cert-manager/trust-manager (trust-manager)
### [`v0.13.0`](https://redirect.github.com/cert-manager/trust-manager/releases/tag/v0.13.0)
[Compare Source](https://redirect.github.com/cert-manager/trust-manager/compare/v0.12.0...v0.13.0)
trust-manager is the easiest way to manage security-critical TLS trust bundles in Kubernetes and OpenShift clusters.
v0.13.0 is a minor release to include a swathe of dependency updates, refactors and a few new features.
Among the new features is the new optional `includeAllKeys` field for `Secret` and `ConfigMap` sources, by [@juliocamarero](https://redirect.github.com/juliocamarero). Previously, these sources required users to specify an indvidual key to include in the resulting bundle. With this new field, you can request that all keys be included instead. Note that Secret sources of `kubernetes.io/tls` type are not eligible for use with `includeAllKeys`, to avoid trust-manager reading a private key.
In addition, [@arsenalzp](https://redirect.github.com/arsenalzp) landed a great PR which cleans up handling of certificates within trust-manager, reducing the number of encode/decode operations done during a bundle reconcile.
#### What's Changed
- Support for including all certificates from a secret/configMap in bundle source by [@juliocamarero](https://redirect.github.com/juliocamarero) in [https://github.com/cert-manager/trust-manager/pull/460](https://redirect.github.com/cert-manager/trust-manager/pull/460)
- Introduce certificate pool structure and remove multiple encode/decode process by [@arsenalzp](https://redirect.github.com/arsenalzp) in [https://github.com/cert-manager/trust-manager/pull/375](https://redirect.github.com/cert-manager/trust-manager/pull/375)
- Fix example of topologySpreadConstraints to reference trust-manager by [@SgtCoDFish](https://redirect.github.com/SgtCoDFish) in [https://github.com/cert-manager/trust-manager/pull/401](https://redirect.github.com/cert-manager/trust-manager/pull/401)
- Bump sigs.k8s.io/controller-runtime to 0.19.0 by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/414](https://redirect.github.com/cert-manager/trust-manager/pull/414)
- fix: don't error if source selector selects no sources by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/432](https://redirect.github.com/cert-manager/trust-manager/pull/432)
- ci: fix new copyloopvar lint errors by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/445](https://redirect.github.com/cert-manager/trust-manager/pull/445)
- test: add tests for truststore deterministic by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/443](https://redirect.github.com/cert-manager/trust-manager/pull/443)
##### Refactoring
- refactor: move FieldManager to more available package by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/397](https://redirect.github.com/cert-manager/trust-manager/pull/397)
- refactor: fix name and import alias collisions by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/412](https://redirect.github.com/cert-manager/trust-manager/pull/412)
- refactor: dedicated target data struct by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/415](https://redirect.github.com/cert-manager/trust-manager/pull/415)
- refactor: move function for creating managed field entries by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/413](https://redirect.github.com/cert-manager/trust-manager/pull/413)
- refactor: use NamespacedName instead of positional name/namespace by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/435](https://redirect.github.com/cert-manager/trust-manager/pull/435)
- refactor: reduce duplication in sync target functions by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/436](https://redirect.github.com/cert-manager/trust-manager/pull/436)
- refactor: establish target.Reconciler by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/378](https://redirect.github.com/cert-manager/trust-manager/pull/378)
##### Automated Dependency Bumps
- Bump the all group across 1 directory with 2 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/404](https://redirect.github.com/cert-manager/trust-manager/pull/404)
- Bump the all group with 2 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/398](https://redirect.github.com/cert-manager/trust-manager/pull/398)
- Bump k8s.io/cli-runtime from 0.30.3 to 0.31.0 in the all group across 1 directory by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/417](https://redirect.github.com/cert-manager/trust-manager/pull/417)
- Bump the all group across 1 directory with 3 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/429](https://redirect.github.com/cert-manager/trust-manager/pull/429)
- build(deps): Bump sigs.k8s.io/controller-runtime from 0.19.0 to 0.19.1 in the all group by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/463](https://redirect.github.com/cert-manager/trust-manager/pull/463)
- Bump the all group with 5 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/438](https://redirect.github.com/cert-manager/trust-manager/pull/438)
- build(deps): Bump the all group with 5 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/461](https://redirect.github.com/cert-manager/trust-manager/pull/461)
##### Automated Makefile Modules Updates
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/400](https://redirect.github.com/cert-manager/trust-manager/pull/400)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/402](https://redirect.github.com/cert-manager/trust-manager/pull/402)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/405](https://redirect.github.com/cert-manager/trust-manager/pull/405)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/410](https://redirect.github.com/cert-manager/trust-manager/pull/410)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/416](https://redirect.github.com/cert-manager/trust-manager/pull/416)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/418](https://redirect.github.com/cert-manager/trust-manager/pull/418)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/422](https://redirect.github.com/cert-manager/trust-manager/pull/422)
- \[CI] Self-upgrade merging self-upgrade-main into main by [@inteon](https://redirect.github.com/inteon) in [https://github.com/cert-manager/trust-manager/pull/423](https://redirect.github.com/cert-manager/trust-manager/pull/423)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/427](https://redirect.github.com/cert-manager/trust-manager/pull/427)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/430](https://redirect.github.com/cert-manager/trust-manager/pull/430)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/431](https://redirect.github.com/cert-manager/trust-manager/pull/431)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/437](https://redirect.github.com/cert-manager/trust-manager/pull/437)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/439](https://redirect.github.com/cert-manager/trust-manager/pull/439)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/441](https://redirect.github.com/cert-manager/trust-manager/pull/441)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/444](https://redirect.github.com/cert-manager/trust-manager/pull/444)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/446](https://redirect.github.com/cert-manager/trust-manager/pull/446)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/448](https://redirect.github.com/cert-manager/trust-manager/pull/448)
- \[CI] Self-upgrade merging self-upgrade-main into main by [@inteon](https://redirect.github.com/inteon) in [https://github.com/cert-manager/trust-manager/pull/450](https://redirect.github.com/cert-manager/trust-manager/pull/450)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/451](https://redirect.github.com/cert-manager/trust-manager/pull/451)
- \[CI] Self-upgrade merging self-upgrade-main into main by [@inteon](https://redirect.github.com/inteon) in [https://github.com/cert-manager/trust-manager/pull/456](https://redirect.github.com/cert-manager/trust-manager/pull/456)
- \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/462](https://redirect.github.com/cert-manager/trust-manager/pull/462)
#### New Contributors
- [@juliocamarero](https://redirect.github.com/juliocamarero) made their first contribution in [https://github.com/cert-manager/trust-manager/pull/460](https://redirect.github.com/cert-manager/trust-manager/pull/460) 🎉
**Full Changelog**: https://github.com/cert-manager/trust-manager/compare/v0.12.0...v0.13.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
v0.12.0->v0.13.0Release Notes
cert-manager/trust-manager (trust-manager)
### [`v0.13.0`](https://redirect.github.com/cert-manager/trust-manager/releases/tag/v0.13.0) [Compare Source](https://redirect.github.com/cert-manager/trust-manager/compare/v0.12.0...v0.13.0) trust-manager is the easiest way to manage security-critical TLS trust bundles in Kubernetes and OpenShift clusters. v0.13.0 is a minor release to include a swathe of dependency updates, refactors and a few new features. Among the new features is the new optional `includeAllKeys` field for `Secret` and `ConfigMap` sources, by [@juliocamarero](https://redirect.github.com/juliocamarero). Previously, these sources required users to specify an indvidual key to include in the resulting bundle. With this new field, you can request that all keys be included instead. Note that Secret sources of `kubernetes.io/tls` type are not eligible for use with `includeAllKeys`, to avoid trust-manager reading a private key. In addition, [@arsenalzp](https://redirect.github.com/arsenalzp) landed a great PR which cleans up handling of certificates within trust-manager, reducing the number of encode/decode operations done during a bundle reconcile. #### What's Changed - Support for including all certificates from a secret/configMap in bundle source by [@juliocamarero](https://redirect.github.com/juliocamarero) in [https://github.com/cert-manager/trust-manager/pull/460](https://redirect.github.com/cert-manager/trust-manager/pull/460) - Introduce certificate pool structure and remove multiple encode/decode process by [@arsenalzp](https://redirect.github.com/arsenalzp) in [https://github.com/cert-manager/trust-manager/pull/375](https://redirect.github.com/cert-manager/trust-manager/pull/375) - Fix example of topologySpreadConstraints to reference trust-manager by [@SgtCoDFish](https://redirect.github.com/SgtCoDFish) in [https://github.com/cert-manager/trust-manager/pull/401](https://redirect.github.com/cert-manager/trust-manager/pull/401) - Bump sigs.k8s.io/controller-runtime to 0.19.0 by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/414](https://redirect.github.com/cert-manager/trust-manager/pull/414) - fix: don't error if source selector selects no sources by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/432](https://redirect.github.com/cert-manager/trust-manager/pull/432) - ci: fix new copyloopvar lint errors by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/445](https://redirect.github.com/cert-manager/trust-manager/pull/445) - test: add tests for truststore deterministic by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/443](https://redirect.github.com/cert-manager/trust-manager/pull/443) ##### Refactoring - refactor: move FieldManager to more available package by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/397](https://redirect.github.com/cert-manager/trust-manager/pull/397) - refactor: fix name and import alias collisions