Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all non-major dependencies helm releases #68

Merged
merged 2 commits into from
May 14, 2022
Merged

chore(deps): update all non-major dependencies helm releases #68

merged 2 commits into from
May 14, 2022

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 14, 2022

WhiteSource Renovate

This PR contains the following updates:

Package Update Change
argo-workflows minor 0.9.3 -> 0.15.0
cloudflared minor 0.1.7 -> 0.3.3
consul (source) minor 0.41.1 -> 0.43.0
cortex (source) minor 1.2.0 -> 1.4.0
external-dns minor 6.1.3 -> 6.4.0
external-secrets minor 0.3.11 -> 0.5.3
gitea patch 5.0.3 -> 5.0.7
minio minor 11.1.4 -> 11.3.5

Release Notes

argoproj/argo-helm

v0.15.0

Compare Source

A Helm chart for Argo Workflows

v0.14.5

Compare Source

A Helm chart for Argo Workflows

v0.14.4

Compare Source

A Helm chart for Argo Workflows

v0.14.3

Compare Source

A Helm chart for Argo Workflows

v0.14.2

Compare Source

A Helm chart for Argo Workflows

v0.14.1

Compare Source

A Helm chart for Argo Workflows

v0.14.0

Compare Source

A Helm chart for Argo Workflows

v0.13.1

Compare Source

A Helm chart for Argo Workflows

v0.13.0

Compare Source

A Helm chart for Argo Workflows

v0.12.0

Compare Source

A Helm chart for Argo Workflows

v0.11.2

Compare Source

A Helm chart for Argo Workflows

v0.11.1

Compare Source

A Helm chart for Argo Workflows

v0.11.0

Compare Source

A Helm chart for Argo Workflows

v0.10.1

Compare Source

A Helm chart for Argo Workflows

v0.10.0

Compare Source

A Helm chart for Argo Workflows

v0.9.5

Compare Source

A Helm chart for Argo Workflows

v0.9.4

Compare Source

A Helm chart for Argo Workflows

khuedoan/charts

v0.3.3

Compare Source

Helm chart to deploy Cloudflare Tunnel

v0.3.2

Compare Source

Helm chart to deploy Cloudflare Tunnel

v0.3.1

Compare Source

Helm chart to deploy Cloudflare Tunnel

v0.3.0

Compare Source

Helm chart to deploy Cloudflare Tunnel

v0.2.2

Compare Source

Helm chart to deploy Cloudflare Tunnel

v0.2.1

Compare Source

Helm chart to deploy Cloudflare Tunnel

v0.2.0

Compare Source

Helm chart to deploy Cloudflare Tunnel

cortexproject/cortex-helm-chart

v1.4.0

Compare Source

  • [ENHANCEMENT] Upgrade to Cortex v1.11.1 #​331
  • [ENHANCEMENT] Includes enable flags for each component #​319
  • [ENHANCEMENT] Exclude cortex components endpoint from nginx config when disabled #​326

v1.3.0

Compare Source

  • [CHANGE] move from quay.io/kiwigrid/k8s-sidecar to omegavvweapon/kopf-k8s-sidecar image #​302
  • [CHANGE] undo querier store optimization #​304
    • config.querier.query_ingesters_within: 13h -> 0s (default)
    • config.querier.query_store_after: 12h -> 0s (default)
  • [CHANGE] Change sidecar default values to match values in documentation #​317
  • [CHANGE] Remove ruler.persistentVolume.subPath since it was never persistent to begin with #​317
  • [ENHANCEMENT] Fix the indentation of memcached guide #​309
  • [ENHANCEMENT] Added api endpoints for Grafana 8 unified alerting #​291
  • [ENHANCEMENT] Add guide on how to configure alertmanager/ruler with configmap #​313
  • [DEPENDENCY] Update Helm release memcached to v5.15.14 #​301
external-secrets/external-secrets

v0.5.3

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.5.3

Breaking Changes

  • None

Global Changes

  • Add senhasegura DSM provider
  • Fix CVEs
  • Add 1Password support

Provider Specific Changes

Vault
  • Avoid panics if secret not found in vault
Akeyless
  • ValidateStore for Akeyless provider
Gitlab
  • ValidateStore for Gitlab
Oracle
  • ValidateStore for Oracle

v0.5.2

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.5.2

Breaking Changes

  • None

Global Changes

  • Update to Documentation
  • Version Bump
  • Fixed Multiple ExternalSecrets now can target the same Secret using creationPolicy: merge
  • Changed CRD templating to be compatible with ArgoCD and Flux
  • Changed default ports for Webhook to be compatible with private GKE and EKS clusters.
  • Added flood gate control by checking if the SecretStore is valid before trying to reconcile ExternalSecrets
  • Implemented Service Monitor as the default way to have ESO metrics.
  • Dedicated service is deprecated and will be removed in release 0.7.0.

Provider Specific Changes

Gitlab

Implemented Validate method

GCP
  • Implemented GetAllSecrets (dataFrom.find)
AWS
  • Fixed kyes with a dot not being handled for SecretsManager and ParameterStore
Akeyless
  • Implemented Validate method
Alibaba
  • Implemented Validate method
Gitlab
  • Implemented Validate method
Webhook
  • Implemented Validate method

v0.5.1

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.5.1

Breaking changes

Necessary so we have this standardized initially, and if we want to go in that direction we can make the conscious decision together with some pondering about some other aspects of secret key rewriting.

Changes

  • Fixed CI signing missing go dependencies
  • GCP: Adds checks to see if a key name exists before trying to load a nested value. (Problem with dotted keys)
  • fix error message for Vault store validation of Auth.Jwt.KubernetesServiceAccountToken
  • Only create cert-controller RBAC resources if cert-controller creation itself is enabled

v0.5.0

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.5.0

Changes

Breaking Changes

  • In v0.5.0, we are introducing a new api version for both ExternalSecrets, SecretStores and ClusterSecretStore resources. There is a breaking change when updating ExternalSecrets versions regarding dataFrom. For more information, please see this guide
  • v1alpha1 is deprecated and will be removed once the CRDs are promoted to GA.

Note: If you are deploying external-secrets into a GKE cluster, you might need to add a firewall rule allowing traffic to port 9443 (see https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#add_firewall_rules)

Global Changes

  • Added a Validation and Conversion Webhooks for the project (webhook deployment)
  • Added a certificate injector to allow Validating and Conversion Webhook automatic setup (cert-controller deployment)
  • Added ClusterExternalSecret resource!
  • Added some cool external resources to our docs! If you have any content of your own, please submit a PR :)
  • Images are now signed and verified with cosign
  • Our charts now support namespaced RBACs (to use with scoped Namespace :))
  • Added a creationPolicy: Orphan - to allow Secrets to be maintained even after the ExternalSecret gets deleted.

Global Fixes

  • Fixed a bug in templateFrom functionality (not rendering if empty data was provided)

Provider Specific

Kubernetes
  • Remote Kubernetes provider was added! Come check it out ;)
Azure Keyvault
  • dataFrom now supports find operations - allowing users to Get All Secrets and bind them to a single Kubernetes Secret.
  • Implemented compatibility with Azure Workload Identity!
IBM Secrets Manager
  • Added support for public_cert and kv secret types
GCP
  • Workload Identity now works with clusters in different projects than the Secret Manager!
  • Fixed Memory Leak issues with GCP Provider
Hashicorp Vault
  • JWT authentication method now supports Kubernetes Service Accounts.
  • dataFrom now supports find operations - allowing users to Get All Secrets and bind them to a single Kubernetes Secret.
Yandex Lockbox
  • Fixed Yandex Lockbox Connection Leaks
AWS Secrets Manager and Parameter Store
  • dataFrom now supports find operations - allowing users to Get All Secrets and bind them to a single Kubernetes Secret.
  • Added a deletionPolicy - to allow delete Secrets if the content within a provider is no longer available.

v0.4.4

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.4.4

This is a patch release that provides security updates.

Misc. Changes
  • docs(tpl): removing missing file from snippets
  • docs(aws): describe how to use custom endpoints
Dependency Updates
  • build(deps): bump github.com/IBM/go-sdk-core/v5 from 5.9.1 to 5.9.2
  • build(deps): bump sigs.k8s.io/controller-runtime from 0.11.0 to 0.11.1
  • build(deps): bump cloud.google.com/go/iam from 0.1.1 to 0.2.0
  • build(deps): bump github.com/onsi/ginkgo/v2 from 2.1.2 to 2.1.3
  • build(deps): bump cloud.google.com/go/secretmanager from 1.0.0 to 1.2.0

v0.4.3

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.4.3

Updates
  • Template engine version v2 is now available! This feature allows the use of sprigs functions.
    To use template engine version v2, specify engineVersion: v2 in your template:
apiVersion: external-secrets.io/v1alpha1
kind: ExternalSecret
metadata:
  name: template
spec:
##### ...
  target:
    name: secret-to-be-created
##### this is how the Kind=Secret will look like
    template:
      type: kubernetes.io/tls
      engineVersion: v2
      data:
##### multiline string
        config: |
          datasources:
          - name: Graphite
            type: graphite
            access: proxy
            url: http://localhost:8080
            password: "{{ .password }}"
            user: "{{ .user }}"

  data:
  - secretKey: user
    remoteRef:
      key: /grafana/user
  - secretKey: password
    remoteRef:
      key: /grafana/password

You can read more about the differences here.

Breaking Changes

None.

General Changes
  • Added Template Engine capability, as well as template engine version 2.
  • Improved Controller performance by disabling cache for some kubernetes resources.
Provider Changes
AWS Secrets Manager
  • AWS Secrets Manager has been promoted to stable
AWS Parameter Store
  • AWS Parameter Store has been promoted to stable
Azure Keyvault
  • Azure Keyvault has been promoted to beta
  • Sanitization of the provider code
GCP Secret Manager
  • Fixed a leak in GCPSM when the secret operator could not find the secret
Hashicorp Vault
  • Fixed getting values from properties that have . in their name.

v0.4.2

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.4.2

Changes
Breaking Changes

- Oracle Vault: Allow the use of Instance Principal if no authentication is provided.
This changes the CRD of Oracle Vault provider. It is not backwards compatible.
Before v0.4.2 the specification for Oracle vault provider was like this:

apiVersion: external-secrets.io/v1alpha1
kind: SecretStore
metadata:
  name: example
spec:
  provider:
    oracle: 
      vault:
      user: # User and Tenancy were part of the main provider block
      tenancy: 
      region:
      auth:
        secretRef:
          privatekey:
            name: oracle-secret
            key: privateKey
          fingerprint:
            name: oracle-secret
            key: fingerprint

Now, it is like this:

apiVersion: external-secrets.io/v1alpha1
kind: SecretStore
metadata:
  name: example-auth
spec:
  provider:
    oracle:
      vault: 
      region: 
      auth:
        user: # User and Tenancy are now part of the auth block
        tenancy: # 
        secretRef:
          privatekey:
            name: oracle-secret
            key: privateKey
          fingerprint:
            name: oracle-secret
            key: fingerprint
General Changes
  • [Updates] Updates in Documentation
  • [Updates] Bumping several dependencies
  • [Feature] Added Events for both Secret Stores and External Secrets
  • [Feature] Added Secret Stores reconciliation loop and validation checks
  • [Design] Added draft version for ExternalSecrets and SecretStores v1beta1
Provider Changes
Hashicorp Vault
  • [Feature] Vault now allows the use of nested Json. Usage of Property field is now optional just like in the other providers.
Oracle Vault
  • [Feature] [Breaking] OCL now uses Instance Principal if no authentication is provided.

v0.4.1

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.4.1

Changes
  • Site docs also supports versioning
  • Just some fixes so we can release the helm chart

v0.4.0

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.4.0

Changes
  • Added generic webhook provider
  • Try to address some complexity code smells
  • e2e testing for gcp Workload Identity
  • Improved docs
  • HashiCorp Vault provider: add support for mount path for LDAP and JWT auth methods
  • Use MethodGet field instead of hardcoded string literal
  • Improve and standardize our unit tests for some providers
  • Replace Oracle Vault with secrets package (actually retrieve the value now)
  • fix: force ownership when merging secrets
  • GCP promoted to stable (also new e2e tests for GCP)
  • Support for eventual consistency in Vault Enterprise
  • Optimise patching so as changes only happen with something changes
  • Added managed e2e test framework (for managed clusters)
  • fix: ensure that data is being deleted when using templates
  • feat(provider): implement fake provider

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@locmai locmai merged commit b94c710 into main May 14, 2022
@locmai locmai deleted the renovate-all-minor-patch branch May 14, 2022 19:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@locmai locmai

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@locmai @renovate-bot