ibm cloud support #656
ibm cloud support #656
Conversation
|
Cool! I'll try to find some time to look thru this :) |
* feat: add container scan
…kage (external-secrets#661) * chore(deps): bump lodash 4.17.19 -> 4.17.21 Signed-off-by: Markus Maga <[email protected]> * chore(deps): drop individual lodash packages in favor of lodash package Signed-off-by: Markus Maga <[email protected]>
Signed-off-by: Markus Maga <[email protected]>
…xternal-secrets#665) * feat: build container in ci Signed-off-by: Markus Maga <[email protected]> * chore: add dependabot config Signed-off-by: Markus Maga <[email protected]>
Signed-off-by: Markus Maga <[email protected]>
Signed-off-by: Markus Maga <[email protected]>
…-client (external-secrets#664) * fix: use getObjectStream to address deprecation warning in kubernetes-client Signed-off-by: Markus Maga <[email protected]> * fix: end stream normally and update tests Signed-off-by: Markus Maga <[email protected]> * fix: mock stream end Signed-off-by: Markus Maga <[email protected]>
…ecrets#669) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1040499 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1055465 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1055471 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1078517 - https://snyk.io/vuln/SNYK-UPSTREAM-NODE-1078518
…crets#672) * chore: only try to push to GHCR if credentials available * chore: set the env * chore: properly set push
…ernal-secrets#670) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.0.7 to 0.0.12. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.0.7...c6431cf) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
There was a problem hiding this comment.
While I have no way to test this, I dont see anything strange :)
package-lock has got a conflict due to another PR merge. could you rebase and possibly bump the added dependency or was there a reason to not using the latest version? (its pretty recent so maybe you did this before it was available 😄)
package.json
Outdated
| @@ -35,6 +35,7 @@ | |||
| "@azure/identity": "^1.0.3", | |||
| "@azure/keyvault-secrets": "^4.0.4", | |||
| "@google-cloud/secret-manager": "^3.2.3", | |||
| "@ibm-cloud/secrets-manager": "^0.0.6", | |||
There was a problem hiding this comment.
Looks like a newer version 0.1.0 is no available, might be worth bumping? 😄
There was a problem hiding this comment.
I'll take a look at bumping this and test it.
There was a problem hiding this comment.
So it looks like 0.1.0 release hasn't made it into npm yet so this can't land yet.
We should get it in so I'll follow up with @IdanAdar to see when it will land in the registry.
There was a problem hiding this comment.
Hey @Flydiverny Patch applied but the container has CVEs do I need to fix this?
There was a problem hiding this comment.
@No9 thanks for the update, no need to address the CVE. I was looking at it earlier and there's a fix out already. But it seems our pipeline is pulling an old base image.
Signed-off-by: Markus Maga <[email protected]>
…ets#671) Bumps [actions/setup-node](https://github.com/actions/setup-node) from v1 to v2.1.5. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v1...46071b5) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ternal-secrets#674) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.0.12 to 0.0.13. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.0.12...e2054f8) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
Thanks for the merge and pushing this through @Flydiverny I |
|
Yepp! Was considering to add some more changes to next release but I'll probably try to make one today or tomorrow. |
Hi All
Thanks for providing a such a well laid out project it's been a pleasure to work on.
This PR adds support to integrate the secrets manager service on IBM Cloud with Kubernetes.
It largely consists of a new backend that follows the AliCloud environment variables pattern along with the relevant enum updates.
As well as the backend mock test I have also tested it on an IKS instance and everything works as expected.
Hopefully I haven't missed anything too obvious and I'd appreciate any feedback.