chore(deps): update helm release cert-manager to v1.10.0 (!310) · Merge requests · Shivering-Isles / Infrastructure GitOps

Botaniker (Bot) requested to merge renovate/cert-manager-1.x into main Oct 17, 2022

This MR contains the following updates:

Package	Update	Change
cert-manager	minor	`v1.9.1` -> `v1.10.0`

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the logs for more information.

Release Notes

cert-manager/cert-manager

`v1.10.0`

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

Version 1.10 adds a variety of quality-of-life fixes and features including improvements to the test suite.

Changes since v1.9.1

Feature

Add issuer_name, issuer_kind and issuer_group labels to certificate_expiration_timestamp_seconds, certmanager_certificate_renewal_timestamp_seconds and certmanager_certificate_ready_status metrics (#5461, @dkulchinsky)
Add make targets for running scans with trivy against locally built containers (#5358, @SgtCoDFish)
CertificateRequests: requests that use the SelfSigned Issuer will be re-reconciled when the target private key Secret has been informed cert-manager.io/private-key-secret-name. This resolves an issue whereby a request would never be signed when the target Secret was not created or was misconfigured before the request. (#5336, @JoshVanL)
CertificateSigningRequests: requests that use the SelfSigned Issuer will be re-reconciled when the target private key Secret has been informed experimental.cert-manager.io/private-key-secret-name. This resolves an issue whereby a request would never be signed when the target Secret was not created or was misconfigured before the request. CertificateSigningRequets will also now no-longer be marked as failed when the target private key Secret is malformed- now only firing an event. When the Secret data is resolved, the request will attempt issuance. (#5379, @JoshVanL)
Upgraded Gateway API to v0.5.0 (#5376, @inteon)
Add caBundleSecretRef to the Vault Issuer to allow referencing the Vault CA Bundle with a Secret. Cannot be used in conjunction with the in-line caBundle field. (#5387, @Tolsto)
The feature to create certificate requests with the name being a function of certificate name and revision has been introduced under the feature flag "StableCertificateRequestName" and it is disabled by default. This helps to prevent the error "multiple CertificateRequests were found for the 'next' revision...". (#5487, @sathyanarays)
Helm: Added a new parameter commonLabels which gives you the capability to add the same label on all the resource deployed by the chart. (#5208, @thib-mary)

Bug or Regression

CertificateSigningRequest: no longer mark a request as failed when using the SelfSigned issuer, and the Secret referenced in experimental.cert-manager.io/private-key-secret-name doesn't exist. (#5323, @JoshVanL)
DNS Route53: Remove incorrect validation which rejects solvers that don't define either a accessKeyID or secretAccessKeyID. (#5339, @JoshVanL)
Enhanced securityContext for PSS/restricted compliance. (#5259, @joebowbeer)
Fix issue where CertificateRequests marked as InvalidRequest did not properly trigger issuance failure handling leading to 'stuck' requests (#5366, @munnerz)
cmctl and kubectl cert-manager now report their actual versions instead of "canary", fixing issue #5020 (#5022, @maelvls)

Other

Avoid hard-coding release namespace in helm chart (#5163, @james-callahan)
Bump cert-manager's version of Go to 1.19 (#5466, @lucacome)
Remove .bazel and .bzl files from cert-manager now that bazel has been fully replaced (#5340, @SgtCoDFish)
Updates Kubernetes libraries to v0.25.2. (#5456, @lucacome)
Add annotations for ServiceMonitor in helm chart (#5401, @sathieu)
Helm: Add NetworkPolicy support (#5417, @mjudeikis)
To help troubleshooting, make the container names unique. BREAKING: this change will break scripts/ CI that depend on cert-manager being the container name. (#5410, @rgl)

Thank You!

Thank you to the following community members who had a merged MR for this version - your contributions are at the heart of everything we do!

Thanks also to the following maintainers who worked on cert-manager 1.10:

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

If you want to rebase/retry this MR, click this checkbox.

This MR has been generated by Renovate Bot. The local configuration can be found in the SI Renovate Bot repository.

chore(deps): update helm release cert-manager to v1.10.0