The road to external-secrets GA
The following external-secret custom resource APIs are considered stable:
ExternalSecretClusterExternalSecretSecretStoreClusterSecretStore
These CRDs are currently at v1beta1 and are considered production ready. Going forward, breaking changes to these APIs will be accompanied by a conversion mechanism.
We have identified the following areas of work. This is subject to change while we gather feedback. We have a GitHub Project Board where we organize issues and milestones on a high level.
- Conformance testing
- end to end testing with ArgoCD and Flux
- end to end testing for all project maintained providers
- API enhancements
- consolidate provider fields
- dataFrom key rewrites
- provider versioning strategy
- pushing secrets to a provider
- Documentation Improvements
- Troubleshooting Guides
- FAQ
- review multi tenancy docs
- provide security model for infosec teams
- provider specific guides
- Observability
- Provide Grafana Dashboard and Prometheus alerts
- add provider-level metrics
- Pentest & SBOM