Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(helm): update chart cert-manager to v1.11.1 #664

Merged
merged 1 commit into from
Apr 12, 2023

Conversation

snoopy82481-bot[bot]
Copy link
Contributor

This PR contains the following updates:

Package Update Change
cert-manager patch v1.11.0 -> v1.11.1

Release Notes

cert-manager/cert-manager

v1.11.1

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

In v1.11.1, we updated the base images used for cert-manager containers. In addition, the users of the Venafi issuer will see less certificates repeatedly failing.

If you are a user of Venafi TPP and have been having issues with the error message This certificate cannot be processed while it is in an error state. Fix any errors, and then click Retry, please use this version.

Changes since v1.11.0

Bug or Regression
  • Bump helm and other dependencies to fix CVEs, along with upgrading go and base images (#​5815, @​SgtCoDFish)
  • Bump the distroless base images (#​5930, @​maelvls)
  • The auto-retry mechanism added in VCert 4.23.0 and part of cert-manager 1.11.0 (#​5674) has been found to be faulty. Until this issue is fixed upstream, we now use a patched version of VCert. This patch will slowdown the issuance of certificates by 9% in case of heavy load on TPP. We aim to release at an ulterior date a patch release of cert-manager to fix this slowdown. (#​5819, @​maelvls)
  • Use a fake-kube apiserver version when generating helm template in cmctl x install, to work around a hardcoded Kubernetes version in Helm. (#​5726, @​SgtCoDFish)
Other (Cleanup or Flake)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

| datasource | package      | from    | to      |
| ---------- | ------------ | ------- | ------- |
| helm       | cert-manager | v1.11.0 | v1.11.1 |
@snoopy82481-bot snoopy82481-bot bot requested a review from snoopy82481 as a code owner April 7, 2023 14:12
@snoopy82481-bot snoopy82481-bot bot added renovate/helm type/patch area/kubernetes Changes made in the kubernetes namespace directory size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Apr 7, 2023
@snoopy82481-bot
Copy link
Contributor Author

Helm Release: k8s/namespaces/clusters/base/networking/cert-manager/helm-release.yaml

spec.template.spec.containers.cert-manager-cainjector.image  (Deployment/default/cert-manager-cainjector)
  ± value change
    - quay.io/jetstack/cert-manager-cainjector:v1.11.0
    + quay.io/jetstack/cert-manager-cainjector:v1.11.1

spec.template.spec.containers.cert-manager-controller.image  (Deployment/default/cert-manager)
  ± value change
    - quay.io/jetstack/cert-manager-controller:v1.11.0
    + quay.io/jetstack/cert-manager-controller:v1.11.1

spec.template.spec.containers.cert-manager-controller.args  (Deployment/default/cert-manager)
  - one list entry removed:
    - "--acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.11.0"
    
  
  + one list entry added:
    - "--acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.11.1"
    
  

spec.template.spec.containers.cert-manager-webhook.image  (Deployment/default/cert-manager-webhook)
  ± value change
    - quay.io/jetstack/cert-manager-webhook:v1.11.0
    + quay.io/jetstack/cert-manager-webhook:v1.11.1

spec.template.spec.containers.cert-manager-startupapicheck.image  (Job/default/cert-manager-startupapicheck)
  ± value change
    - quay.io/jetstack/cert-manager-ctl:v1.11.0
    + quay.io/jetstack/cert-manager-ctl:v1.11.1

@snoopy82481-bot
Copy link
Contributor Author

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
✅ COPYPASTE jscpd yes no 1.5s
✅ REPOSITORY git_diff yes no 0.02s
✅ REPOSITORY secretlint yes no 2.19s
⚠️ YAML prettier 1 1 0.54s
✅ YAML yamllint 1 0 0.26s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

@snoopy82481 snoopy82481 merged commit fa3a34c into main Apr 12, 2023
@snoopy82481 snoopy82481 deleted the renovate/patch-cert-manager branch April 12, 2023 15:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/kubernetes Changes made in the kubernetes namespace directory renovate/helm size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. type/patch
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant