2 gün önce · 30d1073212
--- a/apis/externalsecrets/v1/secretstore_azurekv_types.go
+++ b/apis/externalsecrets/v1/secretstore_azurekv_types.go
@@ -80,6 +80,7 @@ type AzureKVProvider struct {
 
				 	// Valid values are:
			
 
				 	// - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret)
			
 
				 	// - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity)
			
 
				+	// - "WorkloadIdentity": Using a Kubernetes ServiceAccount federated with Entra ID
			
 
				 	// +optional
			
 
				 	// +kubebuilder:default=ServicePrincipal
			
 
				 	AuthType *AzureAuthType `json:"authType,omitempty"`
			
--- a/config/crds/bases/external-secrets.io_clustersecretstores.yaml
+++ b/config/crds/bases/external-secrets.io_clustersecretstores.yaml
@@ -734,6 +734,7 @@ spec:
 
				                           Valid values are:
			
 
				                           - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret)
			
 
				                           - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity)
			
 
				+                          - "WorkloadIdentity": Using a Kubernetes ServiceAccount federated with Entra ID
			
 
				                         enum:
			
 
				                         - ServicePrincipal
			
 
				                         - ManagedIdentity
			
--- a/config/crds/bases/external-secrets.io_secretstores.yaml
+++ b/config/crds/bases/external-secrets.io_secretstores.yaml
@@ -734,6 +734,7 @@ spec:
 
				                           Valid values are:
			
 
				                           - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret)
			
 
				                           - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity)
			
 
				+                          - "WorkloadIdentity": Using a Kubernetes ServiceAccount federated with Entra ID
			
 
				                         enum:
			
 
				                         - ServicePrincipal
			
 
				                         - ManagedIdentity
			
--- a/deploy/crds/bundle.yaml
+++ b/deploy/crds/bundle.yaml
@@ -3017,6 +3017,7 @@ spec:
 
				                             Valid values are:
			
 
				                             - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret)
			
 
				                             - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity)
			
 
				+                            - "WorkloadIdentity": Using a Kubernetes ServiceAccount federated with Entra ID
			
 
				                           enum:
			
 
				                             - ServicePrincipal
			
 
				                             - ManagedIdentity
			
@@ -15752,6 +15753,7 @@ spec:
 
				                             Valid values are:
			
 
				                             - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret)
			
 
				                             - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity)
			
 
				+                            - "WorkloadIdentity": Using a Kubernetes ServiceAccount federated with Entra ID
			
 
				                           enum:
			
 
				                             - ServicePrincipal
			
 
				                             - ManagedIdentity
			
--- a/docs/api/spec.md
+++ b/docs/api/spec.md
@@ -1007,7 +1007,8 @@ AzureAuthType
 
				 <p>Auth type defines how to authenticate to the keyvault service.
			
 
				 Valid values are:
			
 
				 - &ldquo;ServicePrincipal&rdquo; (default): Using a service principal (tenantId, clientId, clientSecret)
			
 
				-- &ldquo;ManagedIdentity&rdquo;: Using Managed Identity assigned to the pod (see aad-pod-identity)</p>
			
 
				+- &ldquo;ManagedIdentity&rdquo;: Using Managed Identity assigned to the pod (see aad-pod-identity)
			
 
				+- &ldquo;WorkloadIdentity&rdquo;: Using a Kubernetes ServiceAccount federated with Entra ID</p>
			
 
				 </td>
			
 
				 </tr>
			
 
				 <tr>