Changes by Kind
Feature
- Add encodeUsagesInRequest to Certificate spec to disable encoding usages in the CSR (#3304, @raphink)
- Add support for issuing IP certificates in ACME (#3288, @meyskens)
- Helm: Allow custom timeout value for webhook calls (#3323, @renan)
- Make ACME dns01 propagation check period configurable (#3314, @freym)
- Make Kubernetes API QPS throttling configurable (#3382, @meyskens)
- TPP issuer now supports access-token credentials. (#3379, @wallrj)
Other (Bug, Cleanup or Flake)
- Add Venafi Cloud e2e tests (#2966, @meyskens)
- Do not encode EextendedKeyUsage in the CSR is none is needed (#3262, @meyskens)
- Fix bug in AWS route53 zone lookup that caused too many IAM requests (#3354, @supriya-premkumar)
- Fix conversion webhook when given v1beta1 requests (#3242, @meyskens)
- Fix logic in patchDuplicateKeyUsage when signing and digital signature were set (#3343, @meyskens)
- Fixes incorrect CSR validation when both "signing" and "digital signature" are set (#3279, @meyskens)
- Improve ACME backoff logic + prevent infinity retry without surfacing errors (#3321, @meyskens)
- Include ACME resources aggregated ClusterRoles (#3330, @sharmaansh21)
- Put current year into manifest license (#3357, @meyskens)
- Refactor the cainjector to only have 1 leader election and to avoid duplicate caches (#3275, @wallrj)
- Remove stability warning from README for v1.0 (#3240, @munnerz)
- Revert de-duplication of cainjector leader-election to fix scenario where it crashes at startup due to broken webhook. (#3254, @wallrj)
- Run e2e tests against Venafi TPP (#3328, @meyskens)