Automated Manifest Update (#3395)

This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.

Reviewed-on: #3395
Co-authored-by: gitea-bot <gitea-bot@alexlebens.net>
Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>

clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-cert-controller.yaml

@@ -3,10 +3,10 @@ kind: ClusterRole
 metadata:
   name: external-secrets-cert-controller
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-cert-controller
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 rules:
   - apiGroups:

clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-controller.yaml

@@ -3,10 +3,10 @@ kind: ClusterRole
 metadata:
   name: external-secrets-controller
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 rules:
   - apiGroups:

clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-edit.yaml

@@ -3,10 +3,10 @@ kind: ClusterRole
 metadata:
   name: external-secrets-edit
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
     rbac.authorization.k8s.io/aggregate-to-admin: "true"

clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-servicebindings.yaml

@@ -4,10 +4,10 @@ metadata:
   name: external-secrets-servicebindings
   labels:
     servicebinding.io/controller: "true"
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 rules:
   - apiGroups:

clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-view.yaml

@@ -3,10 +3,10 @@ kind: ClusterRole
 metadata:
   name: external-secrets-view
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"

clusters/cl01tl/manifests/external-secrets/ClusterRoleBinding-external-secrets-cert-controller.yaml

@@ -3,10 +3,10 @@ kind: ClusterRoleBinding
 metadata:
   name: external-secrets-cert-controller
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-cert-controller
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io

clusters/cl01tl/manifests/external-secrets/ClusterRoleBinding-external-secrets-controller.yaml

@@ -3,10 +3,10 @@ kind: ClusterRoleBinding
 metadata:
   name: external-secrets-controller
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io

clusters/cl01tl/manifests/external-secrets/CustomResourceDefinition-clustersecretstores.external-secrets.io.yaml

@@ -1126,6 +1126,10 @@ spec:
                             clientTimeOutSeconds:
                               description: Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds.
                               type: integer
+                            decrypt:
+                              default: true
+                              description: 'When true, the response includes the decrypted password. When false, the password field is omitted. This option only applies to the SECRET retrieval type. Default: true.'
+                              type: boolean
                             retrievalType:
                               description: The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system.
                               type: string
@@ -1813,6 +1817,87 @@ spec:
                       required:
                         - auth
                       type: object
+                    dvls:
+                      description: DVLS configures this store to sync secrets using Devolutions Server provider
+                      properties:
+                        auth:
+                          description: Auth defines the authentication method to use.
+                          properties:
+                            secretRef:
+                              description: SecretRef contains the Application ID and Application Secret for authentication.
+                              properties:
+                                appId:
+                                  description: AppID is the reference to the secret containing the Application ID.
+                                  properties:
+                                    key:
+                                      description: |-
+                                        A key in the referenced Secret.
+                                        Some instances of this field may be defaulted, in others it may be required.
+                                      maxLength: 253
+                                      minLength: 1
+                                      pattern: ^[-._a-zA-Z0-9]+$
+                                      type: string
+                                    name:
+                                      description: The name of the Secret resource being referred to.
+                                      maxLength: 253
+                                      minLength: 1
+                                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                                      type: string
+                                    namespace:
+                                      description: |-
+                                        The namespace of the Secret resource being referred to.
+                                        Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
+                                      maxLength: 63
+                                      minLength: 1
+                                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+                                      type: string
+                                  type: object
+                                appSecret:
+                                  description: AppSecret is the reference to the secret containing the Application Secret.
+                                  properties:
+                                    key:
+                                      description: |-
+                                        A key in the referenced Secret.
+                                        Some instances of this field may be defaulted, in others it may be required.
+                                      maxLength: 253
+                                      minLength: 1
+                                      pattern: ^[-._a-zA-Z0-9]+$
+                                      type: string
+                                    name:
+                                      description: The name of the Secret resource being referred to.
+                                      maxLength: 253
+                                      minLength: 1
+                                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                                      type: string
+                                    namespace:
+                                      description: |-
+                                        The namespace of the Secret resource being referred to.
+                                        Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
+                                      maxLength: 63
+                                      minLength: 1
+                                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+                                      type: string
+                                  type: object
+                              required:
+                                - appId
+                                - appSecret
+                              type: object
+                          required:
+                            - secretRef
+                          type: object
+                        insecure:
+                          description: |-
+                            Insecure allows connecting to DVLS over plain HTTP.
+                            This is NOT RECOMMENDED for production use.
+                            Set to true only if you understand the security implications.
+                          type: boolean
+                        serverUrl:
+                          description: ServerURL is the DVLS instance URL (e.g., https://dvls.example.com).
+                          type: string
+                      required:
+                        - auth
+                        - serverUrl
+                      type: object
                     fake:
                       description: Fake configures a store with static key/value pairs
                       properties:
@@ -3586,6 +3671,28 @@ spec:
                           required:
                             - serviceAccountSecretRef
                           type: object
+                        cache:
+                          description: |-
+                            Cache configures client-side caching for read operations (GetSecret, GetSecretMap).
+                            When enabled, secrets are cached with the specified TTL.
+                            Write operations (PushSecret, DeleteSecret) automatically invalidate relevant cache entries.
+                            If omitted, caching is disabled (default).
+                            cache: {} is a valid option to set.
+                          properties:
+                            maxSize:
+                              default: 100
+                              description: |-
+                                MaxSize is the maximum number of secrets to cache.
+                                When the cache is full, least-recently-used entries are evicted.
+                              minimum: 1
+                              type: integer
+                            ttl:
+                              default: 5m
+                              description: |-
+                                TTL is the time-to-live for cached secrets.
+                                Format: duration string (e.g., "5m", "1h", "30s")
+                              type: string
+                          type: object
                         integrationInfo:
                           description: |-
                             IntegrationInfo specifies the name and version of the integration built using the 1Password Go SDK.
@@ -6630,6 +6737,10 @@ spec:
                             clientTimeOutSeconds:
                               description: Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds.
                               type: integer
+                            decrypt:
+                              default: true
+                              description: 'When true, the response includes the decrypted password. When false, the password field is omitted. This option only applies to the SECRET retrieval type. Default: true.'
+                              type: boolean
                             retrievalType:
                               description: The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system.
                               type: string

clusters/cl01tl/manifests/external-secrets/CustomResourceDefinition-secretstores.external-secrets.io.yaml

@@ -1126,6 +1126,10 @@ spec:
                             clientTimeOutSeconds:
                               description: Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds.
                               type: integer
+                            decrypt:
+                              default: true
+                              description: 'When true, the response includes the decrypted password. When false, the password field is omitted. This option only applies to the SECRET retrieval type. Default: true.'
+                              type: boolean
                             retrievalType:
                               description: The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system.
                               type: string
@@ -1813,6 +1817,87 @@ spec:
                       required:
                         - auth
                       type: object
+                    dvls:
+                      description: DVLS configures this store to sync secrets using Devolutions Server provider
+                      properties:
+                        auth:
+                          description: Auth defines the authentication method to use.
+                          properties:
+                            secretRef:
+                              description: SecretRef contains the Application ID and Application Secret for authentication.
+                              properties:
+                                appId:
+                                  description: AppID is the reference to the secret containing the Application ID.
+                                  properties:
+                                    key:
+                                      description: |-
+                                        A key in the referenced Secret.
+                                        Some instances of this field may be defaulted, in others it may be required.
+                                      maxLength: 253
+                                      minLength: 1
+                                      pattern: ^[-._a-zA-Z0-9]+$
+                                      type: string
+                                    name:
+                                      description: The name of the Secret resource being referred to.
+                                      maxLength: 253
+                                      minLength: 1
+                                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                                      type: string
+                                    namespace:
+                                      description: |-
+                                        The namespace of the Secret resource being referred to.
+                                        Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
+                                      maxLength: 63
+                                      minLength: 1
+                                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+                                      type: string
+                                  type: object
+                                appSecret:
+                                  description: AppSecret is the reference to the secret containing the Application Secret.
+                                  properties:
+                                    key:
+                                      description: |-
+                                        A key in the referenced Secret.
+                                        Some instances of this field may be defaulted, in others it may be required.
+                                      maxLength: 253
+                                      minLength: 1
+                                      pattern: ^[-._a-zA-Z0-9]+$
+                                      type: string
+                                    name:
+                                      description: The name of the Secret resource being referred to.
+                                      maxLength: 253
+                                      minLength: 1
+                                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                                      type: string
+                                    namespace:
+                                      description: |-
+                                        The namespace of the Secret resource being referred to.
+                                        Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
+                                      maxLength: 63
+                                      minLength: 1
+                                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+                                      type: string
+                                  type: object
+                              required:
+                                - appId
+                                - appSecret
+                              type: object
+                          required:
+                            - secretRef
+                          type: object
+                        insecure:
+                          description: |-
+                            Insecure allows connecting to DVLS over plain HTTP.
+                            This is NOT RECOMMENDED for production use.
+                            Set to true only if you understand the security implications.
+                          type: boolean
+                        serverUrl:
+                          description: ServerURL is the DVLS instance URL (e.g., https://dvls.example.com).
+                          type: string
+                      required:
+                        - auth
+                        - serverUrl
+                      type: object
                     fake:
                       description: Fake configures a store with static key/value pairs
                       properties:
@@ -3586,6 +3671,28 @@ spec:
                           required:
                             - serviceAccountSecretRef
                           type: object
+                        cache:
+                          description: |-
+                            Cache configures client-side caching for read operations (GetSecret, GetSecretMap).
+                            When enabled, secrets are cached with the specified TTL.
+                            Write operations (PushSecret, DeleteSecret) automatically invalidate relevant cache entries.
+                            If omitted, caching is disabled (default).
+                            cache: {} is a valid option to set.
+                          properties:
+                            maxSize:
+                              default: 100
+                              description: |-
+                                MaxSize is the maximum number of secrets to cache.
+                                When the cache is full, least-recently-used entries are evicted.
+                              minimum: 1
+                              type: integer
+                            ttl:
+                              default: 5m
+                              description: |-
+                                TTL is the time-to-live for cached secrets.
+                                Format: duration string (e.g., "5m", "1h", "30s")
+                              type: string
+                          type: object
                         integrationInfo:
                           description: |-
                             IntegrationInfo specifies the name and version of the integration built using the 1Password Go SDK.
@@ -6630,6 +6737,10 @@ spec:
                             clientTimeOutSeconds:
                               description: Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds.
                               type: integer
+                            decrypt:
+                              default: true
+                              description: 'When true, the response includes the decrypted password. When false, the password field is omitted. This option only applies to the SECRET retrieval type. Default: true.'
+                              type: boolean
                             retrievalType:
                               description: The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system.
                               type: string

clusters/cl01tl/manifests/external-secrets/Deployment-external-secrets-cert-controller.yaml

@@ -4,10 +4,10 @@ metadata:
   name: external-secrets-cert-controller
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-cert-controller
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 spec:
   replicas: 1
@@ -19,10 +19,10 @@ spec:
   template:
     metadata:
       labels:
-        helm.sh/chart: external-secrets-1.2.1
+        helm.sh/chart: external-secrets-1.3.1
         app.kubernetes.io/name: external-secrets-cert-controller
         app.kubernetes.io/instance: external-secrets
-        app.kubernetes.io/version: "v1.2.1"
+        app.kubernetes.io/version: "v1.3.1"
         app.kubernetes.io/managed-by: Helm
     spec:
       serviceAccountName: external-secrets-cert-controller
@@ -40,7 +40,7 @@ spec:
             runAsUser: 1000
             seccompProfile:
               type: RuntimeDefault
-          image: ghcr.io/external-secrets/external-secrets:v1.2.1
+          image: ghcr.io/external-secrets/external-secrets:v1.3.1
           imagePullPolicy: IfNotPresent
           args:
             - certcontroller
@@ -58,9 +58,12 @@ spec:
             - containerPort: 8080
               protocol: TCP
               name: metrics
+            - containerPort: 8081
+              protocol: TCP
+              name: ready
           readinessProbe:
             httpGet:
-              port: 8081
+              port: ready
               path: /readyz
             initialDelaySeconds: 20
             periodSeconds: 5

clusters/cl01tl/manifests/external-secrets/Deployment-external-secrets-webhook.yaml

@@ -4,10 +4,10 @@ metadata:
   name: external-secrets-webhook
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-webhook
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 spec:
   replicas: 1
@@ -19,10 +19,10 @@ spec:
   template:
     metadata:
       labels:
-        helm.sh/chart: external-secrets-1.2.1
+        helm.sh/chart: external-secrets-1.3.1
         app.kubernetes.io/name: external-secrets-webhook
         app.kubernetes.io/instance: external-secrets
-        app.kubernetes.io/version: "v1.2.1"
+        app.kubernetes.io/version: "v1.3.1"
         app.kubernetes.io/managed-by: Helm
     spec:
       hostNetwork: false
@@ -40,7 +40,7 @@ spec:
             runAsUser: 1000
             seccompProfile:
               type: RuntimeDefault
-          image: ghcr.io/external-secrets/external-secrets:v1.2.1
+          image: ghcr.io/external-secrets/external-secrets:v1.3.1
           imagePullPolicy: IfNotPresent
           args:
             - webhook
@@ -59,9 +59,12 @@ spec:
             - containerPort: 10250
               protocol: TCP
               name: webhook
+            - containerPort: 8081
+              protocol: TCP
+              name: ready
           readinessProbe:
             httpGet:
-              port: 8081
+              port: ready
               path: /readyz
             initialDelaySeconds: 20
             periodSeconds: 5

clusters/cl01tl/manifests/external-secrets/Deployment-external-secrets.yaml

@@ -4,10 +4,10 @@ metadata:
   name: external-secrets
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 spec:
   replicas: 1
@@ -19,10 +19,10 @@ spec:
   template:
     metadata:
       labels:
-        helm.sh/chart: external-secrets-1.2.1
+        helm.sh/chart: external-secrets-1.3.1
         app.kubernetes.io/name: external-secrets
         app.kubernetes.io/instance: external-secrets
-        app.kubernetes.io/version: "v1.2.1"
+        app.kubernetes.io/version: "v1.3.1"
         app.kubernetes.io/managed-by: Helm
     spec:
       serviceAccountName: external-secrets
@@ -40,7 +40,7 @@ spec:
             runAsUser: 1000
             seccompProfile:
               type: RuntimeDefault
-          image: ghcr.io/external-secrets/external-secrets:v1.2.1
+          image: ghcr.io/external-secrets/external-secrets:v1.3.1
           imagePullPolicy: IfNotPresent
           args:
             - --concurrent=1

clusters/cl01tl/manifests/external-secrets/Role-external-secrets-leaderelection.yaml

@@ -4,10 +4,10 @@ metadata:
   name: external-secrets-leaderelection
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 rules:
   - apiGroups:

clusters/cl01tl/manifests/external-secrets/RoleBinding-external-secrets-leaderelection.yaml

@@ -4,10 +4,10 @@ metadata:
   name: external-secrets-leaderelection
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io

clusters/cl01tl/manifests/external-secrets/Secret-external-secrets-webhook.yaml

@@ -4,9 +4,9 @@ metadata:
   name: external-secrets-webhook
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-webhook
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
     external-secrets.io/component: webhook

clusters/cl01tl/manifests/external-secrets/Service-external-secrets-webhook.yaml

@@ -4,10 +4,10 @@ metadata:
   name: external-secrets-webhook
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-webhook
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
     external-secrets.io/component: webhook
 spec:

clusters/cl01tl/manifests/external-secrets/ServiceAccount-external-secrets-cert-controller.yaml

@@ -4,8 +4,8 @@ metadata:
   name: external-secrets-cert-controller
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-cert-controller
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm

clusters/cl01tl/manifests/external-secrets/ServiceAccount-external-secrets-webhook.yaml

@@ -4,8 +4,8 @@ metadata:
   name: external-secrets-webhook
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-webhook
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm

clusters/cl01tl/manifests/external-secrets/ServiceAccount-external-secrets.yaml

@@ -4,8 +4,8 @@ metadata:
   name: external-secrets
   namespace: external-secrets
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm

clusters/cl01tl/manifests/external-secrets/ValidatingWebhookConfiguration-externalsecret-validate.yaml

@@ -3,10 +3,10 @@ kind: ValidatingWebhookConfiguration
 metadata:
   name: externalsecret-validate
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-webhook
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
     external-secrets.io/component: webhook
 webhooks:

clusters/cl01tl/manifests/external-secrets/ValidatingWebhookConfiguration-secretstore-validate.yaml

@@ -3,10 +3,10 @@ kind: ValidatingWebhookConfiguration
 metadata:
   name: secretstore-validate
   labels:
-    helm.sh/chart: external-secrets-1.2.1
+    helm.sh/chart: external-secrets-1.3.1
     app.kubernetes.io/name: external-secrets-webhook
     app.kubernetes.io/instance: external-secrets
-    app.kubernetes.io/version: "v1.2.1"
+    app.kubernetes.io/version: "v1.3.1"
     app.kubernetes.io/managed-by: Helm
     external-secrets.io/component: webhook
 webhooks: