Implementation of Chef External Secrets Provider #3127
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Issue: external-secrets#2905 This commit intends to add the chef provider structure to the existing list of external-secrets providers. It defines the structure of the SecretStore and ClusterSecretStore for chef Provider. The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are: 1. serverurl: This is the URL to the chef server. 2. username: The username to connect to the chef server. 3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password. This commit also contains the auto generated CRDs using the `make generate` command. Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
- added unit test cases - added sample documentation Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
Signed-off-by: Subroto Roy <subrotoroy007@gmail.com>
Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
5 tasks
|
new PR |
|
Looks great! Can you please include a test run? Thanks! |
Skarlso
reviewed
Feb 12, 2024
Skarlso
reviewed
Feb 12, 2024
Skarlso
reviewed
Feb 12, 2024
Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com>
sourav977
force-pushed
the
dev_eso_chef_2905
branch
from
21a67ef
to
0898520
Compare
|
Success Case
controller log
controller log
|
|
Lovely bubbly! Thank you very much! :) |
|
/ok-to-test sha=c8130ac |
Skarlso
approved these changes
Feb 14, 2024
lumiere-bot bot
added a commit
to coolguy1771/home-ops
that referenced
this pull request
Feb 20, 2024
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://togithub.com/external-secrets/external-secrets) | patch | `0.9.12` -> `0.9.13` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v0.9.13`](https://togithub.com/external-secrets/external-secrets/releases/tag/v0.9.13) [Compare Source](https://togithub.com/external-secrets/external-secrets/compare/v0.9.12...v0.9.13) Image: `ghcr.io/external-secrets/external-secrets:v0.9.13` Image: `ghcr.io/external-secrets/external-secrets:v0.9.13-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.9.13-ubi-boringssl` #### What's Changed - bump 0.9.12 by [@​rogertuma](https://togithub.com/rogertuma) in [external-secrets/external-secrets#3125 - temporarily removing ossf checks for helm release by [@​gusfcarvalho](https://togithub.com/gusfcarvalho) in [external-secrets/external-secrets#3128 - chore(deps): bump aquasecurity/trivy-action from [`f3d9851`](https://togithub.com/external-secrets/external-secrets/commit/f3d98514b056d8c71a3552e8328c225bc7f6f353) to [`84384bd`](https://togithub.com/external-secrets/external-secrets/commit/84384bd6e777ef152729993b8145ea352e9dd3ef) by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3142 - chore(deps): bump ubi8/ubi-minimal from `c9c8f91` to `6825946` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3137 - feat: add push secret to e2e tests by [@​Skarlso](https://togithub.com/Skarlso) in [external-secrets/external-secrets#3017 - Implementation of Chef External Secrets Provider by [@​sourav977](https://togithub.com/sourav977) in [external-secrets/external-secrets#3127 - feat: add support for Pulumi ESC by [@​dirien](https://togithub.com/dirien) in [external-secrets/external-secrets#2997 - chore(deps): bump watchdog from 3.0.0 to 4.0.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3134 - chore(deps): bump certifi from 2023.11.17 to 2024.2.2 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3135 - chore(deps): bump mkdocs-material from 9.5.7 to 9.5.9 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3136 - chore(deps): bump golang from 1.21.6 to 1.22.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3138 - chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3140 - chore(deps): bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3139 - chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3141 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3143 - Start the helm workflow when files in deploy/crds change by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#3098 - Implements Webhook Generator by [@​gusfcarvalho](https://togithub.com/gusfcarvalho) in [external-secrets/external-secrets#3121 - Run unit tests on the main branch by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#3126 - fix(docs): Fix indentation in `vault-pushsecret.yaml` by [@​mboutet](https://togithub.com/mboutet) in [external-secrets/external-secrets#3156 - issue/3153 - added missing snapshots for Pulumi and Chef crd tests by [@​fdberlking](https://togithub.com/fdberlking) in [external-secrets/external-secrets#3154 #### New Contributors - [@​sourav977](https://togithub.com/sourav977) made their first contribution in [external-secrets/external-secrets#3127 - [@​dirien](https://togithub.com/dirien) made their first contribution in [external-secrets/external-secrets#2997 - [@​mboutet](https://togithub.com/mboutet) made their first contribution in [external-secrets/external-secrets#3156 **Full Changelog**: external-secrets/external-secrets@v0.9.12...v0.9.13 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xOTQuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE5NC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: lumiere-bot[bot] <98047013+lumiere-bot[bot]@users.noreply.github.com>
lumiere-bot bot
added a commit
to coolguy1771/home-ops
that referenced
this pull request
Feb 20, 2024
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://togithub.com/external-secrets/external-secrets) | patch | `0.9.12` -> `0.9.13` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v0.9.13`](https://togithub.com/external-secrets/external-secrets/releases/tag/v0.9.13) [Compare Source](https://togithub.com/external-secrets/external-secrets/compare/v0.9.12...v0.9.13) Image: `ghcr.io/external-secrets/external-secrets:v0.9.13` Image: `ghcr.io/external-secrets/external-secrets:v0.9.13-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.9.13-ubi-boringssl` #### What's Changed - bump 0.9.12 by [@​rogertuma](https://togithub.com/rogertuma) in [external-secrets/external-secrets#3125 - temporarily removing ossf checks for helm release by [@​gusfcarvalho](https://togithub.com/gusfcarvalho) in [external-secrets/external-secrets#3128 - chore(deps): bump aquasecurity/trivy-action from [`f3d9851`](https://togithub.com/external-secrets/external-secrets/commit/f3d98514b056d8c71a3552e8328c225bc7f6f353) to [`84384bd`](https://togithub.com/external-secrets/external-secrets/commit/84384bd6e777ef152729993b8145ea352e9dd3ef) by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3142 - chore(deps): bump ubi8/ubi-minimal from `c9c8f91` to `6825946` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3137 - feat: add push secret to e2e tests by [@​Skarlso](https://togithub.com/Skarlso) in [external-secrets/external-secrets#3017 - Implementation of Chef External Secrets Provider by [@​sourav977](https://togithub.com/sourav977) in [external-secrets/external-secrets#3127 - feat: add support for Pulumi ESC by [@​dirien](https://togithub.com/dirien) in [external-secrets/external-secrets#2997 - chore(deps): bump watchdog from 3.0.0 to 4.0.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3134 - chore(deps): bump certifi from 2023.11.17 to 2024.2.2 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3135 - chore(deps): bump mkdocs-material from 9.5.7 to 9.5.9 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3136 - chore(deps): bump golang from 1.21.6 to 1.22.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3138 - chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3140 - chore(deps): bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3139 - chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3141 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3143 - Start the helm workflow when files in deploy/crds change by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#3098 - Implements Webhook Generator by [@​gusfcarvalho](https://togithub.com/gusfcarvalho) in [external-secrets/external-secrets#3121 - Run unit tests on the main branch by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#3126 - fix(docs): Fix indentation in `vault-pushsecret.yaml` by [@​mboutet](https://togithub.com/mboutet) in [external-secrets/external-secrets#3156 - issue/3153 - added missing snapshots for Pulumi and Chef crd tests by [@​fdberlking](https://togithub.com/fdberlking) in [external-secrets/external-secrets#3154 #### New Contributors - [@​sourav977](https://togithub.com/sourav977) made their first contribution in [external-secrets/external-secrets#3127 - [@​dirien](https://togithub.com/dirien) made their first contribution in [external-secrets/external-secrets#2997 - [@​mboutet](https://togithub.com/mboutet) made their first contribution in [external-secrets/external-secrets#3156 **Full Changelog**: external-secrets/external-secrets@v0.9.12...v0.9.13 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xOTQuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE5NC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: lumiere-bot[bot] <98047013+lumiere-bot[bot]@users.noreply.github.com>
kireque
pushed a commit
to kireque/home-ops
that referenced
this pull request
Feb 22, 2024
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://togithub.com/external-secrets/external-secrets) | patch | `0.9.12` -> `0.9.13` | --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v0.9.13`](https://togithub.com/external-secrets/external-secrets/releases/tag/v0.9.13) [Compare Source](https://togithub.com/external-secrets/external-secrets/compare/v0.9.12...v0.9.13) Image: `ghcr.io/external-secrets/external-secrets:v0.9.13` Image: `ghcr.io/external-secrets/external-secrets:v0.9.13-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.9.13-ubi-boringssl` #### What's Changed - bump 0.9.12 by [@​rogertuma](https://togithub.com/rogertuma) in [external-secrets/external-secrets#3125 - temporarily removing ossf checks for helm release by [@​gusfcarvalho](https://togithub.com/gusfcarvalho) in [external-secrets/external-secrets#3128 - chore(deps): bump aquasecurity/trivy-action from [`f3d9851`](https://togithub.com/external-secrets/external-secrets/commit/f3d98514b056d8c71a3552e8328c225bc7f6f353) to [`84384bd`](https://togithub.com/external-secrets/external-secrets/commit/84384bd6e777ef152729993b8145ea352e9dd3ef) by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3142 - chore(deps): bump ubi8/ubi-minimal from `c9c8f91` to `6825946` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3137 - feat: add push secret to e2e tests by [@​Skarlso](https://togithub.com/Skarlso) in [external-secrets/external-secrets#3017 - Implementation of Chef External Secrets Provider by [@​sourav977](https://togithub.com/sourav977) in [external-secrets/external-secrets#3127 - feat: add support for Pulumi ESC by [@​dirien](https://togithub.com/dirien) in [external-secrets/external-secrets#2997 - chore(deps): bump watchdog from 3.0.0 to 4.0.