Skip to content

Commit

Permalink
Merge pull request #58 from external-secrets/bump0914
Browse files Browse the repository at this point in the history 
bump0914
  • Loading branch information
@rogertuma
rogertuma authored Mar 30, 2024
2 parents 9741aac + 016754f commit e4d90cf
Show file tree
Hide file tree
Showing 12 changed files with 820 additions and 12 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# To re-generate a bundle for another specific version without changing the standard setup, you can:
# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
VERSION ?= 0.9.13
VERSION ?= 0.9.14

# CHANNELS define the bundle channels used in the bundle.
# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
Expand Down
12 changes: 6 additions & 6 deletions bundle/manifests/external-secrets-operator.clusterserviceversion.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -375,7 +375,7 @@ metadata:
"kind": "ExternalSecret",
"metadata": {
"annotations": {
"acme.org/sha": "1234"
"acme.org/sha": 1234
},
"labels": {
"acme.org/owned-by": "q-team"
Expand Down Expand Up @@ -671,8 +671,8 @@ metadata:
capabilities: Deep Insights
categories: Security
certified: "false"
containerImage: ghcr.io/external-secrets/external-secrets-helm-operator:v0.9.13
createdAt: "2024-02-17T14:10:05Z"
containerImage: ghcr.io/external-secrets/external-secrets-helm-operator:v0.9.14
createdAt: "2024-03-30T14:06:37Z"
description: Operator to configure external-secrets helm-chart based operator
operatorframework.io/cluster-monitoring: "true"
operators.openshift.io/infrastructure-features: '["Disconnected"]'
Expand All @@ -683,7 +683,7 @@ metadata:
labels:
operatorframework.io/arch.amd64: supported
operatorframework.io/os.linux: supported
name: external-secrets-operator.v0.9.13
name: external-secrets-operator.v0.9.14
namespace: external-secrets
spec:
apiservicedefinitions: {}
Expand Down Expand Up @@ -972,7 +972,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.annotations['olm.targetNamespaces']
image: ghcr.io/external-secrets/external-secrets-helm-operator:v0.9.13
image: ghcr.io/external-secrets/external-secrets-helm-operator:v0.9.14
livenessProbe:
httpGet:
path: /healthz
Expand Down Expand Up @@ -1070,4 +1070,4 @@ spec:
provider:
name: External Secrets
url: https://external-secrets.io
version: 0.9.13
version: 0.9.14
202 changes: 202 additions & 0 deletions bundle/manifests/external-secrets.io_clustersecretstores.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -976,6 +976,49 @@ spec:
- region
- vault
type: object
passworddepot:
description: Configures a store to sync secrets with a Password
Depot instance.
properties:
auth:
description: Auth configures how secret-manager authenticates
with a Password Depot instance.
properties:
secretRef:
properties:
credentials:
description: Username / Password is used for authentication.
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
type: string
name:
description: The name of the Secret resource being
referred to.
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
type: string
type: object
type: object
required:
- secretRef
type: object
database:
description: Database to use as source
type: string
host:
description: URL configures the Password Depot instance URL.
type: string
required:
- auth
- database
- host
type: object
vault:
description: Vault configures this store to sync secrets using
Hashi provider
Expand Down Expand Up @@ -2322,6 +2365,11 @@ spec:
properties:
account:
type: string
hostId:
description: |-
Optional HostID for JWT authentication. This may be used depending
on how the Conjur JWT authenticator policy is configured.
type: string
secretRef:
description: |-
Optional SecretRef that refers to a key in a Secret resource containing JWT token to
Expand Down Expand Up @@ -2585,6 +2633,37 @@ spec:
required:
- data
type: object
fortanix:
description: Fortanix configures this store to sync secrets using
the Fortanix provider
properties:
apiKey:
description: APIKey is the API token to access SDKMS Applications.
properties:
secretRef:
description: SecretRef is a reference to a secret containing
the SDKMS API Key.
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
type: string
name:
description: The name of the Secret resource being
referred to.
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
type: string
type: object
type: object
apiUrl:
description: APIURL is the URL of SDKMS API. Defaults to `sdkms.fortanix.com`.
