Image: ghcr.io/external-secrets/external-secrets:v0.4.2
Changes
Breaking Changes
- Oracle Vault: Allow the use of Instance Principal if no authentication is provided.
This changes the CRD of Oracle Vault provider. It is not backwards compatible.
Before v0.4.2 the specification for Oracle vault provider was like this:
apiVersion: external-secrets.io/v1alpha1
kind: SecretStore
metadata:
name: example
spec:
provider:
oracle:
vault:
user: # User and Tenancy were part of the main provider block
tenancy:
region:
auth:
secretRef:
privatekey:
name: oracle-secret
key: privateKey
fingerprint:
name: oracle-secret
key: fingerprint
Now, it is like this:
apiVersion: external-secrets.io/v1alpha1
kind: SecretStore
metadata:
name: example-auth
spec:
provider:
oracle:
vault:
region:
auth:
user: # User and Tenancy are now part of the auth block
tenancy: #
secretRef:
privatekey:
name: oracle-secret
key: privateKey
fingerprint:
name: oracle-secret
key: fingerprint
General Changes
- [Updates] Updates in Documentation
- [Updates] Bumping several dependencies
- [Feature] Added Events for both Secret Stores and External Secrets
- [Feature] Added Secret Stores reconciliation loop and validation checks
- [Design] Added draft version for ExternalSecrets and SecretStores v1beta1
Provider Changes
Hashicorp Vault
- [Feature] Vault now allows the use of nested Json. Usage of Property field is now optional just like in the other providers.
Oracle Vault
- [Feature] [Breaking] OCL now uses Instance Principal if no authentication is provided.