Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(external-secrets): update helm-release ( 0.11.0 → 0.12.1 ) #4200

Merged
merged 1 commit into from
Dec 23, 2024

Conversation

tyriis-automation[bot]
Copy link
Contributor

@tyriis-automation tyriis-automation bot commented Dec 23, 2024

This PR contains the following updates:

Package Update Change OpenSSF
external-secrets minor 0.11.0 -> 0.12.1 OpenSSF Scorecard

Release Notes

external-secrets/external-secrets (external-secrets)

v0.12.1

Compare Source

RELEASE VERSION

My apologies, when creating the release, 0.12.0 failed. The branch and tag however, have been created and I was unable to delete them. Thus, the version has been increased to 0.12.1 after the fix and now that's the current version. I hand updated the release notes to include everyone into the changes.

BREAKING CHANGES

The following breaking changes have been introduced into this release:

  • Permission update for AWS provider adding BulkFetch when getting multiple secrets ( significant API reduce but comes with adding a permission for bulk endpoint )
  • fixed a typo for a generator in the json tag where before it was ecrRAuthorizationTokenSpec with an extra R
  • We standardized the GCP Secrets Manager Metadata structure for PushSecrets ( be aware that existing manifests will stop working until updated to the standardized version ) for more info see https://github.com/external-secrets/external-secrets/pull/4210
Images

Image: ghcr.io/external-secrets/external-secrets:v0.12.1
Image: ghcr.io/external-secrets/external-secrets:v0.12.1-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.12.1-ubi-boringssl

What's Changed

Full Changelog: external-secrets/external-secrets@v0.11.0...v0.12.1


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@tyriis-automation
Copy link
Contributor Author

--- kubernetes/kube-nas/apps/secops/external-secrets/app Kustomization: flux-system/external-secrets HelmRelease: secops/external-secrets

+++ kubernetes/kube-nas/apps/secops/external-secrets/app Kustomization: flux-system/external-secrets HelmRelease: secops/external-secrets

@@ -12,13 +12,13 @@

     spec:
       chart: external-secrets
       sourceRef:
         kind: HelmRepository
         name: external-secrets-charts
         namespace: flux-system
-      version: 0.11.0
+      version: 0.12.1
   driftDetection:
     mode: enabled
   install:
     remediation:
       retries: 3
   interval: 15m

@tyriis-automation
Copy link
Contributor Author

--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets-cert-controller

+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets-cert-controller

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: oci.external-secrets.io/external-secrets/external-secrets:v0.11.0
+        image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
         imagePullPolicy: IfNotPresent
         args:
         - certcontroller
         - --crd-requeue-interval=5m
         - --service-name=external-secrets-webhook
         - --service-namespace=secops
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets

+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: oci.external-secrets.io/external-secrets/external-secrets:v0.11.0
+        image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
         imagePullPolicy: IfNotPresent
         args:
         - --concurrent=1
         - --metrics-addr=:8080
         - --loglevel=info
         - --zap-time-encoding=epoch
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets-webhook

+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets-webhook

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: oci.external-secrets.io/external-secrets/external-secrets:v0.11.0
+        image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
         imagePullPolicy: IfNotPresent
         args:
         - webhook
         - --port=10250
         - --dns-name=external-secrets-webhook.secops.svc
         - --cert-dir=/tmp/certs

@tyriis-automation
Copy link
Contributor Author

--- kubernetes/talos-flux/apps/secops/external-secrets/app Kustomization: flux-system/apps-external-secrets HelmRelease: secops/external-secrets

+++ kubernetes/talos-flux/apps/secops/external-secrets/app Kustomization: flux-system/apps-external-secrets HelmRelease: secops/external-secrets

@@ -13,13 +13,13 @@

       chart: external-secrets
       interval: 30m
       sourceRef:
         kind: HelmRepository
         name: external-secrets-charts
         namespace: flux-system
-      version: 0.11.0
+      version: 0.12.1
   interval: 30m
   values:
     grafana:
       enabled: false
     installCRDs: true
     replicaCount: 1

@tyriis-automation
Copy link
Contributor Author

--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets-cert-controller

+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets-cert-controller

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: oci.external-secrets.io/external-secrets/external-secrets:v0.11.0
+        image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
         imagePullPolicy: IfNotPresent
         args:
         - certcontroller
         - --crd-requeue-interval=5m
         - --service-name=external-secrets-webhook
         - --service-namespace=secops
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets

+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: oci.external-secrets.io/external-secrets/external-secrets:v0.11.0
+        image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
         imagePullPolicy: IfNotPresent
         args:
         - --concurrent=1
         - --metrics-addr=:8080
         - --loglevel=info
         - --zap-time-encoding=epoch
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets-webhook

+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets-webhook

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: oci.external-secrets.io/external-secrets/external-secrets:v0.11.0
+        image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
         imagePullPolicy: IfNotPresent
         args:
         - webhook
         - --port=10250
         - --dns-name=external-secrets-webhook.secops.svc
         - --cert-dir=/tmp/certs

@tyriis-automation
Copy link
Contributor Author

🦙 MegaLinter status: ✅ SUCCESS

Descriptor Linter Files Fixed Errors Elapsed time
✅ EDITORCONFIG editorconfig-checker 2 0 0.01s
✅ REPOSITORY gitleaks yes no 3.88s
✅ YAML prettier 2 0 0.44s
✅ YAML yamllint 2 0 0.35s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

@tyriis-automation tyriis-automation bot merged commit 187e249 into main Dec 23, 2024
18 checks passed
@tyriis-automation tyriis-automation bot deleted the renovate/external-secrets-0.x branch December 23, 2024 21:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants