github external-secrets/external-secrets v0.9.14

latest releases: helm-chart-0.9.16, v0.9.16, v0.8.16...
25 days ago

Image: ghcr.io/external-secrets/external-secrets:v0.9.14
Image: ghcr.io/external-secrets/external-secrets:v0.9.14-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.9.14-ubi-boringssl

What's Changed

  • Aws ssm parameterstore issue 1839 by @larntz in #2350
  • fix: implement parameterstore versions by @moolen in #2352
  • ๐Ÿ“š Update stability-support.md by @gusfcarvalho in #2358
  • chore(deps): bump actions/setup-python from 4.6.0 to 4.6.1 by @dependabot in #2366
  • Update stability-support.md by @IdanAdar in #2363
  • chore: update dependencies by @moolen in #2348
  • Adds PushSecret property compatibility with Hashicorp vault Provider by @gusfcarvalho in #2361
  • Adding session tags & transitive tags to SecretStore definition by @nimaft in #2372
  • feat: allow to set a common set of labels in the helm chart by @maximeguillet in #2379
  • chore(deps): bump mikepenz/release-changelog-builder-action from 3 to 4 by @dependabot in #2384
  • chore: update dependencies by @eso-service-account-app in #2386
  • Add reconcile_duration metrics by @shuheiktgw in #2382
  • Add status_condition metric for ClusterExternalSecret by @shuheiktgw in #2380
  • Fix the test Make task by @shuheiktgw in #2381
  • Fix exit with no error when cert violates lookahead by @fernferret in #2395
  • feat: add SLIs to dashboard by @moolen in #2360
  • Stop discarding golangci-lint errors by @shuheiktgw in #2383
  • chore(deps): bump golang from 1.20.4-alpine to 1.20.5-alpine by @dependabot in #2405
  • feat: add e2e tests for aws/assume-role by @moolen in #2376
  • feat: add ESO threat model by @moolen in #2308
  • chore: update dependencies by @eso-service-account-app in #2406
  • Set metadata to external secrets managed by cluster external secrets by @shuheiktgw in #2413
  • Add lower-kebab name transformer to Doppler provider by @watsonian in #2418
  • Fix E2E test setup on non-linux machines by @michaelsauter in #2414
  • Add Conjur provider by @davidh-cyberark in #2412
  • chore(deps): bump actions/setup-go from 3 to 4 by @dependabot in #2430
  • Mount ~/.gitconfig when running make docs by @shuheiktgw in #2421
  • Fix a broken link in docs/guides/security-best-practices.md by @shuheiktgw in #2420
  • enhance azure workload identity documentation by @mruoss in #2437
  • chore: update dependencies by @eso-service-account-app in #2432
  • Add status_condition metrics for the secret store controllers by @shuheiktgw in #2404
  • Add support for cert-manager managed webhook certs by @fernferret in #2394
  • chore: update roadmap status and version support by @moolen in #2441
  • fix: gen changelog and tags from the right branch by @moolen in #2443
  • fix: run helm release on release branch as well by @moolen in #2444
  • chore: bump helm chart by @moolen in #2442
  • Update docs/api/metrics.md by @shuheiktgw in #2445
  • chore: update dependencies by @eso-service-account-app in #2448
  • fix Error exposing secret in the logs by @jordiprats in #2431
  • Fix ClusterExternalSecret printcolumns by @shuheiktgw in #2451
  • docs: refer to support table for deletionPolicy support by @moolen in #2454
  • Add more context to error handling for parsing certs in order for log format to display properly by @DusanNikolic11 in #2428
  • Add IBM provider metadata to secret labels and/or annotations by @vsroy in #2429
  • feat: add @shuheiktgw as maintainer ๐ŸŽ‰ by @moolen in #2459
  • fix: add delinea env vars for e2e tests by @moolen in #2469
  • chore: update dependencies by @eso-service-account-app in #2463
  • Remove unused values from helm chart by @alexanderwoehler in #2470
  • fix: vault deletionPolicy by @moolen in #2455
  • Add support for Delinea DevOps Secrets Vault by @michaelsauter in #2415
  • Update documentation to add CyberArk Conjur provider by @bnasslahsen in #2473
  • chore: bump helm chart by @moolen in #2476
  • docs: adjust conjur documentation by @EvertonSA in #2485
  • Adding documentation for populating Kubernetes Secret with metadata fโ€ฆ by @vsroy in #2487
  • Adding feature info for populating metadata from IBM Secrets Manager by @vsroy in #2481
  • Kick ClusterExternalSecret reconciliation when a Namespace is updated by @shuheiktgw in #2486
  • Add processPushSecret key by @alex-souslik-hs in #2479
  • Refactor ClusterExternalSecretController tests by @shuheiktgw in #2499
  • chore(deps): bump golang from 1.20.5-alpine to 1.20.6-alpine by @dependabot in #2508
  • chore(deps): bump helm/kind-action from 1.7.0 to 1.8.0 by @dependabot in #2510
  • chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 by @dependabot in #2509
  • Highlight that property field must be set for DSV secret by @michaelsauter in #2511
  • Use PartialObjectMetadata to get ExternalSecret by @shuheiktgw in #2504
  • Remove builder.OnlyMetadata by @shuheiktgw in #2505
  • fix: downgrade pyyaml <6.0 by @moolen in #2516
  • Fix ClusterExternalSecret FailedNamespaces and ProvisionedNamespaces by @shuheiktgw in #2506
  • Install tools implicitly by @shuheiktgw in #2527
  • Fix CES problems by @shuheiktgw in #2526
  • Update docs in common-k8s-secret-types.md by @rmdg88 in #2541
  • Bug/escape special characters vault by @arnouthoebreckx in #2537
  • Fixed potential linting issue on webhook pdb manifest by @vtorikianupgrade in #2551
  • helm: Add certController readiness port configuration and link prometheus.service.port to args by @noony in #2529
  • IBM Provider: Fix documentation templating errors by @Evan-Bluhm in #2564
  • Fix flaky ClusterExternalSecret test by @shuheiktgw in #2558
  • Disable Git top-level directory owner check by @shuheiktgw in #2559
  • added userPass authentication to the hashicorp vault provider by @c0ffee in #2539
  • Support PushSecret Property for GCP by @shuheiktgw in #2465
  • chore: bump dependencies by @moolen in #2568
  • Integrate Cloak Secrets by @9876691 in #2108
  • docs: update release process by @moolen in #2570
  • Bumping 0.9.2 by @gusfcarvalho in #2574
  • feat: Include remove orphans logic by @dacamposol in #1389
  • Remove paginating namespaces by @shuheiktgw in #2580
  • IBM Provider: convert the fetched secret to map to access the properties by @Shanti-G in #2597
  • Revert "IBM Provider: convert the fetched secret to map to access the properties" by @IdanAdar in #2602
  • IBM Provider: convert the fetched secret to map to access the properties by @Shanti-G in #2603
  • Fix orphaned secrets logic with CreationPolicy=Merge by @gusfcarvalho in #2587
  • Fix grafana dashboard $datasource by @NissesSenap in #2594
  • Update the devguide by @shuheiktgw in #2588
  • Fixing when orphaned secret deletion when target.Name is not set by @gusfcarvalho in #2609
  • chore: update dependencies by @eso-service-account-app in #2605
  • release 0.9.3 by @gusfcarvalho in #2612
  • IBM Provider: handle special case for imported cert secret type by @Shanti-G in #2629
  • Set builder.OnlyMetadata back for Secrets by @shuheiktgw in #2625
  • IBM Provider: handle case where secret is destroyed by @Shanti-G in #2637
  • Update docs FAQ regarding refreshTime and lastTransitionTime by @rakrueger in #2640
  • Fix a command in Google Cloud Secret Manager document by @ftnext in #2627
  • Update common-k8s-secret-types.md by @Layer8Err in #2624
  • chore(deps): bump golang from 1.20.6-alpine to 1.21.0-alpine by @dependabot in #2604
  • Using Bitwarden notes for multiline secrets by @laszlocph in #2635
  • fix: template funcs need to be wrapped in raw block by @moolen in #2642
  • fixing label limits by @gusfcarvalho in #2645
  • chore: bump 0.9.4 by @moolen in #2649
  • Add in s390x build by @Joshua-Beha in #2613
  • Fix a ClusterExternalSecret flaky test by @shuheiktgw in #2641
  • Stop using builder.OnlyMetadata for ExternalSecrets by @shuheiktgw in #2626
  • docs: add AWS IAM policy for usage with PushSecret by @aschaber1 in #2653
  • Stop ignoring ExternalSecret reconciliation error by @shuheiktgw in #2583
  • Remove metrics when a resouce is deleted by @shuheiktgw in #2576
  • Delete old ClusterExternalSecrets when name changed by @shuheiktgw in #2601
  • Introduce RetrySettings support for Hashicorp Vault by @12345ieee in #2528
  • fix(externalsecret): infinite reconcile loop with Merge secret by @agaudreault in #2525
  • chore: bump dependencies by @moolen in #2654
  • Report not ready when no namespace matches by @shuheiktgw in #2582
  • chore: update dependencies by @eso-service-account-app in #2657
  • Support PushSecret metadata by @shuheiktgw in #2600
  • bump Kubernetes support version by @moolen in #2659
  • chore: bump EKS e2e test version by @moolen in #2666
  • chore: update dependencies by @eso-service-account-app in #2675
  • Refacto scaleway provider by @luxifer in #2667
  • Convert IBM auth struct fields to pointers by @Akurata in #2669
  • Docs: Improve Hashicorp Vault PushSecret documentation by @xoanmi in #2679
  • feat: Updated check ServiceMontior check to include APIVersions check for helm charts by @ppatel1604 in #2683
  • chore(deps): bump tibdex/github-app-token from 1 to 2 by @dependabot in #2686
  • Fix: Replaced selectorLabels with labels by @ppatel1604 in #2672
  • chore(deps): bump actions/checkout from 3 to 4 by @dependabot in #2687
  • chore(deps): bump golang from 1.21.0-alpine to 1.21.1-alpine by @dependabot in #2688
