Skip to content

feat(helm): update external-secrets ( 0.14.4 → 0.20.4 ) #731

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat(helm): update external-secrets ( 0.14.4 → 0.20.4 ) #731

wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 22, 2025
edited
Loading

This PR contains the following updates:

Package Update Change
external-secrets minor 0.14.4 -> 0.20.4

Release Notes

external-secrets/external-secrets (external-secrets)

v0.20.4

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.20.4
Image: ghcr.io/external-secrets/external-secrets:v0.20.4-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.20.4-ubi-boringssl

What's Changed

General
Dependencies

New Contributors

Full Changelog: external-secrets/external-secrets@v0.20.3...v0.20.4

v0.20.3

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.20.3
Image: ghcr.io/external-secrets/external-secrets:v0.20.3-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.20.3-ubi-boringssl

What's Changed

General
Dependencies

New Contributors

Full Changelog: external-secrets/external-secrets@v0.20.2...v0.20.3

v0.20.2

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.20.2
Image: ghcr.io/external-secrets/external-secrets:v0.20.2-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.20.2-ubi-boringssl

What's Changed

General
Dependencies

New Contributors

Full Changelog: external-secrets/external-secrets@v0.20.0...v0.20.2

v0.20.1

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.20.1
Image: ghcr.io/external-secrets/external-secrets:v0.20.1-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.20.1-ubi-boringssl

What's Changed

General
Dependencies

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-actions
Copy link
Contributor

github-actions bot commented Mar 22, 2025
edited
Loading 

--- kubernetes/apps/cluster-system/external-secrets/external-secrets/app Kustomization: flux-system/external-secrets HelmRelease: cluster-system/external-secrets

+++ kubernetes/apps/cluster-system/external-secrets/external-secrets/app Kustomization: flux-system/external-secrets HelmRelease: cluster-system/external-secrets

@@ -13,13 +13,13 @@

     spec:
       chart: external-secrets
       sourceRef:
         kind: HelmRepository
         name: external-secrets
         namespace: flux-system
-      version: 0.14.4
+      version: 0.20.4
   install:
     remediation:
       retries: 3
   interval: 30m
   upgrade:
     cleanupOnFail: true

@github-actions
Copy link
Contributor

github-actions bot commented Mar 22, 2025
edited
Loading 

--- HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-cert-controller

+++ HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-cert-controller

@@ -42,12 +42,20 @@

   - endpoints
   verbs:
   - list
   - get
   - watch
 - apiGroups:
+  - discovery.k8s.io
+  resources:
+  - endpointslices
+  verbs:
+  - list
+  - get
+  - watch
+- apiGroups:
   - ''
   resources:
   - events
   verbs:
   - create
   - patch
--- HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-controller

+++ HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-controller

@@ -13,12 +13,13 @@

   resources:
   - secretstores
   - clustersecretstores
   - externalsecrets
   - clusterexternalsecrets
   - pushsecrets
+  - clusterpushsecrets
   verbs:
   - get
   - list
   - watch
 - apiGroups:
   - external-secrets.io
@@ -35,12 +36,15 @@

   - clusterexternalsecrets
   - clusterexternalsecrets/status
   - clusterexternalsecrets/finalizers
   - pushsecrets
   - pushsecrets/status
   - pushsecrets/finalizers
+  - clusterpushsecrets
+  - clusterpushsecrets/status
+  - clusterpushsecrets/finalizers
   verbs:
   - get
   - update
   - patch
 - apiGroups:
   - generators.external-secrets.io
@@ -56,24 +60,27 @@

   - delete
   - deletecollection
 - apiGroups:
   - generators.external-secrets.io
   resources:
   - acraccesstokens
+  - cloudsmithaccesstokens
   - clustergenerators
   - ecrauthorizationtokens
   - fakes
   - gcraccesstokens
   - githubaccesstokens
   - quayaccesstokens
   - passwords
+  - sshkeys
   - stssessiontokens
   - uuids
   - vaultdynamicsecrets
   - webhooks
   - grafanas
+  - mfas
   verbs:
   - get
   - list
   - watch
 - apiGroups:
   - ''
@@ -81,12 +88,19 @@

   - serviceaccounts
   - namespaces
   verbs:
   - get
   - list
   - watch
+- apiGroups:
+  - ''
+  resources:
+  - namespaces
+  verbs:
+  - update
+  - patch
 - apiGroups:
   - ''
   resources:
   - configmaps
   verbs:
   - get
@@ -122,7 +136,15 @@

   resources:
   - externalsecrets
   verbs:
   - create
   - update
   - delete
+- apiGroups:
+  - external-secrets.io
+  resources:
+  - pushsecrets
+  verbs:
+  - create
+  - update
+  - delete
 
--- HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-view

+++ HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-view

@@ -15,30 +15,35 @@

   - external-secrets.io
   resources:
   - externalsecrets
   - secretstores
   - clustersecretstores
   - pushsecrets
+  - clusterpushsecrets
   verbs:
   - get
   - watch
   - list
 - apiGroups:
   - generators.external-secrets.io
   resources:
   - acraccesstokens
+  - cloudsmithaccesstokens
   - clustergenerators
   - ecrauthorizationtokens
   - fakes
   - gcraccesstokens
   - githubaccesstokens
   - quayaccesstokens
   - passwords
+  - sshkeys
   - vaultdynamicsecrets
   - webhooks
   - grafanas
   - generatorstates
+  - mfas
+  - uuids
   verbs:
   - get
   - watch
   - list
 
--- HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-edit

+++ HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-edit

@@ -14,33 +14,38 @@

   - external-secrets.io
   resources:
   - externalsecrets
   - secretstores
   - clustersecretstores
   - pushsecrets
+  - clusterpushsecrets
   verbs:
   - create
   - delete
   - deletecollection
   - patch
   - update
 - apiGroups:
   - generators.external-secrets.io
   resources:
   - acraccesstokens
+  - cloudsmithaccesstokens
   - clustergenerators
   - ecrauthorizationtokens
   - fakes
   - gcraccesstokens
   - githubaccesstokens
   - quayaccesstokens
   - passwords
+  - sshkeys
   - vaultdynamicsecrets
   - webhooks
   - grafanas
   - generatorstates
+  - mfas
+  - uuids
   verbs:
   - create
   - delete
   - deletecollection
   - patch
   - update
--- HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-servicebindings

+++ HelmRelease: cluster-system/external-secrets ClusterRole: cluster-system/external-secrets-servicebindings

@@ -10,11 +10,12 @@

     app.kubernetes.io/managed-by: Helm
 rules:
 - apiGroups:
   - external-secrets.io
   resources:
   - externalsecrets
+  - pushsecrets
   verbs:
   - get
   - list
   - watch
 
--- HelmRelease: cluster-system/external-secrets Service: cluster-system/external-secrets-webhook

+++ HelmRelease: cluster-system/external-secrets Service: cluster-system/external-secrets-webhook

@@ -10,13 +10,13 @@

     app.kubernetes.io/managed-by: Helm
     external-secrets.io/component: webhook
 spec:
   type: ClusterIP
   ports:
   - port: 443
-    targetPort: 10250
+    targetPort: webhook
     protocol: TCP
     name: webhook
   selector:
     app.kubernetes.io/name: external-secrets-webhook
     app.kubernetes.io/instance: external-secrets
 
--- HelmRelease: cluster-system/external-secrets Deployment: cluster-system/external-secrets-cert-controller

+++ HelmRelease: cluster-system/external-secrets Deployment: cluster-system/external-secrets-cert-controller

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: ghcr.io/external-secrets/external-secrets:v0.14.4
+        image: ghcr.io/external-secrets/external-secrets:v0.20.4
         imagePullPolicy: IfNotPresent
         args:
         - certcontroller
         - --crd-requeue-interval=5m
         - --service-name=external-secrets-webhook
         - --service-namespace=cluster-system
--- HelmRelease: cluster-system/external-secrets Deployment: cluster-system/external-secrets

+++ HelmRelease: cluster-system/external-secrets Deployment: cluster-system/external-secrets

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: ghcr.io/external-secrets/external-secrets:v0.14.4
+        image: ghcr.io/external-secrets/external-secrets:v0.20.4
         imagePullPolicy: IfNotPresent
         args:
         - --concurrent=1
         - --metrics-addr=:8080
         - --loglevel=info
         - --zap-time-encoding=epoch
--- HelmRelease: cluster-system/external-secrets Deployment: cluster-system/external-secrets-webhook

+++ HelmRelease: cluster-system/external-secrets Deployment: cluster-system/external-secrets-webhook

@@ -34,13 +34,13 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: ghcr.io/external-secrets/external-secrets:v0.14.4
+        image: ghcr.io/external-secrets/external-secrets:v0.20.4
         imagePullPolicy: IfNotPresent
         args:
         - webhook
         - --port=10250
         - --dns-name=external-secrets-webhook.cluster-system.svc
         - --cert-dir=/tmp/certs
--- HelmRelease: cluster-system/external-secrets ValidatingWebhookConfiguration: cluster-system/secretstore-validate

+++ HelmRelease: cluster-system/external-secrets ValidatingWebhookConfiguration: cluster-system/secretstore-validate

@@ -11,48 +11,48 @@

 webhooks:
 - name: validate.secretstore.external-secrets.io
   rules:
   - apiGroups:
     - external-secrets.io
     apiVersions:
-    - v1beta1
+    - v1
     operations:
     - CREATE
     - UPDATE
     - DELETE
     resources:
     - secretstores
     scope: Namespaced
   clientConfig:
     service:
       namespace: cluster-system
       name: external-secrets-webhook
-      path: /validate-external-secrets-io-v1beta1-secretstore
+      path: /validate-external-secrets-io-v1-secretstore
   admissionReviewVersions:
   - v1
   - v1beta1
   sideEffects: None
   timeoutSeconds: 5
 - name: validate.clustersecretstore.external-secrets.io
   rules:
   - apiGroups:
     - external-secrets.io
     apiVersions:
-    - v1beta1
+    - v1
     operations:
     - CREATE
     - UPDATE
     - DELETE
     resources:
     - clustersecretstores
     scope: Cluster
   clientConfig:
     service:
       namespace: cluster-system
       name: external-secrets-webhook
-      path: /validate-external-secrets-io-v1beta1-clustersecretstore
+      path: /validate-external-secrets-io-v1-clustersecretstore
   admissionReviewVersions:
   - v1
   - v1beta1
   sideEffects: None
   timeoutSeconds: 5
 
--- HelmRelease: cluster-system/external-secrets ValidatingWebhookConfiguration: cluster-system/externalsecret-validate

+++ HelmRelease: cluster-system/external-secrets ValidatingWebhookConfiguration: cluster-system/externalsecret-validate

@@ -11,25 +11,25 @@

 webhooks:
 - name: validate.externalsecret.external-secrets.io
   rules:
   - apiGroups:
     - external-secrets.io
     apiVersions:
-    - v1beta1
+    - v1
     operations:
     - CREATE
     - UPDATE
     - DELETE
     resources:
     - externalsecrets
     scope: Namespaced
   clientConfig:
     service:
       namespace: cluster-system
       name: external-secrets-webhook
-      path: /validate-external-secrets-io-v1beta1-externalsecret
+      path: /validate-external-secrets-io-v1-externalsecret
   admissionReviewVersions:
   - v1
   - v1beta1
   sideEffects: None
   timeoutSeconds: 5
   failurePolicy: Fail

@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.3 → 0.15.0 ) feat(helm): update external-secrets ( 0.14.3 → 0.15.1 ) Mar 29, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 3bbdf1f to d8fb1cd Compare March 29, 2025 00:28
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from d8fb1cd to 708d29d Compare April 14, 2025 19:40
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.3 → 0.15.1 ) feat(helm): update external-secrets ( 0.14.3 → 0.16.0 ) Apr 14, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 708d29d to d492133 Compare April 16, 2025 15:40
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.3 → 0.16.0 ) feat(helm): update external-secrets ( 0.14.3 → 0.16.1 ) Apr 16, 2025
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.3 → 0.16.1 ) feat(helm): update external-secrets ( 0.14.4 → 0.16.1 ) May 5, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch 2 times, most recently from e08197b to 4590843 Compare May 7, 2025 17:04
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.16.1 ) feat(helm): update external-secrets ( 0.14.4 → 0.16.2 ) May 7, 2025
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.16.2 ) feat(helm): update external-secrets ( 0.14.4 → 0.17.0 ) May 15, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 4590843 to cb141a3 Compare May 15, 2025 06:53
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from cb141a3 to 2bd7987 Compare May 28, 2025 07:52
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.17.0 ) feat(helm): update external-secrets ( 0.14.4 → 0.18.0 ) Jun 17, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 2bd7987 to bf5e96a Compare June 17, 2025 22:55
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from bf5e96a to 6d27ca1 Compare June 26, 2025 07:26
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.18.0 ) feat(helm): update external-secrets ( 0.14.4 → 0.18.1 ) Jun 26, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 6d27ca1 to 4225768 Compare July 3, 2025 14:59
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.18.1 ) feat(helm): update external-secrets ( 0.14.4 → 0.18.2 ) Jul 3, 2025
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.18.2 ) feat(helm): update external-secrets ( 0.14.4 → 0.19.0 ) Aug 2, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch 2 times, most recently from 5ebe429 to 4876e02 Compare August 8, 2025 20:23
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.19.0 ) feat(helm): update external-secrets ( 0.14.4 → 0.19.1 ) Aug 8, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 4876e02 to 9a86d36 Compare August 13, 2025 09:48
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.19.1 ) feat(helm): update external-secrets ( 0.14.4 → 0.19.2 ) Aug 13, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 9a86d36 to 30f3957 Compare September 22, 2025 12:32
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.19.2 ) feat(helm): update external-secrets ( 0.14.4 → 0.20.1 ) Sep 22, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 30f3957 to 0491798 Compare October 3, 2025 12:54
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.20.1 ) feat(helm): update external-secrets ( 0.14.4 → 0.20.2 ) Oct 3, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from 0491798 to a8fb2a4 Compare October 14, 2025 08:31
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.20.2 ) feat(helm): update external-secrets ( 0.14.4 → 0.20.3 ) Oct 14, 2025
@renovate renovate bot force-pushed the renovate/external-secrets-0.x branch from a8fb2a4 to c13a61c Compare October 24, 2025 19:46
@renovate renovate bot changed the title feat(helm): update external-secrets ( 0.14.4 → 0.20.3 ) feat(helm): update external-secrets ( 0.14.4 → 0.20.4 ) Oct 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/kubernetes renovate/helm type/minor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant