artifacthub helm/external-secrets-operator/external-secrets 0.20.1
v0.20.1
on Artifact Hub

13 hours ago

Image: ghcr.io/external-secrets/external-secrets:v0.20.1
Image: ghcr.io/external-secrets/external-secrets:v0.20.1-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.20.1-ubi-boringssl

What's Changed

General

  • chore: release 0.19.2 by @moolen in #5136
  • chore: update readme by @gusfcarvalho in #5137
  • fix(kubernetes): make auth field optional by @mhrabovcin in #5064
  • chore: Fix Markdown spelling issues found by codespell by @mjtrangoni in #5139
  • Fix yaml codeblock for oracle-vault provider docs by @muckelba in #5146
  • feat: add liveness probe to eso controller by @Skarlso in #4930
  • fix(helm): add boolean for processClusterGenerator by @DrummyFloyd in #5144
  • chore: add Cisco to ADOPTERS.md by @sriaradhyula in #5159
  • docs: Fix provider stability and support table by @jonstacks in #5161
  • feat(helm): Add control of response to missing prometheus CRDs by @jcpunk in #5087
  • chore: Added release notes configuration by @bonddim in #5148
  • chore: bump bitwarden helm chart version by @Skarlso in #5044
  • chore(docs): update ADOPTERS.md to include SAP by @jakobmoellerdev in #5165
  • feat: add externalsecret namespace for webhook provider by @matheusmazzoni in #5155
  • fix: add unknown status for secret store by @alvin-rw in #5070
  • Fix pushing to an AWS Secrets Manager Secret when there are no secret values by @nirajsapkota in #4878
  • add extralabels for dashboard to be scraped by multiple grafana instances by @L1ghtman2k in #5138
  • fix: the api docs are not referencing sshkey generator by @Skarlso in #5170
  • Update github.md by @gecube in #5171
  • Update anchore-engine-credentials.md by @gecube in #5172
  • docs: update infisical docs to clarify missing system:auth-delegator need by @Skarlso in #5174
  • Adding support different type auth sources by @preved911 in #4877
  • fix: stability update document did not update the stability table correctly by @Skarlso in #5176
  • Add esv1.AnnotationForceSync for CES and ES by @ntnn in #5156
  • fix: helm build failing by @Skarlso in #5178
  • fix: remove release- branch automation by @moolen in #5182
  • chore: update dependencies by @eso-service-account-app[bot] in #5181
  • docs: update bitwarden documentation for dataFrom field usage by @Skarlso in #5196
  • feat: add contributor ladder by @gusfcarvalho in #5150
  • feat: support vault provider check and set for push secrets by @webstradev in #5197
  • chore(docs): update helm charts by @gusfcarvalho in #5203
  • chore(ci): fix sonarqube security warnings in helm.yml by @webstradev in #5202
  • chore: add pull request maintenance auto labelling and sizes by @Skarlso in #5200
  • fix: update the label verification step by @Skarlso in #5209
  • feat: add infisical k8s auth with Client JWT as Reviewer JWT Token support by @tuxtof in #5168
  • feat: improve error message for json marshalling/unmarshalling by @webstradev in #5211
  • chore: enhance helm-values-schema-json schema plugin management logic by @jakobmoellerdev in #5212
  • fix(aws): stop incrementing the UUID for versions by @Skarlso in #5175
  • feat: enable secure serving for metrics [issue 4614] by @rkferreira in #5169
  • fix(infisical): fix TokenAuth auth method by escaping the token revocation by @arthlr in #5217
  • fix: tilt build was failing to rebuild by @Skarlso in #5225
  • feat: add selectable fields to the CRDs by @Skarlso in #5226
  • ref: removing Yandex Cloud specific common types declaration duplication by @preved911 in #4905
  • fix: missing codeowners file from .github folder by @Skarlso in #5228
  • feat: add setting remote namespace to metadata for kubernetes provider by @Skarlso in #5224
  • feat: add support for certs only in pkcs12 by @devnopt in #4875