by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/412](https://redirect.github.com/cert-manager/trust-manager/pull/412) - refactor: dedicated target data struct by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/415](https://redirect.github.com/cert-manager/trust-manager/pull/415) - refactor: move function for creating managed field entries by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/413](https://redirect.github.com/cert-manager/trust-manager/pull/413) - refactor: use NamespacedName instead of positional name/namespace by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/435](https://redirect.github.com/cert-manager/trust-manager/pull/435) - refactor: reduce duplication in sync target functions by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/436](https://redirect.github.com/cert-manager/trust-manager/pull/436) - refactor: establish target.Reconciler by [@erikgb](https://redirect.github.com/erikgb) in [https://github.com/cert-manager/trust-manager/pull/378](https://redirect.github.com/cert-manager/trust-manager/pull/378) ##### Automated Dependency Bumps - Bump the all group across 1 directory with 2 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/404](https://redirect.github.com/cert-manager/trust-manager/pull/404) - Bump the all group with 2 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/398](https://redirect.github.com/cert-manager/trust-manager/pull/398) - Bump k8s.io/cli-runtime from 0.30.3 to 0.31.0 in the all group across 1 directory by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/417](https://redirect.github.com/cert-manager/trust-manager/pull/417) - Bump the all group across 1 directory with 3 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/429](https://redirect.github.com/cert-manager/trust-manager/pull/429) - build(deps): Bump sigs.k8s.io/controller-runtime from 0.19.0 to 0.19.1 in the all group by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/463](https://redirect.github.com/cert-manager/trust-manager/pull/463) - Bump the all group with 5 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/438](https://redirect.github.com/cert-manager/trust-manager/pull/438) - build(deps): Bump the all group with 5 updates by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/cert-manager/trust-manager/pull/461](https://redirect.github.com/cert-manager/trust-manager/pull/461) ##### Automated Makefile Modules Updates - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/400](https://redirect.github.com/cert-manager/trust-manager/pull/400) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/402](https://redirect.github.com/cert-manager/trust-manager/pull/402) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/405](https://redirect.github.com/cert-manager/trust-manager/pull/405) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/410](https://redirect.github.com/cert-manager/trust-manager/pull/410) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/416](https://redirect.github.com/cert-manager/trust-manager/pull/416) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/418](https://redirect.github.com/cert-manager/trust-manager/pull/418) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/422](https://redirect.github.com/cert-manager/trust-manager/pull/422) - \[CI] Self-upgrade merging self-upgrade-main into main by [@inteon](https://redirect.github.com/inteon) in [https://github.com/cert-manager/trust-manager/pull/423](https://redirect.github.com/cert-manager/trust-manager/pull/423) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/427](https://redirect.github.com/cert-manager/trust-manager/pull/427) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/430](https://redirect.github.com/cert-manager/trust-manager/pull/430) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/431](https://redirect.github.com/cert-manager/trust-manager/pull/431) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/437](https://redirect.github.com/cert-manager/trust-manager/pull/437) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/439](https://redirect.github.com/cert-manager/trust-manager/pull/439) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/441](https://redirect.github.com/cert-manager/trust-manager/pull/441) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/444](https://redirect.github.com/cert-manager/trust-manager/pull/444) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/446](https://redirect.github.com/cert-manager/trust-manager/pull/446) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/448](https://redirect.github.com/cert-manager/trust-manager/pull/448) - \[CI] Self-upgrade merging self-upgrade-main into main by [@inteon](https://redirect.github.com/inteon) in [https://github.com/cert-manager/trust-manager/pull/450](https://redirect.github.com/cert-manager/trust-manager/pull/450) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/451](https://redirect.github.com/cert-manager/trust-manager/pull/451) - \[CI] Self-upgrade merging self-upgrade-main into main by [@inteon](https://redirect.github.com/inteon) in [https://github.com/cert-manager/trust-manager/pull/456](https://redirect.github.com/cert-manager/trust-manager/pull/456) - \[CI] Merge self-upgrade-main into main by [@github-actions](https://redirect.github.com/github-actions) in [https://github.com/cert-manager/trust-manager/pull/462](https://redirect.github.com/cert-manager/trust-manager/pull/462) #### New Contributors - [@juliocamarero](https://redirect.github.com/juliocamarero) made their first contribution in [https://github.com/cert-manager/trust-manager/pull/460](https://redirect.github.com/cert-manager/trust-manager/pull/460) 🎉 **Full Changelog**: https://github.com/cert-manager/trust-manager/compare/v0.12.0...v0.13.0Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.