diff --git a/common/.github/workflows/superlinter.yml b/common/.github/workflows/superlinter.yml index 55acbdb0..03b6fff9 100644 --- a/common/.github/workflows/superlinter.yml +++ b/common/.github/workflows/superlinter.yml @@ -21,7 +21,7 @@ jobs: # Run Linter against code base # ################################ - name: Lint Code Base - uses: github/super-linter/slim@v6 + uses: super-linter/super-linter/slim@v7 env: VALIDATE_ALL_CODEBASE: true DEFAULT_BRANCH: main @@ -31,10 +31,13 @@ jobs: VALIDATE_BASH: false VALIDATE_CHECKOV: false VALIDATE_JSCPD: false + VALIDATE_JSON_PRETTIER: false + VALIDATE_MARKDOWN_PRETTIER: false VALIDATE_KUBERNETES_KUBECONFORM: false VALIDATE_PYTHON_PYLINT: false VALIDATE_SHELL_SHFMT: false VALIDATE_YAML: false + VALIDATE_YAML_PRETTIER: false # VALIDATE_DOCKERFILE_HADOLINT: false # VALIDATE_MARKDOWN: false # VALIDATE_NATURAL_LANGUAGE: false diff --git a/common/Changes.md b/common/Changes.md index ed7d4bf6..8ade8ad6 100644 --- a/common/Changes.md +++ b/common/Changes.md @@ -124,7 +124,7 @@ ## October 3, 2022 * Restore the ability to install a non-default site: `make TARGET_SITE=mysite install` -* Revised tests (new output and filenames, requires adding new result files to git) +* Revised tests (new output and filenames, requires adding new result files to Git) * ACM 2.6 required for ACM-based managed sites * Introduced global.clusterDomain template variable (without the `apps.` prefix) * Removed the ability to send specific charts to another cluster, use hosted argo sites instead diff --git a/common/Makefile b/common/Makefile index e0f0c11b..785e5307 100644 --- a/common/Makefile +++ b/common/Makefile @@ -238,15 +238,18 @@ super-linter: ## Runs super linter locally -e VALIDATE_CHECKOV=false \ -e VALIDATE_DOCKERFILE_HADOLINT=false \ -e VALIDATE_JSCPD=false \ + -e VALIDATE_JSON_PRETTIER=false \ + -e VALIDATE_MARKDOWN_PRETTIER=false \ -e VALIDATE_KUBERNETES_KUBECONFORM=false \ -e VALIDATE_PYTHON_PYLINT=false \ -e VALIDATE_SHELL_SHFMT=false \ -e VALIDATE_TEKTON=false \ -e VALIDATE_YAML=false \ + -e VALIDATE_YAML_PRETTIER=false \ $(DISABLE_LINTERS) \ -v $(PWD):/tmp/lint:rw,z \ -w /tmp/lint \ - ghcr.io/super-linter/super-linter:slim-v6 + ghcr.io/super-linter/super-linter:slim-v7 .PHONY: ansible-lint ansible-lint: ## run ansible lint on ansible/ folder diff --git a/common/acm/Chart.yaml b/common/acm/Chart.yaml index 31fa54ea..3a7663b4 100644 --- a/common/acm/Chart.yaml +++ b/common/acm/Chart.yaml @@ -3,4 +3,4 @@ description: A Helm chart to configure Advanced Cluster Manager for OpenShift. keywords: - pattern name: acm -version: 0.1.0 +version: 0.1.1 diff --git a/common/acm/templates/policies/ocp-gitops-policy.yaml b/common/acm/templates/policies/ocp-gitops-policy.yaml index cdc0a7e1..1d54b78d 100644 --- a/common/acm/templates/policies/ocp-gitops-policy.yaml +++ b/common/acm/templates/policies/ocp-gitops-policy.yaml @@ -38,7 +38,7 @@ spec: channel: {{ default "gitops-1.12" .Values.main.gitops.channel }} installPlanApproval: Automatic name: openshift-gitops-operator - source: redhat-operators + source: {{ default "redhat-operators" .Values.main.gitops.operatorSource }} sourceNamespace: openshift-marketplace config: env: diff --git a/common/ansible/roles/iib_ci/README.md b/common/ansible/roles/iib_ci/README.md index 8c654dbb..de4b4107 100644 --- a/common/ansible/roles/iib_ci/README.md +++ b/common/ansible/roles/iib_ci/README.md @@ -1,6 +1,6 @@ # IIB Utilities -A set of ansible plays to fetch an IIB (Image Index Bundle, aka a container created by the operator sdk +A set of ansible plays to fetch an IIB (Image Index Bundle, aka a container created by the operator SDK that contains a bunch of references to operators that can be installed in an OpenShift cluster) Run `ansible-playbook common/ansible/playbooks/iib-ci/lookup.yml` to see which IIBs are available (defaults to diff --git a/common/ansible/roles/vault_utils/README.md b/common/ansible/roles/vault_utils/README.md index 7198752c..6b851f2a 100644 --- a/common/ansible/roles/vault_utils/README.md +++ b/common/ansible/roles/vault_utils/README.md @@ -55,7 +55,7 @@ By default, the first file that will looked up is The paths can be overridden by setting the environment variable `VALUES_SECRET` to the path of the secret file. -The values secret yaml files can be encrypted with `ansible-vault`. If the role detects they are encrypted, the password to +The values secret YAML files can be encrypted with `ansible-vault`. If the role detects they are encrypted, the password to decrypt them will be prompted when needed. ### Version 1.0 diff --git a/common/clustergroup/Chart.yaml b/common/clustergroup/Chart.yaml index b2d703a2..2bacbfc5 100644 --- a/common/clustergroup/Chart.yaml +++ b/common/clustergroup/Chart.yaml @@ -3,4 +3,4 @@ description: A Helm chart to create per-clustergroup ArgoCD applications and any keywords: - pattern name: clustergroup -version: 0.8.10 +version: 0.8.12 diff --git a/common/clustergroup/values.schema.json b/common/clustergroup/values.schema.json index 384f79ef..2fbe3421 100644 --- a/common/clustergroup/values.schema.json +++ b/common/clustergroup/values.schema.json @@ -81,6 +81,10 @@ "revision" ], "properties": { + "repoUpstreamURL": { + "type": "string", + "description": "Upstream URL of the pattern's git repository. When set an in-cluster gitea instance gets spawned and repoURL is ignored" + }, "repoURL": { "type": "string", "description": "URL of the pattern's git repository" @@ -93,21 +97,43 @@ }, "gitops": { "type": "object", - "additionalProperties": false, + "additionalProperties": true, "properties": { "channel": { "type": "string", "description": "The channel from which to install the gitops operator" + }, + "operatorSource": { + "type": "string", + "description": "The catalog source from which to install the gitops operator" + } + } + }, + "patternsOperator": { + "type": "object", + "additionalProperties": true, + "properties": { + "channel": { + "type": "string", + "description": "The channel from which to install the patterns operator" + }, + "source": { + "type": "string", + "description": "The catalog source from which to install the patterns operator" } } }, "multiSourceConfig": { "type": "object", - "additionalProperties": false, + "additionalProperties": true, "properties": { "enabled": { "type": "boolean", - "description": "Enable the experimental support for multi source" + "description": "Enable the experimental support for multi source for the clustergroup chart" + }, + "helmRepoUrl": { + "type": "string", + "description": "The helm repo URL for the clustergroup chart" } } }, diff --git a/common/golang-external-secrets/Chart.yaml b/common/golang-external-secrets/Chart.yaml index 0bcc381d..3b3a0133 100644 --- a/common/golang-external-secrets/Chart.yaml +++ b/common/golang-external-secrets/Chart.yaml @@ -3,9 +3,9 @@ description: A Helm chart to configure the golang-based external-secrets. keywords: - pattern name: golang-external-secrets -version: 0.1.1 +version: 0.1.2 dependencies: - name: external-secrets - version: "0.9.20" + version: "0.10.0" repository: "https://charts.external-secrets.io" #"https://external-secrets.github.io/kubernetes-external-secrets" diff --git a/common/golang-external-secrets/README.md b/common/golang-external-secrets/README.md index 4316d3a1..b6feb981 100644 --- a/common/golang-external-secrets/README.md +++ b/common/golang-external-secrets/README.md @@ -11,7 +11,7 @@ we just override the tag with the version + "-ubi" 3. Run `./update-helm-dependency.sh` 4. Tweak `values.yaml` with the new image versions 5. Run `make test` -6. Commit to git +6. Commit to Git ## PRs diff --git a/common/golang-external-secrets/charts/external-secrets-0.10.0.tgz b/common/golang-external-secrets/charts/external-secrets-0.10.0.tgz new file mode 100644 index 00000000..28d7b4a5 Binary files /dev/null and b/common/golang-external-secrets/charts/external-secrets-0.10.0.tgz differ diff --git a/common/golang-external-secrets/charts/external-secrets-0.9.20.tgz b/common/golang-external-secrets/charts/external-secrets-0.9.20.tgz deleted file mode 100644 index f73d3475..00000000 Binary files a/common/golang-external-secrets/charts/external-secrets-0.9.20.tgz and /dev/null differ diff --git a/common/golang-external-secrets/values.yaml b/common/golang-external-secrets/values.yaml index 5ccc6266..62a6673b 100644 --- a/common/golang-external-secrets/values.yaml +++ b/common/golang-external-secrets/values.yaml @@ -37,10 +37,10 @@ clusterGroup: external-secrets: image: - tag: v0.9.20-ubi + tag: v0.10.0-ubi webhook: image: - tag: v0.9.20-ubi + tag: v0.10.0-ubi certController: image: - tag: v0.9.20-ubi + tag: v0.10.0-ubi diff --git a/common/hashicorp-vault/Chart.yaml b/common/hashicorp-vault/Chart.yaml index 87d3470d..09d48391 100644 --- a/common/hashicorp-vault/Chart.yaml +++ b/common/hashicorp-vault/Chart.yaml @@ -3,7 +3,7 @@ description: A Helm chart to configure Hashicorp's vault. keywords: - pattern name: hashicorp-vault -version: 0.1.1 +version: 0.1.2 dependencies: - name: vault version: "0.28.1" diff --git a/common/hashicorp-vault/values.yaml b/common/hashicorp-vault/values.yaml index 6029a2f0..3b16a951 100644 --- a/common/hashicorp-vault/values.yaml +++ b/common/hashicorp-vault/values.yaml @@ -48,4 +48,4 @@ vault: termination: "reencrypt" image: repository: "registry.connect.redhat.com/hashicorp/vault" - tag: "1.17.2-ubi" + tag: "1.17.3-ubi" diff --git a/common/letsencrypt/Chart.yaml b/common/letsencrypt/Chart.yaml index 899c790e..d8a9810f 100644 --- a/common/letsencrypt/Chart.yaml +++ b/common/letsencrypt/Chart.yaml @@ -7,7 +7,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 0.1.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/common/operator-install/templates/pattern.yaml b/common/operator-install/templates/pattern.yaml index 728726f0..3eda9482 100644 --- a/common/operator-install/templates/pattern.yaml +++ b/common/operator-install/templates/pattern.yaml @@ -6,6 +6,9 @@ metadata: spec: clusterGroupName: {{ .Values.main.clusterGroupName }} gitSpec: +{{- if .Values.main.git.repoUpstreamURL }} + originRepo: {{ .Values.main.git.repoUpstreamURL }} +{{- end }} {{/* if .Values.main.git.repoUpstreamURL */}} targetRepo: {{ .Values.main.git.repoURL }} targetRevision: {{ .Values.main.git.revision }} {{- if and .Values.main.tokenSecret .Values.main.tokenSecretNamespace }} @@ -14,6 +17,9 @@ spec: {{- end }} {{/* if and .Values.main.tokenSecret .Values.main.tokenSecretNamespace */}} multiSourceConfig: enabled: {{ .Values.main.multiSourceConfig.enabled }} +{{- if .Values.main.multiSourceConfig.helmRepoUrl }} + helmRepoUrl: {{ .Values.main.multiSourceConfig.helmRepoUrl }} +{{- end }} {{/* if .Values.main.multiSourceConfig.helmRepoUrl */}} {{- if .Values.main.analyticsUUID }} analyticsUUID: {{ .Values.main.analyticsUUID }} {{- end }} {{/* if .Values.main.analyticsUUID */}} diff --git a/common/operator-install/values.yaml b/common/operator-install/values.yaml index a46cca2e..6a77c086 100644 --- a/common/operator-install/values.yaml +++ b/common/operator-install/values.yaml @@ -3,6 +3,11 @@ global: main: git: + # Uncommenting this will set the `originRepo` with the below value + # when `originRepo` is set, an in-cluster gitea will automatically be spawned. + # In this case `originRepo` will point to the upstream repository and `targetRepo` + # will point to the internal in-cluster gitea mirror + # repoUpstreamURL: https://github.com/validatedpatterns/multicloud-gitops repoURL: https://github.com/pattern-clone/mypattern revision: main @@ -12,6 +17,7 @@ main: multiSourceConfig: enabled: false + # helmRepoUrl: registry.internal.network/helm # String to enable certain experimental capabilities in the operator and the # framework. Not needed unless you know exactly what you're doing. diff --git a/common/scripts/pattern-util.sh b/common/scripts/pattern-util.sh index 508e1531..8fa4a26f 100755 --- a/common/scripts/pattern-util.sh +++ b/common/scripts/pattern-util.sh @@ -38,7 +38,8 @@ else MYNAME=$(id -n -u) MYUID=$(id -u) MYGID=$(id -g) - PODMAN_ARGS="--passwd-entry ${MYNAME}:x:${MYUID}:${MYGID}:/pattern-home:/bin/bash --user ${MYUID}:${MYGID} --userns keep-id:uid=${MYUID},gid=${MYGID}" + PODMAN_ARGS="--passwd-entry ${MYNAME}:x:${MYUID}:${MYGID}::/pattern-home:/bin/bash --user ${MYUID}:${MYGID} --userns keep-id:uid=${MYUID},gid=${MYGID}" + fi if [ -n "$KUBECONFIG" ]; then @@ -73,7 +74,14 @@ podman run -it --rm --pull=newer \ --security-opt label=disable \ -e EXTRA_HELM_OPTS \ -e EXTRA_PLAYBOOK_OPTS \ + -e VALUES_SECRET \ -e KUBECONFIG \ + -e K8S_AUTH_HOST \ + -e K8S_AUTH_VERIFY_SSL \ + -e K8S_AUTH_SSL_CA_CERT \ + -e K8S_AUTH_USERNAME \ + -e K8S_AUTH_PASSWORD \ + -e K8S_AUTH_TOKEN \ ${PKI_HOST_MOUNT_ARGS} \ -v "${HOME}":"${HOME}" \ -v "${HOME}":/pattern-home \ diff --git a/common/tests/golang-external-secrets-industrial-edge-factory.expected.yaml b/common/tests/golang-external-secrets-industrial-edge-factory.expected.yaml index c62b1c45..fea780d3 100644 --- a/common/tests/golang-external-secrets-industrial-edge-factory.expected.yaml +++ b/common/tests/golang-external-secrets-industrial-edge-factory.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/common/tests/golang-external-secrets-industrial-edge-hub.expected.yaml b/common/tests/golang-external-secrets-industrial-edge-hub.expected.yaml index 9992bde2..341ae7e2 100644 --- a/common/tests/golang-external-secrets-industrial-edge-hub.expected.yaml +++ b/common/tests/golang-external-secrets-industrial-edge-hub.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/common/tests/golang-external-secrets-medical-diagnosis-hub.expected.yaml b/common/tests/golang-external-secrets-medical-diagnosis-hub.expected.yaml index 9992bde2..341ae7e2 100644 --- a/common/tests/golang-external-secrets-medical-diagnosis-hub.expected.yaml +++ b/common/tests/golang-external-secrets-medical-diagnosis-hub.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/common/tests/golang-external-secrets-naked.expected.yaml b/common/tests/golang-external-secrets-naked.expected.yaml index 375e4494..72ffed42 100644 --- a/common/tests/golang-external-secrets-naked.expected.yaml +++ b/common/tests/golang-external-secrets-naked.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/common/tests/golang-external-secrets-normal.expected.yaml b/common/tests/golang-external-secrets-normal.expected.yaml index 9992bde2..341ae7e2 100644 --- a/common/tests/golang-external-secrets-normal.expected.yaml +++ b/common/tests/golang-external-secrets-normal.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/common/tests/hashicorp-vault-industrial-edge-factory.expected.yaml b/common/tests/hashicorp-vault-industrial-edge-factory.expected.yaml index a17a6974..fb8f1c8e 100644 --- a/common/tests/hashicorp-vault-industrial-edge-factory.expected.yaml +++ b/common/tests/hashicorp-vault-industrial-edge-factory.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/common/tests/hashicorp-vault-industrial-edge-hub.expected.yaml b/common/tests/hashicorp-vault-industrial-edge-hub.expected.yaml index a17a6974..fb8f1c8e 100644 --- a/common/tests/hashicorp-vault-industrial-edge-hub.expected.yaml +++ b/common/tests/hashicorp-vault-industrial-edge-hub.