├── .circleci └── config.yml ├── .dependabot └── config.yml ├── .github └── CODEOWNERS ├── .gitignore ├── CHANGELOG.md ├── Dockerfile ├── LICENSE ├── Makefile ├── PROJECT ├── README.md ├── api └── v1 │ ├── groupversion_info.go │ ├── syncedsecret_types.go │ └── zz_generated.deepcopy.go ├── codecov.yml ├── config ├── certmanager │ ├── certificate.yaml │ ├── kustomization.yaml │ └── kustomizeconfig.yaml ├── crd │ ├── bases │ │ └── secrets.contentful.com_syncedsecrets.yaml │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── patches │ │ ├── cainjection_in_syncedsecrets.yaml │ │ └── webhook_in_syncedsecrets.yaml ├── default │ ├── kustomization.yaml │ ├── manager_auth_proxy_patch.yaml │ ├── manager_prometheus_metrics_patch.yaml │ ├── manager_webhook_patch.yaml │ └── webhookcainjection_patch.yaml ├── manager │ ├── kustomization.yaml │ └── manager.yaml ├── overlays │ ├── examples │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ └── kind │ │ ├── kustomization.yaml │ │ └── manager_kind.yaml ├── rbac │ ├── auth_proxy_role.yaml │ ├── auth_proxy_role_binding.yaml │ ├── auth_proxy_service.yaml │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── role.yaml │ └── role_binding.yaml ├── samples │ ├── kube-secret-syncer-ns.yaml │ └── secrets_v1_syncedsecret.yaml └── webhook │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ ├── manifests.yaml │ └── service.yaml ├── controllers ├── suite_test.go ├── syncedsecret_controller.go └── syncedsecret_controller_test.go ├── docs └── development.md ├── examples ├── apiextensions.k8s.io_v1beta1_customresourcedefinition_syncedsecrets.secrets.contentful.com.yaml ├── apps_v1_deployment_kube-secret-syncer-controller.yaml ├── rbac.authorization.k8s.io_v1_clusterrole_kube-secret-syncer-manager-role.yaml ├── rbac.authorization.k8s.io_v1_clusterrolebinding_kube-secret-syncer-manager-rolebinding.yaml ├── rbac.authorization.k8s.io_v1_role_kube-secret-syncer-leader-election-role.yaml ├── rbac.authorization.k8s.io_v1_rolebinding_kube-secret-syncer-leader-election-rolebinding.yaml └── v1_namespace_kube-secret-syncer.yaml ├── go.mod ├── go.sum ├── hack └── boilerplate.go.txt ├── main.go ├── main_test.go └── pkg ├── iam ├── arn.go ├── arn_client_cache.go └── arn_test.go ├── k8snamespace └── k8snamespace.go ├── k8ssecret ├── secret.go └── secret_test.go ├── namespacevalidator ├── validator.go └── validator_test.go ├── rolevalidator ├── validator.go └── validator_test.go └── secretsmanager ├── poller.go ├── poller_test.go ├── secrets.go └── secrets_test.go /.circleci/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/.circleci/config.yml -------------------------------------------------------------------------------- /.dependabot/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/.dependabot/config.yml -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/.github/CODEOWNERS -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/.gitignore -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/CHANGELOG.md -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/Makefile -------------------------------------------------------------------------------- /PROJECT: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/PROJECT -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/README.md -------------------------------------------------------------------------------- /api/v1/groupversion_info.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/api/v1/groupversion_info.go -------------------------------------------------------------------------------- /api/v1/syncedsecret_types.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/api/v1/syncedsecret_types.go -------------------------------------------------------------------------------- /api/v1/zz_generated.deepcopy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/api/v1/zz_generated.deepcopy.go -------------------------------------------------------------------------------- /codecov.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/codecov.yml -------------------------------------------------------------------------------- /config/certmanager/certificate.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/certmanager/certificate.yaml -------------------------------------------------------------------------------- /config/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/certmanager/kustomization.yaml -------------------------------------------------------------------------------- /config/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/certmanager/kustomizeconfig.yaml -------------------------------------------------------------------------------- /config/crd/bases/secrets.contentful.com_syncedsecrets.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/crd/bases/secrets.contentful.com_syncedsecrets.yaml -------------------------------------------------------------------------------- /config/crd/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/crd/kustomization.yaml -------------------------------------------------------------------------------- /config/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/crd/kustomizeconfig.yaml -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_syncedsecrets.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/crd/patches/cainjection_in_syncedsecrets.yaml -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_syncedsecrets.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/crd/patches/webhook_in_syncedsecrets.yaml -------------------------------------------------------------------------------- /config/default/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/default/kustomization.yaml -------------------------------------------------------------------------------- /config/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/default/manager_auth_proxy_patch.yaml -------------------------------------------------------------------------------- /config/default/manager_prometheus_metrics_patch.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/default/manager_prometheus_metrics_patch.yaml -------------------------------------------------------------------------------- /config/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/default/manager_webhook_patch.yaml -------------------------------------------------------------------------------- /config/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/default/webhookcainjection_patch.yaml -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | commonLabels: 4 | app: kube-secret-syncer 5 | -------------------------------------------------------------------------------- /config/manager/manager.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/manager/manager.yaml -------------------------------------------------------------------------------- /config/overlays/examples/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/overlays/examples/kustomization.yaml -------------------------------------------------------------------------------- /config/overlays/examples/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: kube-secret-syncer 5 | -------------------------------------------------------------------------------- /config/overlays/kind/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/overlays/kind/kustomization.yaml -------------------------------------------------------------------------------- /config/overlays/kind/manager_kind.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/overlays/kind/manager_kind.yaml -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/rbac/auth_proxy_role.yaml -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/rbac/auth_proxy_role_binding.yaml -------------------------------------------------------------------------------- /config/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/rbac/auth_proxy_service.yaml -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/rbac/kustomization.yaml -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/rbac/leader_election_role.yaml -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/rbac/leader_election_role_binding.yaml -------------------------------------------------------------------------------- /config/rbac/role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/rbac/role.yaml -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/rbac/role_binding.yaml -------------------------------------------------------------------------------- /config/samples/kube-secret-syncer-ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: kube-secret-syncer 5 | -------------------------------------------------------------------------------- /config/samples/secrets_v1_syncedsecret.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/samples/secrets_v1_syncedsecret.yaml -------------------------------------------------------------------------------- /config/webhook/kustomization.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/webhook/kustomization.yaml -------------------------------------------------------------------------------- /config/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/webhook/kustomizeconfig.yaml -------------------------------------------------------------------------------- /config/webhook/manifests.yaml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /config/webhook/service.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/config/webhook/service.yaml -------------------------------------------------------------------------------- /controllers/suite_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/controllers/suite_test.go -------------------------------------------------------------------------------- /controllers/syncedsecret_controller.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/controllers/syncedsecret_controller.go -------------------------------------------------------------------------------- /controllers/syncedsecret_controller_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/controllers/syncedsecret_controller_test.go -------------------------------------------------------------------------------- /docs/development.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/docs/development.md -------------------------------------------------------------------------------- /examples/apiextensions.k8s.io_v1beta1_customresourcedefinition_syncedsecrets.secrets.contentful.com.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/examples/apiextensions.k8s.io_v1beta1_customresourcedefinition_syncedsecrets.secrets.contentful.com.yaml -------------------------------------------------------------------------------- /examples/apps_v1_deployment_kube-secret-syncer-controller.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/examples/apps_v1_deployment_kube-secret-syncer-controller.yaml -------------------------------------------------------------------------------- /examples/rbac.authorization.k8s.io_v1_clusterrole_kube-secret-syncer-manager-role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/examples/rbac.authorization.k8s.io_v1_clusterrole_kube-secret-syncer-manager-role.yaml -------------------------------------------------------------------------------- /examples/rbac.authorization.k8s.io_v1_clusterrolebinding_kube-secret-syncer-manager-rolebinding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/examples/rbac.authorization.k8s.io_v1_clusterrolebinding_kube-secret-syncer-manager-rolebinding.yaml -------------------------------------------------------------------------------- /examples/rbac.authorization.k8s.io_v1_role_kube-secret-syncer-leader-election-role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/examples/rbac.authorization.k8s.io_v1_role_kube-secret-syncer-leader-election-role.yaml -------------------------------------------------------------------------------- /examples/rbac.authorization.k8s.io_v1_rolebinding_kube-secret-syncer-leader-election-rolebinding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/examples/rbac.authorization.k8s.io_v1_rolebinding_kube-secret-syncer-leader-election-rolebinding.yaml -------------------------------------------------------------------------------- /examples/v1_namespace_kube-secret-syncer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: kube-secret-syncer 5 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/go.sum -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/hack/boilerplate.go.txt -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/main.go -------------------------------------------------------------------------------- /main_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/main_test.go -------------------------------------------------------------------------------- /pkg/iam/arn.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/iam/arn.go -------------------------------------------------------------------------------- /pkg/iam/arn_client_cache.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/iam/arn_client_cache.go -------------------------------------------------------------------------------- /pkg/iam/arn_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/iam/arn_test.go -------------------------------------------------------------------------------- /pkg/k8snamespace/k8snamespace.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/k8snamespace/k8snamespace.go -------------------------------------------------------------------------------- /pkg/k8ssecret/secret.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/k8ssecret/secret.go -------------------------------------------------------------------------------- /pkg/k8ssecret/secret_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/k8ssecret/secret_test.go -------------------------------------------------------------------------------- /pkg/namespacevalidator/validator.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/namespacevalidator/validator.go -------------------------------------------------------------------------------- /pkg/namespacevalidator/validator_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/namespacevalidator/validator_test.go -------------------------------------------------------------------------------- /pkg/rolevalidator/validator.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/rolevalidator/validator.go -------------------------------------------------------------------------------- /pkg/rolevalidator/validator_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/rolevalidator/validator_test.go -------------------------------------------------------------------------------- /pkg/secretsmanager/poller.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/secretsmanager/poller.go -------------------------------------------------------------------------------- /pkg/secretsmanager/poller_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/secretsmanager/poller_test.go -------------------------------------------------------------------------------- /pkg/secretsmanager/secrets.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/secretsmanager/secrets.go -------------------------------------------------------------------------------- /pkg/secretsmanager/secrets_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/contentful-labs/kube-secret-syncer/HEAD/pkg/secretsmanager/secrets_test.go --------------------------------------------------------------------------------