  • fix: do not swallow errors when create or update fails by @moolen in #2693
  • fix: ensure to correctly encode binary data as base64 by @moolen in #2681
  • chore(deps): bump docker/setup-qemu-action from 2 to 3 by @dependabot in #2707
  • chore(deps): bump docker/login-action from 2 to 3 by @dependabot in #2708
  • chore(deps): bump docker/setup-buildx-action from 2 to 3 by @dependabot in #2706
  • chore: update dependencies by @eso-service-account-app in #2710
  • Update Flux example to 0.9.4 by @Apollorion in #2715
  • Documentation: callout templating escapes for helm users by @rteeling in #2704
  • fix: do not recreate secret if deletion timestamp is set by @markuslackner in #2718
  • Use locks for GCP PushSecrets by @shuheiktgw in #2678
  • fix: assign default value to prevent nil panic by @moolen in #2722
  • chore: update dependencies by @moolen in #2724
  • chore: bump version by @moolen in #2725
  • Let ManagedField handle metadata by @shuheiktgw in #2705
  • Conjur JWT support by @kbristow in #2591
  • chore: update dependencies by @eso-service-account-app in #2729
  • Complement full-cluster-secret-store oracle provider example by @antoniolago in #2731
  • Fix helm.test by reflecting recent changes by @shuheiktgw in #2733
  • Reflect certController.readinessProbe.port to readinessProbe by @shuheiktgw in #2732
  • Support PushSecret Property for AWS SM by @benbertrands in #2623
  • doc: add more info for clusterLocation parameter in gcp by @ricosega in #2741
  • Scaleway secret path by @luxifer in #2737
  • add force flag to bitwarden sync in bitwarden cli deployment documentation by @garyhodgson in #2742
  • chore: update dependencies by @eso-service-account-app in #2749
  • chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 by @dependabot in #2765
  • chore(deps): bump golang from 1.21.1-alpine to 1.21.2-alpine by @dependabot in #2766
  • [adopters] Adding Pets at home by @userbradley in #2773
  • leverage IBM provider's latest API to get the secret by name by @Shanti-G in #2750
  • Oracle provider retry by @shuheiktgw in #2762
  • Updated docum of PushSecret by @sebagomez in #2391
  • fix: enable sharedConfigState in AWS auth provider by @Kevintjeb in #2777
  • Fix the k8s double encoding problem by @shuheiktgw in #2760
  • docs: mention auth-delegator role in vault provider by @moolen in #2734
  • bump chart to 0.9.6 by @knelasevero in #2786
  • chore: update dependencies by @eso-service-account-app in #2788
  • chore(deps): bump golang from 1.21.2-alpine to 1.21.3-alpine by @dependabot in #2787
  • feat: bump go + deps by @moolen in #2794
  • bump 0.9.7 chart by @knelasevero in #2796
  • chore(deps): bump fkirc/skip-duplicate-actions from 5.3.0 to 5.3.1 by @dependabot in #2797
  • fix: do not iterate on the raw response value by @moolen in #2801
  • Oracle: Workload Identity authentication by @anders-swanson in #2781
  • fix: update the linter so that it runs latest and disable debguard by @Skarlso in #2806
  • fix: also fix the ci jobs linter version by @Skarlso in #2807
  • add directive to apply template on secret names by @sonny-semc in #2802
  • feat: add namespace list selector to ClusterExternalSecrets by @Skarlso in #2803
  • Add Support for fips regions. by @tomelliot16 in #2805
  • Fix skew between refreshInterval and refreshTime that can lead to skipped refresh. by @vtorikianupgrade in #2815
  • add missing commands to the getting started guide by @Nicolas-Roberto in #2751
  • feat: add AKS e2e managed by @moolen in #2811
  • chore: test e2e-managed & fixup docs by @moolen in #2818
  • chore: update dependencies by @eso-service-account-app in #2822
  • Add validations for the enum values by @shuheiktgw in #2819
  • feat: give @Skarlso maintainer permissions by @moolen in #2823
  • chore: release 0.9.8 by @moolen in #2826
  • Let setup-go handle go related caches by @shuheiktgw in #2828
  • Error enhancements for data[] array errors by @moolen in #2834
  • feat: k8s provider can handle all types of secret, fix #2709 by @minhoryang in #2792
  • feat: Oracle provider service account masquerade by @anders-swanson in #2817
  • ref: cleanup condition handling for objects by @Skarlso in #2829
  • design: PushSecret updatePolicy by @moolen in #2664
  • fix: remove sourceRef.generatorRef from .data[] by @moolen in #2735
  • Docs - Minor Note to assist future readers by @CharlKlein in #2839
  • Oracle provider implementation by @anders-swanson in #2840
  • chore: update dependencies by @eso-service-account-app in #2850
  • chore(deps): bump helm/chart-releaser-action from 1.5.0 to 1.6.0 by @dependabot in #2848
  • docs: Add Codefresh to list of adopters by @korenyoni in #2856
  • chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.6.1 by @dependabot in #2849
  • fix: add missing omitempty json tags for optional fields by @uhthomas in #2855
  • Support GetAllSecrets for the fake provider by @shuheiktgw in #2844
  • feat: fix cert-controller readiness probe by @moolen in #2857
  • Refactor the PushSecret interface by @shuheiktgw in #2859
  • feat: update dataFrom with use of generator by @LucasPimentel123 in #2793
  • Validate data or dataFrom existence by @shuheiktgw in #2867
  • Update PAUL.yaml to include roger by @knelasevero in #2873
  • bump 0.9.9 by @rogertuma in #2872
  • chore(deps): bump golang from 1.21.3-alpine to 1.21.4-alpine by @dependabot in #2870
  • feat: AWS SecretsManager Config (allow ForceDeleteWithoutRecovery for PushSecret) by @korenyoni in #2854
  • docs: remove additional space in dockercreds example that causes the last curly brace to be removed by @visokoo in #2877
  • docs: fix deprecation policy typo by @vsantos in #2875
  • add validations for the remaining enum values by @lakhanjindam in #2860
  • chore(deps): bump actions/github-script from 6 to 7 by @dependabot in #2889
  • chore: update dependencies by @eso-service-account-app in #2890
  • feat: allow pushing the whole secret to the provider by @Skarlso in #2862
  • design: PushSecret generator integration by @moolen in #2665
  • fix: webhook support more types when parsing response by @moolen in #2899
  • docs: Recommend use of Workload Identity for Azure Key Vault by @mloskot in #2906
  • Stop deleting all the Secret metadata by @shuheiktgw in #2900
  • Docs: Add details on how to use FilterPEM function by @arnoldrw in #2893
  • chore: update dependencies by @eso-service-account-app in #2903
  • fix: Small typo in the 'templateFrom' guide by @pabrahamsson in #2912
  • Remove references to Prometheus in Helm chart by @sebagomez in #2814
  • fix: ACR access token generator with Workload Identity by @moolen in #2913
  • Feat/Adding support for PushSecret using HashiCorp Vault KV v1 by @tal-asulin in #2879
  • feat(fake): deprecate ValueMap to use Value instead by @vsantos in #2884
  • typo: ref:#2917 Fix typo in ExtermalSecretRewriteTransform by @Kiyo510 in #2919
  • chore: update dependencies by @eso-service-account-app in #2922
  • Add CONTRIBUTING.md file by @szh in #2925
  • docs(alibaba): add access key authentication by @vsantos in #2934
  • Update Helm snapshot by @leomichalski in #2935
  • feat: add custom user agent to scaleway provider by @luxifer in #2938
  • chore(deps): bump actions/setup-go from 4 to 5 by @dependabot in #2943
  • chore(deps): bump actions/stale from 8 to 9 by @dependabot in #2942
  • chore(deps): bump actions/setup-python from 4.7.1 to 5.0.0 by @dependabot in #2941
  • chore(deps): bump golang from 1.21.4-alpine to 1.21.5-alpine by @dependabot in #2944
  • chore: update dependencies by @eso-service-account-app in #2946
  • Update contact email (#2948) by @rrgodhorus in #2949
  • bump 0.9.10 by @rogertuma in #2958
  • Helm pod spec extra by @adrianrobotka in #2930
  • chore: update dependencies by @eso-service-account-app in #2960
  • Add support for IBM Cloud Service Credentials secret type by @nitzann in #2950
  • Minor: extension of PR #2950 Add support for IBM Cloud Service Credentials secret type by @Shanti-G in #2967
  • chore: replace deprecated command with environment file by @jongwooo in #2970
  • feat: introduce tilt into the development process by @Skarlso in #2966
  • fix(chart): setting processPushSecret by @fadecore in #2968
  • feat: add templating to PushSecret by @Skarlso in #2926
  • Disable certController when certManager is enabled by webhook by @kaldorn in #2952
  • fix: do not error if helm chart version already exists by @moolen in #2974
  • chore: update dependencies by @eso-service-account-app in #2978
  • fix: bump kubernetes version support by @moolen in #2981
  • bump 0.9.11 by @moolen in #2982
  • chore(deps): bump golang from 1.20.1 to 1.21.5 by @dependabot in #2976
  • fix: chart: update cert-manager cert. duration by @Tycale in #2986
  • chore: update dependencies by @eso-service-account-app in #2988
  • Fix value name by @Aransh in #2985
  • feat: add ability to define flavour for tag by @a1994sc in #2881
  • Fix typo in pushsecrets docs by @matusf in #2998
  • feat: add PushSecret and DeleteSecret to onepassword provider by @bthuilot in #2646
  • Configure codecov by @shuheiktgw in #2995
  • added some example for v2 literal templating by @rpasche in #3007
  • Akeyless Provider - Add support for Certificate items by @barucoh in #3013
  • chore: update dependencies by @eso-service-account-app in #3005
  • Feat/allow keeper to work with complex types by @ppodevlabs in #3016
  • docs: update controller reconcile error rule by @aslafy-z in #3021
  • Issue/2965 - Documentation does not reflect latest changes for datafrom for IBM Secret Manager by @fdberlking in #3010
  • doc: update bitwarden-cli image & version by @charlesthomas in #2971
  • Update the ExternalSecret status even when data is empty by @shuheiktgw in #2927
  • grammar - it is by @aviadkray in #2991
  • gramar2 - intuitive not intuative by @aviadkray in #2992
  • docs: add command to install CRDs using kustomize by @PeterStolz in #3023
  • Validator by @Mehrbod2002 in #3003
  • chore(deps): bump golang from 1.21.5 to 1.21.6 by @dependabot in #3024
  • feat: set default namespace on vault secretStore (namespaced ressource) by @M0NsTeRRR in #2869
  • Create OSSF scorecard job by @moolen in #3032
  • feat: add support for Hashicorp Vault mTLS by @rodrigorfk in #3018
  • [Snyk] Fix for 5 vulnerabilities by @moolen in #3036
  • chore(deps): bump tornado from 6.3.3 to 6.4 in /hack/api-docs by @dependabot in #3051
  • chore(deps): bump click from 8.1.3 to 8.1.7 in /hack/api-docs by @dependabot in #3050
  • chore(deps): bump actions/cache from 3.3.3 to 4.0.0 by @dependabot in #3049
  • chore(deps): bump github/codeql-action from 2.2.4 to 3.23.1 by @dependabot in #3048
  • chore(deps): bump markupsafe from 2.1.1 to 2.1.3 in /hack/api-docs by @dependabot in #3047
  • chore(deps): bump mkdocs-macros-plugin from 0.7.0 to 1.0.5 in /hack/api-docs by @dependabot in #3046
  • chore(deps): bump actions/checkout from 3.1.0 to 4.1.1 by @dependabot in #3044
  • chore(deps): bump golang from fd78f2f to fd78f2f by @dependabot in #3042
  • chore(deps): bump ubi8/ubi-minimal from d8b81a3 to 2882390 by @dependabot in #3041
  • chore(deps): bump alpine from 13b7e62 to 51b6726 in /e2e by @dependabot in #3040
  • chore(deps): bump golang from 04cf306 to c4b696f in /e2e by @dependabot in #3038
  • chore(deps): bump mkdocs-material from 9.5.3 to 9.5.4 in /hack/api-docs by @dependabot in #3043
  • chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.3.1 by @dependabot in #3045
  • docs: add security response process by @moolen in #3037
  • Fix wrong namespaceSelector configuration in snippet in document by @kyasbal in #3054
  • chore: refactor/centralise secretKeyRef usage by @moolen in #3022
  • chore: fixup security response suggestions by @moolen in #3056
  • feat: allow provider to return admission warnings by @moolen in #3058
  • chore(deps): bump alpine from 3.18 to 3.19 in /hack/api-docs by @dependabot in #3039
  • chore: add tests for AWS/SM by @moolen in #3057
  • chore(deps): bump mkdocs-minify-plugin from 0.5.0 to 0.7.2 in /hack/api-docs by @dependabot in #3063
  • chore(deps): bump markupsafe from 2.1.3 to 2.1.4 in /hack/api-docs by @dependabot in #3062
  • chore: update dependencies by @eso-service-account-app in #3065
  • added metrics support for akeyless by @charan986 in #3069
  • chore: bump jwx pkg by @moolen in #3075
  • IBM provider: remove deprecated code for fetching secret by name by @Shanti-G in #3078
  • chore(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 by @dependabot in #3090
  • chore(deps): bump golang from fd78f2f to a6a7f1f by @dependabot in #3086
  • chore(deps): bump alpine from 51b6726 to c5b1261 in /hack/api-docs by @dependabot in #3088
  • chore(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in #3089
  • chore(deps): bump golang from c4b696f to d8c365d in /e2e by @dependabot in #3084
  • chore(deps): bump alpine from 51b6726 to c5b1261 by @dependabot in #3087
  • ๐Ÿงน refactor vault provider by @moolen in #3072
  • chore: bump ubi image by @moolen in #3096
  • chore: update dependencies by @eso-service-account-app in #3091
  • chore(deps): bump alpine from 3.19.0 to 3.19.1 in /e2e by @dependabot in #3083
  • chore(deps): bump codecov/codecov-action from 3.1.5 to 4.0.1 by @dependabot in #3104
  • chore(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in #3103
  • chore: update dependencies by @eso-service-account-app in #3113
  • chore(deps): bump peter-evans/slash-command-dispatch from 3.0.2 to 4.0.0 by @dependabot in #3102
  • Feat/ready condition early by @ppatel1604 in #3077
  • chore(deps): bump mkdocs-material from 9.5.4 to 9.5.7 in /hack/api-docs by @dependabot in #3106
  • chore(deps): bump platformdirs from 4.1.0 to 4.2.0 in /hack/api-docs by @dependabot in #3105
  • chore(deps): bump markupsafe from 2.1.4 to 2.1.5 in /hack/api-docs by @dependabot in #3107
  • chore(deps): bump urllib3 from 2.1.0 to 2.2.0 in /hack/api-docs by @dependabot in #3109
  • chore(deps): bump mkdocs-minify-plugin from 0.7.2 to 0.8.0 in /hack/api-docs by @dependabot in #3108
  • bump 0.9.12 by @rogertuma in #3125
  • temporarily removing ossf checks for helm release by @gusfcarvalho in #3128
  • chore(deps): bump aquasecurity/trivy-action from f3d98514b056d8c71a3552e8328c225bc7f6f353 to 84384bd6e777ef152729993b8145ea352e9dd3ef by @dependabot in #3142
  • chore(deps): bump ubi8/ubi-minimal from c9c8f91 to 6825946 by @dependabot in #3137
  • feat: add push secret to e2e tests by @Skarlso in #3017
  • Implementation of Chef External Secrets Provider by @sourav977 in #3127
  • feat: add support for Pulumi ESC by @dirien in #2997
  • chore(deps): bump watchdog from 3.0.0 to 4.0.0 in /hack/api-docs by @dependabot in #3134
  • chore(deps): bump certifi from 2023.11.17 to 2024.2.2 in /hack/api-docs by @dependabot in #3135
  • chore(deps): bump mkdocs-material from 9.5.7 to 9.5.9 in /hack/api-docs by @dependabot in #3136
  • chore(deps): bump golang from 1.21.6 to 1.22.0 by @dependabot in #3138
  • chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in #3140
  • chore(deps): bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /e2e by @dependabot in #3139
  • chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 by @dependabot in #3141
  • chore: update dependencies by @eso-service-account-app in #3143
  • Start the helm workflow when files in deploy/crds change by @shuheiktgw in #3098
  • Implements Webhook Generator by @gusfcarvalho in #3121
  • Run unit tests on the main branch by @shuheiktgw in #3126
  • fix(docs): Fix indentation in vault-pushsecret.yaml by @mboutet in #3156
  • issue/3153 - added missing snapshots for Pulumi and Chef crd tests by @fdberlking in #3154
  • bump 0.9.13 by @gusfcarvalho in #3162
  • chore(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in #3171
  • Set CODECOV_TOKEN to upload results from the upstream branches by @shuheiktgw in #3165
  • chore(deps): bump distroless/static from 9be3fcc to a43abc8 by @dependabot in #3169
  • [typo] Changing date from 2023 to 2024 in mkdocs site by @userbradley in #3176
  • chore: update dependencies by @eso-service-account-app in #3174
  • Conjur E2E Tests for API Key Authentication by @szh in #3120
  • Proposal for provider separation by @gusfcarvalho in #2655
  • chore(deps): bump urllib3 from 2.2.0 to 2.2.1 in /hack/api-docs by @dependabot in #3166
  • chore(deps): bump mkdocs-material from 9.5.9 to 9.5.10 in /hack/api-docs by @dependabot in #3167
  • chore(deps): bump golang from 8e96e6c to 8e96e6c by @dependabot in #3168
  • chore(deps): bump fossas/fossa-action from 45d0cd825dcbe195c58a83662b0abb684ca739d8 to 47ef11b1e1e3812e88dae436ccbd2d0cbd1adab0 by @dependabot in #3170
  • chore(deps): bump golang from 874c267 to 925fe3f in /e2e by @dependabot in #3172
  • Add PEM to PKCS12 template function by @WatcherWhale in #3101
  • chore(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in #3193
  • chore(deps): bump distroless/static from a43abc8 to 072d78b by @dependabot in #3194
  • chore(deps): bump ubi8/ubi-minimal from 6825946 to 8bedbe7 by @dependabot in #3195
  • chore(deps): bump importlib-resources from 6.1.1 to 6.1.2 in /hack/api-docs by @dependabot in #3196
  • chore(deps): bump mkdocs-material from 9.5.10 to 9.5.11 in /hack/api-docs by @dependabot in #3197
  • chore(deps): bump codecov/codecov-action from 4.0.1 to 4.1.0 by @dependabot in #3203
  • feat(generator/webhook): Improve error message by @marcosinger in #3190
  • ADD sdkms base implementation by @RecuencoJones in #3180
  • docs: Add logo and favicon to docs by @PeterStolz in #3206
  • Onboardbase by @limistah in #2697
  • 3012 - Probes for external-secrets by @fdberlking in #3131
  • Revert "3012 - Probes for external-secrets" by @Skarlso in #3213
  • issue/3214 - correct failing crds helm.tests for providers onboardbase and fortanix by @fdberlking in #3215
  • Conjur E2E Tests for K8s JWT Authentication by @szh in #3217
  • chore(deps): bump python-dateutil from 2.8.2 to 2.9.0.post0 in /hack/api-docs by @dependabot in #3227
  • chore(deps): bump mkdocs-material from 9.5.11 to 9.5.12 in /hack/api-docs by @dependabot in #3226
  • chore(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 by @dependabot in #3224
  • chore(deps): bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #3225
  • chore(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #3223
  • chore(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in #3222
  • issue/3231 - updated helm.tests with latest crds changes for JWT authentication by @fdberlking in #3232
  • docs: adds note to Lifecycle creation policy owner docs by @knelasevero in #3235
  • Implement Doppler Secret Push and Delete functions by @filedeploy in #3200
  • Update Scaleway provider to use v1beta1 API version by @luxifer in #3205
  • Add 'namespaceOverride' value for helm chart by @v-starodubov in #3082