  • docs: document redundant clusterName/clusterLocation parameters in GCP Secret Manager docs by @ionicsolutions in #5208
  • feat: Allow adding finalizers from template by @malovme in #5140
  • fix: controller-runtime update by @gusfcarvalho in #5239
  • chore: update dependencies by @eso-service-account-app[bot] in #5229
  • fix: Prevent secretstore reconcile loop when provider error response is dynamic by @dakotaharden in #5247
  • feat: add finalizers to SecretStores when referenced by PushSecrets with DeletionPolicy=Delete by @matheusmazzoni in #5163
  • fix: keepersecurity support for shortcuts by @pepordev in #5245
  • feat: add support for GCP Workload Identity Federation by @bharath-b-rh in #4654
  • feat: support fetching secrets and certificates by name in Yandex Lockbox & Certificate Manager by @alliseeisgold in #5022
  • chore(charts): Adds new make target for installing unittest plugin by @bharath-b-rh in #5250
  • docs(templating): added clarifying comments to Github generator example by @nielstenboom in #5248
  • feat(release): add new workflow to label first time contributor issues by @mouhsen-ibrahim in #5243
  • feat(security): Adds an option to make HTTP2 configurable by @siddhibhor-56 in #5231
  • feat: add retry for onepassword on authorization error by @Skarlso in #5253
  • fix: handle namespace deletion race conditions with finalizers by @framsouza in #5154
  • docs: update stability and support by @anders-swanson in #5257
  • fix(akeyless): Upgrade Akeyless Provider Go SDK to v4 by @kgal-akl in #5263
  • feat: support Pod Identity authentication for Vault Provider by @webstradev in #5201
  • feat: add domain field to secretserver provider by @rkferreira in #5258
  • chore(release): Migrate to actions/create-github-app-token action by @mouhsen-ibrahim in #5264
  • chore: just updating the crd conformance tests by @Skarlso in #5265
  • chore(revert): "chore(release): Migrate to actions/create-github-app-token action" by @Skarlso in #5269
  • chore: azure sdk update by @hauswio in #5162
  • feat: add support for fetching Secret by Path on Delinea Secret Server provider by @DelineaSahilWankhede in #5270
  • feat: migrate from tibdex to actions/create-github-app-token by @rkferreira in #5286
  • fix: license headers across all Go files - standardize format, add missing copyright, fix typos by @Copilot in #5288
  • fix: the boilerplate was missing the right license format by @Skarlso in #5289
  • chore(license): add automated license header checking using Apache SkyWalking Eyes GitHub Action by @Copilot in #5290
  • chore(docs): remove GitHub Discussions references and update support channels by @jakobmoellerdev in #5292
  • docs: updated the ladder with two new tracks: documentation and community by @Skarlso in #5298
  • docs(release): create upgrading section by @rkferreira in #5310
  • docs: readme update for health of the project by @Skarlso in #5309
  • fix: validate namespace in secretRef by @moolen in #5311
  • docs: add burnout prevention strategies and mitigation policy document by @Skarlso in #5307
  • feat: add missing go sbom by @moolen in #5313
  • feat: make vault e2e tests run locally by @moolen in #5246
  • chore: update dependencies by @eso-service-account-app[bot] in #5324
  • feat: add Cloudsmith generator for container registry authentication by @cloudsmith-iduffy in #5267
  • feat: Add lgtm review automation step to ci workflows. by @webstradev in #5251
  • feat(provider): add Volcengine provider support by @kevinyancn in #5306
  • test: add more information to potentially flaky test by @Skarlso in #5330
  • fix(docs): Fix typo in controller options doc by @tspearconquest in #5299
  • chore(testing): Add licence.check make target by @jonstacks in #5335
  • docs(gitlab-variables): document environment scope fallback by @s1nyx in #5300

Dependencies

  • chore(deps): bump mkdocs-macros-plugin from 1.3.7 to 1.3.9 in /hack/api-docs by @dependabot[bot] in #5190
  • chore(deps): bump requests from 2.32.4 to 2.32.5 in /hack/api-docs by @dependabot[bot] in #5191
  • chore(deps): bump golang from 1.24.6-bookworm to 1.25.0-bookworm in /e2e by @dependabot[bot] in #5189
  • chore(deps): bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0 by @dependabot[bot] in #5188
  • chore(deps): bump actions/create-github-app-token from 2.1.0 to 2.1.1 by @dependabot[bot] in #5187
  • chore(deps): bump anchore/sbom-action from 0.20.4 to 0.20.5 by @dependabot[bot] in #5186
  • chore(deps): bump codecov/codecov-action from 5.4.3 to 5.5.0 by @dependabot[bot] in #5184
  • chore(deps): bump golang from 1.24.6 to 1.25.0 by @dependabot[bot] in #5194
  • chore(deps): bump github/codeql-action from 3.29.8 to 3.29.11 by @dependabot[bot] in #5195
  • chore(deps): bump ubi8/ubi from 4f0a4e4 to 7010e70 by @dependabot[bot] in #5193
  • chore(deps): bump mkdocs-material from 9.6.16 to 9.6.18 in /hack/api-docs by @dependabot[bot] in #5192
  • chore(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #5198
  • chore(deps): bump actions/dependency-review-action from 4.7.1 to 4.7.2 by @dependabot[bot] in #5199
  • chore(deps): bump aquasecurity/trivy-action from 0.32.0 to 0.33.0 by @dependabot[bot] in #5234
  • chore(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 by @dependabot[bot] in #5236
  • chore(deps): bump ubi8/ubi from 7010e70 to 534c2c0 by @dependabot[bot] in #5237
  • chore(deps): bump actions/attest-build-provenance from 2.4.0 to 3.0.0 by @dependabot[bot] in #5238
  • chore(deps): bump regex from 2025.7.34 to 2025.8.29 in /hack/api-docs by @dependabot[bot] in #5242
  • chore(deps): bump platformdirs from 4.3.8 to 4.4.0 in /hack/api-docs by @dependabot[bot] in #5241
  • chore(deps): bump distroless/static from 2e114d2 to f2ff10a by @dependabot[bot] in #5240
  • chore(deps): bump golang from 1.25.0 to 1.25.1 by @dependabot[bot] in #5275
  • chore(deps): bump actions/github-script from 7.0.1 to 8.0.0 by @dependabot[bot] in #5274
  • chore(deps): bump actions/stale from 9.1.0 to 10.0.0 by @dependabot[bot] in #5273
  • chore(deps): bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in #5276
  • chore(deps): bump mkdocs-material from 9.6.18 to 9.6.19 in /hack/api-docs by @dependabot[bot] in #5279
  • chore(deps): bump codecov/codecov-action from 5.5.0 to 5.5.1 by @dependabot[bot] in #5278
  • chore(deps): bump github/codeql-action from 3.29.11 to 3.30.1 by @dependabot[bot] in #5277
  • chore(deps): bump markdown from 3.8.2 to 3.9 in /hack/api-docs by @dependabot[bot] in #5281
  • chore(deps): bump golang from 1.25.0-bookworm to 1.25.1-bookworm in /e2e by @dependabot[bot] in #5280
  • chore(deps): bump regex from 2025.8.29 to 2025.9.1 in /hack/api-docs by @dependabot[bot] in #5282
  • chore(deps): bump golang from b6ed3fd to b6ed3fd by @dependabot[bot] in #5318
  • chore(deps): bump actions/setup-python from 5.6.0 to 6.0.0 by @dependabot[bot] in #5317
  • chore(deps): bump github/codeql-action from 3.30.1 to 3.30.3 by @dependabot[bot] in #5319
  • chore(deps): bump distroless/static from f2ff10a to 87bce11 by @dependabot[bot] in #5320
  • chore(deps): bump actions/labeler from 5.0.0 to 6.0.1 by @dependabot[bot] in #5323
  • chore(deps): bump softprops/action-gh-release from 2.3.2 to 2.3.3 by @dependabot[bot] in #5321
  • chore(deps): bump actions/create-github-app-token from 2.1.1 to 2.1.4 by @dependabot[bot] in #5322
  • chore(deps): bump actions/create-github-app-token from 2.1.1 to 2.1.4 by @dependabot[bot] in #5339
  • chore(deps): bump aquasecurity/trivy-action from 0.33.0 to 0.33.1 by @dependabot[bot] in #5344
  • chore(deps): bump mkdocs-material from 9.6.19 to 9.6.20 in /hack/api-docs by @dependabot[bot] in #5345
  • chore(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 by @dependabot[bot] in #5343
  • chore(deps): bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by @dependabot[bot] in #5340
  • chore(deps): bump anchore/sbom-action from 0.20.5 to 0.20.6 by @dependabot[bot] in #5341
  • chore(deps): bump regex from 2025.9.1 to 2025.9.18 in /hack/api-docs by @dependabot[bot] in #5346
  • chore(deps): bump apache/skywalking-eyes from 0.6.0 to 0.7.0 by @dependabot[bot] in #5342

New Contributors

Full Changelog: v0.19.2...v0.20.1

Check out latest releases or
releases around helm/external-secrets-operator/external-secrets 0.20.1

Don't miss a new external-secrets release

NewReleases is sending notifications on new releases.

Get notifications