secrets/external-secrets#5366) - chore: update codeql action to also run for actions by [@​Skarlso](https://github.com/Skarlso) in [#​5360](external-secrets/external-secrets#5360) - feat(oracle): switch provider to maintained status by [@​anders-swanson](https://github.com/anders-swanson) in [#​5367](external-secrets/external-secrets#5367) - fix: liveness probe would include invalid value `enable` by [@​Skarlso](https://github.com/Skarlso) in [#​5369](external-secrets/external-secrets#5369) - feat: introduce priorityPolicy in merge rewrite by [@​riccardomc](https://github.com/riccardomc) in [#​5329](external-secrets/external-secrets#5329) - docs: update community meeting section by [@​webstradev](https://github.com/webstradev) in [#​5364](external-secrets/external-secrets#5364) - docs: issue-5350: Updates CRD and docs with write-only limitation for github provider by [@​bharath-b-rh](https://github.com/bharath-b-rh) in [#​5361](external-secrets/external-secrets#5361) - fix: IBM Cloud Secrets Manager Imported Cert does not always require intermediate cert by [@​varksvader](https://github.com/varksvader) in [#​5370](external-secrets/external-secrets#5370) - feat(gcp): get latest enabled secret by [@​itaispiegel](https://github.com/itaispiegel) in [#​5131](external-secrets/external-secrets#5131) - feat(ci): zizmor github actions vuln scanner by [@​arielrahamim](https://github.com/arielrahamim) in [#​5368](external-secrets/external-secrets#5368) - chore(docs): update pull request approval process by [@​Skarlso](https://github.com/Skarlso) in [#​5374](external-secrets/external-secrets#5374) - fix(release): Validate GCP GetSecret json format by [@​Gabrielmadrid73](https://github.com/Gabrielmadrid73) in [#​5336](external-secrets/external-secrets#5336) - fix(charts): exclude 'address' key from livenessProbe definition by [@​baprx](https://github.com/baprx) in [#​5377](external-secrets/external-secrets#5377) - feat: add ngrok provider by [@​jonstacks](https://github.com/jonstacks) in [#​5160](external-secrets/external-secrets#5160) - chore: update dependencies by [@​eso-service-account-app](https://github.com/eso-service-account-app)\[bot] in [#​5386](external-secrets/external-secrets#5386) - docs(release): CyberArk Conjur name change updates by [@​akosasi](https://github.com/akosasi) in [#​5359](external-secrets/external-secrets#5359) - chore: bump go, e2e: flux/argo & restructure e2e-bin build by [@​moolen](https://github.com/moolen) in [#​5333](external-secrets/external-secrets#5333) - fix: remove unused secret by [@​moolen](https://github.com/moolen) in [#​5391](external-secrets/external-secrets#5391) - feat(charts): add startupProbe to cert controller by [@​KyriosGN0](https://github.com/KyriosGN0) in [#​5297](external-secrets/external-secrets#5297) - fix: issue-5388: Fixes GCP Workload Identity Federation auth issue by [@​bharath-b-rh](https://github.com/bharath-b-rh) in [#​5392](external-secrets/external-secrets#5392) - chore(lint): fix revive lint errors `(pkg/providers)` by [@​Lumexralph](https://github.com/Lumexralph) in [#​5362](external-secrets/external-secrets#5362) - feat: make cert auth mount path configurable by [@​shaxbee](https://github.com/shaxbee) in [#​5400](external-secrets/external-secrets#5400) ##### Dependencies - chore(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5379](external-secrets/external-secrets#5379) - chore(deps): bump pyyaml from 6.0.2 to 6.0.3 in /hack/api-docs by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5380](external-secrets/external-secrets#5380) - chore(deps): bump actions/dependency-review-action from 4.7.3 to 4.8.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5381](external-secrets/external-secrets#5381) - chore(deps): bump github/codeql-action from 3.30.3 to 3.30.5 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5384](external-secrets/external-secrets#5384) - chore(deps): bump markupsafe from 3.0.2 to 3.0.3 in /hack/api-docs by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5383](external-secrets/external-secrets#5383) - chore(deps): bump mkdocs-macros-plugin from 1.3.9 to 1.4.0 in /hack/api-docs by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5385](external-secrets/external-secrets#5385) - chore(deps): bump actions/cache from 4.2.4 to 4.3.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​5382](external-secrets/external-secrets#5382) #### New Contributors - [@​evrardjp](https://github.com/evrardjp) made their first contribution in [#​5348](external-secrets/external-secrets#5348) - [@​felipeosantos](https://github.com/felipeosantos) made their first contribution in [#​3895](external-secrets/external-secrets#3895) - [@​varksvader](https://github.com/varksvader) made their first contribution in [#​5370](external-secrets/external-secrets#5370) - [@​itaispiegel](https://github.com/itaispiegel) made their first contribution in [#​5131](external-secrets/external-secrets#5131) - [@​arielrahamim](https://github.com/arielrahamim) made their first contribution in [#​5368](external-secrets/external-secrets#5368) - [@​Gabrielmadrid73](https://github.com/Gabrielmadrid73) made their first contribution in [#​5336](external-secrets/external-secrets#5336) - [@​baprx](https://github.com/baprx) made their first contribution in [#​5377](external-secrets/external-secrets#5377) - [@​akosasi](https://github.com/akosasi) made their first contribution in [#​5359](external-secrets/external-secrets#5359) - [@​Lumexralph](https://github.com/Lumexralph) made their first contribution in [#​5362](external-secrets/external-secrets#5362) - [@​shaxbee](https://github.com/shaxbee) made their first contribution in [#​5400](external-secrets/external-secrets#5400) **Full Changelog**: <external-secrets/external-secrets@v0.20.0...v0.20.2> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMzIuNSIsInVwZGF0ZWRJblZlciI6IjQxLjE0OC42IiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=--> Reviewed-on: https://kubara.git.onstackit.cloud/STACKIT/kubara/pulls/124
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem Statement
On several occasions we neglect running helm test. We only run it if deployments are changed, but in reality, other things can affect the end result, such es kubebuilder annotations or changes to the API. In those cases we ignore the test runs and that's just bad.
Also, we neglect to run helm.test.update to make sure that changes are reflected in the helm test. So now, check-diff is running helm.test.update and test.crds.update to see if there are any changes that need to be pushed into the helm tests.
Related Issue
Fixes #...
Proposed Changes
How do you like to solve the issue and why?
Format
Please ensure that your PR follows the following format for the title:
Where
scopeis optionally one of:Checklist
git commit --signoffmake testmake reviewable