  • fixed gitlab error typo: gilabClient -> gitlabClient by @vtrenton in #3241
  • Add PushSecret UpdatePolicy (to replace PR #3100) by @maresac in #3117
  • chore: update dependencies by @eso-service-account-app in #3229
  • feat: add secret push format to AWS secrets manager by @Skarlso in #3189
  • fix: location of secruity context when updating deploying using Tilt by @Skarlso in #3245
  • Integrate Passworddepot by @Sulfixx in #2799
  • chore(deps): bump golang from 1.22.0-bookworm to 1.22.1-bookworm in /e2e by @dependabot in #3254
  • chore(deps): bump softprops/action-gh-release from 1 to 2 by @dependabot in #3253
  • chore(deps): bump golang from 1.22.0 to 1.22.1 by @dependabot in #3251
  • chore(deps): bump pymdown-extensions from 10.7 to 10.7.1 in /hack/api-docs by @dependabot in #3250
  • chore(deps): bump mkdocs-material from 9.5.12 to 9.5.13 in /hack/api-docs by @dependabot in #3249
  • chore(deps): bump packaging from 23.2 to 24.0 in /hack/api-docs by @dependabot in #3248
  • chore(deps): bump importlib-metadata from 7.0.1 to 7.0.2 in /hack/api-docs by @dependabot in #3247
  • chore(deps): bump importlib-resources from 6.1.2 to 6.1.3 in /hack/api-docs by @dependabot in #3246
  • adjust position of principalType by @Hayden-Chang in #3252
  • issue/3262 - updated helm.tests with latest crds changes for passworddepot by @fdberlking in #3263
  • Update the CyberArk Provider docs by @benskelker in #3261
  • feat: add wait for values to be created and updated on 1Password side by @Skarlso in #3238
  • docs: Change default refreshInterval to 5m by @dirien in #3283
  • chore(deps): bump golang from fc5e584 to 0466223 by @dependabot in #3279
  • chore(deps): bump golang from 6699d28 to d996c64 in /e2e by @dependabot in #3280
  • chore(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #3273
  • chore(deps): bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by @dependabot in #3269
  • chore(deps): bump softprops/action-gh-release from 2.0.2 to 2.0.4 by @dependabot in #3270
  • chore(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in #3271
  • chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #3272
  • chore(deps): bump zipp from 3.17.0 to 3.18.1 in /hack/api-docs by @dependabot in #3274
  • chore(deps): bump markdown from 3.5.2 to 3.6 in /hack/api-docs by @dependabot in #3275
  • chore(deps): bump importlib-resources from 6.1.3 to 6.3.1 in /hack/api-docs by @dependabot in #3276
  • chore(deps): bump mkdocs-material from 9.5.13 to 9.5.14 in /hack/api-docs by @dependabot in #3277
  • chore(deps): bump distroless/static from 072d78b to 7e5c6a2 by @dependabot in #3278
  • chore: update dependencies by @eso-service-account-app in #3282
  • chore(deps): bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in #3297
  • chore(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by @dependabot in #3298
  • chore(deps): bump importlib-resources from 6.3.1 to 6.4.0 in /hack/api-docs by @dependabot in #3299
  • chore(deps): bump mkdocs-material from 9.5.14 to 9.5.15 in /hack/api-docs by @dependabot in #3300
  • feat: add vault auth namespace option by @blairdrummond in #3157
  • chore(deps): bump importlib-metadata from 7.0.2 to 7.1.0 in /hack/api-docs by @dependabot in #3301
  • fix: allow pushing the whole secret to Vault by @rodrigorfk in #3288
  • Global scheduling parameters by @delaskoff in #3306
  • Allow Pulimi to extract structured data. by @alphayax in #3308
  • feat: Also publish helm chart to OCI registry (ghcr.io) by @mkilchhofer in #3209
  • bump cosign by @knelasevero in #3314

New Contributors

  • @larntz made their first contribution in #2350
  • @nimaft made their first contribution in #2372
  • @maximeguillet made their first contribution in #2379
  • @fernferret made their first contribution in #2395
  • @watsonian made their first contribution in #2418
  • @michaelsauter made their first contribution in #2414
  • @davidh-cyberark made their first contribution in #2412
  • @mruoss made their first contribution in #2437
  • @jordiprats made their first contribution in #2431
  • @DusanNikolic11 made their first contribution in #2428
  • @vsroy made their first contribution in #2429
  • @alexanderwoehler made their first contribution in #2470
  • @bnasslahsen made their first contribution in #2473
  • @EvertonSA made their first contribution in #2485
  • @alex-souslik-hs made their first contribution in #2479
  • @rmdg88 made their first contribution in #2541
  • @arnouthoebreckx made their first contribution in #2537
  • @vtorikianupgrade made their first contribution in #2551
  • @noony made their first contribution in #2529
  • @Evan-Bluhm made their first contribution in #2564
