helm/cert-manager/cert-manager 1.1.0

v1.1.0

on Artifact Hub

Changes by Kind

Feature

• Add encodeUsagesInRequest to Certificate spec to disable encoding usages in the CSR (#3304, @raphink)
• Add option to pass the Certificate duration to ACME (not supported by Let's Encrypt yet) (#3347, @meyskens)
• Add support for issuing IP certificates in ACME (#3288, @meyskens)
• Adds ability to Helm chart to set podLabels for the webhook and cainjector deployments (#3419, @logicbomb421)
• Helm: Allow custom timeout value for webhook calls (#3323, @renan)
• Make ACME dns01 propagation check period configurable (#3314, @freym)
• Make Kubernetes API QPS throttling configurable (#3382, @meyskens)
• TPP issuer now supports access-token credentials. See https://cert-manager.io/docs/configuration/venafi/#creating-a-venafi-trust-protection-platform-issuer for details. (#3379, @wallrj)

Other (Bug, Cleanup or Flake)

• Add Venafi Cloud e2e tests (#2966, @meyskens)
• Do not encode EextendedKeyUsage in the CSR is none is needed (#3262, @meyskens)
• Fix a panic when changing the max concurrent challenges to a lower value (#3399, @meyskens)
• Fix bug in AWS route53 zone lookup that caused too many IAM requests (#3354, @supriya-premkumar)
• Fix conversion webhook when given v1beta1 requests (#3242, @meyskens)
• Fix logic in patchDuplicateKeyUsage when signing and digital signature were set (#3343, @meyskens)
• Fix nil pointer error in Cloud DNS when specific config was used. (#3417, @meyskens)
• Fixes incorrect CSR validation when both "signing" and "digital signature" are set (#3279, @meyskens)
• Improve ACME backoff logic + prevent infinity retry without surfacing errors (#3321, @meyskens)
• Improved API validation for Venafi Issuer configuration (#3409, @wallrj)
• Include ACME resources aggregated ClusterRoles (#3330, @sharmaansh21)
• Put current year into manifest license (#3357, @meyskens)
• Refactor the cainjector to only have 1 leader election and to avoid duplicate caches (#3275, @wallrj)
• Remove stability warning from README for v1.0 (#3240, @munnerz)
• Replace Go's ACME retry logic with custom logic (#3384, @meyskens)
• Revert de-duplication of cainjector leader-election to fix scenario where it crashes at startup due to broken webhook. (#3254, @wallrj)
• Run e2e tests against Venafi TPP (#3328, @meyskens)
• Set the resync periods of informers to 10 hours instead of 30 seconds (#3403, @meyskens)⏎