Releases: external-secrets/external-secrets
v0.10.3
Image: ghcr.io/external-secrets/external-secrets:v0.10.3
Image: ghcr.io/external-secrets/external-secrets:v0.10.3-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.3-ubi-boringssl
What's Changed
- release: update helm charts to version v0.10.2 by @Skarlso in #3846
- Use Conjur API's built in JWT functions by @szh in #3771
- fix: set grpc resolver explicitly in yandex by @stek29 in #3838
- Add values.schema.json generation to Helm chart by @PrateekKumar1709 in #3774
- fix: only replace data if it is in the middle of the path by @Skarlso in #3852
- fix: bitwarden API url to point to the correct default location by @Skarlso in #3848
- feat: update bitwarden server sdk chart version by @Skarlso in #3850
- chore(deps): bump github/codeql-action from 3.26.5 to 3.26.6 by @dependabot in #3855
- chore(deps): bump actions/setup-python from 5.1.1 to 5.2.0 by @dependabot in #3856
- chore(deps): bump mkdocs-material from 9.5.33 to 9.5.34 in /hack/api-docs by @dependabot in #3857
- chore(deps): bump mkdocs from 1.6.0 to 1.6.1 in /hack/api-docs by @dependabot in #3858
- chore(deps): bump watchdog from 4.0.2 to 5.0.0 in /hack/api-docs by @dependabot in #3861
- chore(deps): bump certifi from 2024.7.4 to 2024.8.30 in /hack/api-docs by @dependabot in #3859
- chore(deps): bump zipp from 3.20.0 to 3.20.1 in /hack/api-docs by @dependabot in #3860
- chore: update dependencies by @eso-service-account-app in #3862
- Add blog post about ESO and IBM Secrets Manager by @sali2801 in #3867
- Removed duplicate and deprecated API spec page by @7Pawns in #3868
- Delinea provider is listed twice on the documentation page, and Delin… by @oscerd in #3874
- Updated supported versions table for 0.10 release by @shazib-summar in #3873
- feat: adds scarf to docs by @gusfcarvalho in #3876
- docs: Update sponsors by @gusfcarvalho in #3877
- chore: add eso tools page by @Sn0rt in #3870
- New Generator for UUIDs by @aschaber1 in #3296
- fix: update uuids.generator shortname by @Skarlso in #3883
- chore(deps): bump alpine from
0a4eaa0
tobeefdbd
in /hack/api-docs by @dependabot in #3884 - chore(deps): bump alpine from
0a4eaa0
tobeefdbd
by @dependabot in #3886 - chore(deps): bump distroless/static from
ce46866
to95eb83a
by @dependabot in #3887 - chore(deps): bump golang from 1.23.0 to 1.23.1 by @dependabot in #3888
- chore(deps): bump golang from 1.23.0-bookworm to 1.23.1-bookworm in /e2e by @dependabot in #3889
- chore(deps): bump alpine from 3.20.2 to 3.20.3 in /e2e by @dependabot in #3890
- chore(deps): bump watchdog from 5.0.0 to 5.0.2 in /hack/api-docs by @dependabot in #3891
- chore(deps): bump platformdirs from 4.2.2 to 4.3.2 in /hack/api-docs by @dependabot in #3892
- chore: update dependencies by @eso-service-account-app in #3893
New Contributors
- @stek29 made their first contribution in #3838
- @sali2801 made their first contribution in #3867
- @7Pawns made their first contribution in #3868
- @oscerd made their first contribution in #3874
- @Sn0rt made their first contribution in #3870
Full Changelog: v0.10.2...v0.10.3
helm-chart-0.10.3
External secret management for Kubernetes
v0.10.2
Image: ghcr.io/external-secrets/external-secrets:v0.10.2
Image: ghcr.io/external-secrets/external-secrets:v0.10.2-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.2-ubi-boringssl
What's Changed
- release: update helm charts to version v0.10.1 by @Skarlso in #3842
- fix: add watch to validatingwebhookconfigs by @gusfcarvalho in #3845
Full Changelog: v0.10.1...v0.10.2
helm-chart-0.10.2
External secret management for Kubernetes
helm-chart-0.10.1
External secret management for Kubernetes
v0.10.1
Image: ghcr.io/external-secrets/external-secrets:v0.10.1
Image: ghcr.io/external-secrets/external-secrets:v0.10.1-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.1-ubi-boringssl
What's Changed
- release: update helm chart to v0.10.0 by @Skarlso in #3758
- doc: add maintainer of the bitwarden secret manager provider by @Skarlso in #3762
- chore(deps): bump mkdocs-material from 9.5.30 to 9.5.31 in /hack/api-docs by @dependabot in #3763
- fix: decrypt remote parameter for SecureString type by @vsantos in #3761
- chore: update dependencies by @eso-service-account-app in #3766
- chore(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @dependabot in #3765
- chore(deps): bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by @dependabot in #3764
- feat: add beyondtrust provider by @btfhernandez in #3683
- chore: add minimal policy for fetching parameters from ssm by @KrisJohnstone in #3770
- Add Grafana Labs to ADOPTERS.md by @Duologic in #3787
- chore(deps): bump golang from 1.22.5 to 1.22.6 by @dependabot in #3778
- chore(deps): bump pyyaml from 6.0.1 to 6.0.2 in /hack/api-docs by @dependabot in #3779
- chore(deps): bump zipp from 3.19.2 to 3.20.0 in /hack/api-docs by @dependabot in #3780
- chore(deps): bump babel from 2.15.0 to 2.16.0 in /hack/api-docs by @dependabot in #3781
- chore(deps): bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /e2e by @dependabot in #3783
- chore(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #3784
- chore(deps): bump fossas/fossa-action from 1.3.3 to 1.4.0 by @dependabot in #3785
- chore(deps): bump watchdog from 4.0.1 to 4.0.2 in /hack/api-docs by @dependabot in #3782
- chore: update dependencies by @eso-service-account-app in #3786
- chore: update security best practice by @gusfcarvalho in #3794
- feat: add CAProvider to Bitwarden provider by @Skarlso in #3699
- fix: run helm.test.update on main branch by @Skarlso in #3816
- chore: update dependencies by @eso-service-account-app in #3815
- chore(deps): bump importlib-resources from 6.4.0 to 6.4.3 in /hack/api-docs by @dependabot in #3810
- chore(deps): bump markdown from 3.6 to 3.7 in /hack/api-docs by @dependabot in #3811
- Bump helm-docs image version to v1.7.0 in Makefile by @PrateekKumar1709 in #3806
- chore(deps): bump github/codeql-action from 3.26.0 to 3.26.2 by @dependabot in #3812
- chore(deps): bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /e2e by @dependabot in #3813
- chore: update go version of the project to 1.23 by @Skarlso in #3829
- Use maps package from standard library by @BooleanCat in #3828
- chore: update dependencies by @eso-service-account-app in #3836
- add the resourceNames(git commit -s) by @younaman in #3822
- chore(deps): bump mkdocs-material from 9.5.31 to 9.5.33 in /hack/api-docs by @dependabot in #3830
- chore(deps): bump importlib-metadata from 8.2.0 to 8.4.0 in /hack/api-docs by @dependabot in #3831
- chore(deps): bump paginate from 0.5.6 to 0.5.7 in /hack/api-docs by @dependabot in #3832
- chore(deps): bump golang from 1.22.6 to 1.23.0 by @dependabot in #3814
- chore(deps): bump github/codeql-action from 3.26.2 to 3.26.5 by @dependabot in #3835
- chore(deps): bump idna from 3.7 to 3.8 in /hack/api-docs by @dependabot in #3834
- chore(deps): bump importlib-resources from 6.4.3 to 6.4.4 in /hack/api-docs by @dependabot in #3833
- feat: implement GetSecretMap for Bitwarden provider by @Skarlso in #3800
- Demonstrate new slices/maps packages by @BooleanCat in #3839
New Contributors
- @btfhernandez made their first contribution in #3683
- @KrisJohnstone made their first contribution in #3770
- @PrateekKumar1709 made their first contribution in #3806
- @BooleanCat made their first contribution in #3828
- @younaman made their first contribution in #3822
Full Changelog: v0.10.0...v0.10.1
helm-chart-0.10.0
External secret management for Kubernetes
v0.10.0
-
Webhook Generator
Webhook generator labels have changed fromgenerators.external-secrets.io/type: webhook
toexternal-secrets.io/type: webhook
. -
Webhook Provider
Webhook provider now can only use secrets that are labeled withexternal-secrets.io/type: webhook
. This enforces explicit setup for webhook secrets by users.