  • @c0ffee made their first contribution in #2539
  • @9876691 made their first contribution in #2108
  • @dacamposol made their first contribution in #1389
  • @NissesSenap made their first contribution in #2594
  • @rakrueger made their first contribution in #2640
  • @ftnext made their first contribution in #2627
  • @Layer8Err made their first contribution in #2624
  • @laszlocph made their first contribution in #2635
  • @Joshua-Beha made their first contribution in #2613
  • @aschaber1 made their first contribution in #2653
  • @12345ieee made their first contribution in #2528
  • @agaudreault made their first contribution in #2525
  • @luxifer made their first contribution in #2667
  • @Akurata made their first contribution in #2669
  • @xoanmi made their first contribution in #2679
  • @ppatel1604 made their first contribution in #2683
  • @Apollorion made their first contribution in #2715
  • @rteeling made their first contribution in #2704
  • @markuslackner made their first contribution in #2718
  • @kbristow made their first contribution in #2591
  • @antoniolago made their first contribution in #2731
  • @benbertrands made their first contribution in #2623
  • @ricosega made their first contribution in #2741
  • @garyhodgson made their first contribution in #2742
  • @userbradley made their first contribution in #2773
  • @Kevintjeb made their first contribution in #2777
  • @anders-swanson made their first contribution in #2781
  • @Skarlso made their first contribution in #2806
  • @sonny-semc made their first contribution in #2802
  • @tomelliot16 made their first contribution in #2805
  • @Nicolas-Roberto made their first contribution in #2751
  • @minhoryang made their first contribution in #2792
  • @korenyoni made their first contribution in #2856
  • @uhthomas made their first contribution in #2855
  • @LucasPimentel123 made their first contribution in #2793
  • @rogertuma made their first contribution in #2872
  • @visokoo made their first contribution in #2877
  • @vsantos made their first contribution in #2875
  • @lakhanjindam made their first contribution in #2860
  • @mloskot made their first contribution in #2906
  • @arnoldrw made their first contribution in #2893
  • @pabrahamsson made their first contribution in #2912
  • @tal-asulin made their first contribution in #2879
  • @Kiyo510 made their first contribution in #2919
  • @szh made their first contribution in #2925
  • @leomichalski made their first contribution in #2935
  • @rrgodhorus made their first contribution in #2949
  • @adrianrobotka made their first contribution in #2930
  • @jongwooo made their first contribution in #2970
  • @fadecore made their first contribution in #2968
  • @kaldorn made their first contribution in #2952
  • @Tycale made their first contribution in #2986
  • @Aransh made their first contribution in #2985
  • @a1994sc made their first contribution in #2881
  • @matusf made their first contribution in #2998
  • @bthuilot made their first contribution in #2646
  • @rpasche made their first contribution in #3007
  • @barucoh made their first contribution in #3013
  • @aslafy-z made their first contribution in #3021
  • @fdberlking made their first contribution in #3010
  • @charlesthomas made their first contribution in #2971
  • @aviadkray made their first contribution in #2991
  • @PeterStolz made their first contribution in #3023
  • @Mehrbod2002 made their first contribution in #3003
  • @M0NsTeRRR made their first contribution in #2869
  • @rodrigorfk made their first contribution in #3018
  • @kyasbal made their first contribution in #3054
  • @sourav977 made their first contribution in #3127
  • @dirien made their first contribution in #2997
  • @mboutet made their first contribution in #3156
  • @WatcherWhale made their first contribution in #3101
  • @marcosinger made their first contribution in #3190
  • @RecuencoJones made their first contribution in #3180
  • @limistah made their first contribution in #2697
  • @filedeploy made their first contribution in #3200
  • @v-starodubov made their first contribution in #3082
  • @vtrenton made their first contribution in #3241
  • @maresac made their first contribution in #3117
  • @Sulfixx made their first contribution in #2799
  • @Hayden-Chang made their first contribution in #3252
  • @benskelker made their first contribution in #3261
  • @blairdrummond made their first contribution in #3157
  • @delaskoff made their first contribution in #3306
  • @alphayax made their first contribution in #3308
  • @mkilchhofer made their first contribution in #3209

Full Changelog: v0.8.14...v0.9.14

Don't miss a new external-secrets release

NewReleases is sending notifications on new releases.