8000 Release v1.16.0-alpha.0 · cert-manager/cert-manager · GitHub
[go: up one dir, main page]
Skip to content

v1.16.0-alpha.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@jetstack-release-bot jetstack-release-bot released this 24 Jul 16:44
v1.16.0-alpha.0
3e83d22
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

📜 Changes since v1.15.0

Feature

  • Add SecretRef support for Venafi TPP issuer CA Bundle (#7036, @sankalp-at-gh)
  • Add a metrics server to the cainjector (#7194, @wallrj)
  • Add a metrics server to the webhook (#7182, @wallrj)
  • Add client certificate auth method for Vault issuer (#4330, @joshmue)
  • Add process and go runtime metrics for controller (#6966, @mindw)
  • Add renewBeforePercentage alternative to renewBefore (#6987, @cbroglie)
  • Default config.apiVersion and config.kind within the Helm chart (#7126, @ThatsMrTalbot)
  • Helm: adds JSON schema validation for the Helm values. (#7069, @inteon)
  • If the --controllers flag only specifies disabled controllers, the default controllers are now enabled implicitly.
    Added disableAutoApproval and approveSignerNames Helm chart options. (#7049, @inteon)
  • Reduce the memory usage of cainjector, by only caching the metadata of Secret resources.
    Reduce the load on the K8S API server when cainjector starts up, by only listing the metadata of Secret resources. (#7161, @wallrj)

Bug or Regression

  • BUGFIX route53: explicitly set the aws-global STS region which is now required by the github.com/aws/aws-sdk-go-v2 library. (#7108, @inteon)
  • BUGFIX: fix issue that caused Vault issuer to not retry signing when an error was encountered. (#7105, @inteon)
  • Bump grpc-go to fix GHSA-xr7q-jx4m-x55m (#7164, @SgtCoDFish)
  • Bump the go-retryablehttp dependency to fix CVE-2024-6104 (#7125, @SgtCoDFish)
  • Fix Azure DNS causing panics whenever authentication error happens (#7177, @eplightning)
  • Fix incorrect indentation of endpointAdditionalProperties in the PodMonitor template of the Helm chart (#7190, @wallrj)
  • Fixes ACME HTTP01 challenge behavior when using Gateway API to prevent unbounded creation of HTTPRoute resources (#7178, @miguelvr)
  • Helm BUGFIX: the cainjector ConfigMap was not mounted in the cainjector deployment. (#7052, @inteon)
  • Improve the startupapicheck: validate that the validating and mutating webhooks are doing their job. (#7057, @inteon)
  • Update github.com/Azure/azure-sdk-for-go/sdk/azidentity to address CVE-2024-35255 (#7087, @dependabot[bot])
Assets 4
Loading
0