Workflows in External Secrets Enterprise provide a powerful way to orchestrate complex secret management operations. Use workflows to pull, generate, transform, and push secrets across providers in a declarative, DAG-based model.
The workflow system is built around three core components:
  • WorkflowTemplate: A reusable blueprint that defines the structure and logic of your workflow, including jobs, steps, and parameters.
  • WorkflowRun: An instance of a WorkflowTemplate that executes the defined jobs and steps with a specific set of arguments.
  • WorkflowRunTemplate: A controller that automates the creation of WorkflowRun resources based on a schedule (cron or interval) or in response to changes.
This separation of concerns allows you to define complex, reusable workflows and trigger them in a variety of ways. Each workflow run provides detailed status and output visibility, helping you troubleshoot and optimize your secret management processes.