github cert-manager/cert-manager v0.16.0

latest releases: v1.9.1, v1.9.0, v1.9.0-beta.1...
2 years ago

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

Changes by Kind


  • Acme: surface the 'reason' for Order's failing on Certificate & CertificateRequest resources for easier debugging of failures (#3075, @munnerz)
  • Add Events of the Certificate and of the CertificateRequest to the output of the ctl command status certificate (#3102, @hzhou97)
  • Add v1beta1 API version (#3038, @munnerz)
  • Add a hostedZoneName field to Cloud DNS (#2975, @meyskens)
  • Add cert-manager specific User-Agent to HTTP01 self-checks (#3046, @meyskens)
  • Add information about the CertificateRequest resource related to the Certificate to the output of the status certificate command. (#3090, @hzhou97)
  • Add new ctl command that outputs the details of the current status of a Certificate resource (#3026, @hzhou97)
  • Add new ctl command to manually create a CertificateRequest from yaml description of a Certificate resource. (#2957, @hzhou97)
  • Added the ability to set the container securityContext for each deployment in the helm chart (#2858, @sudermanjr)
  • Enable the new certificate controller implementations for all users (#3049, @munnerz)
  • Kubectl cert-manager: Added flags to wait for the CertificateRequest to be ready and store the certificate in a file. (#3044, @hzhou97)
  • Venafi: make issuance of certificates asynchronous (#2979, @meyskens)

Other (Bug, Cleanup or Flake)

  • Add e2e tests for OpenShift 3.11 (#2788, @meyskens)
  • Add more information to the Cloudflare DNS errors (#3101, @meyskens)
  • An empty ca.crt will no longer be added into the secret resource (#2947, @hzhou97)
  • Build using Go version 1.14.4 (#3058, @munnerz)
  • DNS01: make Cloudflare email optional if a token is used (#2989, @meyskens)
  • Default to O = cert-manager in the Venafi issuer if DN is empty (#2946, @meyskens)
  • Ensure Deleted Certificates no longer expose metrics and better cover all controller metrics. (#2923, @JoshVanL)
  • Error on venafi CertificateRequest when DN is empty (#3053, @meyskens)
  • Experimental certificate controllers encode private keys according to specification of user. (#3017, @hzhou97)
  • Experimental certificates controllers: fix automated certificate renewal (#3027, @munnerz)
  • Fix bug causing kubectl cert-manager convert to not work when conversions need to be performed (#3018, @hzhou97)
  • Improve documentation of API types displayed via kubectl explain (#3031, @munnerz)
  • Remove custom retry logic from Route53 DNS01 (#2898, @diversario)
  • Tag the Docker image with the correct architecture attribute (#3001, @meyskens)
  • Update the miekg/dns dependency (#2839, @meyskens)
  • Updates AWS Go SDK to 1.31.3 to support Route53 in AWS China Region (#2940, @qqshfox)
  • Upgrade to use Kubernetes 1.18.5 client libraries (#3059, @munnerz)
  • Use ctl.Scheme in create cr ctl command (#3036, @hzhou97)

Don't miss a new cert-manager release

NewReleases is sending notifications on new releases.