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/common/tests/hashicorp-vault-medical-diagnosis-hub.expected.yaml b/common/tests/hashicorp-vault-medical-diagnosis-hub.expected.yaml index a17a6974..fb8f1c8e 100644 --- a/common/tests/hashicorp-vault-medical-diagnosis-hub.expected.yaml +++ b/common/tests/hashicorp-vault-medical-diagnosis-hub.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/common/tests/hashicorp-vault-naked.expected.yaml b/common/tests/hashicorp-vault-naked.expected.yaml index c3950b6d..49ea96cb 100644 --- a/common/tests/hashicorp-vault-naked.expected.yaml +++ b/common/tests/hashicorp-vault-naked.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/common/tests/hashicorp-vault-normal.expected.yaml b/common/tests/hashicorp-vault-normal.expected.yaml index a17a6974..fb8f1c8e 100644 --- a/common/tests/hashicorp-vault-normal.expected.yaml +++ b/common/tests/hashicorp-vault-normal.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/common/tests/operator-install-industrial-edge-factory.expected.yaml b/common/tests/operator-install-industrial-edge-factory.expected.yaml index 5e4aa02e..6400a5a9 100644 --- a/common/tests/operator-install-industrial-edge-factory.expected.yaml +++ b/common/tests/operator-install-industrial-edge-factory.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: example - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/common/tests/operator-install-industrial-edge-hub.expected.yaml b/common/tests/operator-install-industrial-edge-hub.expected.yaml index 5e4aa02e..6400a5a9 100644 --- a/common/tests/operator-install-industrial-edge-hub.expected.yaml +++ b/common/tests/operator-install-industrial-edge-hub.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: example - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/common/tests/operator-install-medical-diagnosis-hub.expected.yaml b/common/tests/operator-install-medical-diagnosis-hub.expected.yaml index 5e4aa02e..6400a5a9 100644 --- a/common/tests/operator-install-medical-diagnosis-hub.expected.yaml +++ b/common/tests/operator-install-medical-diagnosis-hub.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: example - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/common/tests/operator-install-naked.expected.yaml b/common/tests/operator-install-naked.expected.yaml index 3d58b474..b6647318 100644 --- a/common/tests/operator-install-naked.expected.yaml +++ b/common/tests/operator-install-naked.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: default - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/common/tests/operator-install-normal.expected.yaml b/common/tests/operator-install-normal.expected.yaml index 5e4aa02e..6400a5a9 100644 --- a/common/tests/operator-install-normal.expected.yaml +++ b/common/tests/operator-install-normal.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: example - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/all-crunchy-pgcluster-industrial-edge-factory.expected.yaml b/tests/all-crunchy-pgcluster-industrial-edge-factory.expected.yaml new file mode 100644 index 00000000..3ac45073 --- /dev/null +++ b/tests/all-crunchy-pgcluster-industrial-edge-factory.expected.yaml @@ -0,0 +1,62 @@ +--- +# Source: crunchy-pgcluster/templates/dbinit-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: db-init-sql +data: + initSQL: "\\c db;" +--- +# Source: crunchy-pgcluster/templates/postgres-cluster.yaml +apiVersion: postgres-operator.crunchydata.com/v1beta1 +kind: PostgresCluster +metadata: + name: db +spec: + users: [ + { + "databases": [ + "db" + ], + "name": "user" + } +] + databaseInitSQL: + key: initSQL + name: db-init-sql + postgresVersion: 16 + instances: [ + { + "dataVolumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "10Gi" + } + } + }, + "name": "instance1" + } +] + backups: + pgbackrest: { + "repos": [ + { + "name": "repo1", + "volume": { + "volumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "1Gi" + } + } + } + } + } + ] +} diff --git a/tests/all-crunchy-pgcluster-industrial-edge-hub.expected.yaml b/tests/all-crunchy-pgcluster-industrial-edge-hub.expected.yaml new file mode 100644 index 00000000..3ac45073 --- /dev/null +++ b/tests/all-crunchy-pgcluster-industrial-edge-hub.expected.yaml @@ -0,0 +1,62 @@ +--- +# Source: crunchy-pgcluster/templates/dbinit-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: db-init-sql +data: + initSQL: "\\c db;" +--- +# Source: crunchy-pgcluster/templates/postgres-cluster.yaml +apiVersion: postgres-operator.crunchydata.com/v1beta1 +kind: PostgresCluster +metadata: + name: db +spec: + users: [ + { + "databases": [ + "db" + ], + "name": "user" + } +] + databaseInitSQL: + key: initSQL + name: db-init-sql + postgresVersion: 16 + instances: [ + { + "dataVolumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "10Gi" + } + } + }, + "name": "instance1" + } +] + backups: + pgbackrest: { + "repos": [ + { + "name": "repo1", + "volume": { + "volumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "1Gi" + } + } + } + } + } + ] +} diff --git a/tests/all-crunchy-pgcluster-medical-diagnosis-hub.expected.yaml b/tests/all-crunchy-pgcluster-medical-diagnosis-hub.expected.yaml new file mode 100644 index 00000000..3ac45073 --- /dev/null +++ b/tests/all-crunchy-pgcluster-medical-diagnosis-hub.expected.yaml @@ -0,0 +1,62 @@ +--- +# Source: crunchy-pgcluster/templates/dbinit-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: db-init-sql +data: + initSQL: "\\c db;" +--- +# Source: crunchy-pgcluster/templates/postgres-cluster.yaml +apiVersion: postgres-operator.crunchydata.com/v1beta1 +kind: PostgresCluster +metadata: + name: db +spec: + users: [ + { + "databases": [ + "db" + ], + "name": "user" + } +] + databaseInitSQL: + key: initSQL + name: db-init-sql + postgresVersion: 16 + instances: [ + { + "dataVolumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "10Gi" + } + } + }, + "name": "instance1" + } +] + backups: + pgbackrest: { + "repos": [ + { + "name": "repo1", + "volume": { + "volumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "1Gi" + } + } + } + } + } + ] +} diff --git a/tests/common-golang-external-secrets-industrial-edge-factory.expected.yaml b/tests/common-golang-external-secrets-industrial-edge-factory.expected.yaml index 66b23292..19c1f8c0 100644 --- a/tests/common-golang-external-secrets-industrial-edge-factory.expected.yaml +++ b/tests/common-golang-external-secrets-industrial-edge-factory.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-golang-external-secrets-industrial-edge-hub.expected.yaml b/tests/common-golang-external-secrets-industrial-edge-hub.expected.yaml index b7c2ad96..056054ba 100644 --- a/tests/common-golang-external-secrets-industrial-edge-hub.expected.yaml +++ b/tests/common-golang-external-secrets-industrial-edge-hub.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-golang-external-secrets-medical-diagnosis-hub.expected.yaml b/tests/common-golang-external-secrets-medical-diagnosis-hub.expected.yaml index b7c2ad96..056054ba 100644 --- a/tests/common-golang-external-secrets-medical-diagnosis-hub.expected.yaml +++ b/tests/common-golang-external-secrets-medical-diagnosis-hub.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-golang-external-secrets-naked.expected.yaml b/tests/common-golang-external-secrets-naked.expected.yaml index b6a836e9..3d12586b 100644 --- a/tests/common-golang-external-secrets-naked.expected.yaml +++ b/tests/common-golang-external-secrets-naked.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-golang-external-secrets-normal.expected.yaml b/tests/common-golang-external-secrets-normal.expected.yaml index b7c2ad96..056054ba 100644 --- a/tests/common-golang-external-secrets-normal.expected.yaml +++ b/tests/common-golang-external-secrets-normal.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-hashicorp-vault-industrial-edge-factory.expected.yaml b/tests/common-hashicorp-vault-industrial-edge-factory.expected.yaml index 19cef108..14e5c956 100644 --- a/tests/common-hashicorp-vault-industrial-edge-factory.expected.yaml +++ b/tests/common-hashicorp-vault-industrial-edge-factory.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-hashicorp-vault-industrial-edge-hub.expected.yaml b/tests/common-hashicorp-vault-industrial-edge-hub.expected.yaml index 19cef108..14e5c956 100644 --- a/tests/common-hashicorp-vault-industrial-edge-hub.expected.yaml +++ b/tests/common-hashicorp-vault-industrial-edge-hub.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-hashicorp-vault-medical-diagnosis-hub.expected.yaml b/tests/common-hashicorp-vault-medical-diagnosis-hub.expected.yaml index 19cef108..14e5c956 100644 --- a/tests/common-hashicorp-vault-medical-diagnosis-hub.expected.yaml +++ b/tests/common-hashicorp-vault-medical-diagnosis-hub.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-hashicorp-vault-naked.expected.yaml b/tests/common-hashicorp-vault-naked.expected.yaml index 1a62b9c0..8003384e 100644 --- a/tests/common-hashicorp-vault-naked.expected.yaml +++ b/tests/common-hashicorp-vault-naked.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-hashicorp-vault-normal.expected.yaml b/tests/common-hashicorp-vault-normal.expected.yaml index 19cef108..14e5c956 100644 --- a/tests/common-hashicorp-vault-normal.expected.yaml +++ b/tests/common-hashicorp-vault-normal.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-operator-install-industrial-edge-factory.expected.yaml b/tests/common-operator-install-industrial-edge-factory.expected.yaml index 755b244f..7cf44f6a 100644 --- a/tests/common-operator-install-industrial-edge-factory.expected.yaml +++ b/tests/common-operator-install-industrial-edge-factory.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: hub - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/common-operator-install-industrial-edge-hub.expected.yaml b/tests/common-operator-install-industrial-edge-hub.expected.yaml index 755b244f..7cf44f6a 100644 --- a/tests/common-operator-install-industrial-edge-hub.expected.yaml +++ b/tests/common-operator-install-industrial-edge-hub.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: hub - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/common-operator-install-medical-diagnosis-hub.expected.yaml b/tests/common-operator-install-medical-diagnosis-hub.expected.yaml index 755b244f..7cf44f6a 100644 --- a/tests/common-operator-install-medical-diagnosis-hub.expected.yaml +++ b/tests/common-operator-install-medical-diagnosis-hub.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: hub - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/common-operator-install-naked.expected.yaml b/tests/common-operator-install-naked.expected.yaml index 937fb6a2..c2dfd135 100644 --- a/tests/common-operator-install-naked.expected.yaml +++ b/tests/common-operator-install-naked.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: default - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/common-operator-install-normal.expected.yaml b/tests/common-operator-install-normal.expected.yaml index 755b244f..7cf44f6a 100644 --- a/tests/common-operator-install-normal.expected.yaml +++ b/tests/common-operator-install-normal.expected.yaml @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: hub - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: