chore(deps): update helm release cert-manager to v1.6.1

This MR contains the following updates:

Package	Update	Change
cert-manager	minor	v1.5.3 -> v1.6.1

---

Release Notes

jetstack/cert-manager

v1.6.1

Compare Source

Changelog since v1.6.0

Changes by Kind

Bug or Regression

• Fixes an issue in cmctl that prevented displaying the Order resource with cert-manager 1.6 when running cmctl status certificate. (#​4572, @​maelvls)
• Update to latest version of keystore-go to address a backwards incompatible change introduced in v1.6.0 (#​4564, @​SgtCoDFish)

Dependencies

Added

Nothing has changed.

Changed

• github.com/pavel-v-chernykh/keystore-go/v4: v4.1.0 → v4.2.0

Removed

Nothing has changed.

v1.6.0

Compare Source

Changelog since v1.5.0

Breaking Changes (You MUST read this before you upgrade!)

⚠️ Following their deprecation in version 1.5, the cert-manager APIVersions v1alpha2, v1alpha3, and v1beta1 are no longer served.

This means if your deployment manifests contain any of these API versions, you will not be able to deploy them after upgrading. Our new cmctl utility or old kubectl cert-manager plugin can convert old manifests to v1 for you.

⚠️ JKS Keystores now have a minimum password length of 6 characters, as an unintended side effect of upgrading keystore-go from v2 to v4. This was fixed in cert-manager v1.6.1

Changes by Kind

Feature

• Add Certificate RenewBefore prometheus metrics (#​4419, @​artificial-aidan)
• Add option to specify managed identity id when using azure-dns dns-01 solver (#​4332, @​tomasfreund)
• Add support for building & developing on M1 macs (#​4485, @​munnerz)
• Adds release targets for both cmctl as well as kubectl-cert_manager (#​4523, @​JoshVanL)
• Allow setting Helm chart service annotations (#​3639, @​treydock)
• CLI: Adds cmctl completion command for generating shell completion scripts for bash, zsh, fish, and powershell (#​4408, @​JoshVanL)
• CLI: Adds support for auto-completion on runtime objects (Namespaces, CertificateRequests, Certificates etc.) (#​4409, @​JoshVanL)
• CLI: Only expose Kubernetes related flags on commands that use them (#​4407, @​JoshVanL)
• Enable configuring CLI command name and registering completion subcommand at build time. (#​4522, @​JoshVanL)

Bug or Regression

• FIX: Prevent Vault Client from panicing when request to Vault health endpoint fails. (#​4456, @​JoshVanL)
• Fix CRDs which were accidentally changed in cert-manager v1.5.0 (#​4353, @​SgtCoDFish)
• Fix regression in Ingress PathType introduced in v1.5.0 (#​4373, @​jakexks)
• Fixed the HTTP-01 solver creating ClusterIP instead of NodePort services by default. (#​4393, @​jakexks)
• Fixes renewal time issue for certs with skewed duration period. (#​4399, @​irbekrm)
• Pod Security Policy for startup api check job (#​4364, @​ndegory)
• The startupapicheck post-install hook in the Helm chart now deletes any post-install hook resources left after a previous failed install allowing helm install to be re-run after a previous failure. (#​4433, @​wallrj)
• The defaults for leader election parameters are now consistent across cert-manager and cainjector. (#​4359, @​johanfleury)
• Use GetAuthorization instead of GetChallenge when querying the current state of an ACME challenge. (#​4430, @​JoshVanL)

Other (Cleanup or Flake)

• Adds middleware logging back to ACME client for debugging (#​4429, @​JoshVanL)
• Deprecation: The API versions: v1alpha2, v1alpha3, and v1beta1, are no longer served in cert-manager 1.6 and will be removed in cert-manager 1.7. (#​4482, @​wallrj)
• Expose error messages (e.g., invalid access token) from the Cloudflare API to users; allow live testing using Cloudflare API token (not just key). (#​4465, @​andrewmwhite)
• Fix manually specified PKCS#​10 CSR and X.509 Certificate version numbers (although these were ignored in practice) (#​4392, @​SgtCoDFish)
• Improves logging for 'owner not found' errors for CertificateRequests owning Orders. (#​4369, @​irbekrm)
• Refactor: move from io/ioutil to io and os package (#​4402, @​Juneezee)
• Removes status fields from CRD configs (#​4379, @​irbekrm)
• Update cert-manager base image versions (#​4474, @​SgtCoDFish)
• Uses Go 1.17 (#​4478, @​irbekrm)

v1.5.4

Compare Source

Changelog since v1.5.3

Changes by Kind

Bug or Regression

• FIX: Prevent Vault Client from panicing when request to Vault health endpoint fails. (#​4476, @​JoshVanL)
• Pod Security Policy for startup api check job (#​4432, @​ndegory)
• The startupapicheck post-install hook in the Helm chart now deletes any post-install hook resources left after a previous failed install allowing helm install to be re-run after a previous failure. (#​4435, @​wallrj)

Other (Cleanup or Flake)

• Update cert-manager base image versions (#​4479, @​SgtCoDFish)

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, click this checkbox.

---

This MR has been generated by Renovate Bot. The local configuration can be found in the SI Renovate Bot repository.