logic855/helm-external-secrets @ 6ec15bded74206033605741008a305fe72be9ee9

Tree: 6ec15bded7

IdanAdar-patch-1

Switch-UBI-to-go-toolset-as-base-image

aws-iam-anywhere

aws-metadata

beach-team

beach-team-fix/beach-team-pipeline

beach/fix-fake-provider

beach/keyvault-set-secret

bh.ss

broken-link

bump/0.8.13

bunp-helm-chart

chart/certcontroller-partial-cache

chore/bump-0.9.2-branch

chore/bump-controller-runtime

chore/refactor-aws-auth

chore/standardize-vault-auth-paths

chore/update-readme-with-vision

cleanup-keys-when-using-template

coderabbitai/docstrings/17d3e22

conversion-webhook-debug

copilot/fix-code-scanning-alerts

copilot/fix-license-header-typographical-errors

copilot/sub-pr-6021

dependabot/go_modules/github.com/onsi/ginkgo-1.15.1

dependabot/go_modules/sigs.k8s.io/controller-runtime-0.8.3

design/decoding-strategy

dev/jsauvain/plugin_ovh_provider

docs/demo-of-devops-toolkit

e2e-test-run

feat/add-log-values-to-helm-chart

feature/aws-getallsecrets

feature/aws-getallsecrets-trim-root-path

feature/configure-promethues-target-port

feature/custom-cert-secret

feature/gcp-referent-auth

feature/keyvault-deletion-policy

feature/new-provider-structure

fix-infisical-404

fix-test

fix/e2e

fix/gcp-issues

fix/kubernetes-access-review-strategy

fix/vault-lint

fix/vault-not-handling-json-values

gc-fix-update-readme

gc/design/gen-secretstore-v2

gc/fix/ibm

gc/fix/v015.1

gc/rollback-0.15.1

gh-pages

gh-pages-dev

gitlab-validation-refactors

gusfcarvalho-patch-1

main

mj-add-generator

mj-aws-v2-parameterstore-e2e

mj-bump-ubiimg

mj-bumps

mj-design-oopp

mj-e2e-managed-aws-tf

mj-expose-admission-warnings

mj-fix-aws-genereator-auth-cache

mj-fix-dashboard

mj-fix-reko

mj-fix-vault-ref-spec

mj-go-mod

mj-provider-mod

mj-pushsecret-generator-state

mj-test-gcp-m

mj-test-mgmt

mj-v2-poc

mj-v2-poc-rebased

poc-workflow

pr-5527

predicate-watch-fix

promote-chart-0.9.11

release-0.10.3-helm-charts

release-0.10.4-helm-charts

release-0.6

release-0.7

release-0.8

release-0.9

release-branch-test-1

release-chart-v0.10.5

release-chart-v0.15.0

release-chart-v0.15.0-2

release-chart-v0.15.0-3

release-helm-2.2.0

release-helm-chart-v0.10.5

release-helm-chart-v0.16.1

release-helm-chart-v0.16.2

release-helm-chart-v0.17.0

release-helm-chart-v0.18.1

release-helm-chart-v0.18.2

release-helm-chart-v0.19.0

release-helm-chart-v0.19.1

release-helm-chart-v0.20.1

release-helm-chart-v0.20.1-2

release-helm-chart-v0.20.1-3

release-helm-chart-v0.20.2

release-helm-chart-v0.20.3

release-helm-chart-v0.20.3-2

release-helm-chart-v0.20.4

release-helm-chart-v1.0.0

release-helm-chart-v1.1.0

release-notes-0.18.0

release-v0.10.6-helm-chart

release-v0.10.6-helm-chart-docs

release-v0.10.7

release-v0.11.0-charts

release-v0.12.1-charts

release-v0.13.0-charts

release-v0.13.0-charts-2

release-v0.14.0-charts

release-v0.14.2-charts

release-v0.14.3-charts

release-v0.14.3-charts-2

release-v0.14.4

revert-662-revert-613-getall-Secrets

sonar-dispatch

test-ca-cert-trouble

test-e2e-no-fork-2

test-e2e-run

test-infra

test-non-fork-e2e-test

update-deps-1679516143

update-deps-1679516914

update-deps-1679517123

update-deps-1679518009

update-deps-1679519068

update-deps-1679520715

update-deps-1679521323

update-deps-1679522475

update-deps-1679524823

update-deps-1679526149

update-deps-1679526150

update-deps-1684144987

update-deps-1684144991

update-deps-1684749783

update-deps-1684749784

update-deps-1685354595

update-deps-1685354598

update-deps-1685959386

update-deps-1685959389

update-deps-1686564186

update-deps-1686564187

update-deps-1687168984

update-deps-1688983412

update-deps-1689588212

update-deps-1689588216

update-deps-1689588218

update-deps-1690192998

update-deps-1690192999

update-deps-1690193006

update-deps-1690797787

update-deps-1690797790

update-deps-1690797793

update-deps-1691402717

update-deps-1692612193

update-deps-1692612200

update-deps-1698660199

update-deps-1699265013

update-deps-1699869789

update-deps-1702893806

update-deps-1703498593

update-deps-1704103390

update-deps-1705313002

update-deps-1705313003

update-deps-1707127435

update-deps-1708337007

update-deps-1708941785

update-deps-1709548582

update-deps-1711361006

update-deps-1728295726

update-deps-1728900214

update-deps-1729505043

update-deps-1730714625

update-deps-1731319410

update-deps-1731924224

update-deps-1733738623

update-deps-1734343423

update-deps-1734948213

update-deps-1735553019

update-deps-1735553021

update-deps-1736157834

update-deps-1736762637

update-deps-1737367411

update-deps-1737367413

update-deps-1737972215

update-deps-1738577008

update-deps-1739181819

update-deps-1739786702

update-deps-1740391424

update-deps-1740996509

update-deps-1741601012

update-deps-1742205840

update-deps-1742810656

update-deps-1744021399

update-deps-1745229858

update-deps-1745836636

update-deps-1746439470

update-deps-1747044270

update-deps-1747649082

update-deps-1748254077

update-deps-1748858663

update-deps-1749463460

update-deps-1750068277

update-deps-1750673073

update-deps-1751277848

update-deps-1751882658

update-deps-1752487463

update-deps-1753092271

update-deps-1753697066

update-deps-1754301928

update-deps-1754906674

update-deps-1755511479

update-deps-1755511483

update-deps-1756116259

update-deps-1762164298

update-deps-1770632590

update-deps-1774261326

update-helm-chart-v0.14.2

update-ibm-docs

update-vault-api

validate-secret-store-gitlab

validate-store-oracle

GitHub

External Secrets Operator integrates with GitHub to sync Kubernetes secrets with GitHub Actions secrets.

Configuring Github provider

The GitHub API requires to install the ESO app to your GitHub organisation in order to use the Github provider features.

Configuring the secret store

Verify that github provider is listed in the Kind=SecretStore. The properties appID, installationID, organization are required to register the provider. In addition, authentication has to be provided.

Optionally, to target repository and environment secrets, the fields repository and environment need also to be added.

{% include 'github-secret-store.yaml' %}

NOTE: In case of a ClusterSecretStore, Be sure to provide namespace in accessToken with the namespace where the secret resides.

Pushing to an external secret

To sync a Kubernetes secret with an external GitHub secret we need to create a PushSecret, this means a Kind=PushSecret is needed.

{% include 'github-push-secret.yaml' %}

github.md 1.1 KB History Raw

GitHub

Configuring Github provider

Configuring the secret store

Pushing to an external secret

github.md 1.1 KB

History Raw