rebase with external-secret (#1)

* build(deps): bump sigs.k8s.io/controller-tools from 0.9.0 to 0.9.2 (external-secrets#1322)

* build(deps): bump sigs.k8s.io/controller-tools from 0.9.0 to 0.9.2

Bumps [sigs.k8s.io/controller-tools](https://github.com/kubernetes-sigs/controller-tools) from 0.9.0 to 0.9.2.
- [Release notes](https://github.com/kubernetes-sigs/controller-tools/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-tools/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/controller-tools@v0.9.0...v0.9.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-tools
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* fix: re-gen CRDs

Signed-off-by: Moritz Johner <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <[email protected]>

* 📚 update references to select "main" instead of "master" (external-secrets#1346)

* 📝 update references to select "main" instead of "master"

* Remove unused variable

* fix: handle empty conversionStrategy (external-secrets#1408)

This is for the case when the conversion webhook does not
set the conversionStrategy properly (it doesn't run the Defaulter).

Signed-off-by: Moritz Johner <[email protected]>

* feat: add LF footer copytight (external-secrets#1416)

Signed-off-by: Moritz Johner <[email protected]>

* 🐛fixes e2e tests (external-secrets#1420)

Signed-off-by: Gustavo Carvalho <[email protected]>

* 🐛 Fix/remove dependabot from e2e trusted (external-secrets#1422)

* fixes e2e tests

Signed-off-by: Gustavo Carvalho <[email protected]>

* dependabot now needs /ok-to-test

Signed-off-by: Gustavo Carvalho <[email protected]>

* 🐛Fixing: github.actor instead of github.author (external-secrets#1424)

Signed-off-by: Gustavo Carvalho <[email protected]>

* ⬆️build(deps): bump github.com/xanzy/go-gitlab from 0.68.2 to 0.70.0 (external-secrets#1421)

Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.68.2 to 0.70.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases)
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](xanzy/go-gitlab@v0.68.2...v0.70.0)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️build(deps): bump google.golang.org/grpc from 1.47.0 to 1.48.0 (external-secrets#1414)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.47.0 to 1.48.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.47.0...v1.48.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️build(deps): bump github.com/fluxcd/helm-controller/api (external-secrets#1413)

Bumps [github.com/fluxcd/helm-controller/api](https://github.com/fluxcd/helm-controller) from 0.22.1 to 0.22.2.
- [Release notes](https://github.com/fluxcd/helm-controller/releases)
- [Changelog](https://github.com/fluxcd/helm-controller/blob/main/CHANGELOG.md)
- [Commits](fluxcd/helm-controller@v0.22.1...v0.22.2)

---
updated-dependencies:
- dependency-name: github.com/fluxcd/helm-controller/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️build(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (external-secrets#1412)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@v2.4.1...v2.5.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️build(deps): bump azure/setup-helm from 3.1 to 3.3 (external-secrets#1411)

Bumps [azure/setup-helm](https://github.com/azure/setup-helm) from 3.1 to 3.3.
- [Release notes](https://github.com/azure/setup-helm/releases)
- [Commits](Azure/setup-helm@v3.1...v3.3)

---
updated-dependencies:
- dependency-name: azure/setup-helm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️ Bump github.com/fluxcd/source-controller/api (external-secrets#1426)

Bumps [github.com/fluxcd/source-controller/api](https://github.com/fluxcd/source-controller) from 0.25.10 to 0.25.11.
- [Release notes](https://github.com/fluxcd/source-controller/releases)
- [Changelog](https://github.com/fluxcd/source-controller/blob/main/CHANGELOG.md)
- [Commits](fluxcd/source-controller@v0.25.10...v0.25.11)

---
updated-dependencies:
- dependency-name: github.com/fluxcd/source-controller/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️ Bump github.com/Azure/go-autorest/autorest (external-secrets#1425)

Bumps [github.com/Azure/go-autorest/autorest](https://github.com/Azure/go-autorest) from 0.11.27 to 0.11.28.
- [Release notes](https://github.com/Azure/go-autorest/releases)
- [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md)
- [Commits](Azure/go-autorest@autorest/v0.11.27...autorest/v0.11.28)

---
updated-dependencies:
- dependency-name: github.com/Azure/go-autorest/autorest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ✨Implements dataFrom key rewrite (external-secrets#1381)

* Implements dataFrom key rewrite

Co-authored-by: Moritz Johner <[email protected]>
Signed-off-by: Gustavo Carvalho <[email protected]>

* docs: add example to remove invalid characters

Signed-off-by: Moritz Johner <[email protected]>

Co-authored-by: Moritz Johner <[email protected]>
Co-authored-by: Moritz Johner <[email protected]>

* chore: bump helm release (external-secrets#1432)

Signed-off-by: Moritz Johner <[email protected]>

* add missing default values for spec.target (external-secrets#1431)

Add missing default values for ExternalSecretTarget on CRD definition
Fixes external-secrets#1233

Signed-off-by: Helena Steck <[email protected]>

* Bump github.com/spf13/cobra from 1.4.0 to 1.5.0 (external-secrets#1437)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.1.0 to 0.2.0 (external-secrets#1436)

Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](hashicorp/vault@v0.1.0...v0.2.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/crossplane/crossplane-runtime from 0.16.0 to 0.17.0 (external-secrets#1435)

Bumps [github.com/crossplane/crossplane-runtime](https://github.com/crossplane/crossplane-runtime) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/crossplane/crossplane-runtime/releases)
- [Commits](crossplane/crossplane-runtime@v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: github.com/crossplane/crossplane-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump golang from 1.18-alpine to 1.19.0-alpine (external-secrets#1434)

Bumps golang from 1.18-alpine to 1.19.0-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/AzureAD/microsoft-authentication-library-for-go (external-secrets#1440)

Bumps [github.com/AzureAD/microsoft-authentication-library-for-go](https://github.com/AzureAD/microsoft-authentication-library-for-go) from 0.5.2 to 0.5.3.
- [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-go/releases)
- [Changelog](https://github.com/AzureAD/microsoft-authentication-library-for-go/blob/dev/RELEASES.md)
- [Commits](AzureAD/microsoft-authentication-library-for-go@v0.5.2...v0.5.3)

---
updated-dependencies:
- dependency-name: github.com/AzureAD/microsoft-authentication-library-for-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix provisionedNamespaces in Status field of ClusterExternalSecret keeps getting updated non-stop (external-secrets#1441)

Signed-off-by: Kewei Ma <[email protected]>

* clean: typo (clister) in azurekv_types (external-secrets#1442)

Signed-off-by: Nandor Magyar <[email protected]>

Signed-off-by: Nandor Magyar <[email protected]>

* ⬆️github.com/akeylesslabs/akeyless-go/v2 from 2.16.8 to 2.17.0 (external-secrets#1438)

* Bump github.com/akeylesslabs/akeyless-go/v2 from 2.16.8 to 2.17.0

Bumps [github.com/akeylesslabs/akeyless-go/v2](https://github.com/akeylesslabs/akeyless-go) from 2.16.8 to 2.17.0.
- [Release notes](https://github.com/akeylesslabs/akeyless-go/releases)
- [Changelog](https://github.com/akeylesslabs/akeyless-go/blob/master/docs/KmipRenewServerCertificate.md)
- [Commits](akeylesslabs/akeyless-go@v2.16.8...v2.17.0)

---
updated-dependencies:
- dependency-name: github.com/akeylesslabs/akeyless-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Fixing linting issues

Signed-off-by: Gustavo Carvalho <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Gustavo Carvalho <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gustavo Carvalho <[email protected]>

* 🧹 Removing Unknown License from allowed licenses (external-secrets#1446)


Signed-off-by: Gustavo Carvalho <[email protected]>

* 📚Fix comment specifying the default engineVersion. (external-secrets#1450)

Signed-off-by: Tony Worthit <[email protected]>

Signed-off-by: Tony Worthit <[email protected]>

* fix: AWS attr. dot check off-by-one error (external-secrets#1459)

* Fix off-by-one in check for dot in JSON attr. name

Signed-off-by: stephen-dexda <[email protected]>

* ⬆️ Bump github.com/prometheus/client_golang (external-secrets#1457)

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.12.2 to 1.13.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.12.2...v1.13.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️ Bump github.com/googleapis/gax-go/v2 from 2.4.0 to 2.5.1 (external-secrets#1456)

Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go) from 2.4.0 to 2.5.1.
- [Release notes](https://github.com/googleapis/gax-go/releases)
- [Commits](googleapis/gax-go@v2.4.0...v2.5.1)

---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️ Bump github.com/aliyun/alibaba-cloud-sdk-go (external-secrets#1455)

Bumps [github.com/aliyun/alibaba-cloud-sdk-go](https://github.com/aliyun/alibaba-cloud-sdk-go) from 1.61.1673 to 1.61.1724.
- [Release notes](https://github.com/aliyun/alibaba-cloud-sdk-go/releases)
- [Changelog](https://github.com/aliyun/alibaba-cloud-sdk-go/blob/master/ChangeLog.txt)
- [Commits](aliyun/alibaba-cloud-sdk-go@v1.61.1673...v1.61.1724)

---
updated-dependencies:
- dependency-name: github.com/aliyun/alibaba-cloud-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ⬆️ Bump helm/chart-testing-action from 2.2.1 to 2.3.0 (external-secrets#1453)

Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/helm/chart-testing-action/releases)
- [Commits](helm/chart-testing-action@v2.2.1...v2.3.0)

---
updated-dependencies:
- dependency-name: helm/chart-testing-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/Azure/go-autorest/autorest/adal (external-secrets#1463)

Bumps [github.com/Azure/go-autorest/autorest/adal](https://github.com/Azure/go-autorest) from 0.9.20 to 0.9.21.
- [Release notes](https://github.com/Azure/go-autorest/releases)
- [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md)
- [Commits](Azure/go-autorest@autorest/adal/v0.9.20...autorest/adal/v0.9.21)

---
updated-dependencies:
- dependency-name: github.com/Azure/go-autorest/autorest/adal
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/tidwall/gjson from 1.14.1 to 1.14.2 (external-secrets#1461)

Bumps [github.com/tidwall/gjson](https://github.com/tidwall/gjson) from 1.14.1 to 1.14.2.
- [Release notes](https://github.com/tidwall/gjson/releases)
- [Commits](tidwall/gjson@v1.14.1...v1.14.2)

---
updated-dependencies:
- dependency-name: github.com/tidwall/gjson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump google.golang.org/api from 0.90.0 to 0.92.0 (external-secrets#1462)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.90.0 to 0.92.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.90.0...v0.92.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/xanzy/go-gitlab from 0.70.0 to 0.72.0 (external-secrets#1465)

Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.70.0 to 0.72.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases)
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](xanzy/go-gitlab@v0.70.0...v0.72.0)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: re-add akeyless url (external-secrets#1468)

Signed-off-by: Moritz Johner <[email protected]>

* fix: remove convertKeys from aws providers (external-secrets#1470)

ConvertKeys is called in the external secrets controller
which takes care of mapping the keys.
Calling it before returning the data is a bug as it
interferes with the new rewrite feature.

Signed-off-by: Moritz Johner <[email protected]>

Signed-off-by: Moritz Johner <[email protected]>

* feat: add azkv.environmentType (external-secrets#1469)

users of USGovCloud, ChinaCloud, GermanCloud need slightly different
configuration for AADEndpoint and keyvault resource.

This is based on CSI Secret Store Azure KV driver,

Signed-off-by: Moritz Johner <[email protected]>

Signed-off-by: Moritz Johner <[email protected]>

* ✨ Kubernetes v1.24 upgrade (external-secrets#1345)

* build(deps): bump sigs.k8s.io/controller-runtime from 0.11.2 to 0.12.3

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.11.2 to 0.12.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.11.2...v0.12.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* feat: bump kubernetes 1.24

Signed-off-by: Moritz Johner <[email protected]>

* fix: backwards-compatible vault implementation

Signed-off-by: Moritz Johner <[email protected]>

* feat: add audiences field to serviceAccountRef

This will be used by aws, azure, gcp, kubernetes & vault providers
in combination with TokenRequest API: it will _append_ audience claims
to provider-specific audiences.

Signed-off-by: Moritz Johner <[email protected]>

* feat: refactor kubernetes client to match provider/client interfaces

the kubernetes provider mixed up provider and client interfaces which
made it really hard to reason about. This commit separates into two
structs, each implements one interface.
The client struct fields have been renamed and annotated so their use
and scope is clear.

Signed-off-by: Moritz Johner <[email protected]>

* fix: deprecate expirationSeconds

expirationSeconds is not needed because we generate a
service account token on the fly for a single use.
There will be no replacement for this.

Signed-off-by: Moritz Johner <[email protected]>

* fix: rename token fetch audiences field

Signed-off-by: Moritz Johner <[email protected]>

* fix: generate CRDs

Signed-off-by: Moritz Johner <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Moritz Johner <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <[email protected]>

* chore(deps): bump go.uber.org/zap from 1.21.0 to 1.22.0 (external-secrets#1484)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.21.0 to 1.22.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.21.0...v1.22.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/IBM/go-sdk-core/v5 from 5.10.1 to 5.10.2 (external-secrets#1482)

Bumps [github.com/IBM/go-sdk-core/v5](https://github.com/IBM/go-sdk-core) from 5.10.1 to 5.10.2.
- [Release notes](https://github.com/IBM/go-sdk-core/releases)
- [Changelog](https://github.com/IBM/go-sdk-core/blob/main/CHANGELOG.md)
- [Commits](IBM/go-sdk-core@v5.10.1...v5.10.2)

---
updated-dependencies:
- dependency-name: github.com/IBM/go-sdk-core/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump sigstore/cosign-installer from 2.5.0 to 2.5.1 (external-secrets#1480)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@v2.5.0...v2.5.1)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/IBM/secrets-manager-go-sdk (external-secrets#1481)

Bumps [github.com/IBM/secrets-manager-go-sdk](https://github.com/IBM/secrets-manager-go-sdk) from 1.0.44 to 1.0.45.
- [Release notes](https://github.com/IBM/secrets-manager-go-sdk/releases)
- [Commits](IBM/secrets-manager-go-sdk@v1.0.44...v1.0.45)

---
updated-dependencies:
- dependency-name: github.com/IBM/secrets-manager-go-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump google.golang.org/api from 0.92.0 to 0.93.0 (external-secrets#1483)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.92.0 to 0.93.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.92.0...v0.93.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/xanzy/go-gitlab from 0.72.0 to 0.73.0 (external-secrets#1485)

Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.72.0 to 0.73.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases)
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](xanzy/go-gitlab@v0.72.0...v0.73.0)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update guides-datafrom-rewrite.md for typo (external-secrets#1491)

Signed-off-by: Garrett Edwards <[email protected]>

Signed-off-by: Garrett Edwards <[email protected]>

* chore(deps): bump github.com/onsi/gomega from 1.20.0 to 1.20.1 (external-secrets#1499)

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.20.0 to 1.20.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.20.0...v1.20.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (external-secrets#1498)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.22.0...v1.23.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/aws/aws-sdk-go from 1.44.52 to 1.44.86 (external-secrets#1496)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.52 to 1.44.86.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go@v1.44.52...v1.44.86)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/akeylesslabs/akeyless-go/v2 (external-secrets#1495)

Bumps [github.com/akeylesslabs/akeyless-go/v2](https://github.com/akeylesslabs/akeyless-go) from 2.17.0 to 2.18.0.
- [Release notes](https://github.com/akeylesslabs/akeyless-go/releases)
- [Changelog](https://github.com/akeylesslabs/akeyless-go/blob/master/docs/KmipRenewServerCertificate.md)
- [Commits](akeylesslabs/akeyless-go@v2.17.0...v2.18.0)

---
updated-dependencies:
- dependency-name: github.com/akeylesslabs/akeyless-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/xanzy/go-gitlab from 0.73.0 to 0.73.1 (external-secrets#1497)

Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.73.0 to 0.73.1.
- [Release notes](https://github.com/xanzy/go-gitlab/releases)
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](xanzy/go-gitlab@v0.73.0...v0.73.1)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Small typo fix guides-multi-tenancy.md (external-secrets#1492)

Signed-off-by: Christopher Watford <[email protected]>

Signed-off-by: Christopher Watford <[email protected]>

* Remove unnecessary space before a colon (external-secrets#1494)

Signed-off-by: dubs11kt <[email protected]>

Signed-off-by: dubs11kt <[email protected]>

* Update ADOPTERS.md (external-secrets#1503)

Adding Made People E-commerce agency as adopter  

Signed-off-by: terrpan <[email protected]>

Signed-off-by: terrpan <[email protected]>

* flip order of `err` and nil `secret` variable check in `listSecrets()` function of vault provider (external-secrets#1504)

Signed-off-by: Marcel Hoyer <[email protected]>

* Add webhook tls options (external-secrets#1466)

During our internal security scan, the webhook for external-secrets was
flagged because it supports protocol vulnerable to Sweet32
(https://sweet32.info/). In order to avoid the webhook from being
flagged, we need to restrict the TLS ciphers on controller runtime.

To do this I needed to update the dependency to 0.12.3 and some other
conflicting dependencies.

Signed-off-by: Joao Pedro Silva <[email protected]>

* Adding my published blog post (external-secrets#1506)

I've added my blog post about ESO and integration with AWS Secrets Manager to this page.

Signed-off-by: Emin Alemdar <[email protected]>

Signed-off-by: Emin Alemdar <[email protected]>

* feat: add support matrix, refactor docs (external-secrets#1508)

Signed-off-by: Moritz Johner <[email protected]>

* Add warning due to DNS transfer (external-secrets#1513)

Updated Readme with warnings and workaround

Signed-off-by: Gustavo Fernandes de Carvalho <[email protected]>

Signed-off-by: Gustavo Fernandes de Carvalho <[email protected]>

* chore(deps): bump github.com/onsi/gomega from 1.20.1 to 1.20.2 (external-secrets#1522)

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.20.1 to 1.20.2.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.20.1...v1.20.2)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/tidwall/gjson from 1.14.2 to 1.14.3 (external-secrets#1523)

Bumps [github.com/tidwall/gjson](https://github.com/tidwall/gjson) from 1.14.2 to 1.14.3.
- [Release notes](https://github.com/tidwall/gjson/releases)
- [Commits](tidwall/gjson@v1.14.2...v1.14.3)

---
updated-dependencies:
- dependency-name: github.com/tidwall/gjson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/aliyun/alibaba-cloud-sdk-go (external-secrets#1519)

Bumps [github.com/aliyun/alibaba-cloud-sdk-go](https://github.com/aliyun/alibaba-cloud-sdk-go) from 1.61.1724 to 1.61.1760.
- [Release notes](https://github.com/aliyun/alibaba-cloud-sdk-go/releases)
- [Changelog](https://github.com/aliyun/alibaba-cloud-sdk-go/blob/master/ChangeLog.txt)
- [Commits](aliyun/alibaba-cloud-sdk-go@v1.61.1724...v1.61.1760)

---
updated-dependencies:
- dependency-name: github.com/aliyun/alibaba-cloud-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: add stale bot to close issues automatically (external-secrets#1524)

Signed-off-by: Moritz Johner <[email protected]>

Signed-off-by: Moritz Johner <[email protected]>

* chore(deps): bump github.com/hashicorp/vault/api/auth/ldap (external-secrets#1521)

Bumps [github.com/hashicorp/vault/api/auth/ldap](https://github.com/hashicorp/vault) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](hashicorp/vault@v0.1.0...v0.2.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/ldap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: aws parameter store json decode, bump go 1.19 (external-secrets#1525)

* fix: parameter store should decode complex json values

Signed-off-by: Moritz Johner <[email protected]>

* chore: bump 0.6.0-rc1 (external-secrets#1538)

Signed-off-by: Moritz Johner <[email protected]>

Signed-off-by: Moritz Johner <[email protected]>

* added akeyless k8s auth option (external-secrets#1531)

* added akeyless k8s auth option

Signed-off-by: Docs <[email protected]>

* chore: refactor provider (external-secrets#1529)

Signed-off-by: Moritz Johner <[email protected]>

* DNS transfer to CNCF went ✅, we can remove notice (external-secrets#1548)

Signed-off-by: Lucas Severo Alves <[email protected]>

* New Duration Metric (external-secrets#1533)

Signed-off-by: Cristina DE DIOS GONZALEZ <[email protected]>

* chore(deps): bump github.com/google/go-cmp from 0.5.8 to 0.5.9 (external-secrets#1545)

Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.5.8...v0.5.9)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump sigstore/cosign-installer from 2.5.1 to 2.6.0 (external-secrets#1541)

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/aliyun/alibaba-cloud-sdk-go (external-secrets#1543)

Bumps [github.com/aliyun/alibaba-cloud-sdk-go](https://github.com/aliyun/alibaba-cloud-sdk-go) from 1.61.1760 to 1.61.1768.
- [Release notes](https://github.com/aliyun/alibaba-cloud-sdk-go/releases)
- [Changelog](https://github.com/aliyun/alibaba-cloud-sdk-go/blob/master/ChangeLog.txt)
- [Commits](aliyun/alibaba-cloud-sdk-go@v1.61.1760...v1.61.1768)

---
updated-dependencies:
- dependency-name: github.com/aliyun/alibaba-cloud-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump actions/setup-python from 3.1.2 to 4.2.0 (external-secrets#1542)

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3.1.2 to 4.2.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v3.1.2...v4.2.0)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/IBM/secrets-manager-go-sdk (external-secrets#1551)

Bumps [github.com/IBM/secrets-manager-go-sdk](https://github.com/IBM/secrets-manager-go-sdk) from 1.0.45 to 1.0.46.
- [Release notes](https://github.com/IBM/secrets-manager-go-sdk/releases)
- [Commits](IBM/secrets-manager-go-sdk@v1.0.45...v1.0.46)

---
updated-dependencies:
- dependency-name: github.com/IBM/secrets-manager-go-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump google.golang.org/api from 0.94.0 to 0.95.0 (external-secrets#1546)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.94.0 to 0.95.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.94.0...v0.95.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump golang from 1.19.0-alpine to 1.19.1-alpine (external-secrets#1540)

Bumps golang from 1.19.0-alpine to 1.19.1-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/aws/aws-sdk-go from 1.44.91 to 1.44.96 (external-secrets#1550)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.91 to 1.44.96.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go@v1.44.91...v1.44.96)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: unmarshal JSON error when empty secrets in Vault (external-secrets#1512)

Signed-off-by: Sebastián Gómez <[email protected]>

* feat: run scanner on pr (external-secrets#1553)

Signed-off-by: Moritz Johner <[email protected]>

Signed-off-by: Moritz Johner <[email protected]>

* fix: run trivy only when authenticated (external-secrets#1554)

PRs from forked repos can not publish images, hence this scan fails.

Signed-off-by: Moritz Johner <[email protected]>

Signed-off-by: Moritz Johner <[email protected]>

* fix: broken links in README (external-secrets#1556)

Signed-off-by: robel yemane <[email protected]>

Signed-off-by: robel yemane <[email protected]>

* Updated the right path to the field (external-secrets#1557)

Signed-off-by: Sebastián Gómez <[email protected]>

Signed-off-by: Sebastián Gómez <[email protected]>

* chore(deps): bump github.com/aliyun/alibaba-cloud-sdk-go (external-secrets#1562)

Bumps [github.com/aliyun/alibaba-cloud-sdk-go](https://github.com/aliyun/alibaba-cloud-sdk-go) from 1.61.1768 to 1.61.1782.
- [Release notes](https://github.com/aliyun/alibaba-cloud-sdk-go/releases)
- [Changelog](https://github.com/aliyun/alibaba-cloud-sdk-go/blob/master/ChangeLog.txt)
- [Commits](aliyun/alibaba-cloud-sdk-go@v1.61.1768...v1.61.1782)

---
updated-dependencies:
- dependency-name: github.com/aliyun/alibaba-cloud-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/akeylesslabs/akeyless-go/v2 (external-secrets#1560)

Bumps [github.com/akeylesslabs/akeyless-go/v2](https://github.com/akeylesslabs/akeyless-go) from 2.18.0 to 2.19.0.
- [Release notes](https://github.com/akeylesslabs/akeyless-go/releases)
- [Changelog](https://github.com/akeylesslabs/akeyless-go/blob/master/docs/KmipRenewServerCertificate.md)
- [Commits](akeylesslabs/akeyless-go@v2.18.0...v2.19.0)

---
updated-dependencies:
- dependency-name: github.com/akeylesslabs/akeyless-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/AzureAD/microsoft-authentication-library-for-go (external-secrets#1563)

Bumps [github.com/AzureAD/microsoft-authentication-library-for-go](https://github.com/AzureAD/microsoft-authentication-library-for-go) from 0.6.1 to 0.7.0.
- [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-go/releases)
- [Changelog](https://github.com/AzureAD/microsoft-authentication-library-for-go/blob/dev/RELEASES.md)
- [Commits](AzureAD/microsoft-authentication-library-for-go@v0.6.1...v0.7.0)

---
updated-dependencies:
- dependency-name: github.com/AzureAD/microsoft-authentication-library-for-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump google.golang.org/api from 0.95.0 to 0.96.0 (external-secrets#1561)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.95.0 to 0.96.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.95.0...v0.96.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/aws/aws-sdk-go from 1.44.96 to 1.44.101 (external-secrets#1570)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.96 to 1.44.101.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.44.96...v1.44.101)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Moritz Johner <[email protected]>
Signed-off-by: Gustavo Carvalho <[email protected]>
Signed-off-by: Helena Steck <[email protected]>
Signed-off-by: Kewei Ma <[email protected]>
Signed-off-by: Nandor Magyar <[email protected]>
Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Tony Worthit <[email protected]>
Signed-off-by: stephen-dexda <[email protected]>
Signed-off-by: Garrett Edwards <[email protected]>
Signed-off-by: Christopher Watford <[email protected]>
Signed-off-by: dubs11kt <[email protected]>
Signed-off-by: terrpan <[email protected]>
Signed-off-by: Marcel Hoyer <[email protected]>
Signed-off-by: Joao Pedro Silva <[email protected]>
Signed-off-by: Emin Alemdar <[email protected]>
Signed-off-by: Moritz Johner <[email protected]>
Signed-off-by: Gustavo Fernandes de Carvalho <[email protected]>
Signed-off-by: Moritz Johner <[email protected]>
Signed-off-by: Docs <[email protected]>
Signed-off-by: Lucas Severo Alves <[email protected]>
Signed-off-by: Cristina DE DIOS GONZALEZ <[email protected]>
Signed-off-by: Sebastián Gómez <[email protected]>
Signed-off-by: robel yemane <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz Johner <[email protected]>
Co-authored-by: Daniel Quackenbush <[email protected]>
Co-authored-by: Moritz Johner <[email protected]>
Co-authored-by: Gustavo Fernandes de Carvalho <[email protected]>
Co-authored-by: Gustavo Fernandes de Carvalho <[email protected]>
Co-authored-by: Helena Steck <[email protected]>
Co-authored-by: Kewei Ma <[email protected]>
Co-authored-by: Nandor Magyar <[email protected]>
Co-authored-by: Tony DevOps <[email protected]>
Co-authored-by: stephen-dexda <[email protected]>
Co-authored-by: Garrett Edwards <[email protected]>
Co-authored-by: Christopher Watford <[email protected]>
Co-authored-by: oddy <[email protected]>
Co-authored-by: terrpan <[email protected]>
Co-authored-by: Marcel Hoyer <[email protected]>
Co-authored-by: João Silva <[email protected]>
Co-authored-by: Emin Alemdar <[email protected]>
Co-authored-by: Moritz Johner <[email protected]>
Co-authored-by: renanaAkeyless <[email protected]>
Co-authored-by: Lucas Severo Alves <[email protected]>
Co-authored-by: Rhaenys <[email protected]>
Co-authored-by: Sebastián Gómez <[email protected]>
Co-authored-by: Robel Yemane <[email protected]>

Author: 23 people

.github/workflows/ci.yml

@@ -10,9 +10,8 @@ on:
 
 env:
   # Common versions
-  GO_VERSION: '1.17'
-  GOLANGCI_VERSION: 'v1.42.1'
-  KUBERNETES_VERSION: '1.23.x'
+  GOLANGCI_VERSION: 'v1.49.0'
+  KUBERNETES_VERSION: '1.24.x'
   DOCKER_BUILDX_VERSION: 'v0.4.2'
 
   # Common users. We can't run a step 'if secrets.GHCR_USERNAME != ""' but we can run
@@ -50,7 +49,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
       - name: Find the Go Cache
         id: go
@@ -62,15 +61,15 @@ jobs:
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.build-cache }}
-          key: ${{ runner.os }}-build-lint-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-build-lint-
+          key: ${{ runner.os }}-build-lint-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-build-lint-${{ github.sha }}-
 
       - name: Cache Go Dependencies
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.mod-cache }}
-          key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-pkg-
+          key: ${{ runner.os }}-pkg-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-pkg-${{ github.sha }}-
 
       # This action uses its own setup-go, which always seems to use the latest
       # stable version of Go. We could run 'make lint' to ensure our desired Go
@@ -96,7 +95,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
       - name: Find the Go Cache
         id: go
@@ -108,20 +107,20 @@ jobs:
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.build-cache }}
-          key: ${{ runner.os }}-build-check-diff-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-build-check-diff-
+          key: ${{ runner.os }}-build-check-diff-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-build-check-diff-${{ github.sha }}-
 
       - name: Cache Go Dependencies
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.mod-cache }}
-          key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-pkg-
+          key: ${{ runner.os }}-pkg-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-pkg-${{ github.sha }}-
 
       # Check DIff also runs Reviewable which needs golangci-lint installed
       - name: Check Diff
         run: |
-          wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.42.1
+          wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s ${{ env.GOLANGCI_VERSION }}
           export PATH=$PATH:./bin
           make check-diff
 
@@ -140,7 +139,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
       - name: Find the Go Cache
         id: go
@@ -152,15 +151,15 @@ jobs:
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.build-cache }}
-          key: ${{ runner.os }}-build-unit-tests-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-build-unit-tests-
+          key: ${{ runner.os }}-build-unit-tests-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-build-unit-tests-${{ github.sha }}-
 
       - name: Cache Go Dependencies
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.mod-cache }}
-          key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-pkg-
+          key: ${{ runner.os }}-pkg-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-pkg-${{ github.sha }}-
 
       - name: Add setup-envtest
         run: |
@@ -211,7 +210,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
       - name: Find the Go Cache
         id: go
@@ -223,15 +222,15 @@ jobs:
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.build-cache }}
-          key: ${{ runner.os }}-build-publish-artifacts-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-build-publish-artifacts-
+          key: ${{ runner.os }}-build-publish-artifacts-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-build-publish-artifacts-${{ github.sha }}-
 
       - name: Cache Go Dependencies
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.mod-cache }}
-          key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-pkg-
+          key: ${{ runner.os }}-pkg-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-pkg-${{ github.sha }}-
 
       - name: Login to Docker
         uses: docker/login-action@v2
@@ -247,6 +246,22 @@ jobs:
           BUILD_ARGS: "--push --platform linux/amd64,linux/arm64"
         run: make docker.build
 
+      - name: Get docker image tag
+        if: env.GHCR_USERNAME != ''
+        id: image_version
+        run: echo "::set-output name=image::$(make docker.image)"
+
+      - name: Run Trivy vulnerability scanner
+        if: env.GHCR_USERNAME != ''
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: '${{ steps.image_version.outputs.image }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
+
       - name: Promote Artifacts to main release channel
         if: github.ref == 'refs/heads/main' && env.GHCR_USERNAME != ''
         run: make docker.promote
@@ -259,7 +274,7 @@ jobs:
 
       - name: Install cosign
         if: github.ref == 'refs/heads/main' && env.GHCR_USERNAME != ''
-        uses: sigstore/cosign-installer@v2.4.1
+        uses: sigstore/cosign-installer@v2.6.0
 
       - name: Sign Artifacts to main release channel
         if: github.ref == 'refs/heads/main' && env.GHCR_USERNAME != ''

.github/workflows/codesee-arch-diagram.yml

@@ -42,7 +42,7 @@ jobs:
           node-version: '14'
 
       - name: Configure Python 3.x
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v4.2.0
         if: ${{ fromJSON(steps.detect-languages.outputs.languages).python }}
         with:
           python-version: '3.10'

.github/workflows/dlc.yml

@@ -11,20 +11,6 @@ on:
     paths:
       - "go.mod"
   workflow_dispatch: {}
-env:
-  # Common versions
-  GO_VERSION: '1.17'
-  GOLANGCI_VERSION: 'v1.42.1'
-  KUBERNETES_VERSION: '1.23.x'
-  DOCKER_BUILDX_VERSION: 'v0.4.2'
-
-  # Common users. We can't run a step 'if secrets.GHCR_USERNAME != ""' but we can run
-  # a step 'if env.GHCR_USERNAME' != ""', so we copy these to succinctly test whether
-  # credentials have been provided before trying to run steps that need them.
-  GHCR_USERNAME: ${{ secrets.GHCR_USERNAME }}
-
-  # Sonar
-  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
 jobs:
   license-check:
@@ -36,7 +22,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
       - name: Find the Go Cache
         id: go
@@ -48,16 +34,16 @@ jobs:
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.build-cache }}
-          key: ${{ runner.os }}-build-check-diff-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-build-check-diff-
+          key: ${{ runner.os }}-build-check-diff-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-build-check-diff-${{ github.sha }}-
 
       - name: Cache Go Dependencies
         uses: actions/cache@v3
         with:
           path: ${{ steps.go.outputs.mod-cache }}
-          key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-pkg-
-          
+          key: ${{ runner.os }}-pkg-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-pkg-${{ github.sha }}-
+
       - name: License Checks
         run: |
           go install github.com/google/go-licenses@latest

.github/workflows/docs.yml

@@ -4,9 +4,6 @@ on:
   push:
     branches:
       - main
-env:
-  # Common versions
-  GO_VERSION: '1.17'
 
 jobs:
   deploy:
@@ -19,7 +16,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
       - name: Build Docs
         run: make docs.publish

.github/workflows/e2e-managed.yml

@@ -5,8 +5,7 @@ on:
 
 env:
   # Common versions
-  GO_VERSION: '1.17'
-  GOLANGCI_VERSION: 'v1.33'
+  GINKGO_VERSION: 'v2.1.6'
   DOCKER_BUILDX_VERSION: 'v0.4.2'
 
   # Common users. We can't run a step 'if secrets.GHCR_USERNAME != ""' but we can run
@@ -102,14 +101,13 @@ jobs:
     - name: Setup Go
       uses: actions/setup-go@v3
       with:
-        go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
     - name: Find the Go Cache
       id: go
       run: |
         echo "::set-output name=build-cache::$(go env GOCACHE)"
         echo "::set-output name=mod-cache::$(go env GOMODCACHE)"
-
     - name: Cache the Go Build Cache
       uses: actions/cache@v3
       with:
@@ -197,7 +195,7 @@ jobs:
       run: |
         export PATH=$PATH:$(go env GOPATH)/bin
         PROVIDER=${{github.event.client_payload.slash_command.args.named.provider}}
-        go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo
+        go install github.com/onsi/ginkgo/v2/ginkgo@${{env.GINKGO_VERSION}}
         make test.e2e.managed GINKGO_LABELS="${PROVIDER}" TEST_SUITES="provider"
 
     - name: Destroy TF

.github/workflows/e2e.yml

@@ -6,12 +6,11 @@ on:
 
 env:
   # Common versions
-  GO_VERSION: '1.17'
-  GOLANGCI_VERSION: 'v1.33'
-  GINKGO_VERSION: 'v2.1.3'
+  GO_VERSION: '1.19'
+  GINKGO_VERSION: 'v2.1.6'
   DOCKER_BUILDX_VERSION: 'v0.4.2'
-  KIND_VERSION: 'v0.11.1'
-  KIND_IMAGE: 'kindest/node:v1.23.3'
+  KIND_VERSION: 'v0.14.0'
+  KIND_IMAGE: 'kindest/node:v1.24.2'
 
   # Common users. We can't run a step 'if secrets.GHCR_USERNAME != ""' but we can run
   # a step 'if env.GHCR_USERNAME' != ""', so we copy these to succinctly test whether
@@ -35,7 +34,7 @@ jobs:
   # Branch-based pull request
   integration-trusted:
     runs-on: ubuntu-latest
-    if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
+    if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor !='dependabot[bot]'
     steps:
 
     - name: Branch based PR checkout
@@ -49,7 +48,7 @@ jobs:
     - name: Setup Go
       uses: actions/setup-go@v3
       with:
-        go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
     - name: Find the Go Cache
       id: go
@@ -61,15 +60,15 @@ jobs:
       uses: actions/cache@v3
       with:
         path: ${{ steps.go.outputs.build-cache }}
-        key: ${{ runner.os }}-build-unit-tests-${{ hashFiles('**/go.sum') }}
-        restore-keys: ${{ runner.os }}-build-unit-tests-
+        key: ${{ runner.os }}-build-unit-tests-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+        restore-keys: ${{ runner.os }}-build-unit-tests-${{ github.sha }}-
 
     - name: Cache Go Dependencies
       uses: actions/cache@v3
       with:
         path: ${{ steps.go.outputs.mod-cache }}
-        key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
-        restore-keys: ${{ runner.os }}-pkg-
+        key: ${{ runner.os }}-pkg-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+        restore-keys: ${{ runner.os }}-pkg-${{ github.sha }}-
 
     - name: Setup kind
       uses: engineerd/[email protected]
@@ -112,7 +111,7 @@ jobs:
     - name: Setup Go
       uses: actions/setup-go@v3
       with:
-        go-version: ${{ env.GO_VERSION }}
+          go-version-file: "go.mod"
 
     - name: Find the Go Cache
       id: go
@@ -124,15 +123,15 @@ jobs:
       uses: actions/cache@v3
       with:
         path: ${{ steps.go.outputs.build-cache }}
-        key: ${{ runner.os }}-build-unit-tests-${{ hashFiles('**/go.sum') }}
-        restore-keys: ${{ runner.os }}-build-unit-tests-
+        key: ${{ runner.os }}-build-unit-tests-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+        restore-keys: ${{ runner.os }}-build-unit-tests-${{ github.sha }}-
 
     - name: Cache Go Dependencies
       uses: actions/cache@v3
       with:
         path: ${{ steps.go.outputs.mod-cache }}
-        key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
-        restore-keys: ${{ runner.os }}-pkg-
+        key: ${{ runner.os }}-pkg-${{ github.sha }}-${{ hashFiles('**/go.sum') }}
+        restore-keys: ${{ runner.os }}-pkg-${{ github.sha }}-
 
     - name: Setup kind
       uses: engineerd/[email protected]

.github/workflows/helm.yml

@@ -26,16 +26,16 @@ jobs:
           make helm.generate
 
       - name: Set up Helm
-        uses: azure/setup-helm@v3.1
+        uses: azure/setup-helm@v3.3
         with:
           version: v3.4.2
 
-      - uses: actions/setup-python@v3.1.2
+      - uses: actions/setup-python@v4.2.0
         with:
           python-version: 3.7
 
       - name: Set up chart-testing
-        uses: helm/chart-testing-action@v2.2.1
+        uses: helm/chart-testing-action@v2.3.0
 
       - name: Run chart-testing (list-changed)
         id: list-changed
@@ -62,7 +62,7 @@ jobs:
           git config user.email "[email protected]"
 
       - name: Set up Helm
-        uses: azure/setup-helm@v3.1
+        uses: azure/setup-helm@v3.3
         with:
           version: v3.4.2