Skip to content

Commit

Permalink
Merge pull request #95 from wallrj/release-1.12.2
Browse files Browse the repository at this point in the history 
Release 1.12.2
  • Loading branch information
@wallrj
wallrj authored Jun 28, 2023
2 parents 7b8c550 + 2349f73 commit 3bc062c
Show file tree
Hide file tree
Showing 13 changed files with 157 additions and 56 deletions.
4 changes: 2 additions & 2 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@ SHELL := bash
.SUFFIXES:
.ONESHELL:

CERT_MANAGER_VERSION ?= 1.11.4
CERT_MANAGER_VERSION ?= 1.12.2
# Decoupled the BUNDLE_VERSION from the CERT_MANAGER_VERSION so that I can do a
# patch release containing the fix for:
# https://github.com/cert-manager/cert-manager/issues/5551
export BUNDLE_VERSION ?= 1.11.4
export BUNDLE_VERSION ?= 1.12.2
# DO NOT PUBLISH PRE-RELEASES TO THE STABLE CHANNEL!
# For stable releases use: `candidate stable`.
# For pre-releases use: `candidate`.
Expand Down
28 changes: 23 additions & 5 deletions bundle/manifests/acme.cert-manager.io_challenges.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
app: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: challenges.acme.cert-manager.io
spec:
group: acme.cert-manager.io
Expand Down Expand Up @@ -655,9 +655,18 @@ spec:
for each Challenge to be completed.
properties:
class:
description: The ingress class to use when creating Ingress
resources to solve ACME challenges that use this challenge
solver. Only one of 'class' or 'name' may be specified.
description: This field configures the annotation `kubernetes.io/ingress.class`
when creating Ingress resources to solve ACME challenges
that use this challenge solver. Only one of `class`,
`name` or `ingressClassName` may be specified.
type: string
ingressClassName:
description: This field configures the field `ingressClassName`
on the created Ingress resources used to solve ACME
challenges that use this challenge solver. This is the
recommended way of configuring the ingress class. Only
one of `class`, `name` or `ingressClassName` may be
specified.
type: string
ingressTemplate:
description: Optional ingress template used to configure
Expand Down Expand Up @@ -690,7 +699,8 @@ spec:
in order to solve HTTP01 challenges. This is typically
used in conjunction with ingress controllers like ingress-gce,
which maintains a 1:1 mapping between external IPs and
ingress resources.
ingress resources. Only one of `class`, `name` or `ingressClassName`
may be specified.
type: string
podTemplate:
properties:
Expand Down Expand Up @@ -1072,6 +1082,14 @@ spec:
type: array
type: object
type: object
imagePullSecrets:
items:
properties:
name:
type: string
type: object
x-kubernetes-map-type: atomic
type: array
nodeSelector:
additionalProperties:
type: string
Expand Down
2 changes: 1 addition & 1 deletion bundle/manifests/acme.cert-manager.io_orders.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
app: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: orders.acme.cert-manager.io
spec:
group: acme.cert-manager.io
Expand Down
2 changes: 1 addition & 1 deletion bundle/manifests/cert-manager-edit_rbac.authorization.k8s.io_v1_clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
name: cert-manager-edit
Expand Down
2 changes: 1 addition & 1 deletion bundle/manifests/cert-manager-view_rbac.authorization.k8s.io_v1_clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-view: "true"
Expand Down
2 changes: 1 addition & 1 deletion bundle/manifests/cert-manager-webhook_v1_configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,5 @@ metadata:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: webhook
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: cert-manager-webhook
2 changes: 1 addition & 1 deletion bundle/manifests/cert-manager-webhook_v1_service.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: webhook
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: cert-manager-webhook
spec:
ports:
Expand Down
36 changes: 21 additions & 15 deletions bundle/manifests/cert-manager.clusterserviceversion.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,9 +67,9 @@ metadata:
]
capabilities: Full Lifecycle
categories: Security
containerImage: quay.io/jetstack/cert-manager-controller:v1.11.4
createdAt: '2023-06-27T11:30:28'
olm.skipRange: '>=1.11.0 <1.11.4'
containerImage: quay.io/jetstack/cert-manager-controller:v1.12.2
createdAt: '2023-06-27T16:49:13'
olm.skipRange: '>=1.12.0 <1.12.2'
operators.operatorframework.io/builder: operator-sdk-v1.25.0
operators.operatorframework.io/internal-objects: |-
[
Expand All @@ -84,7 +84,7 @@ metadata:
operatorframework.io/arch.arm64: supported
operatorframework.io/arch.ppc64le: supported
operatorframework.io/arch.s390x: supported
name: cert-manager.v1.11.4
name: cert-manager.v1.12.2
namespace: placeholder
spec:
apiservicedefinitions: {}
Expand Down Expand Up @@ -585,6 +585,7 @@ spec:
- list
- watch
- update
- patch
- apiGroups:
- apiregistration.k8s.io
resources:
Expand All @@ -594,6 +595,7 @@ spec:
- list
- watch
- update
- patch
- apiGroups:
- apiextensions.k8s.io
resources:
Expand All @@ -603,6 +605,7 @@ spec:
- list
- watch
- update
- patch
serviceAccountName: cert-manager-cainjector
- rules:
- apiGroups:
Expand All @@ -618,7 +621,7 @@ spec:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: cert-manager
spec:
replicas: 1
Expand All @@ -639,27 +642,30 @@ spec:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
spec:
containers:
- args:
- --v=2
- --cluster-resource-namespace=$(POD_NAMESPACE)
- --leader-election-namespace=kube-system
- --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.11.4
- --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.12.2
- --max-concurrent-challenges=60
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: quay.io/jetstack/cert-manager-controller:v1.11.4
image: quay.io/jetstack/cert-manager-controller:v1.12.2
imagePullPolicy: IfNotPresent
name: cert-manager-controller
ports:
- containerPort: 9402
name: http-metrics
protocol: TCP
- containerPort: 9403
name: http-healthz
protocol: TCP
resources: {}
securityContext:
allowPrivilegeEscalation: false
Expand All @@ -678,7 +684,7 @@ spec:
app.kubernetes.io/component: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cainjector
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: cert-manager-cainjector
spec:
replicas: 1
Expand All @@ -695,7 +701,7 @@ spec:
app.kubernetes.io/component: cainjector
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cainjector
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
spec:
containers:
- args:
Expand All @@ -706,7 +712,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: quay.io/jetstack/cert-manager-cainjector:v1.11.4
image: quay.io/jetstack/cert-manager-cainjector:v1.12.2
imagePullPolicy: IfNotPresent
name: cert-manager-cainjector
resources: {}
Expand All @@ -727,7 +733,7 @@ spec:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: webhook
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: cert-manager-webhook
spec:
replicas: 1
Expand All @@ -744,7 +750,7 @@ spec:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: webhook
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
spec:
containers:
- args:
Expand All @@ -760,7 +766,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: quay.io/jetstack/cert-manager-webhook:v1.11.4
image: quay.io/jetstack/cert-manager-webhook:v1.12.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
Expand Down Expand Up @@ -888,7 +894,7 @@ spec:
provider:
name: The cert-manager maintainers
url: https://cert-manager.io/
version: 1.11.4
version: 1.12.2
webhookdefinitions:
- admissionReviewVersions:
- v1
Expand Down
2 changes: 1 addition & 1 deletion bundle/manifests/cert-manager.io_certificaterequests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
app: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: certificaterequests.cert-manager.io
spec:
group: cert-manager.io
Expand Down
29 changes: 16 additions & 13 deletions bundle/manifests/cert-manager.io_certificates.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
app: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/version: v1.11.4
app.kubernetes.io/version: v1.12.2
name: certificates.cert-manager.io
spec:
group: cert-manager.io
Expand Down Expand Up @@ -164,10 +164,11 @@ spec:
Certificate. If true, a file named `keystore.jks` will be
created in the target Secret resource, encrypted using the
password stored in `passwordSecretRef`. The keystore file
will be updated immediately. A file named `truststore.jks`
will also be created in the target Secret resource, encrypted
using the password stored in `passwordSecretRef` containing
the issuing Certificate Authority
will be updated immediately. If the issuer provided a CA
certificate, a file named `truststore.jks` will also be
created in the target Secret resource, encrypted using the
password stored in `passwordSecretRef` containing the issuing
Certificate Authority
type: boolean
passwordSecretRef:
description: PasswordSecretRef is a reference to a key in
Expand Down Expand Up @@ -199,10 +200,11 @@ spec:
Certificate. If true, a file named `keystore.p12` will be
created in the target Secret resource, encrypted using the
password stored in `passwordSecretRef`. The keystore file
will be updated immediately. A file named `truststore.p12`
will also be created in the target Secret resource, encrypted
using the password stored in `passwordSecretRef` containing
the issuing Certificate Authority
will be updated immediately. If the issuer provided a CA
certificate, a file named `truststore.p12` will also be
created in the target Secret resource, encrypted using the
password stored in `passwordSecretRef` containing the issuing
Certificate Authority
type: boolean
passwordSecretRef:
description: PasswordSecretRef is a reference to a key in
Expand Down Expand Up @@ -481,10 +483,11 @@ spec:
using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1).
type: integer
lastFailureTime:
description: LastFailureTime is the time as recorded by the Certificate
controller of the most recent failure to complete a CertificateRequest
for this Certificate resource. If set, cert-manager will not re-request
another Certificate until 1 hour has elapsed from this time.
description: LastFailureTime is set only if the lastest issuance for
this Certificate failed and contains the time of the failure. If
an issuance has failed, the delay till the next issuance will be
calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts
- 1). If the latest issuance has succeeded this field will be unset.
format: date-time
type: string
nextPrivateKeySecretName:
Expand Down
Loading

0 comments on commit 3bc062c

Please sign in to comment.