RELEASE VERSION
My apologies when creating the release 0.12.0 failed. The branch and tag however, have been created and I was unable to delete them. Thus, the version has been increased to 0.12.1 after the fix and now that's the current version. I hand updated the release notes to include everyone into the changes.
BREAKING CHANGES
The following breaking changes have been introduced into this release:
- Permission update for AWS provider adding BulkFetch when getting multiple secrets ( significant API reduce but comes with adding a permission for bulk endpoint )
- fixed a typo for a generator in the json tag where before it was
ecrRAuthorizationTokenSpec
with an extra R - We standardized the GCP Secrets Manager Metadata structure for PushSecrets ( be aware that existing manifests will stop working until updated to the standardized version ) for more info see #4210
Images
Image: ghcr.io/external-secrets/external-secrets:v0.12.1
Image: ghcr.io/external-secrets/external-secrets:v0.12.1-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.12.1-ubi-boringssl
What's Changed
- chore(deps): bump ubi8/ubi from
7287624
to37cdac4
by @dependabot in #4245 - revert: softprops update failing the release process by @Skarlso in #4248
- chore: bump helm chart version v0.11.0 by @Skarlso #4166
- chore(deps): bump mkdocs-material in /hack/api-docs by @dependabot #4165
- chore: update dependencies by @eso-service-account-app in #4169
- Gc/fix clusterexternalsecret metrics by @gusfcarvalho in #4170
- chore(deps): bump distroless/static from f4a57e8 to 5c7e2b4 by @dependabot #4164
- chore: deprecate olm proposal by @gusfcarvalho in #4175
- fix: error handling for gitlab variable fetch by @Skarlso in #4177
- fix: v1 templates with metadata + always cleanup orphaned secrets by @thesuperzapper in #4174
- fix: handle empty template engine version by @thesuperzapper in #4182
- chore(deps): bump actions/cache from 4.1.2 to 4.2.0 by @dependabot in #4190
- chore(deps): bump actions/attest-build-provenance from 1.4.4 to 2.0.1 by @dependabot in #4189
- chore(deps): bump github/codeql-action from 3.27.5 to 3.27.6 by @dependabot in #4188
- update dependencies in #4196
- chore(deps): bump codecov/codecov-action from 5.0.7 to 5.1.1 by @dependabot in #4187
- chore(deps): bump alpine from 3.20.3 to 3.21.0 in /e2e by @dependabot in #4184
- chore(deps): bump golang from 1.23.3-bookworm to 1.23.4-bookworm by @dependabot in #4185
- chore(deps): bump alpine from 3.20 to 3.21 in /hack/api-docs by @dependabot in #4186
- chore(deps): bump alpine from 1e42bbe to 21dc606 by @dependabot in #4191
- chore(deps): bump golang from 1.23.3 to 1.23.4 by @dependabot in #4192
- chore(deps): bump six from 1.16.0 to 1.17.0 in /hack/api-docs by @dependabot in #4193
- chore(deps): bump mkdocs-material in /hack/api-docs by dependabot in by @dependabot in #4194
- feat: 1password add support for tags and configurable PushSecret vault by @Dariusch (#4173)
- fix: ensure existing labels are retained for secrets in GCP secrets by @newtondev (#4160)
- fix: return not found error when there is no secret for vault provider by @Skarlso (#4183)
- fix: error in order of function call UpdateEnvironment by @dirien (#4201)
- BREAKING: Standardize GCP Secret Manager PushSecret metadata format and add CMEK support @janlauber in (#4210)
- docs: add raw markdown tags to PushSecret example in Google Secrets Manager documentation by @janlauber in (#4213)
- Design/target custom resources by @gusfcarvalho (#3449)
- chore(deps): bump github/codeql-action from 3.27.6 to 3.27.9 by @dependabot (#4215)
- chore(deps): bump actions/attest-build-provenance from 2.0.1 to 2.1.0 by @dependabot in (#4216)
- feat: update to use Batch value get instead of List and Fetch all secrets for AWS provider by @Skarlso in (#4181)
- fix: increase default QPS/Burst to 50/100 by @thesuperzapper (#4202)
- chore(deps): bump softprops/action-gh-release from 2.1.0 to 2.2.0 by @dependabot (#4217)
- chore(deps): bump actions/setup-go from 5.1.0 to 5.2.0 by @dependabot (#4218)
- chore(deps): bump certifi from 2024.8.30 to 2024.12.14 by @dependabot
- chore(deps): bump golang from 6c5c959 to 6c5c959 by @dependabot (#4220)
- chore: update dependencies by @eso-service-account-app (#4223)
- Add AWS ECR Public authorization token support by @pmcenery (#4229)
- fix: typo in the ecrAuthorizationTokenSpec json tag by @Skarlso (#4212)
- feat: fix a bunch of Sonar issues by @Skarlso (#4208)
- fix: Dockerfile.ubi using the wrong registry by @Skarlso (#4234)
- feat: add filterCertChain template helper function by @sboschman (#3934)
- fix: SonarCloud security hotspot by @Skarlso in (#4235)
Full Changelog: v0.11.0...v0.12.1