Update quay.io/jetstack/cert-manager-ctl Docker tag to v1.11.1
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
quay.io/jetstack/cert-manager-ctl | ironbank-docker | patch |
v1.11.0 -> v1.11.1
|
quay.io/jetstack/cert-manager-ctl | patch |
v1.11.0 -> v1.11.1
|
|
quay.io/jetstack/cert-manager-ctl | stage | patch |
v1.11.0 -> v1.11.1
|
Release Notes
cert-manager/cert-manager
v1.11.1
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
In v1.11.1, we updated the base images used for cert-manager containers. In addition, the users of the Venafi issuer will see less certificates repeatedly failing.
If you are a user of Venafi TPP and have been having issues with the error message This certificate cannot be processed while it is in an error state. Fix any errors, and then click Retry
, please use this version.
Changes since v1.11.0
Bug or Regression
- Bump helm and other dependencies to fix CVEs, along with upgrading go and base images (#5815, @SgtCoDFish)
- Bump the distroless base images (#5930, @maelvls)
- The auto-retry mechanism added in VCert 4.23.0 and part of cert-manager 1.11.0 (#5674) has been found to be faulty. Until this issue is fixed upstream, we now use a patched version of VCert. This patch will slowdown the issuance of certificates by 9% in case of heavy load on TPP. We aim to release at an ulterior date a patch release of cert-manager to fix this slowdown. (#5819, @maelvls)
- Use a fake-kube apiserver version when generating helm template in
cmctl x install
, to work around a hardcoded Kubernetes version in Helm. (#5726, @SgtCoDFish)
Other (Cleanup or Flake)
- Bump keystore-go to v4.4.1 to work around an upstream rewrite of history (#5730, @SgtCoDFish)
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.