v0.2.0

Overview

Features 🚀

• feat: support _json_key when mutating docker credentials by @csatib02 in #91
• feat: add e2e test for docker auth with _json_key by @quixoten in #132
• feat: add chart signing by @csatib02 in #127
• feat: improve e2e tests by @csatib02 in #105
• feat: AWS support secret mutation by @csatib02 in #131
• feat: AWS support configmap mutation by @csatib02 in #141
• feat: AWS support object mutation by @csatib02 in #142
• feat: add hpa capabilites to helm-chart by @csatib02 in #151
• feat: AWS support pod mutation by @csatib02 in #152

Maintenance 🚧

• chore: post release cleanup by @csatib02 in #83
• chore: remove obsolete build tag by @csatib02 in #143
• chore: update deps by @csatib02 in #176
• chore: prepare release by @csatib02 in #181

Documentation 📄

• docs: CNCF onboarding by @csatib02 in #128

Dependency Updates ⬆️

View all dependency changes

• build(deps): Bump sigs.k8s.io/controller-runtime from 0.18.3 to 0.18.4 in the sigs-k8s-io group by @dependabot in #84
• build(deps): Bump github.com/samber/slog-multi from 1.0.3 to 1.1.0 by @dependabot in #85
• build(deps): Bump DeterminateSystems/magic-nix-cache-action from 6 to 7 by @dependabot in #87
• build(deps): Bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in #89
• chore(deps): lock file maintenance by @renovate in #90
• build(deps): Bump aquasecurity/trivy-action from 0.21.0 to 0.22.0 by @dependabot in #88
• build(deps): Bump actions/dependency-review-action from 4.3.2 to 4.3.3 by @dependabot in #86
• build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 by @dependabot in #92
• build(deps): Bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #93
• build(deps): Bump github/codeql-action from 3.25.8 to 3.25.10 by @dependabot in #94
• build(deps): Bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in #95
• build(deps): Bump the k8s-io group with 4 updates by @dependabot in #96
• build(deps): Bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 by @dependabot in #97
• chore(deps): lock file maintenance by @renovate in #98
• build(deps): Bump k8s.io/klog/v2 from 2.130.0 to 2.130.1 in the k8s-io group by @dependabot in #99
• build(deps): Bump aquasecurity/trivy-action from 0.22.0 to 0.23.0 by @dependabot in #100
• build(deps): Bump docker/build-push-action from 5.4.0 to 6.1.0 by @dependabot in #101
• build(deps): Bump alpine from 3.20.0 to 3.20.1 by @dependabot in #102
• chore(deps): lock file maintenance by @renovate in #103
• build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 by @dependabot in #104
• build(deps): Bump docker/build-push-action from 6.1.0 to 6.2.0 by @dependabot in #107
• build(deps): Bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #106
• chore(deps): lock file maintenance by @renovate in #108
• build(deps): Bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #109
• build(deps): Bump docker/setup-qemu-action from 3.0.0 to 3.1.0 by @dependabot in #110
• build(deps): Bump actions/download-artifact from 4.1.7 to 4.1.8 by @dependabot in #113
• build(deps): Bump docker/build-push-action from 6.2.0 to 6.3.0 by @dependabot in #112
• chore(deps): lock file maintenance by @renovate in #114
• build(deps): Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #111
• build(deps): Bump google.golang.org/grpc from 1.64.0 to 1.64.1 by @dependabot in #115
• build(deps): Bump aquasecurity/trivy-action from 0.23.0 to 0.24.0 by @dependabot in #116
• build(deps): Bump github.com/google/go-containerregistry from 0.19.2 to 0.20.0 by @dependabot in #119
• build(deps): Bump actions/dependency-review-action from 4.3.3 to 4.3.4 by @dependabot in #117
• build(deps): Bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #118
• build(deps): Bump github.com/samber/slog-multi from 1.1.0 to 1.2.0 by @dependabot in #120
• chore(deps): lock file maintenance by @renovate in #121
• build(deps): Bump github.com/google/go-containerregistry from 0.20.0 to 0.20.1 by @dependabot in #123
• build(deps): Bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #125
• build(deps): Bump docker/build-push-action from 6.3.0 to 6.4.1 by @dependabot in #124
• build(deps): Bump the k8s-io group with 3 updates by @dependabot in #122
• chore(deps): lock file maintenance by @renovate in #126
• chore(deps): lock file maintenance by @renovate in #129
• build(deps): Bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible by @dependabot in #130
• build(deps): Bump alpine from 3.20.1 to 3.20.2 by @dependabot in #140
• build(deps): Bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #139
• build(deps): Bump docker/build-push-action from 6.4.1 to 6.5.0 by @dependabot in #138
• build(deps): Bump docker/setup-qemu-action from 3.1.0 to 3.2.0 by @dependabot in #137
• build(deps): Bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #133
• build(deps): Bump github/codeql-action from 3.25.13 to 3.25.15 by @dependabot in #134
• build(deps): Bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #135
• build(deps): Bump docker/setup-buildx-action from 3.4.0 to 3.6.1 by @dependabot in #136
• build(deps): Bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #144
• build(deps): Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by @dependabot in #145
• build(deps): Bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in #146
• build(deps): Bump docker/build-push-action from 6.5.0 to 6.6.1 by @dependabot in #147
• build(deps): Bump github.com/aws/aws-sdk-go from 1.53.14 to 1.55.5 by @dependabot in #148
• build(deps): Bump github.com/google/go-containerregistry from 0.20.1 to 0.20.2 by @dependabot in #149
• build(deps): Bump the k8s-io group with 2 updates by @dependabot in #153
• build(deps): Bump github/codeql-action from 3.26.0 to 3.26.2 by @dependabot in #158
• build(deps): Bump docker/build-push-action from 6.6.1 to 6.7.0 by @dependabot in #159
• build(deps): Bump github.com/prometheus...

v0.1.0

Overview

This is the first release of the new generic Secrets Webhook that relies on the new secret-init for tool for secret injection. Currently supported secret stores by webhook include Vault and Bao. Backwards-compatibility is preserved between generic secrets-webhook and vault-secrets-webhook.

In the upcoming release, we will be adding support to other secret stores supported by secret-init as well as consolidating the webhook interfaces.

Stay tuned! 🎊

Features 🚀

• feat: Generic Webhook by @csatib02 in #29
• feat(build): add image signing GH action by @ramizpolic in #82

Maintenance 🚧

• fix(ci): typo by @csatib02 in #28
• build(ci): update dependabot config by @csatib02 in #50
• chore: bump go version, update dependencies by @csatib02 in #44
• fix: typos in issue template by @csatib02 in #74
• chore: bump go version 1.22.2 --> 1.22.3 by @csatib02 in #79
• chore: prepare for v0.1.0 release by @ramizpolic in #81

Dependency Updates ⬆️

View all dependency changes

• build(deps): Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #18
• build(deps): Bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 by @dependabot in #17
• build(deps): Bump actions/dependency-review-action from 4.1.0 to 4.2.5 by @dependabot in #31
• build(deps): Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #7
• build(deps): Bump cachix/install-nix-action from 25 to 26 by @dependabot in #11
• build(deps): Bump the k8s group with 3 updates by @dependabot in #22
• build(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot in #13
• build(deps): Bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #5
• build(deps): Bump DeterminateSystems/magic-nix-cache-action from 3 to 4 by @dependabot in #2
• build(deps): Bump golang from 1.22.0-alpine3.18 to 1.22.2-alpine3.18 by @dependabot in #32
• build(deps): Bump actions/cache from 4.0.0 to 4.0.2 by @dependabot in #24
• build(deps): Bump github.com/hashicorp/vault/api from 1.12.0 to 1.12.2 by @dependabot in #26
• build(deps): Bump github.com/google/go-containerregistry from 0.19.0 to 0.19.1 by @dependabot in #21
• build(deps): Bump sigs.k8s.io/controller-runtime from 0.16.3 to 0.17.2 by @dependabot in #15
• build(deps): Bump aquasecurity/trivy-action from 0.17.0 to 0.19.0 by @dependabot in #30
• build(deps): Bump github.com/docker/docker from 24.0.7 to 24.0.9 by @dependabot in #23
• build(deps): Bump actions/download-artifact from 4.1.2 to 4.1.4 by @dependabot in #8
• build(deps): Bump docker/build-push-action from 5.1.0 to 5.3.0 by @dependabot in #6
• build(deps): Bump docker/setup-buildx-action from 3.0.0 to 3.2.0 by @dependabot in #3
• build(deps): Bump azure/setup-helm from 3.5 to 4 by @dependabot in #35
• build(deps): Bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #36
• build(deps): Bump sigs.k8s.io/controller-runtime from 0.17.2 to 0.17.3 by @dependabot in #34
• build(deps): Bump golang.org/x/net from 0.21.0 to 0.23.0 by @dependabot in #37
• build(deps): Bump github.com/hashicorp/vault/api from 1.12.2 to 1.13.0 by @dependabot in #43
• build(deps): Bump azure/setup-helm from 4.1.0 to 4.2.0 by @dependabot in #41
• build(deps): Bump actions/download-artifact from 4.1.4 to 4.1.5 by @dependabot in #40
• build(deps): Bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #38
• build(deps): Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #39
• build(deps): Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #46
• build(deps): Bump actions/download-artifact from 4.1.5 to 4.1.7 by @dependabot in #48
• build(deps): Bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #47
• build(deps): Bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @dependabot in #52
• build(deps): Bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 by @dependabot in #57
• build(deps): Bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #55
• build(deps): Bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18 by @dependabot in #53
• build(deps): Bump aquasecurity/trivy-action from 0.19.0 to 0.20.0 by @dependabot in #54
• build(deps): Bump sigs.k8s.io/controller-runtime from 0.17.3 to 0.18.2 in the sigs-k8s-io group by @dependabot in #56
• build(deps): Bump DeterminateSystems/magic-nix-cache-action from 4 to 6 by @dependabot in #58
• build(deps): Bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #59
• build(deps): Bump golang from 4531927 to d1a601b by @dependabot in #63
• build(deps): Bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in #64
• build(deps): Bump github/codeql-action from 2.13.4 to 3.25.5 by @dependabot in #66
• build(deps): Bump the k8s-io group with 3 updates by @dependabot in #67
• build(deps): Bump cachix/install-nix-action from 26 to 27 by @dependabot in #65
• build(deps): Bump github/codeql-action from 3.25.5 to 3.25.6 by @dependabot in #72
• build(deps): Bump aquasecurity/trivy-action from 0.20.0 to 0.21.0 by @dependabot in #70
• build(deps): Bump alpine from 3.19.1 to 3.20.0 by @dependabot in #73
• build(deps): Bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #75
• build(deps): Bump github.com/spf13/viper from 1.18.2 to 1.19.0 by @dependabot in #78
• build(deps): Bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #76

New Contributors

• @dependabot made their first contribution in #18
• @csatib02 made their first contribution in #28
• @ramizpolic made their first contribution in #81

Full Changelog: https://github.com/bank-vaults/secrets-webhook/commits/v0.1.0