From 625c3a7fafdacb7b5d4f323a4b59f3d6a0bc44c5 Mon Sep 17 00:00:00 2001 From: Michele Baldessari Date: Fri, 6 Sep 2024 10:40:21 +0200 Subject: [PATCH] Update tests after common rebase --- ...-acm-industrial-edge-factory.expected.yaml | 2 +- ...mmon-acm-industrial-edge-hub.expected.yaml | 2 +- ...on-acm-medical-diagnosis-hub.expected.yaml | 2 +- tests/common-acm-naked.expected.yaml | 2 +- tests/common-acm-normal.expected.yaml | 2 +- ...rets-industrial-edge-factory.expected.yaml | 237 ++++++++++++++---- ...-secrets-industrial-edge-hub.expected.yaml | 237 ++++++++++++++---- ...ecrets-medical-diagnosis-hub.expected.yaml | 237 ++++++++++++++---- ...olang-external-secrets-naked.expected.yaml | 237 ++++++++++++++---- ...lang-external-secrets-normal.expected.yaml | 237 ++++++++++++++---- ...ault-industrial-edge-factory.expected.yaml | 4 +- ...rp-vault-industrial-edge-hub.expected.yaml | 4 +- ...-vault-medical-diagnosis-hub.expected.yaml | 4 +- ...common-hashicorp-vault-naked.expected.yaml | 4 +- ...ommon-hashicorp-vault-normal.expected.yaml | 4 +- ...tall-industrial-edge-factory.expected.yaml | 4 +- ...-install-industrial-edge-hub.expected.yaml | 4 +- ...nstall-medical-diagnosis-hub.expected.yaml | 4 +- ...ommon-operator-install-naked.expected.yaml | 4 +- ...mmon-operator-install-normal.expected.yaml | 4 +- 20 files changed, 985 insertions(+), 250 deletions(-) diff --git a/tests/common-acm-industrial-edge-factory.expected.yaml b/tests/common-acm-industrial-edge-factory.expected.yaml index 39238f91e..94c8254f7 100644 --- a/tests/common-acm-industrial-edge-factory.expected.yaml +++ b/tests/common-acm-industrial-edge-factory.expected.yaml @@ -139,7 +139,7 @@ spec: labels: operators.coreos.com/openshift-gitops-operator.openshift-operators: '' spec: - channel: gitops-1.12 + channel: gitops-1.13 installPlanApproval: Automatic name: openshift-gitops-operator source: redhat-operators diff --git a/tests/common-acm-industrial-edge-hub.expected.yaml b/tests/common-acm-industrial-edge-hub.expected.yaml index 8b18a4dac..00cf4e4d9 100644 --- a/tests/common-acm-industrial-edge-hub.expected.yaml +++ b/tests/common-acm-industrial-edge-hub.expected.yaml @@ -509,7 +509,7 @@ spec: labels: operators.coreos.com/openshift-gitops-operator.openshift-operators: '' spec: - channel: gitops-1.12 + channel: gitops-1.13 installPlanApproval: Automatic name: openshift-gitops-operator source: redhat-operators diff --git a/tests/common-acm-medical-diagnosis-hub.expected.yaml b/tests/common-acm-medical-diagnosis-hub.expected.yaml index dffb9eb6d..5fea58d04 100644 --- a/tests/common-acm-medical-diagnosis-hub.expected.yaml +++ b/tests/common-acm-medical-diagnosis-hub.expected.yaml @@ -500,7 +500,7 @@ spec: labels: operators.coreos.com/openshift-gitops-operator.openshift-operators: '' spec: - channel: gitops-1.12 + channel: gitops-1.13 installPlanApproval: Automatic name: openshift-gitops-operator source: redhat-operators diff --git a/tests/common-acm-naked.expected.yaml b/tests/common-acm-naked.expected.yaml index 39238f91e..94c8254f7 100644 --- a/tests/common-acm-naked.expected.yaml +++ b/tests/common-acm-naked.expected.yaml @@ -139,7 +139,7 @@ spec: labels: operators.coreos.com/openshift-gitops-operator.openshift-operators: '' spec: - channel: gitops-1.12 + channel: gitops-1.13 installPlanApproval: Automatic name: openshift-gitops-operator source: redhat-operators diff --git a/tests/common-acm-normal.expected.yaml b/tests/common-acm-normal.expected.yaml index 1e2b15737..6823a01b9 100644 --- a/tests/common-acm-normal.expected.yaml +++ b/tests/common-acm-normal.expected.yaml @@ -1670,7 +1670,7 @@ spec: labels: operators.coreos.com/openshift-gitops-operator.openshift-operators: '' spec: - channel: gitops-1.12 + channel: gitops-1.13 installPlanApproval: Automatic name: openshift-gitops-operator source: redhat-operators diff --git a/tests/common-golang-external-secrets-industrial-edge-factory.expected.yaml b/tests/common-golang-external-secrets-industrial-edge-factory.expected.yaml index 66b232920..19c1f8c08 100644 --- a/tests/common-golang-external-secrets-industrial-edge-factory.expected.yaml +++ b/tests/common-golang-external-secrets-industrial-edge-factory.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-golang-external-secrets-industrial-edge-hub.expected.yaml b/tests/common-golang-external-secrets-industrial-edge-hub.expected.yaml index b7c2ad967..056054bad 100644 --- a/tests/common-golang-external-secrets-industrial-edge-hub.expected.yaml +++ b/tests/common-golang-external-secrets-industrial-edge-hub.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-golang-external-secrets-medical-diagnosis-hub.expected.yaml b/tests/common-golang-external-secrets-medical-diagnosis-hub.expected.yaml index b7c2ad967..056054bad 100644 --- a/tests/common-golang-external-secrets-medical-diagnosis-hub.expected.yaml +++ b/tests/common-golang-external-secrets-medical-diagnosis-hub.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-golang-external-secrets-naked.expected.yaml b/tests/common-golang-external-secrets-naked.expected.yaml index b6a836e95..3d12586bb 100644 --- a/tests/common-golang-external-secrets-naked.expected.yaml +++ b/tests/common-golang-external-secrets-naked.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-golang-external-secrets-normal.expected.yaml b/tests/common-golang-external-secrets-normal.expected.yaml index b7c2ad967..056054bad 100644 --- a/tests/common-golang-external-secrets-normal.expected.yaml +++ b/tests/common-golang-external-secrets-normal.expected.yaml @@ -6,10 +6,10 @@ metadata: name: external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/serviceaccount.yaml @@ -19,10 +19,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-serviceaccount.yaml @@ -32,10 +32,10 @@ metadata: name: external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm --- # Source: golang-external-secrets/charts/external-secrets/templates/webhook-secret.yaml @@ -45,10 +45,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook --- @@ -2877,6 +2877,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -4299,7 +4302,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -4385,6 +4388,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -4949,6 +5015,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -9024,6 +9095,9 @@ spec: externalID: description: AWS External ID set on assumed IAM roles type: string + prefix: + description: Prefix adds a prefix to all retrieved values. + type: string region: description: AWS Region to be used for the provider type: string @@ -10446,7 +10520,7 @@ spec: type: object type: object apiUrl: - default: https://api.pulumi.com + default: https://api.pulumi.com/api/preview description: APIURL is the URL of the Pulumi API. type: string environment: @@ -10532,6 +10606,69 @@ spec: - region - secretKey type: object + secretserver: + description: |- + SecretServer configures this store to sync secrets using SecretServer provider + https://docs.delinea.com/online-help/secret-server/start.htm + properties: + password: + description: Password is the secret server account password. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + serverURL: + description: |- + ServerURL + URL to your secret server installation + type: string + username: + description: Username is the secret server account username. + properties: + secretRef: + description: SecretRef references a key in a secret that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set a value without using a secret. + type: string + type: object + required: + - password + - serverURL + - username + type: object senhasegura: description: Senhasegura configures this store to sync secrets using senhasegura provider properties: @@ -11096,6 +11233,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12014,6 +12156,11 @@ spec: the option is enabled serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header type: boolean + headers: + additionalProperties: + type: string + description: Headers to be added in Vault request + type: object namespace: description: |- Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows @@ -12286,10 +12433,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12353,10 +12500,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12465,10 +12612,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-view labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -12507,10 +12654,10 @@ kind: ClusterRole metadata: name: common-golang-external-secrets-edit labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -12553,10 +12700,10 @@ metadata: name: common-golang-external-secrets-servicebindings labels: servicebinding.io/controller: "true" - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12574,10 +12721,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-cert-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12594,10 +12741,10 @@ kind: ClusterRoleBinding metadata: name: common-golang-external-secrets-controller labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12630,10 +12777,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: @@ -12669,10 +12816,10 @@ metadata: name: common-golang-external-secrets-leaderelection namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io @@ -12690,10 +12837,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm external-secrets.io/component: webhook spec: @@ -12714,10 +12861,10 @@ metadata: name: common-golang-external-secrets-cert-controller namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12729,10 +12876,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: external-secrets-cert-controller @@ -12747,7 +12894,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - certcontroller @@ -12779,10 +12926,10 @@ metadata: name: common-golang-external-secrets namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12794,10 +12941,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: serviceAccountName: common-golang-external-secrets @@ -12812,7 +12959,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - --concurrent=1 @@ -12832,10 +12979,10 @@ metadata: name: common-golang-external-secrets-webhook namespace: default labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -12847,10 +12994,10 @@ spec: template: metadata: labels: - helm.sh/chart: external-secrets-0.9.20 + helm.sh/chart: external-secrets-0.10.0 app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/instance: common-golang-external-secrets - app.kubernetes.io/version: "v0.9.20" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: hostNetwork: false @@ -12865,7 +13012,7 @@ spec: - ALL readOnlyRootFilesystem: true runAsNonRoot: true - image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi + image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi imagePullPolicy: IfNotPresent args: - webhook diff --git a/tests/common-hashicorp-vault-industrial-edge-factory.expected.yaml b/tests/common-hashicorp-vault-industrial-edge-factory.expected.yaml index 19cef108c..14e5c9568 100644 --- a/tests/common-hashicorp-vault-industrial-edge-factory.expected.yaml +++ b/tests/common-hashicorp-vault-industrial-edge-factory.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-hashicorp-vault-industrial-edge-hub.expected.yaml b/tests/common-hashicorp-vault-industrial-edge-hub.expected.yaml index 19cef108c..14e5c9568 100644 --- a/tests/common-hashicorp-vault-industrial-edge-hub.expected.yaml +++ b/tests/common-hashicorp-vault-industrial-edge-hub.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-hashicorp-vault-medical-diagnosis-hub.expected.yaml b/tests/common-hashicorp-vault-medical-diagnosis-hub.expected.yaml index 19cef108c..14e5c9568 100644 --- a/tests/common-hashicorp-vault-medical-diagnosis-hub.expected.yaml +++ b/tests/common-hashicorp-vault-medical-diagnosis-hub.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-hashicorp-vault-naked.expected.yaml b/tests/common-hashicorp-vault-naked.expected.yaml index 1a62b9c01..8003384e6 100644 --- a/tests/common-hashicorp-vault-naked.expected.yaml +++ b/tests/common-hashicorp-vault-naked.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-hashicorp-vault-normal.expected.yaml b/tests/common-hashicorp-vault-normal.expected.yaml index 19cef108c..14e5c9568 100644 --- a/tests/common-hashicorp-vault-normal.expected.yaml +++ b/tests/common-hashicorp-vault-normal.expected.yaml @@ -206,7 +206,7 @@ spec: containers: - name: vault - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent command: - "/bin/sh" @@ -375,7 +375,7 @@ spec: containers: - name: common-hashicorp-vault-server-test - image: registry.connect.redhat.com/hashicorp/vault:1.17.2-ubi + image: registry.connect.redhat.com/hashicorp/vault:1.17.3-ubi imagePullPolicy: IfNotPresent env: - name: VAULT_ADDR diff --git a/tests/common-operator-install-industrial-edge-factory.expected.yaml b/tests/common-operator-install-industrial-edge-factory.expected.yaml index 18eebd691..3dafb50fb 100644 --- a/tests/common-operator-install-industrial-edge-factory.expected.yaml +++ b/tests/common-operator-install-industrial-edge-factory.expected.yaml @@ -7,7 +7,7 @@ metadata: namespace: openshift-operators data: gitops.catalogSource: redhat-operators - gitops.channel: gitops-1.12 + gitops.channel: gitops-1.13 # gitops.sourceNamespace: GitOpsDefaultCatalogSourceNamespace # gitops.installApprovalPlan: GitOpsDefaultApprovalPlan @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: datacenter - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/common-operator-install-industrial-edge-hub.expected.yaml b/tests/common-operator-install-industrial-edge-hub.expected.yaml index 18eebd691..3dafb50fb 100644 --- a/tests/common-operator-install-industrial-edge-hub.expected.yaml +++ b/tests/common-operator-install-industrial-edge-hub.expected.yaml @@ -7,7 +7,7 @@ metadata: namespace: openshift-operators data: gitops.catalogSource: redhat-operators - gitops.channel: gitops-1.12 + gitops.channel: gitops-1.13 # gitops.sourceNamespace: GitOpsDefaultCatalogSourceNamespace # gitops.installApprovalPlan: GitOpsDefaultApprovalPlan @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: datacenter - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/common-operator-install-medical-diagnosis-hub.expected.yaml b/tests/common-operator-install-medical-diagnosis-hub.expected.yaml index 18eebd691..3dafb50fb 100644 --- a/tests/common-operator-install-medical-diagnosis-hub.expected.yaml +++ b/tests/common-operator-install-medical-diagnosis-hub.expected.yaml @@ -7,7 +7,7 @@ metadata: namespace: openshift-operators data: gitops.catalogSource: redhat-operators - gitops.channel: gitops-1.12 + gitops.channel: gitops-1.13 # gitops.sourceNamespace: GitOpsDefaultCatalogSourceNamespace # gitops.installApprovalPlan: GitOpsDefaultApprovalPlan @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: datacenter - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/common-operator-install-naked.expected.yaml b/tests/common-operator-install-naked.expected.yaml index 937fb6a27..7466acc4e 100644 --- a/tests/common-operator-install-naked.expected.yaml +++ b/tests/common-operator-install-naked.expected.yaml @@ -7,7 +7,7 @@ metadata: namespace: openshift-operators data: gitops.catalogSource: redhat-operators - gitops.channel: gitops-1.12 + gitops.channel: gitops-1.13 # gitops.sourceNamespace: GitOpsDefaultCatalogSourceNamespace # gitops.installApprovalPlan: GitOpsDefaultApprovalPlan @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: default - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: diff --git a/tests/common-operator-install-normal.expected.yaml b/tests/common-operator-install-normal.expected.yaml index 18eebd691..3dafb50fb 100644 --- a/tests/common-operator-install-normal.expected.yaml +++ b/tests/common-operator-install-normal.expected.yaml @@ -7,7 +7,7 @@ metadata: namespace: openshift-operators data: gitops.catalogSource: redhat-operators - gitops.channel: gitops-1.12 + gitops.channel: gitops-1.13 # gitops.sourceNamespace: GitOpsDefaultCatalogSourceNamespace # gitops.installApprovalPlan: GitOpsDefaultApprovalPlan @@ -22,7 +22,7 @@ metadata: namespace: openshift-operators spec: clusterGroupName: datacenter - gitSpec: + gitSpec: targetRepo: https://github.com/pattern-clone/mypattern targetRevision: main multiSourceConfig: