search

ricoberger / vault-secrets-operator

Create Kubernetes secrets from Vault for a secure GitOps based workflow.
MIT License
633 stars 103 forks source link

Bump the gomod group across 1 directory with 11 updates #264

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps the gomod group with 7 updates in the / directory:

Package From To
cloud.google.com/go/compute/metadata 0.2.3 0.3.0
cloud.google.com/go/iam 1.1.7 1.1.8
github.com/aws/aws-sdk-go 1.51.11 1.53.14
github.com/hashicorp/vault/api 1.12.2 1.14.0
github.com/prometheus/client_golang 1.19.0 1.19.1
k8s.io/api 0.29.3 0.30.1
k8s.io/client-go 0.29.3 0.30.1

Updates cloud.google.com/go/compute/metadata from 0.2.3 to 0.3.0

Release notes

Sourced from cloud.google.com/go/compute/metadata's releases.

parallelstore: v0.3.0

0.3.0 (2024-05-16)

Features

  • parallelstore: A new field api_version is added to message .google.cloud.parallelstore.v1beta.ExportDataMetadata (652ba8f)
  • parallelstore: A new field api_version is added to message .google.cloud.parallelstore.v1beta.ImportDataMetadata (652ba8f)
  • parallelstore: A new field create_time is added to message .google.cloud.parallelstore.v1beta.ExportDataMetadata (652ba8f)
  • parallelstore: A new field create_time is added to message .google.cloud.parallelstore.v1beta.ImportDataMetadata (652ba8f)
  • parallelstore: A new field destination_gcs_bucket is added to message .google.cloud.parallelstore.v1beta.TransferOperationMetadata (652ba8f)
  • parallelstore: A new field destination_parallelstore is added to message .google.cloud.parallelstore.v1beta.TransferOperationMetadata (652ba8f)
  • parallelstore: A new field end_time is added to message .google.cloud.parallelstore.v1beta.ExportDataMetadata (652ba8f)
  • parallelstore: A new field end_time is added to message .google.cloud.parallelstore.v1beta.ImportDataMetadata (652ba8f)
  • parallelstore: A new field requested_cancellation is added to message .google.cloud.parallelstore.v1beta.ExportDataMetadata (652ba8f)
  • parallelstore: A new field requested_cancellation is added to message .google.cloud.parallelstore.v1beta.ImportDataMetadata (652ba8f)
  • parallelstore: A new field source_gcs_bucket is added to message .google.cloud.parallelstore.v1beta.TransferOperationMetadata (652ba8f)
  • parallelstore: A new field source_parallelstore is added to message .google.cloud.parallelstore.v1beta.TransferOperationMetadata (652ba8f)
  • parallelstore: A new field status_message is added to message .google.cloud.parallelstore.v1beta.ExportDataMetadata (652ba8f)
  • parallelstore: A new field status_message is added to message .google.cloud.parallelstore.v1beta.ImportDataMetadata (652ba8f)
  • parallelstore: A new field target is added to message .google.cloud.parallelstore.v1beta.ExportDataMetadata (652ba8f)
  • parallelstore: A new field target is added to message .google.cloud.parallelstore.v1beta.ImportDataMetadata (652ba8f)
  • parallelstore: A new field verb is added to message .google.cloud.parallelstore.v1beta.ExportDataMetadata (652ba8f)
  • parallelstore: A new field verb is added to message .google.cloud.parallelstore.v1beta.ImportDataMetadata (652ba8f)

Bug Fixes

  • parallelstore: An existing field create_time is removed from message .google.cloud.parallelstore.v1beta.TransferOperationMetadata (652ba8f)
  • parallelstore: An existing field destination_path is renamed to destination_parallelstore in message .google.cloud.parallelstore.v1beta.ImportDataRequest (e4543f8)
  • parallelstore: An existing field destination is removed from message .google.cloud.parallelstore.v1beta.TransferOperationMetadata (652ba8f)
  • parallelstore: An existing field end_time is removed from message .google.cloud.parallelstore.v1beta.TransferOperationMetadata (652ba8f)
  • parallelstore: An existing field source_gcs_uri is renamed to source_gcs_bucket in message .google.cloud.parallelstore.v1beta.ImportDataRequest (292e812)
  • parallelstore: An existing field source is removed from message .google.cloud.parallelstore.v1beta.TransferOperationMetadata (652ba8f)

Documentation

  • parallelstore: A comment for field counters in message .google.cloud.parallelstore.v1beta.TransferOperationMetadata is changed (652ba8f)
  • parallelstore: A comment for field transfer_type in message .google.cloud.parallelstore.v1beta.TransferOperationMetadata is changed (652ba8f)
Changelog

Sourced from cloud.google.com/go/compute/metadata's changelog.

v0.3.0

  • storage:

    • AdminClient replaced by methods on Client. Replace

      adminClient.CreateBucket(ctx, bucketName, attrs)

      with

      client.Bucket(bucketName).Create(ctx, projectID, attrs)

    • BucketHandle.List replaced by BucketHandle.Objects. Replace

      for query != nil {
    objs, err := bucket.List(d.ctx, query)
    if err != nil { ... }
    query = objs.Next
    for _, obj := range objs.Results {
        fmt.Println(obj)
    }
}

      with

      iter := bucket.Objects(d.ctx, query)
for {
    obj, err := iter.Next()
    if err == iterator.Done {
        break
    }
    if err != nil { ... }
    fmt.Println(obj)
}

      (The iterator package is at google.golang.org/api/iterator.)

      Replace Query.Cursor with ObjectIterator.PageInfo().Token.

      Replace Query.MaxResults with ObjectIterator.PageInfo().MaxSize.

    • ObjectHandle.CopyTo replaced by ObjectHandle.CopierFrom. Replace

      attrs, err := src.CopyTo(ctx, dst, nil)

      with

... (truncated)

Commits
  • 44b3a7d Add autogenerated clients: debugger, iam, and trace
  • c6705a9 bigquery: restore backwards-compatible Query.TableDefinitions.
  • b8c1696 bigquery: add RowIterator, to replace Iterator
  • 5d33b1b bigquery: Make Query more configurable and add a Run method.
  • 07f82cd bigtable/bttest: Allow more time for concurrent mod test.
  • b9d51d5 pubsub: implement on top of generated client
  • fa279f9 storage: don't fail tests loudly if cleanup fails
  • 139d2e0 examples/bigquery: update WriteDisposition field
  • 2912d48 bigquery: shorten Disposition field names
  • 2096d28 bigquery: add Table.Update
  • Additional commits viewable in compare view


Updates cloud.google.com/go/iam from 1.1.7 to 1.1.8

Commits
  • b1c9263 chore: release main (#10004)
  • a03bd0e chore(spanner): update Spanner owner to harshachinta (#10060)
  • 7e8600a chore(all): update deps (#10058)
  • daea9d1 chore(deps): ignore go.opentelemetry.io/contrib/detectors/gcp (#10077)
  • 59457a3 feat(shopping): new shopping.merchant.conversions client (#10076)
  • e82cc5f feat(streetview): new client(s) (#10075)
  • 7656129 feat(aiplatform): A new value TPU_V5_LITEPOD is added to enum `AcceleratorT...
  • f537fdd chore: generate streetview publish client (#10072)
  • 1d757c6 docs(batch): Update description on allowed_locations in LocationPolicy field ...
  • bb47185 chore(spanner): temporarily skip spanner tests (#10071)
  • Additional commits viewable in compare view


Updates github.com/aws/aws-sdk-go from 1.51.11 to 1.53.14

Release notes

Sourced from github.com/aws/aws-sdk-go's releases.

Release v1.53.14 (2024-05-31)

Service Client Updates

  • service/codebuild: Updates service documentation
    • AWS CodeBuild now supports Self-hosted GitHub Actions runners for Github Enterprise
  • service/codeguru-security: Updates service API and documentation
  • service/elasticache: Updates service API and documentation
    • Update to attributes of TestFailover and minor revisions.
  • service/launch-wizard: Updates service API and documentation

Release v1.53.13 (2024-05-30)

Service Client Updates

  • service/acm: Updates service API
    • add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/bedrock-agent: Updates service API and documentation
  • service/bedrock-runtime: Updates service API and documentation
  • service/cloudtrail: Updates service API and documentation
    • CloudTrail Lake returns PartitionKeys in the GetEventDataStore API response. Events are grouped into partitions based on these keys for better query performance. For example, the calendarday key groups events by day, while combining the calendarday key with the hour key groups them by day and hour.
  • service/connect: Updates service API and documentation
  • service/emr-serverless: Updates service API, documentation, and paginators
  • service/rds: Updates service API, documentation, waiters, paginators, and examples
    • Updates Amazon RDS documentation for Aurora Postgres DBname.
  • service/sagemaker: Updates service API and documentation
    • Adds Model Card information as a new component to Model Package. Autopilot launches algorithm selection for TimeSeries modality to generate AutoML candidates per algorithm.

Release v1.53.12 (2024-05-29)

Service Client Updates

  • service/athena: Updates service API and documentation
    • Throwing validation errors on CreateNotebook with Name containing /,:,\
  • service/codebuild: Updates service API and documentation
    • AWS CodeBuild now supports manually creating GitHub webhooks
  • service/connect: Updates service API and documentation
  • service/glue: Updates service API and documentation
    • Add optional field JobMode to CreateJob and UpdateJob APIs.
  • service/securityhub: Updates service API

Release v1.53.11 (2024-05-28)

Service Client Updates

  • service/dynamodb: Updates service API, documentation, waiters, paginators, and examples
    • Doc-only update for DynamoDB. Specified the IAM actions needed to authorize a user to create a table with a resource-based policy.
  • service/ec2: Updates service API and documentation
    • Providing support to accept BgpAsnExtended attribute
  • service/kafka: Updates service API and documentation

... (truncated)

Commits


Updates github.com/hashicorp/vault/api from 1.12.2 to 1.14.0

Release notes

Sourced from github.com/hashicorp/vault/api's releases.

v1.14.0

1.14.0

June 21, 2023

BREAKING CHANGES:

  • secrets/pki: Maintaining running count of certificates will be turned off by default. To re-enable keeping these metrics available on the tidy status endpoint, enable maintain_stored_certificate_counts on tidy-config, to also publish them to the metrics consumer, enable publish_stored_certificate_count_metrics . [GH-18186]

CHANGES:

  • auth/alicloud: Updated plugin from v0.14.0 to v0.15.0 [GH-20758]
  • auth/azure: Updated plugin from v0.13.0 to v0.15.0 [GH-20816]
  • auth/centrify: Updated plugin from v0.14.0 to v0.15.1 [GH-20745]
  • auth/gcp: Updated plugin from v0.15.0 to v0.16.0 [GH-20725]
  • auth/jwt: Updated plugin from v0.15.0 to v0.16.0 [GH-20799]
  • auth/kubernetes: Update plugin to v0.16.0 [GH-20802]
  • core: Bump Go version to 1.20.5.
  • core: Remove feature toggle for SSCTs, i.e. the env var VAULT_DISABLE_SERVER_SIDE_CONSISTENT_TOKENS. [GH-20834]
  • core: Revert #19676 (VAULT_GRPC_MIN_CONNECT_TIMEOUT env var) as we decided it was unnecessary. [GH-20826]
  • database/couchbase: Updated plugin from v0.9.0 to v0.9.2 [GH-20764]
  • database/redis-elasticache: Updated plugin from v0.2.0 to v0.2.1 [GH-20751]
  • replication (enterprise): Add a new parameter for the update-primary API call that allows for setting of the primary cluster addresses directly, instead of via a token.
  • secrets/ad: Updated plugin from v0.10.1-0.20230329210417-0b2cdb26cf5d to v0.16.0 [GH-20750]
  • secrets/alicloud: Updated plugin from v0.5.4-beta1.0.20230330124709-3fcfc5914a22 to v0.15.0 [GH-20787]
  • secrets/aure: Updated plugin from v0.15.0 to v0.16.0 [GH-20777]
  • secrets/database/mongodbatlas: Updated plugin from v0.9.0 to v0.10.0 [GH-20882]
  • secrets/database/snowflake: Updated plugin from v0.7.0 to v0.8.0 [GH-20807]
  • secrets/gcp: Updated plugin from v0.15.0 to v0.16.0 [GH-20818]
  • secrets/keymgmt: Updated plugin to v0.9.1
  • secrets/kubernetes: Update plugin to v0.5.0 [GH-20802]
  • secrets/mongodbatlas: Updated plugin from v0.9.1 to v0.10.0 [GH-20742]
  • secrets/pki: Allow issuance of root CAs without AIA, when templated AIA information includes issuer_id. [GH-21209]
  • secrets/pki: Warning when issuing leafs from CSRs with basic constraints. In the future, issuance of non-CA leaf certs from CSRs with asserted IsCA Basic Constraints will be prohibited. [GH-20654]

FEATURES:

  • AWS Static Roles: The AWS Secrets Engine can manage static roles configured by users. [GH-20536]
  • Automated License Utilization Reporting: Added automated license utilization reporting, which sends minimal product-license metering data to HashiCorp without requiring you to manually collect and report them.
  • Environment Variables through Vault Agent: Introducing a new process-supervisor mode for Vault Agent which allows injecting secrets as environment variables into a child process using a new env_template configuration stanza. The process-supervisor configuration can be generated with a new vault agent generate-config helper tool. [GH-20530]
  • MongoDB Atlas Database Secrets: Adds support for client certificate credentials [GH-20425]
  • MongoDB Atlas Database Secrets: Adds support for generating X.509 certificates on dynamic roles for user authentication [GH-20882]
  • NEW PKI Workflow in UI: Completes generally available rollout of new PKI UI that provides smoother mount configuration and a more guided user experience [GH-pki-ui-improvements]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

1.14.0

June 21, 2023

SECURITY:

  • ui: key-value v2 (kv-v2) diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11. [HSEC-2023-17]

BREAKING CHANGES:

  • secrets/pki: Maintaining running count of certificates will be turned off by default. To re-enable keeping these metrics available on the tidy status endpoint, enable maintain_stored_certificate_counts on tidy-config, to also publish them to the metrics consumer, enable publish_stored_certificate_count_metrics . [GH-18186]

CHANGES:

  • auth/alicloud: Updated plugin from v0.14.0 to v0.15.0 [GH-20758]
  • auth/azure: Updated plugin from v0.13.0 to v0.15.0 [GH-20816]
  • auth/centrify: Updated plugin from v0.14.0 to v0.15.1 [GH-20745]
  • auth/gcp: Updated plugin from v0.15.0 to v0.16.0 [GH-20725]
  • auth/jwt: Updated plugin from v0.15.0 to v0.16.0 [GH-20799]
  • auth/kubernetes: Update plugin to v0.16.0 [GH-20802]
  • core: Bump Go version to 1.20.5.
  • core: Remove feature toggle for SSCTs, i.e. the env var VAULT_DISABLE_SERVER_SIDE_CONSISTENT_TOKENS. [GH-20834]
  • core: Revert #19676 (VAULT_GRPC_MIN_CONNECT_TIMEOUT env var) as we decided it was unnecessary. [GH-20826]
  • database/couchbase: Updated plugin from v0.9.0 to v0.9.2 [GH-20764]
  • database/redis-elasticache: Updated plugin from v0.2.0 to v0.2.1 [GH-20751]
  • replication (enterprise): Add a new parameter for the update-primary API call that allows for setting of the primary cluster addresses directly, instead of via a token.
  • secrets/ad: Updated plugin from v0.10.1-0.20230329210417-0b2cdb26cf5d to v0.16.0 [GH-20750]
  • secrets/alicloud: Updated plugin from v0.5.4-beta1.0.20230330124709-3fcfc5914a22 to v0.15.0 [GH-20787]
  • secrets/aure: Updated plugin from v0.15.0 to v0.16.0 [GH-20777]
  • secrets/database/mongodbatlas: Updated plugin from v0.9.0 to v0.10.0 [GH-20882]
  • secrets/database/snowflake: Updated plugin from v0.7.0 to v0.8.0 [GH-20807]
  • secrets/gcp: Updated plugin from v0.15.0 to v0.16.0 [GH-20818]
  • secrets/keymgmt: Updated plugin to v0.9.1
  • secrets/kubernetes: Update plugin to v0.5.0 [GH-20802]
  • secrets/mongodbatlas: Updated plugin from v0.9.1 to v0.10.0 [GH-20742]
  • secrets/pki: Allow issuance of root CAs without AIA, when templated AIA information includes issuer_id. [GH-21209]
  • secrets/pki: Warning when issuing leafs from CSRs with basic constraints. In the future, issuance of non-CA leaf certs from CSRs with asserted IsCA Basic Constraints will be prohibited. [GH-20654]

FEATURES:

  • AWS Static Roles: The AWS Secrets Engine can manage static roles configured by users. [GH-20536]
  • Automated License Utilization Reporting: Added automated license utilization reporting, which sends minimal product-license metering data to HashiCorp without requiring you to manually collect and report them.
  • Environment Variables through Vault Agent: Introducing a new process-supervisor mode for Vault Agent which allows injecting secrets as environment variables into a child process using a new env_template configuration stanza. The process-supervisor configuration can be generated with a new vault agent generate-config helper tool. [GH-20530]

... (truncated)

Commits
  • 13a649f backport of commit f12c1285599a1519273bfa68472c598b1fd635bf (#21348)
  • dd62be3 backport of commit 3908ec9dc44352548e08f4c86f9ad76c255ce493 (#21331)
  • 0fc55a2 backport of commit d76424cb53c730da5410ec55bff3274a01212843 (#21328)
  • 7733b6a backport of commit 3347e5d56b363e58e7be556cfd0875a210c2a2ec (#21326)
  • 1990a8c backport of commit 30aac443d0037852b0a5e4b50d59a9bedc5e4445 (#21324)
  • 15631d2 backport of commit a1fdf105b3cc2e88483f3fca27729fa06bfbfa7f (#21312)
  • a14ff6e backport of commit 41f392c43ff4c9077deb1d1640349b8ba867d139 (#21307)
  • 0610df0 backport of commit 042dd57811c900c9f6e2c85b5460d50560f79105 (#21295)
  • 2fd24b1 backport of commit 8cc7be234ac34ff0f703ab092a7314ba9e65b277 (#21293)
  • 9e85fef backport of commit c5549cdac681676ae52ea173d737ee1c5d1949a2 (#21272)
  • Additional commits viewable in compare view


Updates github.com/prometheus/client_golang from 1.19.0 to 1.19.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.1

What's Changed

  • Security patches for golang.org/x/sys and google.golang.org/protobuf

New Contributors

Full Changelog: https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

Commits


Updates golang.org/x/oauth2 from 0.18.0 to 0.19.0

Commits
  • d0e617c google: add Credentials.UniverseDomainProvider
  • 3c9c1f6 oauth2/google: fix the logic of sts 0 value of expires_in
  • 5a05c65 oauth2/google: fix remove content-type header from idms get requests
  • 3a6776a appengine: drop obsolete code for AppEngine envs <=Go 1.11
  • See full diff in compare view


Updates google.golang.org/api from 0.169.0 to 0.177.0

Release notes

Sourced from google.golang.org/api's releases.

v0.177.0

0.177.0 (2024-04-30)

Features

Bug Fixes

v0.176.1

0.176.1 (2024-04-23)

Bug Fixes

  • transport/http: Pass through base transport (#2541) (8d0b2b5)

v0.176.0

0.176.0 (2024-04-22)

Features

Bug Fixes

v0.175.0

0.175.0 (2024-04-19)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.177.0 (2024-04-30)

Features

Bug Fixes

0.176.1 (2024-04-23)

Bug Fixes

  • transport/http: Pass through base transport (#2541) (8d0b2b5)

0.176.0 (2024-04-22)

Features

Bug Fixes

0.175.0 (2024-04-19)

Features

Bug Fixes

... (truncated)

Commits


Updates google.golang.org/genproto from 0.0.0-20240213162025-012b6fc9bca9 to 0.0.0-20240401170217-c3f982113cda

Commits


Updates k8s.io/api from 0.29.3 to 0.30.1

Commits
  • 41b1806 Update dependencies to v0.30.1 tag
  • 0fd470c Merge pull request #124702aojea/automated-cherry-pick-of-#124572
  • a669f18 Merge pull request #124694 from pmalek/backport-124553-to-release-1.30
  • 15001b5 fix(api): make LocalObjectReference.Name and HostAlias.IP required (#124553)
  • d9a08c5 tag service.spec.TrafficDistribution field as alpha
  • d014286 Merge remote-tracking branch 'origin/master' into release-1.30
  • 581c1b8 Update x/net for CVE-2023-45288
  • 35ca1f4 Merge pull request #123932 from pohly/dra-api-resource-model-rename
  • b048bd8 Merge pull request #123909 from AkihiroSuda/fix-123906
  • f06d24a dra api: NodeResourceModel -> ResourceModel
  • Additional commits viewable in compare view


Updates k8s.io/apimachinery from 0.29.3 to 0.30.1

Commits
  • 37988e5 Merge remote-tracking branch 'origin/master' into release-1.30
  • c857a38 Update x/net for CVE-2023-45288
  • 0407311 followup to allow special characters
  • 25164f7 Merge pull request #123435 from tallclair/apparmor-ga
  • cbfe0a1 Merge pull request #123758 from liggitt/protobump
  • 21d26b6 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • 0c29f84 Merge pull request #123385 from HirazawaUi/allow-special-characters
  • 60d24f2 Merge pull request #123708 from p0lyn0mial/upstream-const-watchlist-bookmark-...
  • 513d23a apimachinery/meta/types.go: define InitialEventsAnnotationKey const
  • 67cb3a8 Merge pull request #123413 from seans3/tunneling-spdy-websockets
  • Additional commits viewable in compare view


Updates k8s.io/client-go from 0.29.3 to 0.30.1

Commits
  • 8e3349b Update dependencies to v0.30.1 tag
  • 4e1652b Merge pull request #124694 from pmalek/backport-124553-to-release-1.30
  • 2daa31e fix(api): make LocalObjectReference.Name and HostAlias.IP required (#124553)
  • 2df4de1 Merge remote-tracking branch 'origin/master' into release-1.30
  • ade2ae2 Update x/net for CVE-2023-45288
  • b4632b7 Merge pull request #123932 from pohly/dra-api-resource-model-rename
  • 4467b1e Merge pull request #123909 from AkihiroSuda/fix-123906
  • 650f392 dra api: NodeResourceModel -> ResourceModel
  • 00e4609 api: NodeStatus: rename RuntimeClasses to RuntimeHandlers
  • 7ebe0ea Merge pull request #123180 from AkihiroSuda/rro
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions