search

axeII / home-ops

A repository for HomeOps where I perform Infrastructure as Code (IaC) and GitOps practices.
Do What The F*ck You Want To Public License
41 stars 1 forks source link

fix(helm): update cert-manager ( v1.15.2 → v1.15.3 ) #1307

Closed bot-akira[bot] closed 4 weeks ago

bot-akira[bot] commented 4 weeks ago

This PR contains the following updates:

Package Update Change
cert-manager (source) patch v1.15.2 -> v1.15.3

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

cert-manager/cert-manager (cert-manager) ### [`v1.15.3`](https://togithub.com/cert-manager/cert-manager/releases/tag/v1.15.3) [Compare Source](https://togithub.com/cert-manager/cert-manager/compare/v1.15.2...v1.15.3) cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters. **🔗 [See v1.15.0](https://togithub.com/cert-manager/cert-manager/releases/tag/v1.15.0) for more information about cert-manager 1.15 and read-before-upgrade info.** #### 📜 Changes since [`v1.15.2`](https://togithub.com/cert-manager/cert-manager/releases/tag/v1.15.2) ##### Bug or Regression - BUGFIX: the dynamic certificate source used by the webhook TLS server failed to detect a root CA approaching expiration, due to a calculation error. This will cause the webhook TLS server to fail renewing it's CA certificate. Please upgrade before the expiration of this CA certificate is reached. ([#​7232](https://togithub.com/cert-manager/cert-manager/issues/7232), [@​cert-manager-bot](https://togithub.com/cert-manager-bot))

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Renovate Bot.

bot-akira[bot] commented 4 weeks ago 
--- kubernetes/apps/cert-manager/cert-manager/app Kustomization: flux-system/cluster-apps-cert-manager HelmRelease: cert-manager/cert-manager

+++ kubernetes/apps/cert-manager/cert-manager/app Kustomization: flux-system/cluster-apps-cert-manager HelmRelease: cert-manager/cert-manager

@@ -12,13 +12,13 @@

     spec:
       chart: cert-manager
       sourceRef:
         kind: HelmRepository
         name: jetstack
         namespace: flux-system
-      version: v1.15.2
+      version: v1.15.3
   install:
     createNamespace: true
     remediation:
       retries: 3
   interval: 5m
   upgrade:
bot-akira[bot] commented 4 weeks ago 
--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-cainjector

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-cainjector

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-cainjector
-        image: quay.io/jetstack/cert-manager-cainjector:v1.15.2
+        image: quay.io/jetstack/cert-manager-cainjector:v1.15.3
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --leader-election-namespace=kube-system
         env:
         - name: POD_NAMESPACE
--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager

@@ -31,19 +31,19 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-controller
-        image: quay.io/jetstack/cert-manager-controller:v1.15.2
+        image: quay.io/jetstack/cert-manager-controller:v1.15.3
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --cluster-resource-namespace=$(POD_NAMESPACE)
         - --leader-election-namespace=kube-system
-        - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.15.2
+        - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.15.3
         - --dns01-recursive-nameservers=1.1.1.1:53,9.9.9.9:53
         - --dns01-recursive-nameservers-only
         - --max-concurrent-challenges=60
         ports:
         - containerPort: 9402
           name: http-metrics
--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-webhook

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-webhook

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-webhook
-        image: quay.io/jetstack/cert-manager-webhook:v1.15.2
+        image: quay.io/jetstack/cert-manager-webhook:v1.15.3
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --secure-port=10250
         - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE)
         - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca
--- HelmRelease: cert-manager/cert-manager Job: cert-manager/cert-manager-startupapicheck

+++ HelmRelease: cert-manager/cert-manager Job: cert-manager/cert-manager-startupapicheck

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-startupapicheck
-        image: quay.io/jetstack/cert-manager-startupapicheck:v1.15.2
+        image: quay.io/jetstack/cert-manager-startupapicheck:v1.15.3
         imagePullPolicy: IfNotPresent
         args:
         - check
         - api
         - --wait=1m
         - -v
axeII commented 4 weeks ago

🦙 MegaLinter status: ✅ SUCCESS

Descriptor Linter Files Fixed Errors Elapsed time

See detailed report in MegaLinter reports _Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff_

_MegaLinter is graciously provided by OX Security_