type: string
type: object
gcpsm:
description: GCPSM configures this store to sync secrets using
Google Cloud Platform Secret Manager provider
Expand Down Expand Up @@ -2948,6 +3027,78 @@ spec:
required:
- auth
type: object
onboardbase:
description: Onboardbase configures this store to sync secrets
using the Onboardbase provider
properties:
apiHost:
default: https://public.onboardbase.com/api/v1/
description: APIHost use this to configure the host url for
the API for selfhosted installation, default is https://public.onboardbase.com/api/v1/
type: string
auth:
description: Auth configures how the Operator authenticates
with the Onboardbase API
properties:
apiKeyRef:
description: |-
OnboardbaseAPIKey is the APIKey generated by an admin account.
It is used to recognize and authorize access to a project and environment within onboardbase
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
type: string
name:
description: The name of the Secret resource being
referred to.
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
type: string
type: object
passcodeRef:
description: OnboardbasePasscode is the passcode attached
to the API Key
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
type: string
name:
description: The name of the Secret resource being
referred to.
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
type: string
type: object
required:
- apiKeyRef
- passcodeRef
type: object
environment:
default: development
description: Environment is the name of an environmnent within
a project to pull the secrets from
type: string
project:
default: development
description: Project is an onboardbase project that the secrets
should be pulled from
type: string
required:
- apiHost
- auth
- environment
- project
type: object
onepassword:
description: OnePassword configures this store to sync secrets
using the 1Password Cloud provider
Expand Down Expand Up @@ -3123,6 +3274,49 @@ spec:
- region
- vault
type: object
passworddepot:
description: Configures a store to sync secrets with a Password
Depot instance.
properties:
auth:
description: Auth configures how secret-manager authenticates
with a Password Depot instance.
properties:
secretRef:
properties:
credentials:
description: Username / Password is used for authentication.
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
type: string
name:
description: The name of the Secret resource being
referred to.
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
type: string
type: object
type: object
required:
- secretRef
type: object
database:
description: Database to use as source
type: string
host:
description: URL configures the Password Depot instance URL.
type: string
required:
- auth
- database
- host
type: object
pulumi:
description: Pulumi configures this store to sync secrets using
the Pulumi provider
Expand Down Expand Up @@ -3735,6 +3929,14 @@ spec:
- path
- username
type: object
namespace:
description: |-
Name of the vault namespace to authenticate to. This can be different than the namespace your secret is in.
Namespaces is a set of features within Vault Enterprise that allows
Vault environments to support Secure Multi-tenancy. e.g: "ns1".
More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces
This will default to Vault.Namespace field if set, or empty otherwise
type: string
tokenSecretRef:
description: TokenSecretRef authenticates with Vault by
presenting a token.
Expand Down
13 changes: 11 additions & 2 deletions bundle/manifests/external-secrets.io_pushsecrets.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -277,6 +277,14 @@ spec:
type:
type: string
type: object
updatePolicy:
default: Replace
description: 'UpdatePolicy to handle Secrets in the provider. Possible
Values: "Replace/IfNotExists". Defaults to "Replace".'
enum:
- Replace
- IfNotExists
type: string
required:
- secretStoreRefs
- selector
Expand Down Expand Up @@ -350,8 +358,9 @@ spec:
- match
type: object
type: object
description: Synced Push Secrets for later deletion. Matches Secret
Stores to PushSecretData that was stored to that secretStore.
description: |-
Synced PushSecrets, including secrets that already exist in provider.
Matches secret stores to PushSecretData that was stored to that secret store.
type: object
syncedResourceVersion:
description: SyncedResourceVersion keeps track of the last synced
Expand Down
Loading

0 comments on commit e4d90cf

Please sign in to comment.