Moritz Johner
Moritz Johner
This is probably related to #48. It happened to me after a cluster rollover. My Scenario: I start a pod. The application inside uses the aws sdk which tries to...
relates to: https://github.com/cncf/toc/issues/882 This Issue tracks the state of the tasks needed for onboarding :point_up_2: @knelasevero @gusfcarvalho feel free to @mention your name behind a TODO to claim it and...
As discussed in the community meeting today, the `Kind=SecretSink` should be renamed to `Kind=PushSecret` (or something else, we're open to suggestions - naming is really hard :sweat_smile: ). The current...
discussed in #641 We want to implement the SecretSink proposal https://github.com/external-secrets/external-secrets/blob/main/design/001-secretsink.md.
Multiple users reported a use-case to sync tags or arbitrary metadata from the secret provider. Yaml spec is defined in comment below. Implementation status: - [x] Azure KV - [...
@alfredkrohmer i just created this issue to track your problem. > Just discovered this while testing the 0.5.0 release, this change breaks a use case that we have: **not** specifying...
We can use syft/grype to scan the base image we use to detect tampering. In addition we should create an SBOM, store it as container attestation and sign it aswell...
Context: * running on EKS, using IRSA and pod-identity-webhook * multiple tenants should be onboarded onto the cluster * we're enforcing `spec.serviceAccountName` * one tenant should not be able to...
This PR adds the `generators.external-secrets.io` api group. It contains a set of new CRDs: `Password`, `Fake`, `ACRAccessToken`, `ECRAuthorizationToken`, `GCRAccessToken`. Design: https://github.com/external-secrets/external-secrets/pull/1338 Fixes: #1588 TODO: - [x] figure out a way...
We want to know how many API calls are being made towards a specific secret provider API. For a first iteration i would propose to add a simple `counter` metric...