jenkins-x · ned-si · Oct 13, 2022
diff --git a/content/en/docs/resources/faq/using/_index.md b/content/en/docs/resources/faq/using/_index.md
@@ -55,7 +55,7 @@ You may need to modify your helm charts to add extra helm configuration if the c
 
 [Hashicorp Vault](https://www.vaultproject.io/) is the preferred way in Jenkins X to manage secrets. For example, the GitHub personal access token generated for the pipeline bot is stored in Vault. [Read more about using Vault to manage your secrets with Jenkins X](https://jenkins-x.io/docs/reference/components/vault/).
 
-In addition, the Jenkins X team are big fans of [Kubernetes External Secrets](https://github.com/external-secrets/kubernetes-external-secrets) and are developing [jx-secret](https://github.com/jenkins-x/jx-secret), a small command line tool working with Kubernetes External Secrets.
+In addition, the Jenkins X team are big fans of [External Secrets Operator](https://github.com/external-secrets/external-secrets) and are developing [jx-secret](https://github.com/jenkins-x/jx-secret), a small command line tool working with External Secrets Operator.
 
 
 ## When do Preview Environments get removed?

diff --git a/content/en/v3/about/benefits.md b/content/en/v3/about/benefits.md
@@ -18,12 +18,21 @@ aliases:
     * The `config-root/cluster` folder contains all the global cluster level resources like `ClusterRole`, `Namespace` or Custom Resources
     * The `config-root/namespaces/jx` folder contains all the namespaced resources in the `jx` namespace
   * This makes it easy to use flexible apply logic in different boot `Jobs` with different RBAC (or a system admin could apply the cluster level resources for you by hand) - to make it easier to install Jenkins X on more locked down and restricted clusters
-* We use [Kubernetes External Secrets](https://github.com/external-secrets/kubernetes-external-secrets) to provide a single way to manage secrets which supports the following back end systems:
-  * Alibaba Cloud KMS Secret Manager
+* We use [External Secrets Operator](https://github.com/external-secrets/external-secrets) to provide a single way to manage secrets which supports the following back end systems:
+  * Akeyless
   * AWS Secrets Manager
   * Azure Key Vault
-  * GCP Secret Manager
+  * Doppler
+  * Fake
+  * Gitlab Project Variables
+  * Google Secrets Manager
+  * IBM Secrets manager
   * Hashicorp Vault
+  * senhasegura DevOps Secrets Management
+  * Oracle Vault
+  * Webhook
+  * Yandex Certificate Manager
+  * 1Password Secrets Automation
 * It opens the door to a flexible [multi-cluster support](/v3/guides/multi-cluster/) so that every cluster can be managed in the same canonical GitOps approach from a single git repository 
 * The new [getting started approach](/v3/admin/platform/) runs the boot pipeline as a `Job` inside the Kubernetes cluster. This ensures consistency in tooling used and also improves security by avoiding having the secrets on a developers laptop. 
   * The only thing you run on your local machine when installing Jenkins X is [installing the git operator](/v3/guides/operator/) which is a simple helm chart.
@@ -36,4 +45,4 @@ aliases:
   * We now include the [version stream](https://jenkins-x.io/about/concepts/version-stream/) inside your GitOps repository too inside the `versionStream` directory after installation so that all the information about your installation is inside a single git repository so its simpler to test changes & ensure consistency.
 * We can avoid composite charts to simplfiy configuration and upgrades
 * We no longer use `exposecontroller`, instead use regular helm configuration to create `Ingress` resources and [override domain names](/v3/develop/faq/#how-do-i-configure-the-ingress-domain-in-dev-staging-or-production)
-* secret handling is currently much simpler using Kubernetes External Secrets for any secrets in any namespace or cluster for your own apps or for those used by Jenkins X.
+* secret handling is currently much simpler using External Secrets Operator for any secrets in any namespace or cluster for your own apps or for those used by Jenkins X.
diff --git a/content/en/v3/about/overview/_index.md b/content/en/v3/about/overview/_index.md
@@ -76,7 +76,7 @@ the following are optional extras if not using your cloud providers native secre
 
 ### `secret-infra` 
 
-* **kubernetes-external-secrets** contains the [external-secrets/kubernetes-external-secrets](https://github.com/external-secrets/kubernetes-external-secrets) service for handling `ExternalSecrets`. See [how we use secrets](/v3/guides/secrets/))
+* **external-secrets-operator** contains the [external-secrets/external-secrets-operator](https://github.com/external-secrets/external-secrets) service for handling `ExternalSecrets`. See [how we use secrets](/v3/guides/secrets/))
 * **pusher-wave** contains the [pusher/wave](https://github.com/pusher/wave) service for performing a rolling upgrade of any microservice which consumes `Secret` resources from either vault or a cloud providers secret store and the secrets change in the underlying store 
 
 ### `tekton-pipelines`

diff --git a/content/en/v3/about/overview/projects.md b/content/en/v3/about/overview/projects.md
@@ -30,7 +30,7 @@ Jenkins X stands on the shoulders of many open source giants...
 * [external-dns](https://github.com/kubernetes-sigs/external-dns) for managing certificates for [TLS and DNS](/v3/admin/guides/tls_dns/)
 * [knative](https://knative.dev/) a framework for building auto scaling (to zero) serverless style applications on kubernetes
 * [kuberhealthy](https://github.com/Comcast/kuberhealthy) for health reporting of Kubernetes itself, Jenkins X and other microservices
-* [kubernetes external secrets](https://github.com/external-secrets/kubernetes-external-secrets) for [managing secrets](/v3/admin/setup/secrets/) via [Hashicorp Vault](https://www.vaultproject.io/) or the cloud native secret managers on Alibaba, Amazon, Azure, Google etc
+* [external secrets operator](https://github.com/external-secrets/external-secrets) for [managing secrets](/v3/admin/setup/secrets/) via [Hashicorp Vault](https://www.vaultproject.io/) or the cloud native secret managers on Amazon, Azure, Google etc.
 * [jenkins](https://jenkins.io) the most popular build automation server which can be [setup via GitOps with Jenkins X](/v3/admin/guides/jenkins/) and a fellow [CDF founding project](https://cd.foundation/projects/)
 * [jenkinsfile runner](https://github.com/jenkinsci/jenkinsfile-runner) a way of running a jenkins pipeline in a container
 * [lighthouse](https://github.com/jenkins-x/lighthouse) our strategic solution for webhooks and ChatOps for multiple git providers

diff --git a/content/en/v3/about/what.md b/content/en/v3/about/what.md
@@ -40,7 +40,7 @@ Jenkins X also uses GitOps as the way to [upgrade](/v3/admin/setup/upgrades), in
 
 Using GitOps as above does present a challenge of where to store secrets for your cluster as keeping them in Git is insecure.  There is a way to [encrypt secrets and store them in Git](https://github.com/bitnami-labs/sealed-secrets) but there is a usability issue which makes the approach non trivial to use.  Jenkins X prefers to work with real secret provider solutions like [Vault](https://www.vaultproject.io/) or where possible cloud hosted solutions like [Google](https://cloud.google.com/secret-manager), Azure or Amazon Secrets managers.
 
-Jenkins X GitOps works with [External Secrets](https://github.com/external-secrets/kubernetes-external-secrets) to provide an integrated experience so your secrets source of truth is a secrets manager and the values are replicated into the cluster when needed.
+Jenkins X GitOps works with [External Secrets](https://github.com/external-secrets/external-secrets) to provide an integrated experience so your secrets source of truth is a secrets manager and the values are replicated into the cluster when needed.
 
