Urgent Upgrade Notes
(No, really, you MUST read this before you upgrade)
- Support for AuditSink resources in the
auditregistration.k8s.io/v1alpha1
API group has been removed (#3056, @munnerz)
Changes by Kind
Feature
- Add
v1beta1
API version (#3038, @munnerz) - Add cert-manager specific User-Agent to HTTP01 self-checks (#3046, @meyskens)
- Add new ctl command to manually create a CertificateRequest from yaml description of a Certificate resource. (#2957, @hzhou97)
- Added the ability to set the container securityContext for each deployment in the helm chart (#2858, @sudermanjr)
- Enable the new certificate controller implementations for all users (#3049, @munnerz)
Other (Bug, Cleanup or Flake)
- An empty ca.crt will no longer be added into the secret resource (#2947, @hzhou97)
- Build using Go version 1.14.4 (#3058, @munnerz)
- DNS01: make Cloudflare email optional if a token is used (#2989, @meyskens)
- Ensure Deleted Certificates no longer expose metrics and better cover all controller metrics. (#2923, @JoshVanL)
- Error on venafi CertificateRequest when DN is empty (#3053, @meyskens)
- Experimental certificate controllers encode private keys according to specification of user. (#3017, @hzhou97)
- Experimental certificates controllers: fix automated certificate renewal (#3027, @munnerz)
- Fix bug causing
kubectl cert-manager convert
to not work when conversions need to be performed (#3018, @hzhou97) - Improve documentation of API types displayed via
kubectl explain
(#3031, @munnerz) - Remove custom retry logic from Route53 DNS01 (#2898, @diversario)
- Tag the Docker image with the correct
architecture
attribute (#3001, @meyskens) - Update the miekg/dns dependency (#2839, @meyskens)
- Updates AWS Go SDK to 1.31.3 to support Route53 in AWS China Region (#2940, @qqshfox)
- Upgrade to use Kubernetes 1.18.5 client libraries (#3059, @munnerz)
- Use ctl.Scheme in create cr ctl command (#3036, @hzhou97)