Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🌱 Bump github.com/cert-manager/cert-manager from 1.10.0 to 1.16.1 in /test #1995

Merged
merged 1 commit into from
Oct 23, 2024
Merged

🌱 Bump github.com/cert-manager/cert-manager from 1.10.0 to 1.16.1 in /test #1995

merged 1 commit into from
Oct 23, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 13, 2024
edited
Loading

Bumps github.com/cert-manager/cert-manager from 1.10.0 to 1.16.1.

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.16.1

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

The cert-manager 1.16 release includes: new Helm chart features, more Prometheus metrics, memory optimizations, and various improvements and bug fixes for the ACME issuer and Venafi Issuer.

📖 Read the complete 1.16 release notes before upgrading.

📜Changes since v1.16.0

Bug or Regression

  • BUGFIX: Helm schema validation: the new schema validation was too strict for the "global" section. Since the global section is shared across all charts and sub-charts, we must also allow unknown fields. (#7348, @inteon)
  • BUGFIX: Helm will now accept percentages for the podDisruptionBudget.minAvailable and podDisruptionBudget.maxAvailable values. (#7345, @inteon)
  • Helm: allow enabled to be set as a value to toggle cert-manager as a dependency. (#7356, @inteon)
  • BUGFIX: A change in v1.16.0 caused cert-manager's ACME ClusterIssuer to look in the wrong namespace for resources required for the issuance (e.g. credential Secrets). This is now fixed in v1.16.1. (#7342, @inteon)

v1.16.0

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

The cert-manager 1.16 release includes: new Helm chart features, more Prometheus metrics, memory optimizations, and various improvements and bug fixes for the ACME issuer and Venafi Issuer.

📖 Read the complete 1.16 release notes at cert-manager.io.

⚠️ Known issues

  1. Helm Chart: JSON schema prevents the chart being used as a sub-chart on Rancher RKE.
  2. ACME DNS01 ClusterIssuer fail while loading credentials from Secret resources.

❗ Breaking changes

  1. Helm schema validation may reject your existing Helm values files if they contain typos or unrecognized fields.
  2. Venafi Issuer may fail to renew certificates if the requested duration conflicts with the CA’s minimum or maximum policy settings in Venafi.
  3. Venafi Issuer may fail to renew Certificates if the issuer has been configured for TPP with username-password authentication.

📖 Read the complete 1.16 release notes at cert-manager.io.

📜 Changes since v1.15.0

📖 Read the complete 1.16 release notes at cert-manager.io.

Feature

  • Add SecretRef support for Venafi TPP issuer CA Bundle (#7036, @sankalp-at-gh)
  • Add renewBeforePercentage alternative to renewBefore (#6987, @cbroglie)
  • Add a metrics server to the cainjector (#7194, @wallrj)
  • Add a metrics server to the webhook (#7182, @wallrj)
  • Add client certificate auth method for Vault issuer (#4330, @joshmue)
  • Add process and go runtime metrics for controller (#6966, @mindw)
  • Added app.kubernetes.io/managed-by: cert-manager label to the cert-manager-webhook-ca Secret (#7154, @jrcichra)
  • Allow the user to specify a Pod template when using GatewayAPI HTTP01 solver, this mirrors the behavior when using the Ingress HTTP01 solver. (#7211, @ThatsMrTalbot)
  • Create token request RBAC for the cert-manager ServiceAccount by default (#7213, @Jasper-Ben)

... (truncated)

Commits
  • ff50c06 Merge pull request #7356 from cert-manager-bot/cherry-pick-7350-to-release-1.16
  • 2298278 Helm: add enabled to json schema
  • 02f4a60 Merge pull request #7355 from cert-manager-bot/cherry-pick-7351-to-release-1.16
  • 7525267 Helm chart: fix documentation for service accounts annotations
  • b44f375 Merge pull request #7348 from cert-manager/self-upgrade-release-1.16
  • c3bdc1f Run 'make upgrade-klone' and 'make generate'
  • 2d22a92 Merge pull request #7345 from cert-manager-bot/cherry-pick-7343-to-release-1.16
  • 4f4ea8b update schema validation for minAvailable and maxAvailable to accept both str...
  • 17d9d81 Merge pull request #7342 from cert-manager-bot/cherry-pick-7339-to-release-1.16
  • 1144aab add ACME ClusterIssuer resource namespace test
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Oct 13, 2024
@dependabot dependabot bot mentioned this pull request Oct 13, 2024
Closed
@dependabot dependabot bot requested review from elfosardo, honza and kashifest October 13, 2024 21:05
@metal3-io-bot metal3-io-bot requested a review from mquhuy October 13, 2024 21:05
@metal3-io-bot
Copy link
Contributor

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a metal3-io member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@metal3-io-bot metal3-io-bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Oct 13, 2024
@tuminoid
Copy link
Member

/hold
This is bumping k8s stack too.

@metal3-io-bot metal3-io-bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 21, 2024
kashifest
kashifest reviewed Oct 21, 2024
View reviewed changes
Copy link
Member

@kashifest kashifest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@metal3-io-bot metal3-io-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 21, 2024
kashifest
kashifest reviewed Oct 21, 2024
View reviewed changes
Copy link
Member

@kashifest kashifest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve cancel

@metal3-io-bot metal3-io-bot removed the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 21, 2024
@dependabot dependabot bot force-pushed the dependabot/go_modules/test/main/github.com/cert-manager/cert-manager-1.16.1 branch from 5ee2528 to 9056cb4 Compare October 22, 2024 07:22
@tuminoid
Copy link
Member

Toolchain bump is gone, k8s bump is not. We should have k8s bump first, then this on top.

@dependabot dependabot bot force-pushed the dependabot/go_modules/test/main/github.com/cert-manager/cert-manager-1.16.1 branch from 9056cb4 to 2b34164 Compare October 22, 2024 09:04
@tuminoid
Copy link
Member

Toolchain bump is gone, k8s bump is not. We should have k8s bump first, then this on top.

K8s bump is coming in #2010

@elfosardo
Copy link
Member

/hold

@elfosardo
Copy link
Member

/approve

@metal3-io-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: elfosardo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@metal3-io-bot metal3-io-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 22, 2024
@dependabot
🌱 Bump github.com/cert-manager/cert-manager in /test
357ce7f 
Bumps [github.com/cert-manager/cert-manager](https://github.com/cert-manager/cert-manager) from 1.10.0 to 1.16.1.
- [Release notes](https://github.com/cert-manager/cert-manager/releases)
- [Changelog](https://github.com/cert-manager/cert-manager/blob/master/RELEASE.md)
- [Commits](cert-manager/cert-manager@v1.10.0...v1.16.1)

---
updated-dependencies:
- dependency-name: github.com/cert-manager/cert-manager
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/test/main/github.com/cert-manager/cert-manager-1.16.1 branch from 2b34164 to 357ce7f Compare October 22, 2024 17:46
@tuminoid
Copy link
Member

/retest
/unhold

@kashifest
Copy link
Member

/lgtm

@metal3-io-bot metal3-io-bot added the lgtm Indicates that a PR is ready to be merged. label Oct 23, 2024
@tuminoid
Copy link
Member

/unhold

@metal3-io-bot metal3-io-bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 23, 2024
@metal3-io-bot metal3-io-bot merged commit 5df43b0 into main Oct 23, 2024
37 of 38 checks passed
@metal3-io-bot metal3-io-bot deleted the dependabot/go_modules/test/main/github.com/cert-manager/cert-manager-1.16.1 branch October 23, 2024 06:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kashifest kashifest kashifest left review comments

@elfosardo elfosardo Awaiting requested review from elfosardo

@honza honza Awaiting requested review from honza

@mquhuy mquhuy Awaiting requested review from mquhuy

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@metal3-io-bot @tuminoid @elfosardo @kashifest