chore: update dependencies (#3065)

* update dependencies

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>

* fix: re-generate CRDs with new controller-runtime version

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

---------

Signed-off-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Co-authored-by: External Secrets Operator <ExternalSecretsOperator@users.noreply.github.com>
Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>

config/crds/bases/external-secrets.io_clusterexternalsecrets.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: clusterexternalsecrets.external-secrets.io
 spec:
   group: external-secrets.io
@@ -34,14 +34,19 @@ spec:
           API.
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -76,7 +81,8 @@ spec:
                         data.
                       properties:
                         remoteRef:
-                          description: RemoteRef points to the remote secret and defines
+                          description: |-
+                            RemoteRef points to the remote secret and defines
                             which secret (version/property/..) to fetch.
                           properties:
                             conversionStrategy:
@@ -119,18 +125,23 @@ spec:
                           - key
                           type: object
                         secretKey:
-                          description: SecretKey defines the key in which the controller
-                            stores the value. This is the key in the Kind=Secret
+                          description: |-
+                            SecretKey defines the key in which the controller stores
+                            the value. This is the key in the Kind=Secret
                           type: string
                         sourceRef:
-                          description: SourceRef allows you to override the source
+                          description: |-
+                            SourceRef allows you to override the source
                             from which the value will pulled from.
                           maxProperties: 1
                           properties:
                             generatorRef:
-                              description: "GeneratorRef points to a generator custom
-                                resource. \n Deprecated: The generatorRef is not implemented
-                                in .data[]. this will be removed with v1."
+                              description: |-
+                                GeneratorRef points to a generator custom resource.
+
+
+                                Deprecated: The generatorRef is not implemented in .data[].
+                                this will be removed with v1.
                               properties:
                                 apiVersion:
                                   default: generators.external-secrets.io/v1alpha1
@@ -153,8 +164,9 @@ spec:
                                 to fetch the ExternalSecret data.
                               properties:
                                 kind:
-                                  description: Kind of the SecretStore resource (SecretStore
-                                    or ClusterSecretStore) Defaults to `SecretStore`
+                                  description: |-
+                                    Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
+                                    Defaults to `SecretStore`
                                   type: string
                                 name:
                                   description: Name of the SecretStore resource
@@ -169,15 +181,15 @@ spec:
                       type: object
                     type: array
                   dataFrom:
-                    description: DataFrom is used to fetch all properties from a specific
-                      Provider data If multiple entries are specified, the Secret
-                      keys are merged in the specified order
+                    description: |-
+                      DataFrom is used to fetch all properties from a specific Provider data
+                      If multiple entries are specified, the Secret keys are merged in the specified order
                     items:
                       properties:
                         extract:
-                          description: 'Used to extract multiple key/value pairs from
-                            one secret Note: Extract does not support sourceRef.Generator
-                            or sourceRef.GeneratorRef.'
+                          description: |-
+                            Used to extract multiple key/value pairs from one secret
+                            Note: Extract does not support sourceRef.Generator or sourceRef.GeneratorRef.
                           properties:
                             conversionStrategy:
                               default: Default
@@ -219,9 +231,9 @@ spec:
                           - key
                           type: object
                         find:
-                          description: 'Used to find secrets based on tags or regular
-                            expressions Note: Find does not support sourceRef.Generator
-                            or sourceRef.GeneratorRef.'
+                          description: |-
+                            Used to find secrets based on tags or regular expressions
+                            Note: Find does not support sourceRef.Generator or sourceRef.GeneratorRef.
                           properties:
                             conversionStrategy:
                               default: Default
@@ -256,16 +268,15 @@ spec:
                               type: object
                           type: object
                         rewrite:
-                          description: Used to rewrite secret Keys after getting them
-                            from the secret Provider Multiple Rewrite operations can
-                            be provided. They are applied in a layered order (first
-                            to last)
+                          description: |-
+                            Used to rewrite secret Keys after getting them from the secret Provider
+                            Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
                           items:
                             properties:
                               regexp:
-                                description: Used to rewrite with regular expressions.
-                                  The resulting key will be the output of a regexp.ReplaceAll
-                                  operation.
+                                description: |-
+                                  Used to rewrite with regular expressions.
+                                  The resulting key will be the output of a regexp.ReplaceAll operation.
                                 properties:
                                   source:
                                     description: Used to define the regular expression
@@ -280,14 +291,14 @@ spec:
                                 - target
                                 type: object
                               transform:
-                                description: Used to apply string transformation on
-                                  the secrets. The resulting key will be the output
-                                  of the template applied by the operation.
+                                description: |-
+                                  Used to apply string transformation on the secrets.
+                                  The resulting key will be the output of the template applied by the operation.
                                 properties:
                                   template:
-                                    description: Used to define the template to apply
-                                      on the secret name. `.value ` will specify the
-                                      secret name in the template.
+                                    description: |-
+                                      Used to define the template to apply on the secret name.
+                                      `.value ` will specify the secret name in the template.
                                     type: string
                                 required:
                                 - template
@@ -295,11 +306,13 @@ spec:
                             type: object
                           type: array
                         sourceRef:
-                          description: SourceRef points to a store or generator which
-                            contains secret values ready to use. Use this in combination
-                            with Extract or Find pull values out of a specific SecretStore.
-                            When sourceRef points to a generator Extract or Find is
-                            not supported. The generator returns a static map of values
+                          description: |-
+                            SourceRef points to a store or generator
+                            which contains secret values ready to use.
+                            Use this in combination with Extract or Find pull values out of
+                            a specific SecretStore.
+                            When sourceRef points to a generator Extract or Find is not supported.
+                            The generator returns a static map of values
                           maxProperties: 1
                           properties:
                             generatorRef:
@@ -327,8 +340,9 @@ spec:
                                 to fetch the ExternalSecret data.
                               properties:
                                 kind:
-                                  description: Kind of the SecretStore resource (SecretStore
-                                    or ClusterSecretStore) Defaults to `SecretStore`
+                                  description: |-
+                                    Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
+                                    Defaults to `SecretStore`
                                   type: string
                                 name:
                                   description: Name of the SecretStore resource
@@ -341,18 +355,19 @@ spec:
                     type: array
                   refreshInterval:
                     default: 1h
-                    description: RefreshInterval is the amount of time before the
-                      values are read again from the SecretStore provider Valid time
-                      units are "ns", "us" (or "µs"), "ms", "s", "m", "h" May be set
-                      to zero to fetch and create it once. Defaults to 1h.
+                    description: |-
+                      RefreshInterval is the amount of time before the values are read again from the SecretStore provider
+                      Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h"
+                      May be set to zero to fetch and create it once. Defaults to 1h.
                     type: string
                   secretStoreRef:
                     description: SecretStoreRef defines which SecretStore to fetch
                       the ExternalSecret data.
                     properties:
                       kind:
-                        description: Kind of the SecretStore resource (SecretStore
-                          or ClusterSecretStore) Defaults to `SecretStore`
+                        description: |-
+                          Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
+                          Defaults to `SecretStore`
                         type: string
                       name:
                         description: Name of the SecretStore resource
@@ -364,13 +379,15 @@ spec:
                     default:
                       creationPolicy: Owner
                       deletionPolicy: Retain
-                    description: ExternalSecretTarget defines the Kubernetes Secret
-                      to be created There can be only one target per ExternalSecret.
+                    description: |-
+                      ExternalSecretTarget defines the Kubernetes Secret to be created
+                      There can be only one target per ExternalSecret.
                     properties:
                       creationPolicy:
                         default: Owner
-                        description: CreationPolicy defines rules on how to create
-                          the resulting Secret Defaults to 'Owner'
+                        description: |-
+                          CreationPolicy defines rules on how to create the resulting Secret
+                          Defaults to 'Owner'
                         enum:
                         - Owner
                         - Orphan
@@ -379,8 +396,9 @@ spec:
                         type: string
                       deletionPolicy:
                         default: Retain
-                        description: DeletionPolicy defines rules on how to delete
-                          the resulting Secret Defaults to 'Retain'
+                        description: |-
+                          DeletionPolicy defines rules on how to delete the resulting Secret
+                          Defaults to 'Retain'
                         enum:
                         - Delete
                         - Merge
@@ -391,9 +409,10 @@ spec:
                           immutable
                         type: boolean
                       name:
-                        description: Name defines the name of the Secret resource
-                          to be managed This field is immutable Defaults to the .metadata.name
-                          of the ExternalSecret resource
+                        description: |-
+                          Name defines the name of the Secret resource to be managed
+                          This field is immutable
+                          Defaults to the .metadata.name of the ExternalSecret resource
                         type: string
                       template:
                         description: Template defines a blueprint for the created
@@ -405,9 +424,10 @@ spec:
                             type: object
                           engineVersion:
                             default: v2
-                            description: EngineVersion specifies the template engine
-                              version that should be used to compile/execute the template
-                              specified in .data and .templateFrom[].
+                            description: |-
+                              EngineVersion specifies the template engine version
+                              that should be used to compile/execute the
+                              template specified in .data and .templateFrom[].
                             enum:
                             - v1
                             - v2
@@ -504,24 +524,24 @@ spec:
                     description: matchExpressions is a list of label selector requirements.
                       The requirements are ANDed.
                     items:
-                      description: A label selector requirement is a selector that
-                        contains values, a key, and an operator that relates the key
-                        and values.
+                      description: |-
+                        A label selector requirement is a selector that contains values, a key, and an operator that
+                        relates the key and values.
                       properties:
                         key:
                           description: key is the label key that the selector applies
                             to.
                           type: string
                         operator:
-                          description: operator represents a key's relationship to
-                            a set of values. Valid operators are In, NotIn, Exists
-                            and DoesNotExist.
+                          description: |-
+                            operator represents a key's relationship to a set of values.
+                            Valid operators are In, NotIn, Exists and DoesNotExist.
                           type: string
                         values:
-                          description: values is an array of string values. If the
-                            operator is In or NotIn, the values array must be non-empty.
-                            If the operator is Exists or DoesNotExist, the values
-                            array must be empty. This array is replaced during a strategic
+                          description: |-
+                            values is an array of string values. If the operator is In or NotIn,
+                            the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                            the values array must be empty. This array is replaced during a strategic
                             merge patch.
                           items:
                             type: string
@@ -534,11 +554,10 @@ spec:
                   matchLabels:
                     additionalProperties:
                       type: string
-                    description: matchLabels is a map of {key,value} pairs. A single
-                      {key,value} in the matchLabels map is equivalent to an element
-                      of matchExpressions, whose key field is "key", the operator
-                      is "In", and the values array contains only "value". The requirements
-                      are ANDed.
+                    description: |-
+                      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                      map is equivalent to an element of matchExpressions, whose key field is "key", the
+                      operator is "In", and the values array contains only "value". The requirements are ANDed.
                     type: object
                 type: object
                 x-kubernetes-map-type: atomic

config/crds/bases/external-secrets.io_externalsecrets.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: externalsecrets.external-secrets.io
 spec:
   group: external-secrets.io
@@ -34,14 +34,19 @@ spec:
         description: ExternalSecret is the Schema for the external-secrets API.
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -88,9 +93,9 @@ spec:
                   type: object
                 type: array
               dataFrom:
-                description: DataFrom is used to fetch all properties from a specific
-                  Provider data If multiple entries are specified, the Secret keys
-                  are merged in the specified order
+                description: |-
+                  DataFrom is used to fetch all properties from a specific Provider data
+                  If multiple entries are specified, the Secret keys are merged in the specified order
                 items:
                   description: ExternalSecretDataRemoteRef defines Provider data location.
                   properties:
@@ -118,18 +123,19 @@ spec:
                 type: array
               refreshInterval:
                 default: 1h
-                description: RefreshInterval is the amount of time before the values
-                  are read again from the SecretStore provider Valid time units are
-                  "ns", "us" (or "µs"), "ms", "s", "m", "h" May be set to zero to
-                  fetch and create it once. Defaults to 1h.
+                description: |-
+                  RefreshInterval is the amount of time before the values are read again from the SecretStore provider
+                  Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h"
+                  May be set to zero to fetch and create it once. Defaults to 1h.
                 type: string
               secretStoreRef:
                 description: SecretStoreRef defines which SecretStore to fetch the
                   ExternalSecret data.
                 properties:
                   kind:
-                    description: Kind of the SecretStore resource (SecretStore or
-                      ClusterSecretStore) Defaults to `SecretStore`
+                    description: |-
+                      Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
+                      Defaults to `SecretStore`
                     type: string
                   name:
                     description: Name of the SecretStore resource
@@ -138,13 +144,15 @@ spec:
                 - name
                 type: object
               target:
-                description: ExternalSecretTarget defines the Kubernetes Secret to
-                  be created There can be only one target per ExternalSecret.
+                description: |-
+                  ExternalSecretTarget defines the Kubernetes Secret to be created
+                  There can be only one target per ExternalSecret.
                 properties:
                   creationPolicy:
                     default: Owner
-                    description: CreationPolicy defines rules on how to create the
-                      resulting Secret Defaults to 'Owner'
+                    description: |-
+                      CreationPolicy defines rules on how to create the resulting Secret
+                      Defaults to 'Owner'
                     enum:
                     - Owner
                     - Merge
@@ -154,9 +162,10 @@ spec:
                     description: Immutable defines if the final secret will be immutable
                     type: boolean
                   name:
-                    description: Name defines the name of the Secret resource to be
-                      managed This field is immutable Defaults to the .metadata.name
-                      of the ExternalSecret resource
+                    description: |-
+                      Name defines the name of the Secret resource to be managed
+                      This field is immutable
+                      Defaults to the .metadata.name of the ExternalSecret resource
                     type: string
                   template:
                     description: Template defines a blueprint for the created Secret
@@ -168,9 +177,10 @@ spec:
                         type: object
                       engineVersion:
                         default: v1
-                        description: EngineVersion specifies the template engine version
-                          that should be used to compile/execute the template specified
-                          in .data and .templateFrom[].
+                        description: |-
+                          EngineVersion specifies the template engine version
+                          that should be used to compile/execute the
+                          template specified in .data and .templateFrom[].
                         enum:
                         - v1
                         - v2
@@ -244,8 +254,10 @@ spec:
                   reference to the secret
                 properties:
                   name:
-                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
-                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?
                     type: string
                 type: object
                 x-kubernetes-map-type: atomic
@@ -269,8 +281,9 @@ spec:
                   type: object
                 type: array
               refreshTime:
-                description: refreshTime is the time and date the external secret
-                  was fetched and the target secret updated
+                description: |-
+                  refreshTime is the time and date the external secret was fetched and
+                  the target secret updated
                 format: date-time
                 nullable: true
                 type: string
@@ -303,14 +316,19 @@ spec:
         description: ExternalSecret is the Schema for the external-secrets API.
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -325,7 +343,8 @@ spec:
                     Kubernetes Secret key (spec.data.<key>) and the Provider data.
                   properties:
                     remoteRef:
-                      description: RemoteRef points to the remote secret and defines
+                      description: |-
+                        RemoteRef points to the remote secret and defines
                         which secret (version/property/..) to fetch.
                       properties:
                         conversionStrategy:
@@ -368,18 +387,23 @@ spec:
                       - key
                       type: object
                     secretKey:
-                      description: SecretKey defines the key in which the controller
-                        stores the value. This is the key in the Kind=Secret
+                      description: |-
+                        SecretKey defines the key in which the controller stores
+                        the value. This is the key in the Kind=Secret
                       type: string
                     sourceRef:
-                      description: SourceRef allows you to override the source from
-                        which the value will pulled from.
+                      description: |-
+                        SourceRef allows you to override the source
+                        from which the value will pulled from.
                       maxProperties: 1
                       properties:
                         generatorRef:
-                          description: "GeneratorRef points to a generator custom
-                            resource. \n Deprecated: The generatorRef is not implemented
-                            in .data[]. this will be removed with v1."
+                          description: |-
+                            GeneratorRef points to a generator custom resource.
+
+
+                            Deprecated: The generatorRef is not implemented in .data[].
+                            this will be removed with v1.
                           properties:
                             apiVersion:
                               default: generators.external-secrets.io/v1alpha1
@@ -402,8 +426,9 @@ spec:
                             fetch the ExternalSecret data.
                           properties:
                             kind:
-                              description: Kind of the SecretStore resource (SecretStore
-                                or ClusterSecretStore) Defaults to `SecretStore`
+                              description: |-
+                                Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
+                                Defaults to `SecretStore`
                               type: string
                             name:
                               description: Name of the SecretStore resource
@@ -418,15 +443,15 @@ spec:
                   type: object
                 type: array
               dataFrom:
-                description: DataFrom is used to fetch all properties from a specific
-                  Provider data If multiple entries are specified, the Secret keys
-                  are merged in the specified order
+                description: |-
+                  DataFrom is used to fetch all properties from a specific Provider data
+                  If multiple entries are specified, the Secret keys are merged in the specified order
                 items:
                   properties:
                     extract:
-                      description: 'Used to extract multiple key/value pairs from
-                        one secret Note: Extract does not support sourceRef.Generator
-                        or sourceRef.GeneratorRef.'
+                      description: |-
+                        Used to extract multiple key/value pairs from one secret
+                        Note: Extract does not support sourceRef.Generator or sourceRef.GeneratorRef.
                       properties:
                         conversionStrategy:
                           default: Default
@@ -468,9 +493,9 @@ spec:
                       - key
                       type: object
                     find:
-                      description: 'Used to find secrets based on tags or regular
-                        expressions Note: Find does not support sourceRef.Generator
-                        or sourceRef.GeneratorRef.'
+                      description: |-
+                        Used to find secrets based on tags or regular expressions
+                        Note: Find does not support sourceRef.Generator or sourceRef.GeneratorRef.
                       properties:
                         conversionStrategy:
                           default: Default
@@ -505,15 +530,15 @@ spec:
                           type: object
                       type: object
                     rewrite:
-                      description: Used to rewrite secret Keys after getting them
-                        from the secret Provider Multiple Rewrite operations can be
-                        provided. They are applied in a layered order (first to last)
+                      description: |-
+                        Used to rewrite secret Keys after getting them from the secret Provider
+                        Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
                       items:
                         properties:
                           regexp:
-                            description: Used to rewrite with regular expressions.
-                              The resulting key will be the output of a regexp.ReplaceAll
-                              operation.
+                            description: |-
+                              Used to rewrite with regular expressions.
+                              The resulting key will be the output of a regexp.ReplaceAll operation.
                             properties:
                               source:
                                 description: Used to define the regular expression
@@ -528,14 +553,14 @@ spec:
                             - target
                             type: object
                           transform:
-                            description: Used to apply string transformation on the
-                              secrets. The resulting key will be the output of the
-                              template applied by the operation.
+                            description: |-
+                              Used to apply string transformation on the secrets.
+                              The resulting key will be the output of the template applied by the operation.
                             properties:
                               template:
-                                description: Used to define the template to apply
-                                  on the secret name. `.value ` will specify the secret
-                                  name in the template.
+                                description: |-
+                                  Used to define the template to apply on the secret name.
+                                  `.value ` will specify the secret name in the template.
                                 type: string
                             required:
                             - template
@@ -543,11 +568,13 @@ spec:
                         type: object
                       type: array
                     sourceRef:
-                      description: SourceRef points to a store or generator which
-                        contains secret values ready to use. Use this in combination
-                        with Extract or Find pull values out of a specific SecretStore.
-                        When sourceRef points to a generator Extract or Find is not
-                        supported. The generator returns a static map of values
+                      description: |-
+                        SourceRef points to a store or generator
+                        which contains secret values ready to use.
+                        Use this in combination with Extract or Find pull values out of
+                        a specific SecretStore.
+                        When sourceRef points to a generator Extract or Find is not supported.
+                        The generator returns a static map of values
                       maxProperties: 1
                       properties:
                         generatorRef:
@@ -574,8 +601,9 @@ spec:
                             fetch the ExternalSecret data.
                           properties:
                             kind:
-                              description: Kind of the SecretStore resource (SecretStore
-                                or ClusterSecretStore) Defaults to `SecretStore`
+                              description: |-
+                                Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
+                                Defaults to `SecretStore`
                               type: string
                             name:
                               description: Name of the SecretStore resource
@@ -588,18 +616,19 @@ spec:
                 type: array
               refreshInterval:
                 default: 1h
-                description: RefreshInterval is the amount of time before the values
-                  are read again from the SecretStore provider Valid time units are
-                  "ns", "us" (or "µs"), "ms", "s", "m", "h" May be set to zero to
-                  fetch and create it once. Defaults to 1h.
+                description: |-
+                  RefreshInterval is the amount of time before the values are read again from the SecretStore provider
+                  Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h"
+                  May be set to zero to fetch and create it once. Defaults to 1h.
                 type: string
               secretStoreRef:
                 description: SecretStoreRef defines which SecretStore to fetch the
                   ExternalSecret data.
                 properties:
                   kind:
-                    description: Kind of the SecretStore resource (SecretStore or
-                      ClusterSecretStore) Defaults to `SecretStore`
+                    description: |-
+                      Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
+                      Defaults to `SecretStore`
                     type: string
                   name:
                     description: Name of the SecretStore resource
@@ -611,13 +640,15 @@ spec:
                 default:
                   creationPolicy: Owner
                   deletionPolicy: Retain
-                description: ExternalSecretTarget defines the Kubernetes Secret to
-                  be created There can be only one target per ExternalSecret.
+                description: |-
+                  ExternalSecretTarget defines the Kubernetes Secret to be created
+                  There can be only one target per ExternalSecret.
                 properties:
                   creationPolicy:
                     default: Owner
-                    description: CreationPolicy defines rules on how to create the
-                      resulting Secret Defaults to 'Owner'
+                    description: |-
+                      CreationPolicy defines rules on how to create the resulting Secret
+                      Defaults to 'Owner'
                     enum:
                     - Owner
                     - Orphan
@@ -626,8 +657,9 @@ spec:
                     type: string
                   deletionPolicy:
                     default: Retain
-                    description: DeletionPolicy defines rules on how to delete the
-                      resulting Secret Defaults to 'Retain'
+                    description: |-
+                      DeletionPolicy defines rules on how to delete the resulting Secret
+                      Defaults to 'Retain'
                     enum:
                     - Delete
                     - Merge
@@ -637,9 +669,10 @@ spec:
                     description: Immutable defines if the final secret will be immutable
                     type: boolean
                   name:
-                    description: Name defines the name of the Secret resource to be
-                      managed This field is immutable Defaults to the .metadata.name
-                      of the ExternalSecret resource
+                    description: |-
+                      Name defines the name of the Secret resource to be managed
+                      This field is immutable
+                      Defaults to the .metadata.name of the ExternalSecret resource
                     type: string
                   template:
                     description: Template defines a blueprint for the created Secret
@@ -651,9 +684,10 @@ spec:
                         type: object
                       engineVersion:
                         default: v2
-                        description: EngineVersion specifies the template engine version
-                          that should be used to compile/execute the template specified
-                          in .data and .templateFrom[].
+                        description: |-
+                          EngineVersion specifies the template engine version
+                          that should be used to compile/execute the
+                          template specified in .data and .templateFrom[].
                         enum:
                         - v1
                         - v2
@@ -749,8 +783,10 @@ spec:
                   reference to the secret
                 properties:
                   name:
-                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
-                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?
                     type: string
                 type: object
                 x-kubernetes-map-type: atomic
@@ -774,8 +810,9 @@ spec:
                   type: object
                 type: array
               refreshTime:
-                description: refreshTime is the time and date the external secret
-                  was fetched and the target secret updated
+                description: |-
+                  refreshTime is the time and date the external secret was fetched and
+                  the target secret updated
                 format: date-time
                 nullable: true
                 type: string

config/crds/bases/external-secrets.io_pushsecrets.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: pushsecrets.external-secrets.io
 spec:
   group: external-secrets.io
@@ -27,14 +27,19 @@ spec:
       openAPIV3Schema:
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -67,9 +72,9 @@ spec:
                       - remoteRef
                       type: object
                     metadata:
-                      description: Metadata is metadata attached to the secret. The
-                        structure of metadata is provider specific, please look it
-                        up in the provider documentation.
+                      description: |-
+                        Metadata is metadata attached to the secret.
+                        The structure of metadata is provider specific, please look it up in the provider documentation.
                       x-kubernetes-preserve-unknown-fields: true
                   required:
                   - match
@@ -92,8 +97,9 @@ spec:
                   properties:
                     kind:
                       default: SecretStore
-                      description: Kind of the SecretStore resource (SecretStore or
-                        ClusterSecretStore) Defaults to `SecretStore`
+                      description: |-
+                        Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
+                        Defaults to `SecretStore`
                       type: string
                     labelSelector:
                       description: Optionally, sync to secret stores with label selector
@@ -102,25 +108,25 @@ spec:
                           description: matchExpressions is a list of label selector
                             requirements. The requirements are ANDed.
                           items:
-                            description: A label selector requirement is a selector
-                              that contains values, a key, and an operator that relates
-                              the key and values.
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
                             properties:
                               key:
                                 description: key is the label key that the selector
                                   applies to.
                                 type: string
                               operator:
-                                description: operator represents a key's relationship
-                                  to a set of values. Valid operators are In, NotIn,
-                                  Exists and DoesNotExist.
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
                                 type: string
                               values:
-                                description: values is an array of string values.
-                                  If the operator is In or NotIn, the values array
-                                  must be non-empty. If the operator is Exists or
-                                  DoesNotExist, the values array must be empty. This
-                                  array is replaced during a strategic merge patch.
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
                                 items:
                                   type: string
                                 type: array
@@ -132,11 +138,10 @@ spec:
                         matchLabels:
                           additionalProperties:
                             type: string
-                          description: matchLabels is a map of {key,value} pairs.
-                            A single {key,value} in the matchLabels map is equivalent
-                            to an element of matchExpressions, whose key field is
-                            "key", the operator is "In", and the values array contains
-                            only "value". The requirements are ANDed.
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
                           type: object
                       type: object
                       x-kubernetes-map-type: atomic
@@ -171,9 +176,10 @@ spec:
                     type: object
                   engineVersion:
                     default: v2
-                    description: EngineVersion specifies the template engine version
-                      that should be used to compile/execute the template specified
-                      in .data and .templateFrom[].
+                    description: |-
+                      EngineVersion specifies the template engine version
+                      that should be used to compile/execute the
+                      template specified in .data and .templateFrom[].
                     enum:
                     - v1
                     - v2
@@ -291,8 +297,9 @@ spec:
                   type: object
                 type: array
               refreshTime:
-                description: refreshTime is the time and date the external secret
-                  was fetched and the target secret updated
+                description: |-
+                  refreshTime is the time and date the external secret was fetched and
+                  the target secret updated
                 format: date-time
                 nullable: true
                 type: string
@@ -324,9 +331,9 @@ spec:
                         - remoteRef
                         type: object
                       metadata:
-                        description: Metadata is metadata attached to the secret.
-                          The structure of metadata is provider specific, please look
-                          it up in the provider documentation.
+                        description: |-
+                          Metadata is metadata attached to the secret.
+                          The structure of metadata is provider specific, please look it up in the provider documentation.
                         x-kubernetes-preserve-unknown-fields: true
                     required:
                     - match

config/crds/bases/generators.external-secrets.io_acraccesstokens.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: acraccesstokens.generators.external-secrets.io
 spec:
   group: generators.external-secrets.io
@@ -20,27 +20,39 @@ spec:
   - name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: "ACRAccessToken returns a Azure Container Registry token that
-          can be used for pushing/pulling images. Note: by default it will return
-          an ACR Refresh Token with full access (depending on the identity). This
-          can be scoped down to the repository level using .spec.scope. In case scope
-          is defined it will return an ACR Access Token. \n See docs: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md"
+        description: |-
+          ACRAccessToken returns a Azure Container Registry token
+          that can be used for pushing/pulling images.
+          Note: by default it will return an ACR Refresh Token with full access
+          (depending on the identity).
+          This can be scoped down to the repository level using .spec.scope.
+          In case scope is defined it will return an ACR Access Token.
+
+
+          See docs: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
           spec:
-            description: 'ACRAccessTokenSpec defines how to generate the access token
-              e.g. how to authenticate and which registry to use. see: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md#overview'
+            description: |-
+              ACRAccessTokenSpec defines how to generate the access token
+              e.g. how to authenticate and which registry to use.
+              see: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md#overview
             properties:
               auth:
                 properties:
@@ -58,26 +70,27 @@ spec:
                       to authenticate with Azure.
                     properties:
                       secretRef:
-                        description: Configuration used to authenticate with Azure
-                          using static credentials stored in a Kind=Secret.
+                        description: |-
+                          Configuration used to authenticate with Azure using static
+                          credentials stored in a Kind=Secret.
                         properties:
                           clientId:
                             description: The Azure clientId of the service principle
                               used for authentication.
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                           clientSecret:
@@ -85,18 +98,18 @@ spec:
                               used for authentication.
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                         type: object
@@ -108,15 +121,15 @@ spec:
                       authenticate with Azure.
                     properties:
                       serviceAccountRef:
-                        description: ServiceAccountRef specified the service account
+                        description: |-
+                          ServiceAccountRef specified the service account
                           that should be used when authenticating with WorkloadIdentity.
                         properties:
                           audiences:
-                            description: Audience specifies the `aud` claim for the
-                              service account token If the service account uses a
-                              well-known annotation for e.g. IRSA or GCP Workload
-                              Identity then this audiences will be appended to the
-                              list
+                            description: |-
+                              Audience specifies the `aud` claim for the service account token
+                              If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
+                              then this audiences will be appended to the list
                             items:
                               type: string
                             type: array
@@ -125,9 +138,9 @@ spec:
                               referred to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         required:
                         - name
@@ -136,11 +149,11 @@ spec:
                 type: object
               environmentType:
                 default: PublicCloud
-                description: 'EnvironmentType specifies the Azure cloud environment
-                  endpoints to use for connecting and authenticating with Azure. By
-                  default it points to the public cloud AAD endpoint. The following
-                  endpoints are available, also see here: https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152
-                  PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud'
+                description: |-
+                  EnvironmentType specifies the Azure cloud environment endpoints to use for
+                  connecting and authenticating with Azure. By default it points to the public cloud AAD endpoint.
+                  The following endpoints are available, also see here: https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152
+                  PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud
                 enum:
                 - PublicCloud
                 - USGovernmentCloud
@@ -148,14 +161,23 @@ spec:
                 - GermanCloud
                 type: string
               registry:
-                description: the domain name of the ACR registry e.g. foobarexample.azurecr.io
+                description: |-
+                  the domain name of the ACR registry
+                  e.g. foobarexample.azurecr.io
                 type: string
               scope:
-                description: "Define the scope for the access token, e.g. pull/push
-                  access for a repository. if not provided it will return a refresh
-                  token that has full scope. Note: you need to pin it down to the
-                  repository level, there is no wildcard available. \n examples: repository:my-repository:pull,push
-                  repository:my-repository:pull \n see docs for details: https://docs.docker.com/registry/spec/auth/scope/"
+                description: |-
+                  Define the scope for the access token, e.g. pull/push access for a repository.
+                  if not provided it will return a refresh token that has full scope.
+                  Note: you need to pin it down to the repository level, there is no wildcard available.
+
+
+                  examples:
+                  repository:my-repository:pull,push
+                  repository:my-repository:pull
+
+
+                  see docs for details: https://docs.docker.com/registry/spec/auth/scope/
                 type: string
               tenantId:
                 description: TenantID configures the Azure Tenant to send requests

config/crds/bases/generators.external-secrets.io_ecrauthorizationtokens.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: ecrauthorizationtokens.generators.external-secrets.io
 spec:
   group: generators.external-secrets.io
@@ -20,22 +20,28 @@ spec:
   - name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: ECRAuthorizationTokenSpec uses the GetAuthorizationToken API
-          to retrieve an authorization token. The authorization token is valid for
-          12 hours. The authorizationToken returned is a base64 encoded string that
-          can be decoded and used in a docker login command to authenticate to a registry.
-          For more information, see Registry authentication (https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html#registry_auth)
-          in the Amazon Elastic Container Registry User Guide.
+        description: |-
+          ECRAuthorizationTokenSpec uses the GetAuthorizationToken API to retrieve an
+          authorization token.
+          The authorization token is valid for 12 hours.
+          The authorizationToken returned is a base64 encoded string that can be decoded
+          and used in a docker login command to authenticate to a registry.
+          For more information, see Registry authentication (https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html#registry_auth) in the Amazon Elastic Container Registry User Guide.
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -51,11 +57,10 @@ spec:
                         description: A reference to a ServiceAccount resource.
                         properties:
                           audiences:
-                            description: Audience specifies the `aud` claim for the
-                              service account token If the service account uses a
-                              well-known annotation for e.g. IRSA or GCP Workload
-                              Identity then this audiences will be appended to the
-                              list
+                            description: |-
+                              Audience specifies the `aud` claim for the service account token
+                              If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
+                              then this audiences will be appended to the list
                             items:
                               type: string
                             type: array
@@ -64,73 +69,74 @@ spec:
                               referred to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         required:
                         - name
                         type: object
                     type: object
                   secretRef:
-                    description: AWSAuthSecretRef holds secret references for AWS
-                      credentials both AccessKeyID and SecretAccessKey must be defined
-                      in order to properly authenticate.
+                    description: |-
+                      AWSAuthSecretRef holds secret references for AWS credentials
+                      both AccessKeyID and SecretAccessKey must be defined in order to properly authenticate.
                     properties:
                       accessKeyIDSecretRef:
                         description: The AccessKeyID is used for authentication
                         properties:
                           key:
-                            description: The key of the entry in the Secret resource's
-                              `data` field to be used. Some instances of this field
-                              may be defaulted, in others it may be required.
+                            description: |-
+                              The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                              defaulted, in others it may be required.
                             type: string
                           name:
                             description: The name of the Secret resource being referred
                               to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         type: object
                       secretAccessKeySecretRef:
                         description: The SecretAccessKey is used for authentication
                         properties:
                           key:
-                            description: The key of the entry in the Secret resource's
-                              `data` field to be used. Some instances of this field
-                              may be defaulted, in others it may be required.
+                            description: |-
+                              The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                              defaulted, in others it may be required.
                             type: string
                           name:
                             description: The name of the Secret resource being referred
                               to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         type: object
                       sessionTokenSecretRef:
-                        description: 'The SessionToken used for authentication This
-                          must be defined if AccessKeyID and SecretAccessKey are temporary
-                          credentials see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html'
+                        description: |-
+                          The SessionToken used for authentication
+                          This must be defined if AccessKeyID and SecretAccessKey are temporary credentials
+                          see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html
                         properties:
                           key:
-                            description: The key of the entry in the Secret resource's
-                              `data` field to be used. Some instances of this field
-                              may be defaulted, in others it may be required.
+                            description: |-
+                              The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                              defaulted, in others it may be required.
                             type: string
                           name:
                             description: The name of the Secret resource being referred
                               to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         type: object
                     type: object
@@ -139,8 +145,9 @@ spec:
                 description: Region specifies the region to operate in.
                 type: string
               role:
-                description: You can assume a role before making calls to the desired
-                  AWS service.
+                description: |-
+                  You can assume a role before making calls to the
+                  desired AWS service.
                 type: string
             required:
             - region

config/crds/bases/generators.external-secrets.io_fakes.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: fakes.generators.external-secrets.io
 spec:
   group: generators.external-secrets.io
@@ -20,18 +20,24 @@ spec:
   - name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: Fake generator is used for testing. It lets you define a static
-          set of credentials that is always returned.
+        description: |-
+          Fake generator is used for testing. It lets you define
+          a static set of credentials that is always returned.
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -39,14 +45,16 @@ spec:
             description: FakeSpec contains the static data.
             properties:
               controller:
-                description: 'Used to select the correct ESO controller (think: ingress.ingressClassName)
-                  The ESO controller is instantiated with a specific controller name
-                  and filters VDS based on this property'
+                description: |-
+                  Used to select the correct ESO controller (think: ingress.ingressClassName)
+                  The ESO controller is instantiated with a specific controller name and filters VDS based on this property
                 type: string
               data:
                 additionalProperties:
                   type: string
-                description: Data defines the static data returned by this generator.
+                description: |-
+                  Data defines the static data returned
+                  by this generator.
                 type: object
             type: object
         type: object

config/crds/bases/generators.external-secrets.io_gcraccesstokens.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: gcraccesstokens.generators.external-secrets.io
 spec:
   group: generators.external-secrets.io
@@ -20,18 +20,24 @@ spec:
   - name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: GCRAccessToken generates an GCP access token that can be used
-          to authenticate with GCR.
+        description: |-
+          GCRAccessToken generates an GCP access token
+          that can be used to authenticate with GCR.
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -46,18 +52,18 @@ spec:
                         description: The SecretAccessKey is used for authentication
                         properties:
                           key:
-                            description: The key of the entry in the Secret resource's
-                              `data` field to be used. Some instances of this field
-                              may be defaulted, in others it may be required.
+                            description: |-
+                              The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                              defaulted, in others it may be required.
                             type: string
                           name:
                             description: The name of the Secret resource being referred
                               to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         type: object
                     type: object
@@ -73,11 +79,10 @@ spec:
                         description: A reference to a ServiceAccount resource.
                         properties:
                           audiences:
-                            description: Audience specifies the `aud` claim for the
-                              service account token If the service account uses a
-                              well-known annotation for e.g. IRSA or GCP Workload
-                              Identity then this audiences will be appended to the
-                              list
+                            description: |-
+                              Audience specifies the `aud` claim for the service account token
+                              If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
+                              then this audiences will be appended to the list
                             items:
                               type: string
                             type: array
@@ -86,9 +91,9 @@ spec:
                               referred to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         required:
                         - name

config/crds/bases/generators.external-secrets.io_passwords.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: passwords.generators.external-secrets.io
 spec:
   group: generators.external-secrets.io
@@ -20,18 +20,25 @@ spec:
   - name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: Password generates a random password based on the configuration
-          parameters in spec. You can specify the length, characterset and other attributes.
+        description: |-
+          Password generates a random password based on the
+          configuration parameters in spec.
+          You can specify the length, characterset and other attributes.
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -43,25 +50,29 @@ spec:
                 description: set AllowRepeat to true to allow repeating characters.
                 type: boolean
               digits:
-                description: Digits specifies the number of digits in the generated
+                description: |-
+                  Digits specifies the number of digits in the generated
                   password. If omitted it defaults to 25% of the length of the password
                 type: integer
               length:
                 default: 24
-                description: Length of the password to be generated. Defaults to 24
+                description: |-
+                  Length of the password to be generated.
+                  Defaults to 24
                 type: integer
               noUpper:
                 default: false
                 description: Set NoUpper to disable uppercase characters
                 type: boolean
               symbolCharacters:
-                description: SymbolCharacters specifies the special characters that
-                  should be used in the generated password.
+                description: |-
+                  SymbolCharacters specifies the special characters that should be used
+                  in the generated password.
                 type: string
               symbols:
-                description: Symbols specifies the number of symbol characters in
-                  the generated password. If omitted it defaults to 25% of the length
-                  of the password
+                description: |-
+                  Symbols specifies the number of symbol characters in the generated
+                  password. If omitted it defaults to 25% of the length of the password
                 type: integer
             required:
             - allowRepeat

config/crds/bases/generators.external-secrets.io_vaultdynamicsecrets.yaml

@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.13.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: vaultdynamicsecrets.generators.external-secrets.io
 spec:
   group: generators.external-secrets.io
@@ -22,23 +22,28 @@ spec:
       openAPIV3Schema:
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
           spec:
             properties:
               controller:
-                description: 'Used to select the correct ESO controller (think: ingress.ingressClassName)
-                  The ESO controller is instantiated with a specific controller name
-                  and filters VDS based on this property'
+                description: |-
+                  Used to select the correct ESO controller (think: ingress.ingressClassName)
+                  The ESO controller is instantiated with a specific controller name and filters VDS based on this property
                 type: string
               method:
                 description: Vault API method to use (GET/POST/other)
@@ -57,61 +62,63 @@ spec:
                       with the Vault server.
                     properties:
                       appRole:
-                        description: AppRole authenticates with Vault using the App
-                          Role auth mechanism, with the role and secret stored in
-                          a Kubernetes Secret resource.
+                        description: |-
+                          AppRole authenticates with Vault using the App Role auth mechanism,
+                          with the role and secret stored in a Kubernetes Secret resource.
                         properties:
                           path:
                             default: approle
-                            description: 'Path where the App Role authentication backend
-                              is mounted in Vault, e.g: "approle"'
+                            description: |-
+                              Path where the App Role authentication backend is mounted
+                              in Vault, e.g: "approle"
                             type: string
                           roleId:
-                            description: RoleID configured in the App Role authentication
-                              backend when setting up the authentication backend in
-                              Vault.
+                            description: |-
+                              RoleID configured in the App Role authentication backend when setting
+                              up the authentication backend in Vault.
                             type: string
                           roleRef:
-                            description: Reference to a key in a Secret that contains
-                              the App Role ID used to authenticate with Vault. The
-                              `key` field must be specified and denotes which entry
-                              within the Secret resource is used as the app role id.
+                            description: |-
+                              Reference to a key in a Secret that contains the App Role ID used
+                              to authenticate with Vault.
+                              The `key` field must be specified and denotes which entry within the Secret
+                              resource is used as the app role id.
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                           secretRef:
-                            description: Reference to a key in a Secret that contains
-                              the App Role secret used to authenticate with Vault.
-                              The `key` field must be specified and denotes which
-                              entry within the Secret resource is used as the app
-                              role secret.
+                            description: |-
+                              Reference to a key in a Secret that contains the App Role secret used
+                              to authenticate with Vault.
+                              The `key` field must be specified and denotes which entry within the Secret
+                              resource is used as the app role secret.
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                         required:
@@ -119,54 +126,55 @@ spec:
                         - secretRef
                         type: object
                       cert:
-                        description: Cert authenticates with TLS Certificates by passing
-                          client certificate, private key and ca certificate Cert
-                          authentication method
+                        description: |-
+                          Cert authenticates with TLS Certificates by passing client certificate, private key and ca certificate
+                          Cert authentication method
                         properties:
                           clientCert:
-                            description: ClientCert is a certificate to authenticate
-                              using the Cert Vault authentication method
+                            description: |-
+                              ClientCert is a certificate to authenticate using the Cert Vault
+                              authentication method
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                           secretRef:
-                            description: SecretRef to a key in a Secret resource containing
-                              client private key to authenticate with Vault using
-                              the Cert authentication method
+                            description: |-
+                              SecretRef to a key in a Secret resource containing client private key to
+                              authenticate with Vault using the Cert authentication method
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                         type: object
                       iam:
-                        description: Iam authenticates with vault by passing a special
-                          AWS request signed with AWS IAM credentials AWS IAM authentication
-                          method
+                        description: |-
+                          Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials
+                          AWS IAM authentication method
                         properties:
                           externalID:
                             description: AWS External ID set on assumed IAM roles
@@ -178,11 +186,10 @@ spec:
                                 description: A reference to a ServiceAccount resource.
                                 properties:
                                   audiences:
-                                    description: Audience specifies the `aud` claim
-                                      for the service account token If the service
-                                      account uses a well-known annotation for e.g.
-                                      IRSA or GCP Workload Identity then this audiences
-                                      will be appended to the list
+                                    description: |-
+                                      Audience specifies the `aud` claim for the service account token
+                                      If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
+                                      then this audiences will be appended to the list
                                     items:
                                       type: string
                                     type: array
@@ -191,10 +198,9 @@ spec:
                                       being referred to.
                                     type: string
                                   namespace:
-                                    description: Namespace of the resource being referred
-                                      to. Ignored if referent is not cluster-scoped.
-                                      cluster-scoped defaults to the namespace of
-                                      the referent.
+                                    description: |-
+                                      Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                      to the namespace of the referent.
                                     type: string
                                 required:
                                 - name
@@ -218,62 +224,57 @@ spec:
                                 description: The AccessKeyID is used for authentication
                                 properties:
                                   key:
-                                    description: The key of the entry in the Secret
-                                      resource's `data` field to be used. Some instances
-                                      of this field may be defaulted, in others it
-                                      may be required.
+                                    description: |-
+                                      The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                      defaulted, in others it may be required.
                                     type: string
                                   name:
                                     description: The name of the Secret resource being
                                       referred to.
                                     type: string
                                   namespace:
-                                    description: Namespace of the resource being referred
-                                      to. Ignored if referent is not cluster-scoped.
-                                      cluster-scoped defaults to the namespace of
-                                      the referent.
+                                    description: |-
+                                      Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                      to the namespace of the referent.
                                     type: string
                                 type: object
                               secretAccessKeySecretRef:
                                 description: The SecretAccessKey is used for authentication
                                 properties:
                                   key:
-                                    description: The key of the entry in the Secret
-                                      resource's `data` field to be used. Some instances
-                                      of this field may be defaulted, in others it
-                                      may be required.
+                                    description: |-
+                                      The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                      defaulted, in others it may be required.
                                     type: string
                                   name:
                                     description: The name of the Secret resource being
                                       referred to.
                                     type: string
                                   namespace:
-                                    description: Namespace of the resource being referred
-                                      to. Ignored if referent is not cluster-scoped.
-                                      cluster-scoped defaults to the namespace of
-                                      the referent.
+                                    description: |-
+                                      Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                      to the namespace of the referent.
                                     type: string
                                 type: object
                               sessionTokenSecretRef:
-                                description: 'The SessionToken used for authentication
-                                  This must be defined if AccessKeyID and SecretAccessKey
-                                  are temporary credentials see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html'
+                                description: |-
+                                  The SessionToken used for authentication
+                                  This must be defined if AccessKeyID and SecretAccessKey are temporary credentials
+                                  see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html
                                 properties:
                                   key:
-                                    description: The key of the entry in the Secret
-                                      resource's `data` field to be used. Some instances
-                                      of this field may be defaulted, in others it
-                                      may be required.
+                                    description: |-
+                                      The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                      defaulted, in others it may be required.
                                     type: string
                                   name:
                                     description: The name of the Secret resource being
                                       referred to.
                                     type: string
                                   namespace:
-                                    description: Namespace of the resource being referred
-                                      to. Ignored if referent is not cluster-scoped.
-                                      cluster-scoped defaults to the namespace of
-                                      the referent.
+                                    description: |-
+                                      Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                      to the namespace of the referent.
                                     type: string
                                 type: object
                             type: object
@@ -292,29 +293,31 @@ spec:
                         - vaultRole
                         type: object
                       jwt:
-                        description: Jwt authenticates with Vault by passing role
-                          and JWT token using the JWT/OIDC authentication method
+                        description: |-
+                          Jwt authenticates with Vault by passing role and JWT token using the
+                          JWT/OIDC authentication method
                         properties:
                           kubernetesServiceAccountToken:
-                            description: Optional ServiceAccountToken specifies the
-                              Kubernetes service account for which to request a token
-                              for with the `TokenRequest` API.
+                            description: |-
+                              Optional ServiceAccountToken specifies the Kubernetes service account for which to request
+                              a token for with the `TokenRequest` API.
                             properties:
                               audiences:
-                                description: 'Optional audiences field that will be
-                                  used to request a temporary Kubernetes service account
-                                  token for the service account referenced by `serviceAccountRef`.
+                                description: |-
+                                  Optional audiences field that will be used to request a temporary Kubernetes service
+                                  account token for the service account referenced by `serviceAccountRef`.
                                   Defaults to a single audience `vault` it not specified.
-                                  Deprecated: use serviceAccountRef.Audiences instead'
+                                  Deprecated: use serviceAccountRef.Audiences instead
                                 items:
                                   type: string
                                 type: array
                               expirationSeconds:
-                                description: 'Optional expiration time in seconds
-                                  that will be used to request a temporary Kubernetes
-                                  service account token for the service account referenced
-                                  by `serviceAccountRef`. Deprecated: this will be
-                                  removed in the future. Defaults to 10 minutes.'
+                                description: |-
+                                  Optional expiration time in seconds that will be used to request a temporary
+                                  Kubernetes service account token for the service account referenced by
+                                  `serviceAccountRef`.
+                                  Deprecated: this will be removed in the future.
+                                  Defaults to 10 minutes.
                                 format: int64
                                 type: integer
                               serviceAccountRef:
@@ -322,11 +325,10 @@ spec:
                                   name of a kubernetes ServiceAccount.
                                 properties:
                                   audiences:
-                                    description: Audience specifies the `aud` claim
-                                      for the service account token If the service
-                                      account uses a well-known annotation for e.g.
-                                      IRSA or GCP Workload Identity then this audiences
-                                      will be appended to the list
+                                    description: |-
+                                      Audience specifies the `aud` claim for the service account token
+                                      If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
+                                      then this audiences will be appended to the list
                                     items:
                                       type: string
                                     type: array
@@ -335,10 +337,9 @@ spec:
                                       being referred to.
                                     type: string
                                   namespace:
-                                    description: Namespace of the resource being referred
-                                      to. Ignored if referent is not cluster-scoped.
-                                      cluster-scoped defaults to the namespace of
-                                      the referent.
+                                    description: |-
+                                      Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                      to the namespace of the referent.
                                     type: string
                                 required:
                                 - name
@@ -348,87 +349,88 @@ spec:
                             type: object
                           path:
                             default: jwt
-                            description: 'Path where the JWT authentication backend
-                              is mounted in Vault, e.g: "jwt"'
+                            description: |-
+                              Path where the JWT authentication backend is mounted
+                              in Vault, e.g: "jwt"
                             type: string
                           role:
-                            description: Role is a JWT role to authenticate using
-                              the JWT/OIDC Vault authentication method
+                            description: |-
+                              Role is a JWT role to authenticate using the JWT/OIDC Vault
+                              authentication method
                             type: string
                           secretRef:
-                            description: Optional SecretRef that refers to a key in
-                              a Secret resource containing JWT token to authenticate
-                              with Vault using the JWT/OIDC authentication method.
+                            description: |-
+                              Optional SecretRef that refers to a key in a Secret resource containing JWT token to
+                              authenticate with Vault using the JWT/OIDC authentication method.
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                         required:
                         - path
                         type: object
                       kubernetes:
-                        description: Kubernetes authenticates with Vault by passing
-                          the ServiceAccount token stored in the named Secret resource
-                          to the Vault server.
+                        description: |-
+                          Kubernetes authenticates with Vault by passing the ServiceAccount
+                          token stored in the named Secret resource to the Vault server.
                         properties:
                           mountPath:
                             default: kubernetes
-                            description: 'Path where the Kubernetes authentication
-                              backend is mounted in Vault, e.g: "kubernetes"'
+                            description: |-
+                              Path where the Kubernetes authentication backend is mounted in Vault, e.g:
+                              "kubernetes"
                             type: string
                           role:
-                            description: A required field containing the Vault Role
-                              to assume. A Role binds a Kubernetes ServiceAccount
-                              with a set of Vault policies.
+                            description: |-
+                              A required field containing the Vault Role to assume. A Role binds a
+                              Kubernetes ServiceAccount with a set of Vault policies.
                             type: string
                           secretRef:
-                            description: Optional secret field containing a Kubernetes
-                              ServiceAccount JWT used for authenticating with Vault.
-                              If a name is specified without a key, `token` is the
-                              default. If one is not specified, the one bound to the
-                              controller will be used.
+                            description: |-
+                              Optional secret field containing a Kubernetes ServiceAccount JWT used
+                              for authenticating with Vault. If a name is specified without a key,
+                              `token` is the default. If one is not specified, the one bound to
+                              the controller will be used.
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                           serviceAccountRef:
-                            description: Optional service account field containing
-                              the name of a kubernetes ServiceAccount. If the service
-                              account is specified, the service account secret token
-                              JWT will be used for authenticating with Vault. If the
-                              service account selector is not supplied, the secretRef
-                              will be used instead.
+                            description: |-
+                              Optional service account field containing the name of a kubernetes ServiceAccount.
+                              If the service account is specified, the service account secret token JWT will be used
+                              for authenticating with Vault. If the service account selector is not supplied,
+                              the secretRef will be used instead.
                             properties:
                               audiences:
-                                description: Audience specifies the `aud` claim for
-                                  the service account token If the service account
-                                  uses a well-known annotation for e.g. IRSA or GCP
-                                  Workload Identity then this audiences will be appended
-                                  to the list
+                                description: |-
+                                  Audience specifies the `aud` claim for the service account token
+                                  If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
+                                  then this audiences will be appended to the list
                                 items:
                                   type: string
                                 type: array
@@ -437,9 +439,9 @@ spec:
                                   being referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             required:
                             - name
@@ -449,37 +451,41 @@ spec:
                         - role
                         type: object
                       ldap:
-                        description: Ldap authenticates with Vault by passing username/password
-                          pair using the LDAP authentication method
+                        description: |-
+                          Ldap authenticates with Vault by passing username/password pair using
+                          the LDAP authentication method
                         properties:
                           path:
                             default: ldap
-                            description: 'Path where the LDAP authentication backend
-                              is mounted in Vault, e.g: "ldap"'
+                            description: |-
+                              Path where the LDAP authentication backend is mounted
+                              in Vault, e.g: "ldap"
                             type: string
                           secretRef:
-                            description: SecretRef to a key in a Secret resource containing
-                              password for the LDAP user used to authenticate with
-                              Vault using the LDAP authentication method
+                            description: |-
+                              SecretRef to a key in a Secret resource containing password for the LDAP
+                              user used to authenticate with Vault using the LDAP authentication
+                              method
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                           username:
-                            description: Username is a LDAP user name used to authenticate
-                              using the LDAP Vault authentication method
+                            description: |-
+                              Username is a LDAP user name used to authenticate using the LDAP Vault
+                              authentication method
                             type: string
                         required:
                         - path
@@ -490,18 +496,18 @@ spec:
                           a token.
                         properties:
                           key:
-                            description: The key of the entry in the Secret resource's
-                              `data` field to be used. Some instances of this field
-                              may be defaulted, in others it may be required.
+                            description: |-
+                              The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                              defaulted, in others it may be required.
                             type: string
                           name:
                             description: The name of the Secret resource being referred
                               to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         type: object
                       userPass:
@@ -510,32 +516,35 @@ spec:
                         properties:
                           path:
                             default: user
-                            description: 'Path where the UserPassword authentication
-                              backend is mounted in Vault, e.g: "user"'
+                            description: |-
+                              Path where the UserPassword authentication backend is mounted
+                              in Vault, e.g: "user"
                             type: string
                           secretRef:
-                            description: SecretRef to a key in a Secret resource containing
-                              password for the user used to authenticate with Vault
-                              using the UserPass authentication method
+                            description: |-
+                              SecretRef to a key in a Secret resource containing password for the
+                              user used to authenticate with Vault using the UserPass authentication
+                              method
                             properties:
                               key:
-                                description: The key of the entry in the Secret resource's
-                                  `data` field to be used. Some instances of this
-                                  field may be defaulted, in others it may be required.
+                                description: |-
+                                  The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                                  defaulted, in others it may be required.
                                 type: string
                               name:
                                 description: The name of the Secret resource being
                                   referred to.
                                 type: string
                               namespace:
-                                description: Namespace of the resource being referred
-                                  to. Ignored if referent is not cluster-scoped. cluster-scoped
-                                  defaults to the namespace of the referent.
+                                description: |-
+                                  Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                                  to the namespace of the referent.
                                 type: string
                             type: object
                           username:
-                            description: Username is a user name used to authenticate
-                              using the UserPass Vault authentication method
+                            description: |-
+                              Username is a user name used to authenticate using the UserPass Vault
+                              authentication method
                             type: string
                         required:
                         - path
@@ -543,11 +552,11 @@ spec:
                         type: object
                     type: object
                   caBundle:
-                    description: PEM encoded CA bundle used to validate Vault server
-                      certificate. Only used if the Server URL is using HTTPS protocol.
-                      This parameter is ignored for plain HTTP protocol connection.
-                      If not set the system root certificates are used to validate
-                      the TLS connection.
+                    description: |-
+                      PEM encoded CA bundle used to validate Vault server certificate. Only used
+                      if the Server URL is using HTTPS protocol. This parameter is ignored for
+                      plain HTTP protocol connection. If not set the system root certificates
+                      are used to validate the TLS connection.
                     format: byte
                     type: string
                   caProvider:
@@ -563,8 +572,9 @@ spec:
                           type.
                         type: string
                       namespace:
-                        description: The namespace the Provider type is in. Can only
-                          be defined when used in a ClusterSecretStore.
+                        description: |-
+                          The namespace the Provider type is in.
+                          Can only be defined when used in a ClusterSecretStore.
                         type: string
                       type:
                         description: The type of provider to use such as "Secret",
@@ -578,88 +588,92 @@ spec:
                     - type
                     type: object
                   forwardInconsistent:
-                    description: ForwardInconsistent tells Vault to forward read-after-write
-                      requests to the Vault leader instead of simply retrying within
-                      a loop. This can increase performance if the option is enabled
-                      serverside. https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header
+                    description: |-
+                      ForwardInconsistent tells Vault to forward read-after-write requests to the Vault
+                      leader instead of simply retrying within a loop. This can increase performance if
+                      the option is enabled serverside.
+                      https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header
                     type: boolean
                   namespace:
-                    description: 'Name of the vault namespace. Namespaces is a set
-                      of features within Vault Enterprise that allows Vault environments
-                      to support Secure Multi-tenancy. e.g: "ns1". More about namespaces
-                      can be found here https://www.vaultproject.io/docs/enterprise/namespaces'
+                    description: |-
+                      Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows
+                      Vault environments to support Secure Multi-tenancy. e.g: "ns1".
+                      More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces
                     type: string
                   path:
-                    description: 'Path is the mount path of the Vault KV backend endpoint,
-                      e.g: "secret". The v2 KV secret engine version specific "/data"
-                      path suffix for fetching secrets from Vault is optional and
-                      will be appended if not present in specified path.'
+                    description: |-
+                      Path is the mount path of the Vault KV backend endpoint, e.g:
+                      "secret". The v2 KV secret engine version specific "/data" path suffix
+                      for fetching secrets from Vault is optional and will be appended
+                      if not present in specified path.
                     type: string
                   readYourWrites:
-                    description: ReadYourWrites ensures isolated read-after-write
-                      semantics by providing discovered cluster replication states
-                      in each request. More information about eventual consistency
-                      in Vault can be found here https://www.vaultproject.io/docs/enterprise/consistency
+                    description: |-
+                      ReadYourWrites ensures isolated read-after-write semantics by
+                      providing discovered cluster replication states in each request.
+                      More information about eventual consistency in Vault can be found here
+                      https://www.vaultproject.io/docs/enterprise/consistency
                     type: boolean
                   server:
                     description: 'Server is the connection address for the Vault server,
                       e.g: "https://vault.example.com:8200".'
                     type: string
                   tls:
-                    description: The configuration used for client side related TLS
-                      communication, when the Vault server requires mutual authentication.
-                      Only used if the Server URL is using HTTPS protocol. This parameter
-                      is ignored for plain HTTP protocol connection. It's worth noting
-                      this configuration is different from the "TLS certificates auth
-                      method", which is available under the `auth.cert` section.
+                    description: |-
+                      The configuration used for client side related TLS communication, when the Vault server
+                      requires mutual authentication. Only used if the Server URL is using HTTPS protocol.
+                      This parameter is ignored for plain HTTP protocol connection.
+                      It's worth noting this configuration is different from the "TLS certificates auth method",
+                      which is available under the `auth.cert` section.
                     properties:
                       certSecretRef:
-                        description: CertSecretRef is a certificate added to the transport
-                          layer when communicating with the Vault server. If no key
-                          for the Secret is specified, external-secret will default
-                          to 'tls.crt'.
+                        description: |-
+                          CertSecretRef is a certificate added to the transport layer
+                          when communicating with the Vault server.
+                          If no key for the Secret is specified, external-secret will default to 'tls.crt'.
                         properties:
                           key:
-                            description: The key of the entry in the Secret resource's
-                              `data` field to be used. Some instances of this field
-                              may be defaulted, in others it may be required.
+                            description: |-
+                              The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                              defaulted, in others it may be required.
                             type: string
                           name:
                             description: The name of the Secret resource being referred
                               to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         type: object
                       keySecretRef:
-                        description: KeySecretRef to a key in a Secret resource containing
-                          client private key added to the transport layer when communicating
-                          with the Vault server. If no key for the Secret is specified,
-                          external-secret will default to 'tls.key'.
+                        description: |-
+                          KeySecretRef to a key in a Secret resource containing client private key
+                          added to the transport layer when communicating with the Vault server.
+                          If no key for the Secret is specified, external-secret will default to 'tls.key'.
                         properties:
                           key:
-                            description: The key of the entry in the Secret resource's
-                              `data` field to be used. Some instances of this field
-                              may be defaulted, in others it may be required.
+                            description: |-
+                              The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
+                              defaulted, in others it may be required.
                             type: string
                           name:
                             description: The name of the Secret resource being referred
                               to.
                             type: string
                           namespace:
-                            description: Namespace of the resource being referred
-                              to. Ignored if referent is not cluster-scoped. cluster-scoped
-                              defaults to the namespace of the referent.
+                            description: |-
+                              Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
+                              to the namespace of the referent.
                             type: string
                         type: object
                     type: object
                   version:
                     default: v2
-                    description: Version is the Vault KV secret engine version. This
-                      can be either "v1" or "v2". Version defaults to "v2".
+                    description: |-
+                      Version is the Vault KV secret engine version. This can be either "v1" or
+                      "v2". Version defaults to "v2".
                     enum:
                     - v1
                     - v2
@@ -670,11 +684,12 @@ spec:
                 type: object
               resultType:
                 default: Data
-                description: Result type defines which data is returned from the generator.
-                  By default it is the "data" section of the Vault API response. When
-                  using e.g. /auth/token/create the "data" section is empty but the
-                  "auth" section contains the generated token. Please refer to the
-                  vault docs regarding the result data structure.
+                description: |-
+                  Result type defines which data is returned from the generator.
+                  By default it is the "data" section of the Vault API response.
+                  When using e.g. /auth/token/create the "data" section is empty but
+                  the "auth" section contains the generated token.
+                  Please refer to the vault docs regarding the result data structure.
                 enum:
                 - Data
                 - Auth

e2e/go.mod

@@ -46,23 +46,23 @@ require (
 	github.com/akeylesslabs/akeyless-go-cloud-id v0.3.5
 	github.com/akeylesslabs/akeyless-go/v3 v3.5.4
 	github.com/aliyun/alibaba-cloud-sdk-go v1.62.271
-	github.com/aws/aws-sdk-go v1.49.16
+	github.com/aws/aws-sdk-go v1.50.0
 	github.com/external-secrets/external-secrets v0.0.0
 	github.com/fluxcd/helm-controller/api v0.37.2
 	github.com/fluxcd/pkg/apis/meta v1.2.0
 	github.com/fluxcd/source-controller/api v1.2.3
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/hashicorp/vault/api v1.10.0
-	github.com/onsi/ginkgo/v2 v2.14.0
+	github.com/onsi/ginkgo/v2 v2.15.0
 	github.com/onsi/gomega v1.30.0
-	github.com/oracle/oci-go-sdk/v65 v65.55.0
+	github.com/oracle/oci-go-sdk/v65 v65.56.0
 	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.22
-	github.com/xanzy/go-gitlab v0.95.2
-	golang.org/x/oauth2 v0.15.0
-	google.golang.org/api v0.155.0
-	k8s.io/api v0.29.0
-	k8s.io/apiextensions-apiserver v0.29.0
-	k8s.io/apimachinery v0.29.0
+	github.com/xanzy/go-gitlab v0.96.0
+	golang.org/x/oauth2 v0.16.0
+	google.golang.org/api v0.157.0
+	k8s.io/api v0.29.1
+	k8s.io/apiextensions-apiserver v0.29.1
+	k8s.io/apimachinery v0.29.1
 	k8s.io/client-go v1.5.2
 	k8s.io/utils v0.0.0-20240102154912-e7106e64919e
 	sigs.k8s.io/controller-runtime v0.17.0
@@ -75,7 +75,7 @@ require (
 	cloud.google.com/go/compute/metadata v0.2.3 // indirect
 	cloud.google.com/go/iam v1.1.5 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
 	github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect
@@ -95,8 +95,8 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
 	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/emicklei/go-restful/v3 v3.11.1 // indirect
-	github.com/evanphx/json-patch/v5 v5.8.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.11.2 // indirect
+	github.com/evanphx/json-patch/v5 v5.8.1 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fluxcd/pkg/apis/acl v0.1.0 // indirect
 	github.com/fluxcd/pkg/apis/kustomize v1.2.0 // indirect
@@ -118,7 +118,7 @@ require (
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42 // indirect
+	github.com/google/pprof v0.0.0-20240117000934-35fc243c5815 // indirect
 	github.com/google/s2a-go v0.1.7 // indirect
 	github.com/google/uuid v1.5.0 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
@@ -142,10 +142,9 @@ require (
 	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
 	github.com/lestrrat-go/httpcc v1.0.1 // indirect
 	github.com/lestrrat-go/iter v1.0.2 // indirect
-	github.com/lestrrat-go/jwx v1.2.27 // indirect
+	github.com/lestrrat-go/jwx v1.2.28 // indirect
 	github.com/lestrrat-go/option v1.0.1 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
@@ -159,7 +158,7 @@ require (
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/prometheus/client_golang v1.18.0 // indirect
 	github.com/prometheus/client_model v0.5.0 // indirect
-	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/common v0.46.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/shopspring/decimal v1.3.1 // indirect
@@ -171,25 +170,25 @@ require (
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tidwall/sjson v1.2.5 // indirect
 	go.opencensus.io v0.24.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect
-	go.opentelemetry.io/otel v1.21.0 // indirect
-	go.opentelemetry.io/otel/metric v1.21.0 // indirect
-	go.opentelemetry.io/otel/trace v1.21.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 // indirect
+	go.opentelemetry.io/otel v1.22.0 // indirect
+	go.opentelemetry.io/otel/metric v1.22.0 // indirect
+	go.opentelemetry.io/otel/trace v1.22.0 // indirect
 	golang.org/x/crypto v0.18.0 // indirect
-	golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc // indirect
+	golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect
 	golang.org/x/net v0.20.0 // indirect
 	golang.org/x/sync v0.6.0 // indirect
 	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/term v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
-	golang.org/x/tools v0.16.1 // indirect
+	golang.org/x/tools v0.17.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto v0.0.0-20240102182953-50ed04b92917 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 // indirect
+	google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac // indirect
 	google.golang.org/grpc v1.60.1 // indirect
 	google.golang.org/protobuf v1.32.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
@@ -197,9 +196,9 @@ require (
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	grpc.go4.org v0.0.0-20170609214715-11d0a25b4919 // indirect
-	k8s.io/component-base v0.29.0 // indirect
-	k8s.io/klog/v2 v2.120.0 // indirect
-	k8s.io/kube-openapi v0.0.0-20240105020646-a37d4de58910 // indirect
+	k8s.io/component-base v0.29.1 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20240117194847-208609032b15 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 )

e2e/go.sum

@@ -52,8 +52,9 @@ github.com/Azure/azure-sdk-for-go v68.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9mo
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0/go.mod h1:3Ug6Qzto9anB6mGlEdgYMDF5zHQ+wwhEaYR4s17PHMw=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 h1:lGlwhPtrX6EVml1hO0ivjkUxsSyl4dsiw9qcA1k/3IQ=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1/go.mod h1:RKUqNu35KJYcVG/fqTRqmuXJZYNhYkBrnC/hX7yGbTA=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI=
 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 h1:6oNBlSdi1QqM1PNW7FPA6xOGA5UNsXnkaYZz9vdPGhA=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI=
@@ -107,8 +108,8 @@ github.com/aliyun/alibaba-cloud-sdk-go v1.62.271/go.mod h1:Api2AkmMgGaSUAhmk76oa
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/aws/aws-sdk-go v1.41.13/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
-github.com/aws/aws-sdk-go v1.49.16 h1:KAQwhLg296hfffRdh+itA9p7Nx/3cXS/qOa3uF9ssig=
-github.com/aws/aws-sdk-go v1.49.16/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.50.0 h1:HBtrLeO+QyDKnc3t1+5DR1RxodOHCGr8ZcrHudpv7jI=
+github.com/aws/aws-sdk-go v1.50.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/cenkalti/backoff/v3 v3.2.2 h1:cfUAAO3yvKMYKPrvhDuHSwQnhZNk/RMHKdZqKTxfm6M=
@@ -136,8 +137,8 @@ github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/
 github.com/dnaeon/go-vcr v1.1.0/go.mod h1:M7tiix8f0r6mKKJ3Yq/kqU1OYf3MnfmBWVbPx/yU9ko=
 github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
 github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
-github.com/emicklei/go-restful/v3 v3.11.1 h1:S+9bSbua1z3FgCnV0KKOSSZ3mDthb5NyEPL5gEpCvyk=
-github.com/emicklei/go-restful/v3 v3.11.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
+github.com/emicklei/go-restful/v3 v3.11.2 h1:1onLa9DcsMYO9P+CXaL0dStDqQ2EHHXLiz+BtnqkLAU=
+github.com/emicklei/go-restful/v3 v3.11.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@@ -149,8 +150,8 @@ github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBF
 github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE=
 github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U=
 github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
-github.com/evanphx/json-patch/v5 v5.8.0 h1:lRj6N9Nci7MvzrXuX6HFzU8XjmhPiXPlsKEy1u0KQro=
-github.com/evanphx/json-patch/v5 v5.8.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
+github.com/evanphx/json-patch/v5 v5.8.1 h1:iPEdwg0XayoS+E7Mth9JxwUtOgyVxnDTXHtKhZPlZxA=
+github.com/evanphx/json-patch/v5 v5.8.1/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
 github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
 github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
 github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
@@ -276,8 +277,8 @@ github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLe
 github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42 h1:dHLYa5D8/Ta0aLR2XcPsrkpAgGeFs6thhMcQK0oQ0n8=
-github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
+github.com/google/pprof v0.0.0-20240117000934-35fc243c5815 h1:WzfWbQz/Ze8v6l++GGbGNFZnUShVpP/0xffCPLL+ax8=
+github.com/google/pprof v0.0.0-20240117000934-35fc243c5815/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o=
 github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw=
@@ -359,8 +360,8 @@ github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZ
 github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
-github.com/lestrrat-go/jwx v1.2.27 h1:cvnTnda/YzdyFuWdEAMkI6BsLtItSrASEVCI3C/IUEQ=
-github.com/lestrrat-go/jwx v1.2.27/go.mod h1:Stob9LjSqR3lOmNdxF0/TvZo60V3hUGv8Fr7Bwzla3k=
+github.com/lestrrat-go/jwx v1.2.28 h1:uadI6o0WpOVrBSf498tRXZIwPpEtLnR9CvqPFXeI5sA=
+github.com/lestrrat-go/jwx v1.2.28/go.mod h1:nF+91HEMh/MYFVwKPl5HHsBGMPscqbQb+8IDQdIazP8=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU=
 github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
@@ -370,8 +371,6 @@ github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxec
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
-github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k=
 github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
 github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
 github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
@@ -394,14 +393,14 @@ github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3P
 github.com/montanaflynn/stats v0.7.0/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY=
-github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw=
+github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY=
+github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
 github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8=
 github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ=
 github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b h1:FfH+VrHHk6Lxt9HdVS0PXzSXFyS2NbZKXv33FYPol0A=
 github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b/go.mod h1:AC62GU6hc0BrNm+9RK9VSiwa/EUe1bkIeFORAMcHvJU=
-github.com/oracle/oci-go-sdk/v65 v65.55.0 h1:enKyHVLdJYDJrc9232w33u5F6t2p8Din4593kn3nh/w=
-github.com/oracle/oci-go-sdk/v65 v65.55.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0=
+github.com/oracle/oci-go-sdk/v65 v65.56.0 h1:o5na2VTSoH6LDLDrIB81XAjgtok6utLrixNO1TySN7c=
+github.com/oracle/oci-go-sdk/v65 v65.56.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0=
 github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
@@ -414,8 +413,8 @@ github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlk
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
 github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
-github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM=
-github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY=
+github.com/prometheus/common v0.46.0 h1:doXzt5ybi1HBKpsZOL0sSkaNHJJqkyfEWZGGqqScV0Y=
+github.com/prometheus/common v0.46.0/go.mod h1:Tp0qkxpb9Jsg54QMe+EAmqXkSV7Evdy1BTn+g2pa/hQ=
 github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
 github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
@@ -465,8 +464,8 @@ github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaO
 github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
 github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg=
 github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
-github.com/xanzy/go-gitlab v0.95.2 h1:4p0IirHqEp5f0baK/aQqr4TR57IsD+8e4fuyAA1yi88=
-github.com/xanzy/go-gitlab v0.95.2/go.mod h1:ETg8tcj4OhrB84UEgeE8dSuV/0h4BBL1uOV/qK0vlyI=
+github.com/xanzy/go-gitlab v0.96.0 h1:LGkZ+wSNMRtHIBaYE4Hq3dZVjprwHv3Y1+rhKU3WETs=
+github.com/xanzy/go-gitlab v0.96.0/go.mod h1:ETg8tcj4OhrB84UEgeE8dSuV/0h4BBL1uOV/qK0vlyI=
 github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
@@ -481,18 +480,18 @@ go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
 go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
 go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
 go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 h1:SpGay3w+nEwMpfVnbqOLH5gY52/foP8RE8UzTZ1pdSE=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1/go.mod h1:4UoMYEZOC0yN/sPGH76KPkkU7zgiEWYWL9vwmbnTJPE=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 h1:aFJWCqJMNjENlcleuuOkGAPH82y0yULBScfXcIEdS24=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1/go.mod h1:sEGXWArGqc3tVa+ekntsN65DmVbVeW+7lTKTjZF3/Fo=
-go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc=
-go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo=
-go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4=
-go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 h1:UNQQKPfTDe1J81ViolILjTKPr9WetKW6uei2hFgJmFs=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0/go.mod h1:r9vWsPS/3AQItv3OSlEJ/E4mbrhUbbw18meOjArPtKQ=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 h1:sv9kVfal0MK0wBMCOGr+HeJm9v803BkJxGrk2au7j08=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0/go.mod h1:SK2UL73Zy1quvRPonmOmRDiWk1KBV3LyIeeIxcEApWw=
+go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y=
+go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI=
+go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg=
+go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY=
 go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o=
 go.opentelemetry.io/otel/sdk v1.19.0/go.mod h1:NedEbbS4w3C6zElbLdPJKOpJQOrGUJ+GfzpjUvI0v1A=
-go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc=
-go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ=
+go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0=
+go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo=
 go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
 go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
@@ -517,6 +516,7 @@ golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
 golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
 golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -529,8 +529,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc h1:ao2WRsKSzW6KuUY9IWPwWahcHCgR0s52IfwutMfEbdM=
-golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI=
+golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA=
+golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -614,8 +614,8 @@ golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210413134643-5e61552d6c78/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
-golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ=
-golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM=
+golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ=
+golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -762,8 +762,8 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f
 golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA=
-golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0=
+golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc=
+golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -792,8 +792,8 @@ google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjR
 google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU=
 google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94=
 google.golang.org/api v0.45.0/go.mod h1:ISLIJCedJolbZvDfAk+Ctuq5hf+aJ33WgtUsfyFoLXA=
-google.golang.org/api v0.155.0 h1:vBmGhCYs0djJttDNynWo44zosHlPvHmA0XiN2zP2DtA=
-google.golang.org/api v0.155.0/go.mod h1:GI5qK5f40kCpHfPn6+YzGAByIKWv8ujFnmoWm7Igduk=
+google.golang.org/api v0.157.0 h1:ORAeqmbrrozeyw5NjnMxh7peHO0UzV4wWYSwZeCUb20=
+google.golang.org/api v0.157.0/go.mod h1:+z4v4ufbZ1WEpld6yMGHyggs+PmAHiaLNj5ytP3N01g=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -843,12 +843,12 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D
 google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
 google.golang.org/genproto v0.0.0-20210413151531-c14fb6ef47c3/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
-google.golang.org/genproto v0.0.0-20240102182953-50ed04b92917 h1:nz5NESFLZbJGPFxDT/HCn+V1mZ8JGNoY4nUpmW/Y2eg=
-google.golang.org/genproto v0.0.0-20240102182953-50ed04b92917/go.mod h1:pZqR+glSb11aJ+JQcczCvgf47+duRuzNSKqE8YAQnV0=
-google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917 h1:rcS6EyEaoCO52hQDupoSfrxI3R6C2Tq741is7X8OvnM=
-google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917/go.mod h1:CmlNWB9lSezaYELKS5Ym1r44VrrbPUa7JTvw+6MbpJ0=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 h1:6G8oQ016D88m1xAKljMlBOOGWDZkes4kMhgGFlf8WcQ=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917/go.mod h1:xtjpI3tXFPP051KaWnhvxkiubL/6dJ18vLVf7q2pTOU=
+google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac h1:ZL/Teoy/ZGnzyrqK/Optxxp2pmVh+fmJ97slxSRyzUg=
+google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:+Rvu7ElI+aLzyDQhpHMFMMltsD6m7nqpuWDd2CwJw3k=
+google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac h1:OZkkudMUu9LVQMCoRUbI/1p5VCo9BOrlvkqMvWtqa6s=
+google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:B5xPO//w8qmBDjGReYLpR6UJPnkldGkCSMoH/2vxJeg=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac h1:nUQEQmH/csSvFECKYRv6HWEyypysidKl2I6Qpsglq/0=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:daQN87bsDqDoe316QbbvX60nMoJQa4r6Ds0ZuoAe5yA=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
 google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
@@ -924,10 +924,10 @@ k8s.io/client-go v0.28.1 h1:pRhMzB8HyLfVwpngWKE8hDcXRqifh1ga2Z/PU9SXVK8=
 k8s.io/client-go v0.28.1/go.mod h1:pEZA3FqOsVkCc07pFVzK076R+P/eXqsgx5zuuRWukNE=
 k8s.io/component-base v0.28.1 h1:LA4AujMlK2mr0tZbQDZkjWbdhTV5bRyEyAFe0TJxlWg=
 k8s.io/component-base v0.28.1/go.mod h1:jI11OyhbX21Qtbav7JkhehyBsIRfnO8oEgoAR12ArIU=
-k8s.io/klog/v2 v2.120.0 h1:z+q5mfovBj1fKFxiRzsa2DsJLPIVMk/KFL81LMOfK+8=
-k8s.io/klog/v2 v2.120.0/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
-k8s.io/kube-openapi v0.0.0-20240105020646-a37d4de58910 h1:1Rp/XEKP5uxPs6QrsngEHAxBjaAR78iJRiJq5Fi7LSU=
-k8s.io/kube-openapi v0.0.0-20240105020646-a37d4de58910/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw=
+k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
+k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
+k8s.io/kube-openapi v0.0.0-20240117194847-208609032b15 h1:m6dl1pkxz3HuE2mP9MUYPCCGyy6IIFlv/vTlLBDxIwA=
+k8s.io/kube-openapi v0.0.0-20240117194847-208609032b15/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw=
 k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ=
 k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=

go.mod

@@ -17,7 +17,7 @@ require (
 	github.com/PaesslerAG/jsonpath v0.1.1
 	github.com/ahmetb/gen-crd-api-reference-docs v0.3.0
 	github.com/akeylesslabs/akeyless-go-cloud-id v0.3.5
-	github.com/aws/aws-sdk-go v1.49.16
+	github.com/aws/aws-sdk-go v1.50.0
 	github.com/go-logr/logr v1.4.1
 	github.com/go-test/deep v1.0.4 // indirect
 	github.com/google/go-cmp v0.6.0
@@ -28,41 +28,41 @@ require (
 	github.com/hashicorp/vault/api/auth/kubernetes v0.5.0
 	github.com/hashicorp/vault/api/auth/ldap v0.5.0
 	github.com/huandu/xstrings v1.4.0 // indirect
-	github.com/lestrrat-go/jwx v1.2.27
-	github.com/onsi/ginkgo/v2 v2.13.2
-	github.com/onsi/gomega v1.29.0
-	github.com/oracle/oci-go-sdk/v65 v65.55.0
+	github.com/lestrrat-go/jwx v1.2.28
+	github.com/onsi/ginkgo/v2 v2.15.0
+	github.com/onsi/gomega v1.30.0
+	github.com/oracle/oci-go-sdk/v65 v65.56.0
 	github.com/prometheus/client_golang v1.18.0
 	github.com/prometheus/client_model v0.5.0
 	github.com/spf13/cobra v1.8.0
 	github.com/stretchr/testify v1.8.4
 	github.com/tidwall/gjson v1.17.0
-	github.com/xanzy/go-gitlab v0.95.2
-	github.com/yandex-cloud/go-genproto v0.0.0-20231228083538-d09e2496c348
-	github.com/yandex-cloud/go-sdk v0.0.0-20231220065212-8e23a0060063
+	github.com/xanzy/go-gitlab v0.96.0
+	github.com/yandex-cloud/go-genproto v0.0.0-20240122083642-669755cf22e2
+	github.com/yandex-cloud/go-sdk v0.0.0-20240115081541-c0211d377905
 	github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a
 	go.uber.org/zap v1.26.0
-	golang.org/x/crypto v0.17.0
-	golang.org/x/oauth2 v0.15.0
-	google.golang.org/api v0.155.0
-	google.golang.org/genproto v0.0.0-20240102182953-50ed04b92917
+	golang.org/x/crypto v0.18.0
+	golang.org/x/oauth2 v0.16.0
+	google.golang.org/api v0.157.0
+	google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac
 	google.golang.org/grpc v1.60.1
 	gopkg.in/yaml.v3 v3.0.1
 	grpc.go4.org v0.0.0-20170609214715-11d0a25b4919
-	k8s.io/api v0.29.0
-	k8s.io/apiextensions-apiserver v0.29.0
-	k8s.io/apimachinery v0.29.0
-	k8s.io/client-go v0.29.0
+	k8s.io/api v0.29.1
+	k8s.io/apiextensions-apiserver v0.29.1
+	k8s.io/apimachinery v0.29.1
+	k8s.io/client-go v0.29.1
 	k8s.io/utils v0.0.0-20240102154912-e7106e64919e
-	sigs.k8s.io/controller-runtime v0.16.3
-	sigs.k8s.io/controller-tools v0.13.0
+	sigs.k8s.io/controller-runtime v0.17.0
+	sigs.k8s.io/controller-tools v0.14.0
 )
 
 require github.com/1Password/connect-sdk-go v1.5.3
 
 require (
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1
 	github.com/DelineaXPM/dsv-sdk-go/v2 v2.1.0
 	github.com/akeylesslabs/akeyless-go/v3 v3.5.4
 	github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.5
@@ -79,7 +79,7 @@ require (
 	github.com/hashicorp/vault/api/auth/aws v0.5.0
 	github.com/hashicorp/vault/api/auth/userpass v0.5.0
 	github.com/keeper-security/secrets-manager-go/core v1.6.2
-	github.com/maxbrunsfeld/counterfeiter/v6 v6.7.0
+	github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1
 	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.22
 	github.com/sethvargo/go-password v0.2.0
 	github.com/spf13/pflag v1.0.5
@@ -102,26 +102,25 @@ require (
 	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.1 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
-	github.com/go-playground/validator/v10 v10.16.0 // indirect
+	github.com/go-playground/validator/v10 v10.17.0 // indirect
 	github.com/godbus/dbus/v5 v5.1.0 // indirect
 	github.com/gofrs/flock v0.8.1 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/s2a-go v0.1.7 // indirect
 	github.com/hashicorp/go-secure-stdlib/awsutil v0.2.3 // indirect
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
-	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/tjfoc/gmsm v1.4.1 // indirect
 	github.com/zalando/go-keyring v0.2.3 // indirect
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect
-	go.opentelemetry.io/otel v1.21.0 // indirect
-	go.opentelemetry.io/otel/metric v1.21.0 // indirect
-	go.opentelemetry.io/otel/trace v1.21.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 // indirect
+	go.opentelemetry.io/otel v1.22.0 // indirect
+	go.opentelemetry.io/otel/metric v1.22.0 // indirect
+	go.opentelemetry.io/otel/trace v1.22.0 // indirect
 	golang.org/x/sync v0.6.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 // indirect
-	k8s.io/kube-openapi v0.0.0-20240105020646-a37d4de58910 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac // indirect
+	k8s.io/kube-openapi v0.0.0-20240117194847-208609032b15 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 )
 
@@ -144,9 +143,9 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
 	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/emicklei/go-restful/v3 v3.11.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.11.2 // indirect
 	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
-	github.com/evanphx/json-patch/v5 v5.7.0 // indirect
+	github.com/evanphx/json-patch/v5 v5.8.1 // indirect
 	github.com/fatih/color v1.16.0 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
@@ -166,7 +165,7 @@ require (
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42 // indirect
+	github.com/google/pprof v0.0.0-20240117000934-35fc243c5815 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
@@ -206,7 +205,7 @@ require (
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/common v0.46.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/ryanuber/go-glob v1.0.0 // indirect
@@ -221,23 +220,23 @@ require (
 	go.opencensus.io v0.24.0 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc
+	golang.org/x/exp v0.0.0-20240119083558-1b970713d09a
 	golang.org/x/mod v0.14.0 // indirect
-	golang.org/x/net v0.19.0 // indirect
+	golang.org/x/net v0.20.0 // indirect
 	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/term v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
-	golang.org/x/tools v0.16.1 // indirect
+	golang.org/x/tools v0.17.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/protobuf v1.32.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	k8s.io/component-base v0.29.0 // indirect
-	k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 // indirect
+	k8s.io/component-base v0.29.1 // indirect
+	k8s.io/gengo v0.0.0-20240110203215-22eea95d1e7a // indirect
 	k8s.io/klog v1.0.0 // indirect
-	k8s.io/klog/v2 v2.110.1 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 )

go.sum

@@ -54,8 +54,9 @@ github.com/Azure/azure-sdk-for-go v68.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9mo
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0/go.mod h1:3Ug6Qzto9anB6mGlEdgYMDF5zHQ+wwhEaYR4s17PHMw=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 h1:lGlwhPtrX6EVml1hO0ivjkUxsSyl4dsiw9qcA1k/3IQ=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1/go.mod h1:RKUqNu35KJYcVG/fqTRqmuXJZYNhYkBrnC/hX7yGbTA=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI=
 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 h1:6oNBlSdi1QqM1PNW7FPA6xOGA5UNsXnkaYZz9vdPGhA=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI=
@@ -166,8 +167,8 @@ github.com/avast/retry-go/v4 v4.5.1/go.mod h1:/sipNsvNB3RRuT5iNcb6h73nw3IBmXJ/H3
 github.com/aws/aws-sdk-go v1.30.27/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
 github.com/aws/aws-sdk-go v1.34.0/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
 github.com/aws/aws-sdk-go v1.41.13/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
-github.com/aws/aws-sdk-go v1.49.16 h1:KAQwhLg296hfffRdh+itA9p7Nx/3cXS/qOa3uF9ssig=
-github.com/aws/aws-sdk-go v1.49.16/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.50.0 h1:HBtrLeO+QyDKnc3t1+5DR1RxodOHCGr8ZcrHudpv7jI=
+github.com/aws/aws-sdk-go v1.50.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas=
@@ -213,8 +214,8 @@ github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/
 github.com/dnaeon/go-vcr v1.1.0/go.mod h1:M7tiix8f0r6mKKJ3Yq/kqU1OYf3MnfmBWVbPx/yU9ko=
 github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
 github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
-github.com/emicklei/go-restful/v3 v3.11.1 h1:S+9bSbua1z3FgCnV0KKOSSZ3mDthb5NyEPL5gEpCvyk=
-github.com/emicklei/go-restful/v3 v3.11.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
+github.com/emicklei/go-restful/v3 v3.11.2 h1:1onLa9DcsMYO9P+CXaL0dStDqQ2EHHXLiz+BtnqkLAU=
+github.com/emicklei/go-restful/v3 v3.11.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@@ -228,8 +229,8 @@ github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBF
 github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE=
 github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U=
 github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
-github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc=
-github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
+github.com/evanphx/json-patch/v5 v5.8.1 h1:iPEdwg0XayoS+E7Mth9JxwUtOgyVxnDTXHtKhZPlZxA=
+github.com/evanphx/json-patch/v5 v5.8.1/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
 github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
@@ -253,7 +254,6 @@ github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxF
 github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
 github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
 github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
 github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
@@ -276,8 +276,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.16.0 h1:x+plE831WK4vaKHO/jpgUGsvLKIqRRkz6M78GuJAfGE=
-github.com/go-playground/validator/v10 v10.16.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
+github.com/go-playground/validator/v10 v10.17.0 h1:SmVVlfAOtlZncTxRuinDPomC2DkXJ4E5T9gDA0AIH74=
+github.com/go-playground/validator/v10 v10.17.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
 github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
 github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
@@ -376,8 +376,8 @@ github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLe
 github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42 h1:dHLYa5D8/Ta0aLR2XcPsrkpAgGeFs6thhMcQK0oQ0n8=
-github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
+github.com/google/pprof v0.0.0-20240117000934-35fc243c5815 h1:WzfWbQz/Ze8v6l++GGbGNFZnUShVpP/0xffCPLL+ax8=
+github.com/google/pprof v0.0.0-20240117000934-35fc243c5815/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o=
 github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw=
@@ -498,8 +498,8 @@ github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZ
 github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
-github.com/lestrrat-go/jwx v1.2.27 h1:cvnTnda/YzdyFuWdEAMkI6BsLtItSrASEVCI3C/IUEQ=
-github.com/lestrrat-go/jwx v1.2.27/go.mod h1:Stob9LjSqR3lOmNdxF0/TvZo60V3hUGv8Fr7Bwzla3k=
+github.com/lestrrat-go/jwx v1.2.28 h1:uadI6o0WpOVrBSf498tRXZIwPpEtLnR9CvqPFXeI5sA=
+github.com/lestrrat-go/jwx v1.2.28/go.mod h1:nF+91HEMh/MYFVwKPl5HHsBGMPscqbQb+8IDQdIazP8=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU=
 github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
@@ -520,10 +520,8 @@ github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27k
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
-github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k=
-github.com/maxbrunsfeld/counterfeiter/v6 v6.7.0 h1:z0CfPybq3CxaJvrrpf7Gme1psZTqHhJxf83q6apkSpI=
-github.com/maxbrunsfeld/counterfeiter/v6 v6.7.0/go.mod h1:RVP6/F85JyxTrbJxWIdKU2vlSvK48iCMnMXRkSz7xtg=
+github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1 h1:NicmruxkeqHjDv03SfSxqmaLuisddudfP3h5wdXFbhM=
+github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1/go.mod h1:eyp4DdUJAKkr9tvxR3jWhw2mDK7CWABMG5r9uyaKC7I=
 github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
 github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
 github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
@@ -559,14 +557,14 @@ github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4=
 github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
-github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs=
-github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM=
-github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg=
-github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ=
+github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY=
+github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
+github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8=
+github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ=
 github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b h1:FfH+VrHHk6Lxt9HdVS0PXzSXFyS2NbZKXv33FYPol0A=
 github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b/go.mod h1:AC62GU6hc0BrNm+9RK9VSiwa/EUe1bkIeFORAMcHvJU=
-github.com/oracle/oci-go-sdk/v65 v65.55.0 h1:enKyHVLdJYDJrc9232w33u5F6t2p8Din4593kn3nh/w=
-github.com/oracle/oci-go-sdk/v65 v65.55.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0=
+github.com/oracle/oci-go-sdk/v65 v65.56.0 h1:o5na2VTSoH6LDLDrIB81XAjgtok6utLrixNO1TySN7c=
+github.com/oracle/oci-go-sdk/v65 v65.56.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0=
 github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
@@ -581,8 +579,8 @@ github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlk
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
 github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
-github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM=
-github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY=
+github.com/prometheus/common v0.46.0 h1:doXzt5ybi1HBKpsZOL0sSkaNHJJqkyfEWZGGqqScV0Y=
+github.com/prometheus/common v0.46.0/go.mod h1:Tp0qkxpb9Jsg54QMe+EAmqXkSV7Evdy1BTn+g2pa/hQ=
 github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
 github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
@@ -656,16 +654,16 @@ github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaO
 github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
 github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg=
 github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
-github.com/xanzy/go-gitlab v0.95.2 h1:4p0IirHqEp5f0baK/aQqr4TR57IsD+8e4fuyAA1yi88=
-github.com/xanzy/go-gitlab v0.95.2/go.mod h1:ETg8tcj4OhrB84UEgeE8dSuV/0h4BBL1uOV/qK0vlyI=
+github.com/xanzy/go-gitlab v0.96.0 h1:LGkZ+wSNMRtHIBaYE4Hq3dZVjprwHv3Y1+rhKU3WETs=
+github.com/xanzy/go-gitlab v0.96.0/go.mod h1:ETg8tcj4OhrB84UEgeE8dSuV/0h4BBL1uOV/qK0vlyI=
 github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
 github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4=
 github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM=
-github.com/yandex-cloud/go-genproto v0.0.0-20231220064917-199880d921bc/go.mod h1:HEUYX/p8966tMUHHT+TsS0hF/Ca/NYwqprC5WXSDMfE=
-github.com/yandex-cloud/go-genproto v0.0.0-20231228083538-d09e2496c348 h1:yZu9PwXKeT4x+1vtkxeuzGiwuKuO1YLSh5NgHGdddcc=
-github.com/yandex-cloud/go-genproto v0.0.0-20231228083538-d09e2496c348/go.mod h1:HEUYX/p8966tMUHHT+TsS0hF/Ca/NYwqprC5WXSDMfE=
-github.com/yandex-cloud/go-sdk v0.0.0-20231220065212-8e23a0060063 h1:4ax9uzn9uZ2ay8xoYHSuaUjblqG9TEsaXEeMXJwFE4o=
-github.com/yandex-cloud/go-sdk v0.0.0-20231220065212-8e23a0060063/go.mod h1:37xCFSQ779Njk5Lgh0Ih6FKHqpxItFJWenYnREAd0MU=
+github.com/yandex-cloud/go-genproto v0.0.0-20240115081201-6a3c052e444e/go.mod h1:HEUYX/p8966tMUHHT+TsS0hF/Ca/NYwqprC5WXSDMfE=
+github.com/yandex-cloud/go-genproto v0.0.0-20240122083642-669755cf22e2 h1:Y5u7Lqi5fkZes0zf93opzbzD2M9NKHUkr+U2+wyZW3U=
+github.com/yandex-cloud/go-genproto v0.0.0-20240122083642-669755cf22e2/go.mod h1:HEUYX/p8966tMUHHT+TsS0hF/Ca/NYwqprC5WXSDMfE=
+github.com/yandex-cloud/go-sdk v0.0.0-20240115081541-c0211d377905 h1:t9nq5sOnVWAUM8+KLVdB9JR0GouYsZstS+6EeCxWD0I=
+github.com/yandex-cloud/go-sdk v0.0.0-20240115081541-c0211d377905/go.mod h1:5Ph0ww5PrGO3Q2QljJs+0uMmD9xk546JkXsH0TTiqWs=
 github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA=
 github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a h1:fZHgsYlfvtyqToslyjUt3VOPF4J7aK/3MPcK7xp3PDk=
 github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a/go.mod h1:ul22v+Nro/R083muKhosV54bj5niojjWZvU8xrevuH4=
@@ -688,23 +686,23 @@ go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
 go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
 go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
 go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 h1:SpGay3w+nEwMpfVnbqOLH5gY52/foP8RE8UzTZ1pdSE=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1/go.mod h1:4UoMYEZOC0yN/sPGH76KPkkU7zgiEWYWL9vwmbnTJPE=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 h1:aFJWCqJMNjENlcleuuOkGAPH82y0yULBScfXcIEdS24=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1/go.mod h1:sEGXWArGqc3tVa+ekntsN65DmVbVeW+7lTKTjZF3/Fo=
-go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc=
-go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo=
-go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4=
-go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 h1:UNQQKPfTDe1J81ViolILjTKPr9WetKW6uei2hFgJmFs=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0/go.mod h1:r9vWsPS/3AQItv3OSlEJ/E4mbrhUbbw18meOjArPtKQ=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 h1:sv9kVfal0MK0wBMCOGr+HeJm9v803BkJxGrk2au7j08=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0/go.mod h1:SK2UL73Zy1quvRPonmOmRDiWk1KBV3LyIeeIxcEApWw=
+go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y=
+go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI=
+go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg=
+go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY=
 go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o=
 go.opentelemetry.io/otel/sdk v1.19.0/go.mod h1:NedEbbS4w3C6zElbLdPJKOpJQOrGUJ+GfzpjUvI0v1A=
-go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc=
-go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ=
+go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0=
+go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo=
 go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
 go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
 go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
-go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
-go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=
@@ -729,8 +727,9 @@ golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
 golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
 golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
+golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -741,8 +740,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc h1:ao2WRsKSzW6KuUY9IWPwWahcHCgR0s52IfwutMfEbdM=
-golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI=
+golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA=
+golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -815,8 +814,9 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
 golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
-golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c=
 golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U=
+golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
+golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -830,8 +830,8 @@ golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210413134643-5e61552d6c78/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
-golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ=
-golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM=
+golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ=
+golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -999,8 +999,8 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f
 golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA=
-golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0=
+golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc=
+golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1029,8 +1029,8 @@ google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjR
 google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU=
 google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94=
 google.golang.org/api v0.45.0/go.mod h1:ISLIJCedJolbZvDfAk+Ctuq5hf+aJ33WgtUsfyFoLXA=
-google.golang.org/api v0.155.0 h1:vBmGhCYs0djJttDNynWo44zosHlPvHmA0XiN2zP2DtA=
-google.golang.org/api v0.155.0/go.mod h1:GI5qK5f40kCpHfPn6+YzGAByIKWv8ujFnmoWm7Igduk=
+google.golang.org/api v0.157.0 h1:ORAeqmbrrozeyw5NjnMxh7peHO0UzV4wWYSwZeCUb20=
+google.golang.org/api v0.157.0/go.mod h1:+z4v4ufbZ1WEpld6yMGHyggs+PmAHiaLNj5ytP3N01g=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -1082,12 +1082,12 @@ google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6D
 google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
 google.golang.org/genproto v0.0.0-20210413151531-c14fb6ef47c3/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
 google.golang.org/genproto v0.0.0-20211021150943-2b146023228c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20240102182953-50ed04b92917 h1:nz5NESFLZbJGPFxDT/HCn+V1mZ8JGNoY4nUpmW/Y2eg=
-google.golang.org/genproto v0.0.0-20240102182953-50ed04b92917/go.mod h1:pZqR+glSb11aJ+JQcczCvgf47+duRuzNSKqE8YAQnV0=
-google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917 h1:rcS6EyEaoCO52hQDupoSfrxI3R6C2Tq741is7X8OvnM=
-google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917/go.mod h1:CmlNWB9lSezaYELKS5Ym1r44VrrbPUa7JTvw+6MbpJ0=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 h1:6G8oQ016D88m1xAKljMlBOOGWDZkes4kMhgGFlf8WcQ=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917/go.mod h1:xtjpI3tXFPP051KaWnhvxkiubL/6dJ18vLVf7q2pTOU=
+google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac h1:ZL/Teoy/ZGnzyrqK/Optxxp2pmVh+fmJ97slxSRyzUg=
+google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:+Rvu7ElI+aLzyDQhpHMFMMltsD6m7nqpuWDd2CwJw3k=
+google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac h1:OZkkudMUu9LVQMCoRUbI/1p5VCo9BOrlvkqMvWtqa6s=
+google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:B5xPO//w8qmBDjGReYLpR6UJPnkldGkCSMoH/2vxJeg=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac h1:nUQEQmH/csSvFECKYRv6HWEyypysidKl2I6Qpsglq/0=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:daQN87bsDqDoe316QbbvX60nMoJQa4r6Ds0ZuoAe5yA=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
 google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
@@ -1161,36 +1161,36 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.29.0 h1:NiCdQMY1QOp1H8lfRyeEf8eOwV6+0xA6XEE44ohDX2A=
-k8s.io/api v0.29.0/go.mod h1:sdVmXoz2Bo/cb77Pxi71IPTSErEW32xa4aXwKH7gfBA=
-k8s.io/apiextensions-apiserver v0.29.0 h1:0VuspFG7Hj+SxyF/Z/2T0uFbI5gb5LRgEyUVE3Q4lV0=
-k8s.io/apiextensions-apiserver v0.29.0/go.mod h1:TKmpy3bTS0mr9pylH0nOt/QzQRrW7/h7yLdRForMZwc=
-k8s.io/apimachinery v0.29.0 h1:+ACVktwyicPz0oc6MTMLwa2Pw3ouLAfAon1wPLtG48o=
-k8s.io/apimachinery v0.29.0/go.mod h1:eVBxQ/cwiJxH58eK/jd/vAk4mrxmVlnpBH5J2GbMeis=
-k8s.io/client-go v0.29.0 h1:KmlDtFcrdUzOYrBhXHgKw5ycWzc3ryPX5mQe0SkG3y8=
-k8s.io/client-go v0.29.0/go.mod h1:yLkXH4HKMAywcrD82KMSmfYg2DlE8mepPR4JGSo5n38=
-k8s.io/component-base v0.29.0 h1:T7rjd5wvLnPBV1vC4zWd/iWRbV8Mdxs+nGaoaFzGw3s=
-k8s.io/component-base v0.29.0/go.mod h1:sADonFTQ9Zc9yFLghpDpmNXEdHyQmFIGbiuZbqAXQ1M=
+k8s.io/api v0.29.1 h1:DAjwWX/9YT7NQD4INu49ROJuZAAAP/Ijki48GUPzxqw=
+k8s.io/api v0.29.1/go.mod h1:7Kl10vBRUXhnQQI8YR/R327zXC8eJ7887/+Ybta+RoQ=
+k8s.io/apiextensions-apiserver v0.29.1 h1:S9xOtyk9M3Sk1tIpQMu9wXHm5O2MX6Y1kIpPMimZBZw=
+k8s.io/apiextensions-apiserver v0.29.1/go.mod h1:zZECpujY5yTW58co8V2EQR4BD6A9pktVgHhvc0uLfeU=
+k8s.io/apimachinery v0.29.1 h1:KY4/E6km/wLBguvCZv8cKTeOwwOBqFNjwJIdMkMbbRc=
+k8s.io/apimachinery v0.29.1/go.mod h1:6HVkd1FwxIagpYrHSwJlQqZI3G9LfYWRPAkUvLnXTKU=
+k8s.io/client-go v0.29.1 h1:19B/+2NGEwnFLzt0uB5kNJnfTsbV8w6TgQRz9l7ti7A=
+k8s.io/client-go v0.29.1/go.mod h1:TDG/psL9hdet0TI9mGyHJSgRkW3H9JZk2dNEUS7bRks=
+k8s.io/component-base v0.29.1 h1:MUimqJPCRnnHsskTTjKD+IC1EHBbRCVyi37IoFBrkYw=
+k8s.io/component-base v0.29.1/go.mod h1:fP9GFjxYrLERq1GcWWZAE3bqbNcDKDytn2srWuHTtKc=
 k8s.io/gengo v0.0.0-20201203183100-97869a43a9d9/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
-k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 h1:pWEwq4Asjm4vjW7vcsmijwBhOr1/shsbSYiWXmNGlks=
-k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
+k8s.io/gengo v0.0.0-20240110203215-22eea95d1e7a h1:zCwpCC6Ghs+RstFfEJZ3arc7dLZ9z0tlmLHDXGCkINY=
+k8s.io/gengo v0.0.0-20240110203215-22eea95d1e7a/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
 k8s.io/klog v0.2.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
 k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
 k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
 k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
-k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0=
-k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo=
-k8s.io/kube-openapi v0.0.0-20240105020646-a37d4de58910 h1:1Rp/XEKP5uxPs6QrsngEHAxBjaAR78iJRiJq5Fi7LSU=
-k8s.io/kube-openapi v0.0.0-20240105020646-a37d4de58910/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw=
+k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
+k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
+k8s.io/kube-openapi v0.0.0-20240117194847-208609032b15 h1:m6dl1pkxz3HuE2mP9MUYPCCGyy6IIFlv/vTlLBDxIwA=
+k8s.io/kube-openapi v0.0.0-20240117194847-208609032b15/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw=
 k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ=
 k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
-sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4=
-sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0=
-sigs.k8s.io/controller-tools v0.13.0 h1:NfrvuZ4bxyolhDBt/rCZhDnx3M2hzlhgo5n3Iv2RykI=
-sigs.k8s.io/controller-tools v0.13.0/go.mod h1:5vw3En2NazbejQGCeWKRrE7q4P+CW8/klfVqP8QZkgA=
+sigs.k8s.io/controller-runtime v0.17.0 h1:fjJQf8Ukya+VjogLO6/bNX9HE6Y2xpsO5+fyS26ur/s=
+sigs.k8s.io/controller-runtime v0.17.0/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s=
+sigs.k8s.io/controller-tools v0.14.0 h1:rnNoCC5wSXlrNoBKKzL70LNJKIQKEzT6lloG6/LF73A=
+sigs.k8s.io/controller-tools v0.14.0/go.mod h1:TV7uOtNNnnR72SpzhStvPkoS/U5ir0nMudrkrC4M9Sc=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
 sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=