github cert-manager/trust-manager v0.13.0

20 hours ago

trust-manager is the easiest way to manage security-critical TLS trust bundles in Kubernetes and OpenShift clusters.

v0.13.0 is a minor release to include a swathe of dependency updates, refactors and a few new features.

Among the new features is the new optional includeAllKeys field for Secret and ConfigMap sources, by @juliocamarero. Previously, these sources required users to specify an indvidual key to include in the resulting bundle. With this new field, you can request that all keys be included instead. Note that Secret sources of kubernetes.io/tls type are not eligible for use with includeAllKeys, to avoid trust-manager reading a private key.

In addition, @arsenalzp landed a great PR which cleans up handling of certificates within trust-manager, reducing the number of encode/decode operations done during a bundle reconcile.

What's Changed

  • Support for including all certificates from a secret/configMap in bundle source by @juliocamarero in #460
  • Introduce certificate pool structure and remove multiple encode/decode process by @arsenalzp in #375
  • Fix example of topologySpreadConstraints to reference trust-manager by @SgtCoDFish in #401
  • Bump sigs.k8s.io/controller-runtime to 0.19.0 by @erikgb in #414
  • fix: don't error if source selector selects no sources by @erikgb in #432
  • ci: fix new copyloopvar lint errors by @erikgb in #445
  • test: add tests for truststore deterministic by @erikgb in #443

Refactoring

  • refactor: move FieldManager to more available package by @erikgb in #397
  • refactor: fix name and import alias collisions by @erikgb in #412
  • refactor: dedicated target data struct by @erikgb in #415
  • refactor: move function for creating managed field entries by @erikgb in #413
  • refactor: use NamespacedName instead of positional name/namespace by @erikgb in #435
  • refactor: reduce duplication in sync target functions by @erikgb in #436
  • refactor: establish target.Reconciler by @erikgb in #378

Automated Dependency Bumps

  • Bump the all group across 1 directory with 2 updates by @dependabot in #404
  • Bump the all group with 2 updates by @dependabot in #398
  • Bump k8s.io/cli-runtime from 0.30.3 to 0.31.0 in the all group across 1 directory by @dependabot in #417
  • Bump the all group across 1 directory with 3 updates by @dependabot in #429
  • build(deps): Bump sigs.k8s.io/controller-runtime from 0.19.0 to 0.19.1 in the all group by @dependabot in #463
  • Bump the all group with 5 updates by @dependabot in #438
  • build(deps): Bump the all group with 5 updates by @dependabot in #461

Automated Makefile Modules Updates

  • [CI] Merge self-upgrade-main into main by @github-actions in #400
  • [CI] Merge self-upgrade-main into main by @github-actions in #402
  • [CI] Merge self-upgrade-main into main by @github-actions in #405
  • [CI] Merge self-upgrade-main into main by @github-actions in #410
  • [CI] Merge self-upgrade-main into main by @github-actions in #416
  • [CI] Merge self-upgrade-main into main by @github-actions in #418
  • [CI] Merge self-upgrade-main into main by @github-actions in #422
  • [CI] Self-upgrade merging self-upgrade-main into main by @inteon in #423
  • [CI] Merge self-upgrade-main into main by @github-actions in #427
  • [CI] Merge self-upgrade-main into main by @github-actions in #430
  • [CI] Merge self-upgrade-main into main by @github-actions in #431
  • [CI] Merge self-upgrade-main into main by @github-actions in #437
  • [CI] Merge self-upgrade-main into main by @github-actions in #439
  • [CI] Merge self-upgrade-main into main by @github-actions in #441
  • [CI] Merge self-upgrade-main into main by @github-actions in #444
  • [CI] Merge self-upgrade-main into main by @github-actions in #446
  • [CI] Merge self-upgrade-main into main by @github-actions in #448
  • [CI] Self-upgrade merging self-upgrade-main into main by @inteon in #450
  • [CI] Merge self-upgrade-main into main by @github-actions in #451
  • [CI] Self-upgrade merging self-upgrade-main into main by @inteon in #456
  • [CI] Merge self-upgrade-main into main by @github-actions in #462

New Contributors

Full Changelog: v0.12.0...v0.13.0

Don't miss a new trust-manager release

NewReleases is sending notifications on new releases.