security-profiles-operator
security-profiles-operator copied to clipboard
kubernetes-sigs
build(deps): bump github.com/cert-manager/cert-manager from 1.14.5 to 1.15.1
Bumps github.com/cert-manager/cert-manager from 1.14.5 to 1.15.1.
Release notes
Sourced from github.com/cert-manager/cert-manager's releases.
v1.15.1
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
🔗 See v1.15.0 for more information about cert-manager 1.15 and read-before-upgrade info.
📜 Changes since v1.15.0
Bug or Regression
- BUGFIX: fix issue that caused Vault issuer to not retry signing when an error was encountered. (#7111,
@inteon)Other (Cleanup or Flake)
- Update github.com/Azure/azure-sdk-for-go/sdk/azidentity to address CVE-2024-35255 (#7092,
@ThatsMrTalbot)- Bump the go-retryablehttp dependency to fix CVE-2024-6104 (#7130,
@SgtCoDFish)v1.15.0
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
cert-manager 1.15 promotes several features to beta, including GatewayAPI support (
ExperimentalGatewayAPISupport), the ability to provide a subject in the Certificate that will be used literally in the CertificateSigningRequest (LiteralCertificateSubject) and the outputting of additional certificate formats (AdditionalCertificateOutputFormats).[!NOTE]
The
cmctlbinary have been moved to https://github.com/cert-manager/cmctl/releases. For the startupapicheck Job you should update references to point atquay.io/jetstack/cert-manager-startupapicheck[!NOTE]
From this release, the Helm chart will no longer uninstall the CRDs when the chart is uninstalled. If you want the CRDs to be removed on uninstall use
crds.keep=falsewhen installing the Helm chart.Community
Thanks again to all open-source contributors with commits in this release, including:
@Pionerd,@SgtCoDFish,@ThatsMrTalbot,@andrey-dubnik,@bwaldrep,@eplightning,@erikgb,@findnature,@gplessis,@import-shiburin,@inteon,@jkroepke,@lunarwhite,@mangeshhambarde,@pwhitehead-splunk&@rodrigorfk,@wallrj.Thanks also to the following cert-manager maintainers for their contributions during this release:
@SgtCoDFish,@SpectralHiss,@ThatsMrTalbot,@hawksight,@inteon,@maelvls&@wallrj.Equally thanks to everyone who provided feedback, helped users and raised issues on GitHub and Slack and joined our meetings!
Thanks also to the CNCF, which provides resources and support, and to the AWS open source team for being good community members and for their maintenance of the PrivateCA Issuer.
In addition, massive thanks to Venafi for contributing developer time and resources towards the continued maintenance of cert-manager projects.
Changes by Kind
Feature
- GatewayAPI support has graduated to Beta. Add the
--enable-gateway-apiflag to enable the integration. (#6961,@ThatsMrTalbot)- Add support to specify a custom key alias in a JKS Keystore (#6807,
@bwaldrep)- Add the ability to communicate with Vault via mTLS when strict client certificates is enabled at Vault server side (#6614,
@rodrigorfk)- Added option to provide additional audiences in the service account auth section for vault (#6718,
@andrey-dubnik)
... (truncated)
Commits
5b04ec6Merge pull request #7130 from SgtCoDFish/release-1.15-bump-http-lib7936ff0[release-1.15] Bump go-retryablehttp to address CVE-2024-61043da4f98Merge pull request #7111 from inteon/release-1.15_vault_bugfixdb2a8f5add testcasec680694only retry when encountering a Vault non-InvalidData errorc91273aBUGFIX: retry signing when encountering transient errord95c635Merge pull request #7092 from ThatsMrTalbot/chore/update-azidentity-1.6.048bf30achore: updating github.com/Azure/azure-sdk-for-go/sdk/azidentity to address C...9b53314Merge pull request #7091 from cert-manager-bot/cherry-pick-7090-to-release-1.157ec86d2feat: normalize azure errors- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @dependabot[bot]. Thanks for your PR.
I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.
Once the patch is verified, the new status will be reflected by the ok-to-test label.
I understand the commands that are listed here.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: ccojocar, dependabot[bot]
The full list of commands accepted by this bot can be found here.
The pull request process is described here
- ~~OWNERS~~ [ccojocar]
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:
| Test name | Commit | Details | Required | Rerun command |
|---|---|---|---|---|
| pull-security-profiles-operator-verify | 8e5036267cab6d465a0d69f9bd20750d049b480f | link | true | /test pull-security-profiles-operator-verify |
| pull-security-profiles-operator-build | 8e5036267cab6d465a0d69f9bd20750d049b480f | link | true | /test pull-security-profiles-operator-build |
| pull-security-profiles-operator-test-unit | 8e5036267cab6d465a0d69f9bd20750d049b480f | link | true | /test pull-security-profiles-operator-test-unit |
| pull-security-profiles-operator-build-image | 8e5036267cab6d465a0d69f9bd20750d049b480f | link | true | /test pull-security-profiles-operator-build-image |
| pull-security-profiles-operator-test-e2e | 8e5036267cab6d465a0d69f9bd20750d049b480f | link | true | /test pull-security-profiles-operator-test-e2e |
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.
PR needs rebase.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.