chore(deps): update dependency cert-manager/cert-manager to v1.13.0 #98
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.12.4->v1.13.0⚠ Dependency Lookup Warnings ⚠
Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.
Release Notes
cert-manager/cert-manager (cert-manager/cert-manager)
v1.13.0Compare Source
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
This is the 1.13 release of cert-manager!
cert-manager 1.13 brings support for DNS over HTTPS, support for loading options from a versioned
config file for the cert-manager controller, and more. This release also includes the promotion of
the StableCertificateRequestName and SecretsFilteredCaching feature gates to Beta.
Breaking Changes (You MUST read this before you upgrade!)
.featureGatesvalue set, the features defined there will no longer be passed to cert-manager webhook, only to cert-manager controller. Usewebhook.featureGatesfield instead to define features to be enabled on webhook. (#6093, @irbekrm)--feature-gatesflag, this will now break (unless the webhook actually has a feature by that name). (#6093, @irbekrm)Community
Welcome to these new cert-manager members (more info - https://github.com/cert-manager/cert-manager/pull/6260):
@jsoref
@FlorianLiebhart
@hawksight
@erikgb
Thanks again to all open-source contributors with commits in this release, including:
@AcidLeroy
@FlorianLiebhart
@lucacome
@cypres
@erikgb
@ubergesundheit
@jkroepke
@jsoref
@gdvalle
@rouke-broersma
@schrodit
@zhangzhiqiangcs
@arukiidou
@hawksight
@Richardds
@kahirokunn
Thanks also to the following cert-manager maintainers for their contributions during this release:
@SgtCoDFish
@maelvls
@irbekrm
@inteon
Equally thanks to everyone who provided feedback, helped users and raised issues on Github and Slack and joined our meetings!
Special thanks to @AcidLeroy for adding "load options from a versioned config file" support for the cert-manager controller! This has been on our wishlist for a very long time. (see https://github.com/cert-manager/cert-manager/pull/5337)
Also, thanks a lot to @FlorianLiebhart for adding support for DNS over HTTPS for the ACME DNS self-check. This is very useful in case all traffic must be HTTP(S) trafic, eg. when using a HTTPS_PROXY. (see https://github.com/cert-manager/cert-manager/pull/5003)
Thanks also to the CNCF, which provides resources and support, and to the AWS open source team for being good community members and for their maintenance of the PrivateCA Issuer.
In addition, massive thanks to Venafi for contributing developer time and resources towards the continued maintenance of cert-manager projects.
Changes since v1.12.0
Feature
cluster-readeraggregated cluster role (#6241, @erikgb)enableServiceLinksconfigurable for all Deployments andstartupapicheckJob in Helm chart. (#6292, @ubergesundheit)Design
The DNS check method to be used is controlled through the command line flag:
--dns01-recursive-nameservers-only=truein combination with--dns01-recursive-nameservers=https://<DoH-endpoint>(e.g.https://8.8.8.8/dns-query). It keeps using DNS lookup as a default method. (#5003, @FlorianLiebhart)Bug or Regression
cmctl check api --wait 0exited without output and exit code 1; we now make sure we perform the API check at least once and return with the correct error code (#6109, @inteon).featureGatesvalue set, the features defined there will no longer be passed to cert-manager webhook, only to cert-manager controller. Usewebhook.featureGatesfield instead to define features to be enabled on webhook.--feature-gatesflag, this will now break (unless the webhook actually has a feature by that name). (#6093, @irbekrm)net.IP.String()function would have printed that address. (#6293, @SgtCoDFish)enableServiceLinksoption for our ACME http solver pods, because the option caused the pod to be in a crash loop in a cluster with lot of services. (#6143, @schrodit)Other (Cleanup or Flake)
cert-manager.io/common-name,cert-manager.io/alt-names, ... annotations on Secrets are kept at their correct value. (#6176, @inteon)v0.27.2. (#6077, @lucacome)v0.27.4. (#6227, @lucacome)Configuration
📅 Schedule: Branch creation - "before 9pm on friday" in timezone Europe/Paris, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.