search

onedr0p / home-ops

Wife approved HomeOps driven by Kubernetes and GitOps using Flux
https://onedr0p.github.io/home-ops/
Do What The F*ck You Want To Public License
1.98k stars 179 forks source link

fix(helm): update cert-manager ( v1.15.1 → v1.15.2 ) #7945

Closed bot-ross[bot] closed 2 months ago

bot-ross[bot] commented 2 months ago

This PR contains the following updates:

Package Update Change
cert-manager (source) patch v1.15.1 -> v1.15.2

Release Notes

cert-manager/cert-manager (cert-manager) ### [`v1.15.2`](https://togithub.com/cert-manager/cert-manager/releases/tag/v1.15.2) [Compare Source](https://togithub.com/cert-manager/cert-manager/compare/v1.15.1...v1.15.2) cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters. **🔗 [See v1.15.0](https://togithub.com/cert-manager/cert-manager/releases/tag/v1.15.0) for more information about cert-manager 1.15 and read-before-upgrade info.** #### 📜 Changes since `v1.15.1` ##### Bug or Regression - BUGFIX `route53`: explicitly set the `aws-global` STS region which is now required by the `github.com/aws/aws-sdk-go-v2` library. ([#​7189](https://togithub.com/cert-manager/cert-manager/pull/7189), [`@cert-manager-bot`](https://togithub.com/cert-manager-bot)) - Bump `grpc-go` to fix `GHSA-xr7q-jx4m-x55m` ([#​7167](https://togithub.com/cert-manager/cert-manager/pull/7167), [`@SgtCoDFish`](https://togithub.com/SgtCoDFish)) - Fix Azure DNS causing panics whenever authentication error happens ([#​7188](https://togithub.com/cert-manager/cert-manager/pull/7188), [`@cert-manager-bot`](https://togithub.com/cert-manager-bot)) - Fix incorrect value and indentation of `endpointAdditionalProperties` in the `PodMonitor` template of the Helm chart ([#​7191](https://togithub.com/cert-manager/cert-manager/pull/7191), [`@inteon`](https://togithub.com/inteon)) - Fixes ACME HTTP01 challenge behavior when using Gateway API to prevent unbounded creation of `HTTPRoute` resources ([#​7186](https://togithub.com/cert-manager/cert-manager/pull/7186), [`@cert-manager-bot`](https://togithub.com/cert-manager-bot)) - Upgrade `golang` from `1.22.3` to `1.22.5` ([#​7165](https://togithub.com/cert-manager/cert-manager/pull/7165), [`@github-actions`](https://togithub.com/github-actions))

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Renovate Bot.

bot-ross[bot] commented 2 months ago 
--- kubernetes/main/apps/cert-manager/cert-manager/app Kustomization: flux-system/cert-manager HelmRelease: cert-manager/cert-manager

+++ kubernetes/main/apps/cert-manager/cert-manager/app Kustomization: flux-system/cert-manager HelmRelease: cert-manager/cert-manager

@@ -13,13 +13,13 @@

     spec:
       chart: cert-manager
       sourceRef:
         kind: HelmRepository
         name: jetstack
         namespace: flux-system
-      version: v1.15.1
+      version: v1.15.2
   install:
     remediation:
       retries: 3
   interval: 30m
   upgrade:
     cleanupOnFail: true
bot-ross[bot] commented 2 months ago 
--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-cainjector

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-cainjector

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-cainjector
-        image: quay.io/jetstack/cert-manager-cainjector:v1.15.1
+        image: quay.io/jetstack/cert-manager-cainjector:v1.15.2
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --leader-election-namespace=kube-system
         env:
         - name: POD_NAMESPACE
--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager

@@ -31,19 +31,19 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-controller
-        image: quay.io/jetstack/cert-manager-controller:v1.15.1
+        image: quay.io/jetstack/cert-manager-controller:v1.15.2
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --cluster-resource-namespace=$(POD_NAMESPACE)
         - --leader-election-namespace=kube-system
-        - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.15.1
+        - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.15.2
         - --max-concurrent-challenges=60
         - --dns01-recursive-nameservers-only=true
         - --dns01-recursive-nameservers=https://1.1.1.1:443/dns-query,https://1.0.0.1:443/dns-query
         ports:
         - containerPort: 9402
           name: http-metrics
--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-webhook

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-webhook

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-webhook
-        image: quay.io/jetstack/cert-manager-webhook:v1.15.1
+        image: quay.io/jetstack/cert-manager-webhook:v1.15.2
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --secure-port=10250
         - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE)
         - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca
--- HelmRelease: cert-manager/cert-manager Job: cert-manager/cert-manager-startupapicheck

+++ HelmRelease: cert-manager/cert-manager Job: cert-manager/cert-manager-startupapicheck

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-startupapicheck
-        image: quay.io/jetstack/cert-manager-startupapicheck:v1.15.1
+        image: quay.io/jetstack/cert-manager-startupapicheck:v1.15.2
         imagePullPolicy: IfNotPresent
         args:
         - check
         - api
         - --wait=1m
         - -v