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3134 - chore(deps): bump certifi from 2023.11.17 to 2024.2.2 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3135 - chore(deps): bump mkdocs-material from 9.5.7 to 9.5.9 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3136 - chore(deps): bump golang from 1.21.6 to 1.22.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3138 - chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3140 - chore(deps): bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3139 - chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3141 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3143 - Start the helm workflow when files in deploy/crds change by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#3098 - Implements Webhook Generator by [@​gusfcarvalho](https://togithub.com/gusfcarvalho) in [external-secrets/external-secrets#3121 - Run unit tests on the main branch by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#3126 - fix(docs): Fix indentation in `vault-pushsecret.yaml` by [@​mboutet](https://togithub.com/mboutet) in [external-secrets/external-secrets#3156 - issue/3153 - added missing snapshots for Pulumi and Chef crd tests by [@​fdberlking](https://togithub.com/fdberlking) in [external-secrets/external-secrets#3154 #### New Contributors - [@​sourav977](https://togithub.com/sourav977) made their first contribution in [external-secrets/external-secrets#3127 - [@​dirien](https://togithub.com/dirien) made their first contribution in [external-secrets/external-secrets#2997 - [@​mboutet](https://togithub.com/mboutet) made their first contribution in [external-secrets/external-secrets#3156 **Full Changelog**: external-secrets/external-secrets@v0.9.12...v0.9.13 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xOTQuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE5NC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: kireque-bot[bot] <143391978+kireque-bot[bot]@users.noreply.github.com>
v-starodubov
pushed a commit
to v-starodubov/external-secrets
that referenced
this pull request
Mar 6, 2024
* Adding the details for chef provider secret store. Issue: external-secrets#2905 This commit intends to add the chef provider structure to the existing list of external-secrets providers. It defines the structure of the SecretStore and ClusterSecretStore for chef Provider. The yaml resource will contain 3 important parts to identify and connect to chef server to reconcile secrets. They are: 1. serverurl: This is the URL to the chef server. 2. username: The username to connect to the chef server. 3. auth: The password to connect to the chef server. It is a reference to an already existing kubernetes secret containing the password. This commit also contains the auto generated CRDs using the `make generate` command. Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * Implementation for Chef ESO provided Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * - implemented Chef eso, added required methods - added unit test cases - added sample documentation Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Added Documentation for Authentication Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> * added documentation for Chef eso Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * Updated chef ESO documentation Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> * updated ValidateStore method signature Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * made changes in chef provider to satisfy 'make docs' Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * - updated code as per review comment, make reviewable suggestions Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> * modified chef provider code as per review comment Issue: external-secrets#2905 Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> --------- Signed-off-by: Subroto Roy <subrotoroy007@gmail.com> Signed-off-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com> Signed-off-by: Sourav Patnaik <souravpatnaik123@gmail.com> Co-authored-by: Subroto Roy <subrotoroy007@gmail.com> Co-authored-by: vardhanreddy13 <vvv.vardhanreddy@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem Statement
Introducing Chef External Secrets Provider.
This will enable users to seamlessly integrate Chef-based secret management with Kubernetes through the existing External Secrets framework.
Related Issue
issue: #2905
Related work
Any Duplicate PR
ref: #3073
(We are closing above PR as we are unable to resolve commit signed-off issue, as per suggestion #3073 (comment) , we are creating new PR)
Checklist
git commit --signoffmake testmake reviewable