 ### Pipelines
 

diff --git a/content/en/v3/admin/guides/jenkins/gitops.md b/content/en/v3/admin/guides/jenkins/gitops.md
@@ -19,6 +19,6 @@ So we recommend trying to follow the GitOps approaches for your Jenkins servers
 * try store in git all of the Jenkins servers with their [configuration](/v3/admin/guides/jenkins/getting-started/#configure-jenkins)
 * try use the [Job DSL in git](/v3/admin/guides/jenkins/getting-started/#job-dsl) to import projects into your jenkins servers then its very easy to move projects to different servers via a simple Pull Request on the `.jx/gitops/source-config.yaml` file 
 * try use [Jenkins Configuration As Code](https://www.jenkins.io/projects/jcasc/) as much as you can as its simpler and easier to work with via GitOps
-* try use use [kubernetes external secrets](https://github.com/external-secrets/kubernetes-external-secrets) to manage all of your secrets in a secret store like vault or your cloud providers secret manager via [Jenkins X secret support](/v3/admin/setup/secrets/)
-  * you can then consume the secrets managed via [kubernetes external secrets](https://github.com/external-secrets/kubernetes-external-secrets) using the [kubernetes credentials provider plugin](https://plugins.jenkins.io/kubernetes-credentials-provider/)
-  * we use this mechanism to reuse the Jenkins X pipeline bot user and token we use for [tekton](https://github.com/tektoncd/pipeline) in each Jenkins server via properly labelled Secrets created via  [kubernetes external secrets](https://github.com/external-secrets/kubernetes-external-secrets). e.g. [here's how we share the git token](https://github.com/jenkins-x-charts/jenkins-resources/blob/main/charts/jenkins-resources/templates/tekton-git-secret.yaml#L15-L18) by using a kubernetes Secret with the labels for the [kubernetes credentials provider plugin](https://plugins.jenkins.io/kubernetes-credentials-provider/) which is automatically populated from the vault / cloud provider secret store
+* try use use [external secrets operator](https://github.com/external-secrets/external-secrets) to manage all of your secrets in a secret store like vault or your cloud providers secret manager via [Jenkins X secret support](/v3/admin/setup/secrets/)
+  * you can then consume the secrets managed via [external secrets operator](https://github.com/external-secrets/external-secrets) using the [kubernetes credentials provider plugin](https://plugins.jenkins.io/kubernetes-credentials-provider/)
+  * we use this mechanism to reuse the Jenkins X pipeline bot user and token we use for [tekton](https://github.com/tektoncd/pipeline) in each Jenkins server via properly labelled Secrets created via  [external secrets operator](https://github.com/external-secrets/external-secrets). e.g. [here's how we share the git token](https://github.com/jenkins-x-charts/jenkins-resources/blob/main/charts/jenkins-resources/templates/tekton-git-secret.yaml#L15-L18) by using a kubernetes Secret with the labels for the [kubernetes credentials provider plugin](https://plugins.jenkins.io/kubernetes-credentials-provider/) which is automatically populated from the vault / cloud provider secret store
diff --git a/content/en/v3/admin/guides/multi-cluster/multi-cluster-example.md b/content/en/v3/admin/guides/multi-cluster/multi-cluster-example.md
@@ -128,7 +128,7 @@ helmfiles/jx-staging/helmfile.yaml
 - chart: jxgh/jx-verify
 
 helmfiles/secret-infra/helmfile.yaml
-- chart: external-secrets/kubernetes-external-secrets
+- chart: external-secrets/external-secrets-operator
 - chart: jxgh/pusher-wave
 
 helmfiles/jx/helmfile.yaml
@@ -222,7 +222,7 @@ helmfiles/jx-staging/helmfile.yaml
 - chart: jxgh/jx-verify
 
 helmfiles/secret-infra/helmfile.yaml
-- chart: external-secrets/kubernetes-external-secrets
+- chart: external-secrets/external-secrets-operator
 - chart: jxgh/pusher-wave
 
 helmfiles/jx/helmfile.yaml

diff --git a/content/en/v3/admin/guides/multi-cluster/multi-cluster.md b/content/en/v3/admin/guides/multi-cluster/multi-cluster.md
@@ -23,7 +23,7 @@ And install only services to run and expose your applications, e.g.:
 
   * Nginx-ingress
   * Cert-manager
-  * [kubernetes external secrets](https://github.com/external-secrets/kubernetes-external-secrets) for [populating Secrets from your secret store](/v3/admin/setup/secrets/) (vault or cloud provider secret manager)
+  * [external secrets operator](https://github.com/external-secrets/external-secrets) for [populating Secrets from your secret store](/v3/admin/setup/secrets/) (vault or cloud provider secret manager)
   * [push-wave](https://github.com/jenkins-x-charts/pusher-wave#wave) for automatically performing rolling upgrades when secrets are rotated in your secret store
 
 
@@ -123,7 +123,7 @@ We do recommend using the Jenkins X GitOps pipeline approach in [production and
 
 You may want to reuse existing built in charts such as:
 
-* [kubernetes external secrets](https://github.com/external-secrets/kubernetes-external-secrets) for [populating Secrets from your secret store](/v3/admin/setup/secrets/) (vault or cloud provider secret manager)
+* [external secrets operator](https://github.com/external-secrets/external-secrets) for [populating Secrets from your secret store](/v3/admin/setup/secrets/) (vault or cloud provider secret manager)
 * [push-wave](https://github.com/jenkins-x-charts/pusher-wave#wave) for automatically performing rolling upgrades when secrets are rotated in your secret store
 
 

diff --git a/content/en/v3/admin/platforms/k3s/_index.md b/content/en/v3/admin/platforms/k3s/_index.md
@@ -182,7 +182,7 @@ Remember to run the following commands in a terminal where you have set the valu
 
 ```bash
 export VAULT_ADDR='http://0.0.0.0:8200'
-export VAULT_HELM_SECRET_NAME=$(kubectl -n secret-infra get secrets --output=json | jq -r '.items[].metadata | select(.name|startswith("kubernetes-external-secrets-token-")).name')
+export VAULT_HELM_SECRET_NAME=$(kubectl -n secret-infra get secrets --output=json | jq -r '.items[].metadata | select(.name|startswith("external-secrets-operator-token-")).name')
 export TOKEN_REVIEW_JWT=$(kubectl -n secret-infra get secret $VAULT_HELM_SECRET_NAME --output='go-template={{ .data.token }}' | base64 --decode)
 export KUBE_CA_CERT=$(kubectl config view --raw --minify --flatten --output='jsonpath={.clusters[].cluster.certificate-authority-data}' | base64 --decode)
 export KUBE_HOST=$(kubectl config view --raw --minify --flatten --output='jsonpath={.clusters[].cluster.server}')

diff --git a/content/en/v3/admin/setup/secrets/_index.md b/content/en/v3/admin/setup/secrets/_index.md
@@ -9,19 +9,28 @@ aliases:
   - /v3/admin/guides/secrets
 ---
 
-Jenkins X 3.x uses [Kubernetes External Secrets](https://github.com/external-secrets/kubernetes-external-secrets) to manage populating secrets from your underlying secret store such as:
+Jenkins X 3.x uses [External Secrets Operator](https://github.com/external-secrets/external-secrets) to manage populating secrets from your underlying secret store such as:
 
-* Alibaba Cloud KMS Secret Manager
-* Amazon Secret Manager
+* Akeyless
+* AWS Secrets Manager
 * Azure Key Vault
+* Doppler
+* Fake
+* Gitlab Project Variables
+* Google Secrets Manager
+* IBM Secrets manager
 * Hashicorp Vault
-* GCP Secret Manager
+* senhasegura DevOps Secrets Management
+* Oracle Vault
+* Webhook
+* Yandex Certificate Manager
+* 1Password Secrets Automation
 
 This lets you check in all of your other kubernetes resources and custom resource definitions into git for simple and powerful GitOps.
 
 You can then rotate secrets easily independent of git.
 
-This is the exact same graph as [here](https://github.com/external-secrets/kubernetes-external-secrets#system-architecture), with AWS Secrets Manager replaced by vault.
+This is the exact same graph as [here](https://github.com/external-secrets/external-secrets-operator#system-architecture), with AWS Secrets Manager replaced by vault.
 {{<mermaid>}}
 graph TB
     subgraph A[Kubernetes Cluster]
@@ -65,7 +74,7 @@ You can also use [UI](/v3/develop/ui/octant/) via `jx ui` and navigate to the [S
 
 ## Vault
 
-If you are using Vault as your back end for [Kubernetes External Secrets](https://github.com/external-secrets/kubernetes-external-secrets) then before you try any of the following commands to populate secrets you need to make sure your termminal can access Vault.
+If you are using Vault as your back end for [External Secrets Operator](https://github.com/external-secrets/external-secrets) then before you try any of the following commands to populate secrets you need to make sure your termminal can access Vault.
 
 To do this you can run the [jx secret vault portforward](https://github.com/jenkins-x/jx-secret/blob/master/docs/cmd/jx-secret_vault_portforward.md) command in a terminal:
 

diff --git a/content/en/v3/admin/setup/secrets/vault.md b/content/en/v3/admin/setup/secrets/vault.md
@@ -18,7 +18,7 @@ Otherwise please see the [On-Premises Vault Install Guide](/v3/admin/platforms/o
 
 whichever apporoach take you should have:
 
-- [Kubernetes External Secrets](https://github.com/external-secrets/kubernetes-external-secrets) is installed to populate Secrets from vault
+- [External Secrets Operator](https://github.com/external-secrets/external-secrets) is installed to populate Secrets from vault
 - the [vault operator](https://banzaicloud.com/products/bank-vaults/) is installed for operating vault
 - a vault instance is created in the `jx-vault` namespace
 

diff --git a/content/en/v3/admin/troubleshooting/secrets.md b/content/en/v3/admin/troubleshooting/secrets.md
@@ -28,7 +28,7 @@ and make sure in the logs `jx secret populate` command is successful.
 
 ```
 kubectl get pods -n secret-infra
-kubectl logs deploy/kubernetes-external-secrets -n secret-infra
+kubectl logs deploy/external-secrets-operator -n secret-infra
 ```
 
 - check the status of the external secret using `kubectl`

diff --git a/content/en/v3/develop/faq/config/secrets.md b/content/en/v3/develop/faq/config/secrets.md
@@ -121,11 +121,11 @@ and passing this values.yaml file into the `helmfiles/jx-production/helmfile.yam
 
 This will then use different paths in vault for staging: `secret/data/staging/$appName/something/$key` to production: `secret/data/production/$appName/something/$key`
 
-## How do I change the secret poll period in kubernetes external secrets?
+## How do I change the secret poll period in external secrets operator?
 
 Your cloud provider could charge per read of a secret and so a frequent poll of your secrets could cost $$$. You may want to tone down the poll period.
 
-You can do this via the `POLLER_INTERVAL_MILLISECONDS` setting in the [kubernetes external secrets configuration](https://github.com/external-secrets/kubernetes-external-secrets/tree/master/charts/kubernetes-external-secrets#configuration)
+You can do this via the `refreshInterval` setting in the [external secrets operator configuration](https://github.com/external-secrets/external-secrets/blob/3d3edcc8af3532e75f48714e45dcdfb7a521125b/docs/api/externalsecret.md)
 
 For more details [see how to configure charts](https://jenkins-x.io/v3/develop/apps/#customising-charts)
 

diff --git a/content/en/v3/develop/faq/general.md b/content/en/v3/develop/faq/general.md
@@ -36,7 +36,7 @@ The current approach has a [number of benefits](/v3/about/benefits/):
 
   * e.g. promoting from `1.2.3` to `1.3.0` of application `cheese` may look innocent enough, but did you notice those new `ClusterRole` and `PersistentVolume` resources that it now brings in?
 
-* we can default to using [canonical secret management mechanism](/v3/guides/secrets/) based on [kubernetes external secrets](https://github.com/external-secrets/kubernetes-external-secrets) (see [how it works](/v3/about/how-it-works/#generate-step)) to ensure that:
+* we can default to using [canonical secret management mechanism](/v3/guides/secrets/) based on [external secrets operator](https://github.com/external-secrets/external-secrets) (see [how it works](/v3/about/how-it-works/#generate-step)) to ensure that:
 
   * no Secret value accidentally gets checked into git by mistake
   * all secrets can be managed, versioned, stored and rotated using vault or your cloud providers native secret storage mechanism

diff --git a/content/en/v3/develop/faq/previews.md b/content/en/v3/develop/faq/previews.md
@@ -51,7 +51,7 @@ So to add `Secret` resources into your preview namespace try one of the followin
 * if you need configured Secrets to access external services then you can copy them from the `jx` namespace. We copy labelled secrets [by default in the preview helmfile.yaml](https://github.com/jenkins-x/jx3-pipeline-catalog/blob/master/packs/javascript/preview/helmfile.yaml#L23-L31)
     * you just need to add the label: `secret.jenkins-x.io/replica-source=true` to your `Secret` in the `jx` namespace
     * see [how to add a new Secret](/v3/admin/setup/secrets/#create-a-new-secret)  
-* you can add an `ExternalSecret resource` to your preview `helmfile.yaml`as a [nested chart like this](https://jenkins-x.io/v3/develop/apps/#adding-resources) which will then use [kubernetes external secrets](https://github.com/external-secrets/kubernetes-external-secrets) to populate the `Secret` resources from the external secret store.
+* you can add an `ExternalSecret resource` to your preview `helmfile.yaml`as a [nested chart like this](https://jenkins-x.io/v3/develop/apps/#adding-resources) which will then use [external secrets operator](https://github.com/external-secrets/external-secrets) to populate the `Secret` resources from the external secret store.
 * add a `Job`, init-container or helmfile hook in `preview/helmfile.yaml` to generate the `Secret` dynamically using whatever custom logic you prefer