diff --git a/k8s/operators/external-secrets/bundle.yaml b/k8s/operators/external-secrets/bundle.yaml index 1d13f3c..b9bd178 100644 --- a/k8s/operators/external-secrets/bundle.yaml +++ b/k8s/operators/external-secrets/bundle.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: acraccesstokens.generators.external-secrets.io @@ -41,7 +41,6 @@ spec: This can be scoped down to the repository level using .spec.scope. In case scope is defined it will return an ACR Access Token. - See docs: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md properties: apiVersion: @@ -184,12 +183,10 @@ spec: if not provided it will return a refresh token that has full scope. Note: you need to pin it down to the repository level, there is no wildcard available. - examples: repository:my-repository:pull,push repository:my-repository:pull - see docs for details: https://docs.docker.com/registry/spec/auth/scope/ type: string tenantId: @@ -210,7 +207,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: clusterexternalsecrets.external-secrets.io @@ -359,7 +356,6 @@ spec: description: |- GeneratorRef points to a generator custom resource. - Deprecated: The generatorRef is not implemented in .data[]. this will be removed with v1. properties: @@ -908,7 +904,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: clustersecretstores.external-secrets.io @@ -3213,6 +3209,156 @@ spec: required: - vaultUrl type: object + beyondtrust: + description: Beyondtrust configures this store to sync secrets + using Password Safe provider. + properties: + auth: + description: Auth configures how the operator authenticates + with Beyondtrust. + properties: + certificate: + description: Content of the certificate (cert.pem) for + use when authenticating with an OAuth client Id using + a Client Certificate. + properties: + secretRef: + description: SecretRef references a key in a secret + that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being + referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set + a value without using a secret. + type: string + type: object + certificateKey: + description: Certificate private key (key.pem). For use + when authenticating with an OAuth client Id + properties: + secretRef: + description: SecretRef references a key in a secret + that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being + referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set + a value without using a secret. + type: string + type: object + clientId: + properties: + secretRef: + description: SecretRef references a key in a secret + that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being + referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set + a value without using a secret. + type: string + type: object + clientSecret: + properties: + secretRef: + description: SecretRef references a key in a secret + that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being + referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set + a value without using a secret. + type: string + type: object + required: + - clientId + - clientSecret + type: object + server: + description: Auth configures how API server works. + properties: + apiUrl: + type: string + clientTimeOutSeconds: + description: Timeout specifies a time limit for requests + made by this Client. The timeout includes connection + time, any redirects, and reading the response body. + Defaults to 45 seconds. + type: integer + retrievalType: + description: The secret retrieval type. SECRET = Secrets + Safe (credential, text, file). MANAGED_ACCOUNT = Password + Safe account associated with a system. + type: string + separator: + description: A character that separates the folder names. + type: string + verifyCA: + type: boolean + required: + - apiUrl + - verifyCA + type: object + required: + - auth + - server + type: object bitwardensecretsmanager: description: BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider @@ -3259,6 +3405,33 @@ spec: Base64 encoded certificate for the bitwarden server sdk. The sdk MUST run with HTTPS to make sure no MITM attack can be performed. type: string + caProvider: + description: 'see: https://external-secrets.io/latest/spec/#external-secrets.io/v1alpha1.CAProvider' + properties: + key: + description: The key where the CA certificate can be found + in the Secret or ConfigMap. + type: string + name: + description: The name of the object located at the provider + type. + type: string + namespace: + description: |- + The namespace the Provider type is in. + Can only be defined when used in a ClusterSecretStore. + type: string + type: + description: The type of provider to use such as "Secret", + or "ConfigMap". + enum: + - Secret + - ConfigMap + type: string + required: + - name + - type + type: object identityURL: type: string organizationID: @@ -3271,7 +3444,6 @@ spec: type: string required: - auth - - caBundle - organizationID - projectID type: object @@ -5681,7 +5853,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: ecrauthorizationtokens.generators.external-secrets.io @@ -5853,7 +6025,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: externalsecrets.external-secrets.io @@ -6123,9 +6295,7 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string type: object x-kubernetes-map-type: atomic @@ -6269,7 +6439,6 @@ spec: description: |- GeneratorRef points to a generator custom resource. - Deprecated: The generatorRef is not implemented in .data[]. this will be removed with v1. properties: @@ -6657,9 +6826,7 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string type: object x-kubernetes-map-type: atomic @@ -6704,7 +6871,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: fakes.generators.external-secrets.io @@ -6781,7 +6948,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: gcraccesstokens.generators.external-secrets.io @@ -6913,7 +7080,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: githubaccesstokens.generators.external-secrets.io @@ -7017,7 +7184,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: passwords.generators.external-secrets.io @@ -7116,7 +7283,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 name: pushsecrets.external-secrets.io spec: conversion: @@ -7508,7 +7675,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: secretstores.external-secrets.io @@ -9813,6 +9980,156 @@ spec: required: - vaultUrl type: object + beyondtrust: + description: Beyondtrust configures this store to sync secrets + using Password Safe provider. + properties: + auth: + description: Auth configures how the operator authenticates + with Beyondtrust. + properties: + certificate: + description: Content of the certificate (cert.pem) for + use when authenticating with an OAuth client Id using + a Client Certificate. + properties: + secretRef: + description: SecretRef references a key in a secret + that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being + referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set + a value without using a secret. + type: string + type: object + certificateKey: + description: Certificate private key (key.pem). For use + when authenticating with an OAuth client Id + properties: + secretRef: + description: SecretRef references a key in a secret + that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being + referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set + a value without using a secret. + type: string + type: object + clientId: + properties: + secretRef: + description: SecretRef references a key in a secret + that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being + referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set + a value without using a secret. + type: string + type: object + clientSecret: + properties: + secretRef: + description: SecretRef references a key in a secret + that will be used as value. + properties: + key: + description: |- + The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + defaulted, in others it may be required. + type: string + name: + description: The name of the Secret resource being + referred to. + type: string + namespace: + description: |- + Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + to the namespace of the referent. + type: string + type: object + value: + description: Value can be specified directly to set + a value without using a secret. + type: string + type: object + required: + - clientId + - clientSecret + type: object + server: + description: Auth configures how API server works. + properties: + apiUrl: + type: string + clientTimeOutSeconds: + description: Timeout specifies a time limit for requests + made by this Client. The timeout includes connection + time, any redirects, and reading the response body. + Defaults to 45 seconds. + type: integer + retrievalType: + description: The secret retrieval type. SECRET = Secrets + Safe (credential, text, file). MANAGED_ACCOUNT = Password + Safe account associated with a system. + type: string + separator: + description: A character that separates the folder names. + type: string + verifyCA: + type: boolean + required: + - apiUrl + - verifyCA + type: object + required: + - auth + - server + type: object bitwardensecretsmanager: description: BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider @@ -9859,6 +10176,33 @@ spec: Base64 encoded certificate for the bitwarden server sdk. The sdk MUST run with HTTPS to make sure no MITM attack can be performed. type: string + caProvider: + description: 'see: https://external-secrets.io/latest/spec/#external-secrets.io/v1alpha1.CAProvider' + properties: + key: + description: The key where the CA certificate can be found + in the Secret or ConfigMap. + type: string + name: + description: The name of the object located at the provider + type. + type: string + namespace: + description: |- + The namespace the Provider type is in. + Can only be defined when used in a ClusterSecretStore. + type: string + type: + description: The type of provider to use such as "Secret", + or "ConfigMap". + enum: + - Secret + - ConfigMap + type: string + required: + - name + - type + type: object identityURL: type: string organizationID: @@ -9871,7 +10215,6 @@ spec: type: string required: - auth - - caBundle - organizationID - projectID type: object @@ -12281,7 +12624,70 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 + name: uuids.generators.external-secrets.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: external-secrets-webhook + namespace: external-secrets + path: /convert + conversionReviewVersions: + - v1 + group: generators.external-secrets.io + names: + categories: + - password + kind: UUID + listKind: UUIDList + plural: uuids + shortNames: + - uuids + singular: uuid + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + Password generates a random password based on the + configuration parameters in spec. + You can specify the length, characterset and other attributes. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: UUIDSpec controls the behavior of the uuid generator. + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: vaultdynamicsecrets.generators.external-secrets.io @@ -13012,7 +13418,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.2 labels: external-secrets.io/component: controller name: webhooks.generators.external-secrets.io @@ -13169,8 +13575,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets namespace: external-secrets --- @@ -13181,8 +13587,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-cert-controller - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-cert-controller namespace: external-secrets --- @@ -13193,8 +13599,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-webhook - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-webhook namespace: external-secrets --- @@ -13205,8 +13611,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-leaderelection namespace: external-secrets rules: @@ -13243,8 +13649,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-cert-controller - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-cert-controller rules: - apiGroups: @@ -13262,9 +13668,17 @@ rules: resources: - validatingwebhookconfigurations verbs: - - get - list - watch + - get +- apiGroups: + - admissionregistration.k8s.io + resourceNames: + - secretstore-validate + - externalsecret-validate + resources: + - validatingwebhookconfigurations + verbs: - update - patch - apiGroups: @@ -13309,8 +13723,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-controller rules: - apiGroups: @@ -13420,8 +13834,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: external-secrets-edit @@ -13464,8 +13878,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 servicebinding.io/controller: "true" name: external-secrets-servicebindings rules: @@ -13485,8 +13899,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -13526,8 +13940,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-leaderelection namespace: external-secrets roleRef: @@ -13546,8 +13960,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-cert-controller - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-cert-controller roleRef: apiGroup: rbac.authorization.k8s.io @@ -13565,8 +13979,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-controller roleRef: apiGroup: rbac.authorization.k8s.io @@ -13584,9 +13998,9 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-webhook - app.kubernetes.io/version: v0.10.0 + app.kubernetes.io/version: v0.10.3 external-secrets.io/component: webhook - helm.sh/chart: external-secrets-0.10.0 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-webhook namespace: external-secrets --- @@ -13597,9 +14011,9 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-webhook - app.kubernetes.io/version: v0.10.0 + app.kubernetes.io/version: v0.10.3 external-secrets.io/component: webhook - helm.sh/chart: external-secrets-0.10.0 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-webhook namespace: external-secrets spec: @@ -13620,8 +14034,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets namespace: external-secrets spec: @@ -13637,8 +14051,8 @@ spec: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 spec: automountServiceAccountToken: true containers: @@ -13647,7 +14061,7 @@ spec: - --metrics-addr=:8080 - --loglevel=info - --zap-time-encoding=epoch - image: ghcr.io/external-secrets/external-secrets:v0.10.0 + image: ghcr.io/external-secrets/external-secrets:v0.10.3 imagePullPolicy: IfNotPresent name: external-secrets ports: @@ -13675,8 +14089,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-cert-controller - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-cert-controller namespace: external-secrets spec: @@ -13692,8 +14106,8 @@ spec: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-cert-controller - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 spec: automountServiceAccountToken: true containers: @@ -13709,7 +14123,7 @@ spec: - --loglevel=info - --zap-time-encoding=epoch - --enable-partial-cache=true - image: ghcr.io/external-secrets/external-secrets:v0.10.0 + image: ghcr.io/external-secrets/external-secrets:v0.10.3 imagePullPolicy: IfNotPresent name: cert-controller ports: @@ -13742,8 +14156,8 @@ metadata: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-webhook - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 name: external-secrets-webhook namespace: external-secrets spec: @@ -13759,8 +14173,8 @@ spec: app.kubernetes.io/instance: external-secrets app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: external-secrets-webhook - app.kubernetes.io/version: v0.10.0 - helm.sh/chart: external-secrets-0.10.0 + app.kubernetes.io/version: v0.10.3 + helm.sh/chart: external-secrets-0.10.3 spec: automountServiceAccountToken: true containers: @@ -13774,7 +14188,7 @@ spec: - --healthz-addr=:8081 - --loglevel=info - --zap-time-encoding=epoch - image: ghcr.io/external-secrets/external-secrets:v0.10.0 + image: ghcr.io/external-secrets/external-secrets:v0.10.3 imagePullPolicy: IfNotPresent name: webhook ports: