docs(aws): fix PushSecret metadata indentation in resource policy exa... by Br1an67 · Pull Request #6056 · external-secrets/external-secrets

Br1an67 · 2026-03-10T09:03:34Z

Problem Statement

The Resource Policy Example in the AWS Secrets Manager provider documentation incorrectly showed spec.metadata at the top level of the PushSecret spec. However, the PushSecret API does not have a top-level metadata field under spec - metadata must be placed under each data item at spec.data[].metadata.

This was causing confusion as users would try to use spec.metadata which does not exist, as confirmed by kubectl explain pushsecret.spec.metadata returning an error.

Proposed Changes

Fixed the indentation of the metadata block in the Resource Policy Example to be under spec.data[] instead of spec. The metadata is now correctly indented to be part of the first data item, matching the actual API structure.

Checklist

I have read the contribution guidelines
All commits are signed with git commit --signoff
My changes have reasonable test coverage
All tests pass with make test
I ensured my PR is ready for review with make reviewable

Note: This is a documentation-only change, so test coverage and make test are not applicable.

Fix PushSecret metadata indentation in AWS Secrets Manager provider docs

Changes:

Corrected the metadata block indentation in the Resource Policy Example within the AWS Secrets Manager provider docs.
Moved metadata from top-level spec.metadata into spec.data[].metadata so metadata is specified per data item as required by the PushSecret API.

Context:
The previous example incorrectly showed spec.metadata as a top-level field, causing confusion and errors (e.g., kubectl explain pushsecret.spec.metadata reports the field does not exist). The example now nests metadata under the first spec.data[] item to reflect the actual API.

Files changed:

docs/provider/aws-secrets-manager.md (+12/-12 lines)

Documentation-only change; no functional impact.

Notes:

Contributor was asked to sign their commit (requested by reviewer).

coderabbitai · 2026-03-10T09:03:59Z

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a9e98e4d-46b5-4fdf-9b36-d1df6902ac55

📥 Commits

Reviewing files that changed from the base of the PR and between fda0130 and ee5457c.

📒 Files selected for processing (1)

docs/provider/aws-secrets-manager.md

🚧 Files skipped from review as they are similar to previous changes (1)

docs/provider/aws-secrets-manager.md

Walkthrough

Moved the resourcePolicy metadata from the top-level PushSecret metadata into each individual data item's scope in the AWS Secrets Manager documentation; kmsKeyID, secretPushFormat, description, and tags are now nested under the data entry. (47 words)

Changes

Cohort / File(s)	Summary
Documentation - AWS Secrets Manager `docs/provider/aws-secrets-manager.md`	Moved `resourcePolicy` metadata from top-level PushSecret metadata into each data item's scope; nested `kmsKeyID`, `secretPushFormat`, `description`, and `tags` under the data entry; adjusted indentation to reflect the new nesting.

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Linked Issues check	✅ Passed	The PR directly addresses the linked issue `#6001` by fixing the PushSecret metadata indentation in the AWS documentation example, moving it from spec level to spec.data[] level.
Out of Scope Changes check	✅ Passed	The PR contains only documentation changes directly related to fixing the PushSecret metadata indentation issue; no unrelated code modifications are present.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

📝 Coding Plan

Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

You can generate walkthrough in a markdown collapsible section to save space.

Enable the reviews.collapse_walkthrough setting to generate walkthrough in a markdown collapsible section.

Skarlso · 2026-03-16T06:22:27Z

Thanks so much for this fix. :) Could you please sign your commit with commit -s? :) 🙇

…mple The Resource Policy Example incorrectly placed spec.metadata at the top level instead of under spec.data[].metadata. This fix indents the metadata block to be part of the data item, matching the actual API structure. Signed-off-by: Br1an67 <932039080@qq.com>

sonarqubecloud · 2026-03-17T07:33:13Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

…... (external-secrets#6056) Co-authored-by: Gergely Bräutigam <gergely.brautigam@sap.com> Signed-off-by: AlexOQ <30403857+AlexOQ@users.noreply.github.com>

…2.2.0 (#4923) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets/external-secrets](https://github.com/external-secrets/external-secrets) | minor | `v2.1.0` → `v2.2.0` | --- > ⚠️ **Warning** > > Some dependencies could not be looked up. Check the [Dependency Dashboard](issues/2) for more information. --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets/external-secrets)</summary> ### [`v2.2.0`](https://github.com/external-secrets/external-secrets/releases/tag/v2.2.0) [Compare Source](external-secrets/external-secrets@v2.1.0...v2.2.0) Image: `ghcr.io/external-secrets/external-secrets:v2.2.0` Image: `ghcr.io/external-secrets/external-secrets:v2.2.0-ubi` Image: `ghcr.io/external-secrets/external-secrets:v2.2.0-ubi-boringssl`  #### What's Changed ##### General - chore: release charts v2.1.0 by [@Skarlso](https://github.com/Skarlso) in [#6030](external-secrets/external-secrets#6030) - chore: fix the stability doc by [@Skarlso](https://github.com/Skarlso) in [#6035](external-secrets/external-secrets#6035) - fix(security): Fix vulnerabilities by [@othomann](https://github.com/othomann) in [#6052](external-secrets/external-secrets#6052) - fix(aws): sync tags and resource policy even when secret value unchanged by [@evs-secops](https://github.com/evs-secops) in [#6025](external-secrets/external-secrets#6025) - fix: publish now uses docker build v4 which required some changes by [@Skarlso](https://github.com/Skarlso) in [#6062](external-secrets/external-secrets#6062) - feat(gcpsm): auto-detect projectID from GCP metadata server by [@patjlm](https://github.com/patjlm) in [#5922](external-secrets/external-secrets#5922) - chore(templating): Remove years in license and their checks by [@evrardj-roche](https://github.com/evrardj-roche) in [#5955](external-secrets/external-secrets#5955) - docs: Add Roche to official ADOPTERS by [@evrardj-roche](https://github.com/evrardj-roche) in [#6076](external-secrets/external-secrets#6076) - feat: Add Last Sync column to ExternalSecret and PushSecret printers by [@jaruwat-panturat](https://github.com/jaruwat-panturat) in [#6068](external-secrets/external-secrets#6068) - fix(onepassword): support native item IDs by [@chadxz](https://github.com/chadxz) in [#6073](external-secrets/external-secrets#6073) - feat: extract LGTM processor to external JS file with tests by [@mateenali66](https://github.com/mateenali66) in [#6074](external-secrets/external-secrets#6074) - feat: fail fast if LGTM label does not exist in repository by [@mateenali66](https://github.com/mateenali66) in [#6078](external-secrets/external-secrets#6078) - feat(passbolt): add support for Passbolt V5 API by [@cedricherzog-passbolt](https://github.com/cedricherzog-passbolt) in [#5919](external-secrets/external-secrets#5919) - fix(infisical): dataFrom.find.path should filter by secret path not name by [@johnvox](https://github.com/johnvox) in [#6086](external-secrets/external-secrets#6086) - fix: disable the priority queue which misbehaves at scale by [@Skarlso](https://github.com/Skarlso) in [#6083](external-secrets/external-secrets#6083) - chore: update go version to 1.26.1 by [@Skarlso](https://github.com/Skarlso) in [#6072](external-secrets/external-secrets#6072) - docs(aws): fix PushSecret metadata indentation in resource policy exa... by [@Br1an67](https://github.com/Br1an67) in [#6056](external-secrets/external-secrets#6056) - fix(aws): prevent EC2 IMDS fallback when explicit credentials are pro... by [@Br1an67](https://github.com/Br1an67) in [#6036](external-secrets/external-secrets#6036) - feat(templating): Add certSANs function to extract SANs from certificates by [@mzdeb](https://github.com/mzdeb) in [#6058](external-secrets/external-secrets#6058) - docs: document template.metadata labels/annotations behavior by [@lucpas](https://github.com/lucpas) in [#6102](external-secrets/external-secrets#6102) - fix: CODEOWNERS are seriously out of date by [@Skarlso](https://github.com/Skarlso) in [#6106](external-secrets/external-secrets#6106) - feat(helm): add readinessProbe support for external-secrets deployment by [@AlexOQ](https://github.com/AlexOQ) in [#5831](external-secrets/external-secrets#5831) - fix: update grpc for CVE-2026-33186 by [@Skarlso](https://github.com/Skarlso) in [#6108](external-secrets/external-secrets#6108) - feat(azurekv): add expiration time to azure kv secret by [@muraliavarma](https://github.com/muraliavarma) in [#5935](external-secrets/external-secrets#5935) - feat: add path to cloud.ru provider by [@heavyandrew](https://github.com/heavyandrew) in [#5952](external-secrets/external-secrets#5952) - fix(add-eso-version): fix separator line pattern in add\_eso\_version.sh script by [@riccardomc](https://github.com/riccardomc) in [#6113](external-secrets/external-secrets#6113) ##### Dependencies - chore(deps): bump zizmorcore/zizmor-action from 0.5.0 to 0.5.2 by [@dependabot](https://github.com/dependabot)\[bot] in [#6038](external-secrets/external-secrets#6038) - chore(deps): bump charset-normalizer from 3.4.4 to 3.4.5 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6047](external-secrets/external-secrets#6047) - chore(deps): bump platformdirs from 4.9.2 to 4.9.4 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6050](external-secrets/external-secrets#6050) - chore(deps): bump mkdocs-material from 9.7.3 to 9.7.4 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6049](external-secrets/external-secrets#6049) - chore(deps): bump github/codeql-action from 4.32.4 to 4.32.6 by [@dependabot](https://github.com/dependabot)\[bot] in [#6039](external-secrets/external-secrets#6039) - chore(deps): bump step-security/harden-runner from 2.15.0 to 2.15.1 by [@dependabot](https://github.com/dependabot)\[bot] in [#6043](external-secrets/external-secrets#6043) - chore(deps): bump actions/dependency-review-action from 4.8.3 to 4.9.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6040](external-secrets/external-secrets#6040) - chore(deps): bump crazy-max/ghaction-import-gpg from 6.3.0 to 7.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6044](external-secrets/external-secrets#6044) - chore(deps): bump docker/login-action from 3.7.0 to 4.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6042](external-secrets/external-secrets#6042) - chore(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6041](external-secrets/external-secrets#6041) - chore(deps): bump docker/setup-qemu-action from 3.7.0 to 4.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6046](external-secrets/external-secrets#6046) - chore(deps): bump aquasecurity/trivy-action from 0.34.1 to 0.35.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6048](external-secrets/external-secrets#6048) - chore(deps): bump anchore/sbom-action from 0.23.0 to 0.23.1 by [@dependabot](https://github.com/dependabot)\[bot] in [#6093](external-secrets/external-secrets#6093) - chore(deps): bump distroless/static from `28efbe9` to `47b2d72` by [@dependabot](https://github.com/dependabot)\[bot] in [#6088](external-secrets/external-secrets#6088) - chore(deps): bump ubi9/ubi from `cecb1cd` to `6ed9f6f` by [@dependabot](https://github.com/dependabot)\[bot] in [#6087](external-secrets/external-secrets#6087) - chore(deps): bump mkdocs-material from 9.7.4 to 9.7.5 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6096](external-secrets/external-secrets#6096) - chore(deps): bump tornado from 6.5.4 to 6.5.5 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6094](external-secrets/external-secrets#6094) - chore(deps): bump charset-normalizer from 3.4.5 to 3.4.6 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6095](external-secrets/external-secrets#6095) - chore(deps): bump step-security/harden-runner from 2.15.1 to 2.16.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6089](external-secrets/external-secrets#6089) - chore(deps): bump sigstore/cosign-installer from 4.0.0 to 4.1.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6092](external-secrets/external-secrets#6092) - chore(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1 by [@dependabot](https://github.com/dependabot)\[bot] in [#6090](external-secrets/external-secrets#6090) - chore(deps): bump actions/create-github-app-token from 2.2.1 to 3.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6091](external-secrets/external-secrets#6091) #### New Contributors - [@othomann](https://github.com/othomann) made their first contribution in [#6052](external-secrets/external-secrets#6052) - [@evs-secops](https://github.com/evs-secops) made their first contribution in [#6025](external-secrets/external-secrets#6025) - [@patjlm](https://github.com/patjlm) made their first contribution in [#5922](external-secrets/external-secrets#5922) - [@jaruwat-panturat](https://github.com/jaruwat-panturat) made their first contribution in [#6068](external-secrets/external-secrets#6068) - [@chadxz](https://github.com/chadxz) made their first contribution in [#6073](external-secrets/external-secrets#6073) - [@mateenali66](https://github.com/mateenali66) made their first contribution in [#6074](external-secrets/external-secrets#6074) - [@cedricherzog-passbolt](https://github.com/cedricherzog-passbolt) made their first contribution in [#5919](external-secrets/external-secrets#5919) - [@johnvox](https://github.com/johnvox) made their first contribution in [#6086](external-secrets/external-secrets#6086) - [@Br1an67](https://github.com/Br1an67) made their first contribution in [#6056](external-secrets/external-secrets#6056) - [@mzdeb](https://github.com/mzdeb) made their first contribution in [#6058](external-secrets/external-secrets#6058) - [@lucpas](https://github.com/lucpas) made their first contribution in [#6102](external-secrets/external-secrets#6102) - [@AlexOQ](https://github.com/AlexOQ) made their first contribution in [#5831](external-secrets/external-secrets#5831) - [@muraliavarma](https://github.com/muraliavarma) made their first contribution in [#5935](external-secrets/external-secrets#5935) - [@heavyandrew](https://github.com/heavyandrew) made their first contribution in [#5952](external-secrets/external-secrets#5952) **Full Changelog**: <external-secrets/external-secrets@v2.1.0...v2.2.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).  Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/4923 Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net> Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://github.com/external-secrets/external-secrets) | minor | `2.1.0` → `2.2.0` | --- > ⚠️ **Warning** > > Some dependencies could not be looked up. Check the [Dependency Dashboard](issues/2) for more information. --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v2.2.0`](https://github.com/external-secrets/external-secrets/releases/tag/v2.2.0) [Compare Source](external-secrets/external-secrets@v2.1.0...v2.2.0) Image: `ghcr.io/external-secrets/external-secrets:v2.2.0` Image: `ghcr.io/external-secrets/external-secrets:v2.2.0-ubi` Image: `ghcr.io/external-secrets/external-secrets:v2.2.0-ubi-boringssl`  ##### What's Changed ##### General - chore: release charts v2.1.0 by [@Skarlso](https://github.com/Skarlso) in [#6030](external-secrets/external-secrets#6030) - chore: fix the stability doc by [@Skarlso](https://github.com/Skarlso) in [#6035](external-secrets/external-secrets#6035) - fix(security): Fix vulnerabilities by [@othomann](https://github.com/othomann) in [#6052](external-secrets/external-secrets#6052) - fix(aws): sync tags and resource policy even when secret value unchanged by [@evs-secops](https://github.com/evs-secops) in [#6025](external-secrets/external-secrets#6025) - fix: publish now uses docker build v4 which required some changes by [@Skarlso](https://github.com/Skarlso) in [#6062](external-secrets/external-secrets#6062) - feat(gcpsm): auto-detect projectID from GCP metadata server by [@patjlm](https://github.com/patjlm) in [#5922](external-secrets/external-secrets#5922) - chore(templating): Remove years in license and their checks by [@evrardj-roche](https://github.com/evrardj-roche) in [#5955](external-secrets/external-secrets#5955) - docs: Add Roche to official ADOPTERS by [@evrardj-roche](https://github.com/evrardj-roche) in [#6076](external-secrets/external-secrets#6076) - feat: Add Last Sync column to ExternalSecret and PushSecret printers by [@jaruwat-panturat](https://github.com/jaruwat-panturat) in [#6068](external-secrets/external-secrets#6068) - fix(onepassword): support native item IDs by [@chadxz](https://github.com/chadxz) in [#6073](external-secrets/external-secrets#6073) - feat: extract LGTM processor to external JS file with tests by [@mateenali66](https://github.com/mateenali66) in [#6074](external-secrets/external-secrets#6074) - feat: fail fast if LGTM label does not exist in repository by [@mateenali66](https://github.com/mateenali66) in [#6078](external-secrets/external-secrets#6078) - feat(passbolt): add support for Passbolt V5 API by [@cedricherzog-passbolt](https://github.com/cedricherzog-passbolt) in [#5919](external-secrets/external-secrets#5919) - fix(infisical): dataFrom.find.path should filter by secret path not name by [@johnvox](https://github.com/johnvox) in [#6086](external-secrets/external-secrets#6086) - fix: disable the priority queue which misbehaves at scale by [@Skarlso](https://github.com/Skarlso) in [#6083](external-secrets/external-secrets#6083) - chore: update go version to 1.26.1 by [@Skarlso](https://github.com/Skarlso) in [#6072](external-secrets/external-secrets#6072) - docs(aws): fix PushSecret metadata indentation in resource policy exa... by [@Br1an67](https://github.com/Br1an67) in [#6056](external-secrets/external-secrets#6056) - fix(aws): prevent EC2 IMDS fallback when explicit credentials are pro... by [@Br1an67](https://github.com/Br1an67) in [#6036](external-secrets/external-secrets#6036) - feat(templating): Add certSANs function to extract SANs from certificates by [@mzdeb](https://github.com/mzdeb) in [#6058](external-secrets/external-secrets#6058) - docs: document template.metadata labels/annotations behavior by [@lucpas](https://github.com/lucpas) in [#6102](external-secrets/external-secrets#6102) - fix: CODEOWNERS are seriously out of date by [@Skarlso](https://github.com/Skarlso) in [#6106](external-secrets/external-secrets#6106) - feat(helm): add readinessProbe support for external-secrets deployment by [@AlexOQ](https://github.com/AlexOQ) in [#5831](external-secrets/external-secrets#5831) - fix: update grpc for CVE-2026-33186 by [@Skarlso](https://github.com/Skarlso) in [#6108](external-secrets/external-secrets#6108) - feat(azurekv): add expiration time to azure kv secret by [@muraliavarma](https://github.com/muraliavarma) in [#5935](external-secrets/external-secrets#5935) - feat: add path to cloud.ru provider by [@heavyandrew](https://github.com/heavyandrew) in [#5952](external-secrets/external-secrets#5952) - fix(add-eso-version): fix separator line pattern in add\_eso\_version.sh script by [@riccardomc](https://github.com/riccardomc) in [#6113](external-secrets/external-secrets#6113) ##### Dependencies - chore(deps): bump zizmorcore/zizmor-action from 0.5.0 to 0.5.2 by [@dependabot](https://github.com/dependabot)\[bot] in [#6038](external-secrets/external-secrets#6038) - chore(deps): bump charset-normalizer from 3.4.4 to 3.4.5 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6047](external-secrets/external-secrets#6047) - chore(deps): bump platformdirs from 4.9.2 to 4.9.4 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6050](external-secrets/external-secrets#6050) - chore(deps): bump mkdocs-material from 9.7.3 to 9.7.4 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6049](external-secrets/external-secrets#6049) - chore(deps): bump github/codeql-action from 4.32.4 to 4.32.6 by [@dependabot](https://github.com/dependabot)\[bot] in [#6039](external-secrets/external-secrets#6039) - chore(deps): bump step-security/harden-runner from 2.15.0 to 2.15.1 by [@dependabot](https://github.com/dependabot)\[bot] in [#6043](external-secrets/external-secrets#6043) - chore(deps): bump actions/dependency-review-action from 4.8.3 to 4.9.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6040](external-secrets/external-secrets#6040) - chore(deps): bump crazy-max/ghaction-import-gpg from 6.3.0 to 7.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6044](external-secrets/external-secrets#6044) - chore(deps): bump docker/login-action from 3.7.0 to 4.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6042](external-secrets/external-secrets#6042) - chore(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6041](external-secrets/external-secrets#6041) - chore(deps): bump docker/setup-qemu-action from 3.7.0 to 4.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6046](external-secrets/external-secrets#6046) - chore(deps): bump aquasecurity/trivy-action from 0.34.1 to 0.35.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6048](external-secrets/external-secrets#6048) - chore(deps): bump anchore/sbom-action from 0.23.0 to 0.23.1 by [@dependabot](https://github.com/dependabot)\[bot] in [#6093](external-secrets/external-secrets#6093) - chore(deps): bump distroless/static from `28efbe9` to `47b2d72` by [@dependabot](https://github.com/dependabot)\[bot] in [#6088](external-secrets/external-secrets#6088) - chore(deps): bump ubi9/ubi from `cecb1cd` to `6ed9f6f` by [@dependabot](https://github.com/dependabot)\[bot] in [#6087](external-secrets/external-secrets#6087) - chore(deps): bump mkdocs-material from 9.7.4 to 9.7.5 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6096](external-secrets/external-secrets#6096) - chore(deps): bump tornado from 6.5.4 to 6.5.5 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6094](external-secrets/external-secrets#6094) - chore(deps): bump charset-normalizer from 3.4.5 to 3.4.6 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#6095](external-secrets/external-secrets#6095) - chore(deps): bump step-security/harden-runner from 2.15.1 to 2.16.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6089](external-secrets/external-secrets#6089) - chore(deps): bump sigstore/cosign-installer from 4.0.0 to 4.1.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6092](external-secrets/external-secrets#6092) - chore(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1 by [@dependabot](https://github.com/dependabot)\[bot] in [#6090](external-secrets/external-secrets#6090) - chore(deps): bump actions/create-github-app-token from 2.2.1 to 3.0.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#6091](external-secrets/external-secrets#6091) ##### New Contributors - [@othomann](https://github.com/othomann) made their first contribution in [#6052](external-secrets/external-secrets#6052) - [@evs-secops](https://github.com/evs-secops) made their first contribution in [#6025](external-secrets/external-secrets#6025) - [@patjlm](https://github.com/patjlm) made their first contribution in [#5922](external-secrets/external-secrets#5922) - [@jaruwat-panturat](https://github.com/jaruwat-panturat) made their first contribution in [#6068](external-secrets/external-secrets#6068) - [@chadxz](https://github.com/chadxz) made their first contribution in [#6073](external-secrets/external-secrets#6073) - [@mateenali66](https://github.com/mateenali66) made their first contribution in [#6074](external-secrets/external-secrets#6074) - [@cedricherzog-passbolt](https://github.com/cedricherzog-passbolt) made their first contribution in [#5919](external-secrets/external-secrets#5919) - [@johnvox](https://github.com/johnvox) made their first contribution in [#6086](external-secrets/external-secrets#6086) - [@Br1an67](https://github.com/Br1an67) made their first contribution in [#6056](external-secrets/external-secrets#6056) - [@mzdeb](https://github.com/mzdeb) made their first contribution in [#6058](external-secrets/external-secrets#6058) - [@lucpas](https://github.com/lucpas) made their first contribution in [#6102](external-secrets/external-secrets#6102) - [@AlexOQ](https://github.com/AlexOQ) made their first contribution in [#5831](external-secrets/external-secrets#5831) - [@muraliavarma](https://github.com/muraliavarma) made their first contribution in [#5935](external-secrets/external-secrets#5935) - [@heavyandrew](https://github.com/heavyandrew) made their first contribution in [#5952](external-secrets/external-secrets#5952) **Full Changelog**: <external-secrets/external-secrets@v2.1.0...v2.2.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).  Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/4927 Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net> Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>

github-project-automation bot added this to External Secrets Mar 10, 2026

Br1an67 mentioned this pull request Mar 10, 2026

Documentation implies PushSecret spec.metadata exists when it does not #6001

Closed

github-actions bot added area/aws Indicates an issue or PR related to AWS. kind/documentation Categorizes issue or PR as related to documentation. size/s labels Mar 10, 2026

Skarlso approved these changes Mar 16, 2026

View reviewed changes

Br1an67 force-pushed the fix/issue-6001-pushsecret-metadata-indentation branch from fda0130 to ee5457c Compare March 16, 2026 06:36

Merge branch 'main' into fix/issue-6001-pushsecret-metadata-indentation

9243a25

Skarlso merged commit 7c25677 into external-secrets:main Mar 17, 2026
6 of 7 checks passed

github-project-automation bot moved this to Done in External Secrets Mar 17, 2026

coderabbitai bot mentioned this pull request Mar 26, 2026

fix(docs): fix metadata structure in Google Secrets Manager docs #6139

Merged

2 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

docs(aws): fix PushSecret metadata indentation in resource policy exa...#6056

docs(aws): fix PushSecret metadata indentation in resource policy exa...#6056
Skarlso merged 2 commits intoexternal-secrets:mainfrom
Br1an67:fix/issue-6001-pushsecret-metadata-indentation

Br1an67 commented Mar 10, 2026 •

edited by coderabbitai bot

Loading

Uh oh!

coderabbitai bot commented Mar 10, 2026 •

edited

Loading

Uh oh!

Skarlso commented Mar 16, 2026

Uh oh!

Uh oh!

sonarqubecloud bot commented Mar 17, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Uh oh!

Conversation

Br1an67 commented Mar 10, 2026 • edited by coderabbitai bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Problem Statement

Proposed Changes

Checklist

Fix PushSecret metadata indentation in AWS Secrets Manager provider docs

Uh oh!

coderabbitai bot commented Mar 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Changes

Uh oh!

Skarlso commented Mar 16, 2026

Uh oh!

Uh oh!

sonarqubecloud bot commented Mar 17, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Br1an67 commented Mar 10, 2026 •

edited by coderabbitai bot

Loading

coderabbitai bot commented Mar 10, 2026 •

edited

Loading