Fixing the issue:
add the label for the secret used by the webhook:
apiVersion: v1
kind: Secret
metadata:
name: your-secret
labels:
external-secrets.io/type: webhook ### <<<<<<<<<<<<< ADD THIS
data:
...
Image: ghcr.io/external-secrets/external-secrets:v0.10.0
Image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi-boringssl
What's Changed
- chore: bump to 0.9.20 by @gusfcarvalho in #3660
- chore(deps): bump golang from 1.22.4 to 1.22.5 by @dependabot in #3662
- chore(deps): bump distroless/static from
4197211
toce46866
by @dependabot in #3663 - chore(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #3665
- chore(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 by @dependabot in #3666
- chore(deps): bump mkdocs-material from 9.5.27 to 9.5.28 in /hack/api-docs by @dependabot in #3667
- chore(deps): bump certifi from 2024.6.2 to 2024.7.4 in /hack/api-docs by @dependabot in #3668
- chore(deps): bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /e2e by @dependabot in #3669
- chore: update dependencies by @eso-service-account-app in #3670
- sets eso-service-account for creating e2e comments by @gusfcarvalho in #3678
- use github token for the actions check by @gusfcarvalho in #3679
- Add support for Delinea Secret Server by @pacificcode in #3468
- Fix: Only URL encode data being passed to URLs (#3652) by @ryanmeans in #3674
- Commenting secrets manifest from hashicorp vault integration #3661 by @jeffmachado in #3680
- docs: Fix
namespaceRegexes
in full-cluster-secret-store.yaml by @excalq in #3681 - Support for Oracle PushSecret.property #2911 by @Aeyk in #3577
- support for adding headers in vault provider by @abhinav1708 in #3677
- chore(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #3688
- chore(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #3691
- chore(deps): bump actions/setup-python from 5.1.0 to 5.1.1 by @dependabot in #3690
- chore(deps): bump aquasecurity/trivy-action from 0.23.0 to 0.24.0 by @dependabot in #3689
- chore(deps): bump golang from
8c9183f
to8c9183f
by @dependabot in #3687 - chore(deps): bump mkdocs-material from 9.5.28 to 9.5.29 in /hack/api-docs by @dependabot in #3692
- fix: aws secretmanager's SecretExists returns true for non-existent secrets by @mintbomb27 in #3684
- chore: update dependencies by @eso-service-account-app in #3693
- Added 2 articles I wrote on AWS secrets injection and ESO templating by @alinadir44 in #3707
- Update docs for namespaceSelectors usage and namespaceSelector deprecation by @mtougeron in #3695
- fix: add namespace to path and route construction by @Skarlso in #3632
- chore(deps): bump softprops/action-gh-release from 2.0.6 to 2.0.8 by @dependabot in #3708
- chore(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #3709
- Update bitwarden-secrets-manager.md by @zazathomas in #3710
- chore: update dependencies by @eso-service-account-app in #3711
- feat: add
PushSecret
support for Pulumi ESC by @dirien in #3597 - remove redundant parameter grab call, we already have the data by @rumenvasilev in #3722
- chore(deps): bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #3729
- chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #3727
- chore(deps): bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by @dependabot in #3728
- chore(deps): bump docker/setup-qemu-action from 3.1.0 to 3.2.0 by @dependabot in #3731
- chore(deps): bump github/codeql-action from 3.25.13 to 3.25.15 by @dependabot in #3730
- chore(deps): bump alpine from
77726ef
to0a4eaa0
by @dependabot in #3733 - chore(deps): bump golang from
8c9183f
to0d3653d
by @dependabot in #3732 - feat: increase verbosity of error message during validation by @Skarlso in #3742
- chore(deps): bump golang from
6c27802
toaf9b40f
in /e2e by @dependabot in #3734 - chore(deps): bump alpine from 3.20.1 to 3.20.2 in /e2e by @dependabot in #3735
- chore(deps): bump alpine from
b89d9c9
to0a4eaa0
in /hack/api-docs by @dependabot in #3736 - chore(deps): bump regex from 2024.5.15 to 2024.7.24 in /hack/api-docs by @dependabot in #3737
- chore(deps): bump mkdocs-material from 9.5.29 to 9.5.30 in /hack/api-docs by @dependabot in #3738
- chore(deps): bump importlib-metadata from 8.0.0 to 8.2.0 in /hack/api-docs by @dependabot in #3739
- chore(deps): bump pymdown-extensions from 10.8.1 to 10.9 in /hack/api-docs by @dependabot in #3740
- docs: Remove references to pemCertificate and pemPrivateKey functions by @trenslow in #3744
- chore: update dependencies by @eso-service-account-app in #3741
- docs: Improvements in the ExternalSecret comments in API section by @c-neto in #3725
- feat: add prefix definition to all secret keys for aws parameter store by @Skarlso in #3718
- feat: do not modify the secret in case of a NotModified by @Skarlso in #3746
- feat: webhook secrets must be labeled by @gusfcarvalho in #3753
- feat: support pkcs12 with chain in pushsecret to Azure KeyVault by @mysteq in #3747
- docs: document fullPemToPkcs12 and fullPemToPkcs12Pass helper functions by @mysteq in #3749
New Contributors
- @ryanmeans made their first contribution in #3674
- @jeffmachado made their first contribution in #3680
- @excalq made their first contribution in #3681
- @Aeyk made their first contribution in #3577
- @abhinav1708 made their first contribution in #3677
- @mintbomb27 made their first contribution in #3684
- @alinadir44 made their first contribution in #3707
- @mtougeron made their first contribution in #3695
- @zazathomas made their first contribution in #3710
- @rumenvasi...
v0.9.20
Image: ghcr.io/external-secrets/external-secrets:v0.9.20
Image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi-boringssl
What's Changed
- bump 0.9.19 by @knelasevero in #3553
- Fix typo: temaplate --> template by @lindhe in #3554
- Oracle Vault Provider Documentation by @anders-swanson in #3551
- feat: add location to GCP push secret by @Skarlso in #3502
- add log.level and log.encoding to all components by @KyriosGN0 in #3558
- chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in #3561
- chore(deps): bump aquasecurity/trivy-action from 0.21.0 to 0.22.0 by @dependabot in #3562
- chore(deps): bump tornado from 6.4 to 6.4.1 in /hack/api-docs by @dependabot in #3563
- chore(deps): bump packaging from 24.0 to 24.1 in /hack/api-docs by @dependabot in #3564
- chore(deps): bump mkdocs-material from 9.5.25 to 9.5.26 in /hack/api-docs by @dependabot in #3565
- chore(deps): bump zipp from 3.19.1 to 3.19.2 in /hack/api-docs by @dependabot in #3566
- chore(deps): bump ubi8/ubi-minimal from
9e458f4
to5f1cd34
by @dependabot in #3568 - chore(deps): bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /e2e by @dependabot in #3569
- chore(deps): bump golang from 1.22.3 to 1.22.4 by @dependabot in #3567
- Infisical provider by @akhilmhdh in #3477
- feat: kick github actions on main by @Skarlso in #3572
- feat: add support to set Type for AWS parameter store by @vsantos in #3576
- Remove shuheiktgw from maintainers by @shuheiktgw in #3573
- Add device42 provider by @smcavallo in #3571
- ref: parameter store should be called only once by @Skarlso in #3584
- chore: update dependencies by @eso-service-account-app in #3570
- feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache by @toVersus in #3588
- Support glob for namespaces condition in ClusterSecretStore by @speedfl in #2920
- Fix typo privatKey in multiple files by @IdanAdar in #3578
- chore(deps): bump mkdocs-material from 9.5.26 to 9.5.27 in /hack/api-docs by @dependabot in #3595
- chore(deps): bump github/codeql-action from 3.25.8 to 3.25.10 by @dependabot in #3591
- chore(deps): bump codecov/codecov-action from 4.4.1 to 4.5.0 by @dependabot in #3592
- chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #3590
- chore: update dependencies by @eso-service-account-app in #3596
- chore(deps): bump golang from
aec4784
to9678844
in /e2e by @dependabot in #3593 - chore(deps): bump golang from
9bdd569
to6522f0c
by @dependabot in #3594 - feat(chart): Enable partial cache for certcontroller when installCRDs=true by @toVersus in #3589
- Add skip unmanaged store logic for push secret controller by @Bude8 in #3123
- fix(vault): Fix crash when caching is enabled and a token expires by @agunnerson-elastic in #3598
- Remove the use of "golang.org/x/crypto/pkcs12" by @yihuaf in #3601
- Make UBI more tolerable from OS vulnerabilities by @IdanAdar in #3607
- fix: explicitly fetch status subresource due to inconsistencies by @moolen in #3608
- Adds codepath for removing finalizers by @lllamnyp in #3610
- chore: update dependencies by @eso-service-account-app in #3624
- chore(deps): bump alpine from 3.20.0 to 3.20.1 in /e2e by @dependabot in #3622
- chore(deps): bump alpine from
77726ef
tob89d9c9
in /hack/api-docs by @dependabot in #3621 - chore(deps): bump golang from
6522f0c
toace6cc3
by @dependabot in #3620 - chore(deps): bump urllib3 from 2.2.1 to 2.2.2 in /hack/api-docs by @dependabot in #3618
- chore(deps): bump importlib-metadata from 7.1.0 to 7.2.1 in /hack/api-docs by @dependabot in #3617
- chore(deps): bump livereload from 2.6.3 to 2.7.0 in /hack/api-docs by @dependabot in #3616
- chore(deps): bump aquasecurity/trivy-action from 0.22.0 to 0.23.0 by @dependabot in #3615
- chore(deps): bump softprops/action-gh-release from 2.0.5 to 2.0.6 by @dependabot in #3614
- Fix ACR External Secret example by @ellenfieldn in #3626
- feat: add bitwarden secret manager support by @Skarlso in #3603
- fix: e2e installation of ESO needs to update dependencies first by @Skarlso in #3635
- added secretserver env vars to e2e.yml by @pacificcode in #3636
- docs: fix dataFrom.find in ExternalSecret api example by @sboschman in #3633
- chore: update dependencies by @eso-service-account-app in #3641
- chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #3640
- chore(deps): bump importlib-metadata from 7.2.1 to 8.0.0 in /hack/api-docs by @dependabot in #3639
- add AuthRef to kubernetes provider fixes #3627 by @kaedwen in #3628
- fix: implement handling for pushing whole k8s secret to gcsm by @thejosephstevens in #3644
- bump e2e pipeline by @gusfcarvalho in #3646
- fix e2e permissions by @gusfcarvalho in #3647
- bump docs with e2e commands by @gusfcarvalho in #3648
- also needs pull-requests by @gusfcarvalho in #3649
- use github token to allow comment by @gusfcarvalho in #3651
- fix(webhook): perform conversion of data by @cardoe in #3638
- feat: implement pushing whole k8s secret to Azure Keyvault by @CCOLLOT in #3650
- fix(vault): Treat tokens expiring in <60s as expired by @agunnerson-elastic in #3637
- Allow specifying the same namespace for SecretStores by @shuheiktgw in #3555
- docs: add proposal for PushSecret metadata by @moolen in #3612
- fix github credentials by @gusfcarvalho in #3656
- docs: updated k8s support for ESO v0.9 by @shazib-summar in #3659
New Contributors
- @lindhe made their first contribution in #3554
- @KyriosGN0 made their first contribution in #3558
- @akhilmhdh made their first contribution in #3477
- @smcavallo made their first contribution in #3571
- @toVersus made their first contribution in #3588
- @speedfl made their first c...
helm-chart-0.9.20
External secret management for Kubernetes