CLOUD-727: Bump github.com/cert-manager/cert-manager from 1.14.5 to 1.15.1

[dependabot[bot]]

Bumps github.com/cert-manager/cert-manager from 1.14.5 to 1.15.1.

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.15.1

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

🔗 See v1.15.0 for more information about cert-manager 1.15 and read-before-upgrade info.

📜 Changes since v1.15.0

Bug or Regression

• BUGFIX: fix issue that caused Vault issuer to not retry signing when an error was encountered. (#7111, @​inteon)

Other (Cleanup or Flake)

• Update github.com/Azure/azure-sdk-for-go/sdk/azidentity to address CVE-2024-35255 (#7092, @​ThatsMrTalbot)
• Bump the go-retryablehttp dependency to fix CVE-2024-6104 (#7130, @​SgtCoDFish)

v1.15.0

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

cert-manager 1.15 promotes several features to beta, including GatewayAPI support (ExperimentalGatewayAPISupport), the ability to provide a subject in the Certificate that will be used literally in the CertificateSigningRequest (LiteralCertificateSubject) and the outputting of additional certificate formats (AdditionalCertificateOutputFormats).

[!NOTE]

The cmctl binary have been moved to https://github.com/cert-manager/cmctl/releases. For the startupapicheck Job you should update references to point at quay.io/jetstack/cert-manager-startupapicheck

[!NOTE]

From this release, the Helm chart will no longer uninstall the CRDs when the chart is uninstalled. If you want the CRDs to be removed on uninstall use crds.keep=false when installing the Helm chart.

Community

Thanks again to all open-source contributors with commits in this release, including: @​Pionerd, @​SgtCoDFish, @​ThatsMrTalbot, @​andrey-dubnik, @​bwaldrep, @​eplightning, @​erikgb, @​findnature, @​gplessis, @​import-shiburin, @​inteon, @​jkroepke, @​lunarwhite, @​mangeshhambarde, @​pwhitehead-splunk & @​rodrigorfk, @​wallrj.

Thanks also to the following cert-manager maintainers for their contributions during this release: @​SgtCoDFish, @​SpectralHiss, @​ThatsMrTalbot, @​hawksight, @​inteon, @​maelvls & @​wallrj.

Equally thanks to everyone who provided feedback, helped users and raised issues on GitHub and Slack and joined our meetings!

Thanks also to the CNCF, which provides resources and support, and to the AWS open source team for being good community members and for their maintenance of the PrivateCA Issuer.

In addition, massive thanks to Venafi for contributing developer time and resources towards the continued maintenance of cert-manager projects.

Changes by Kind

Feature

• GatewayAPI support has graduated to Beta. Add the --enable-gateway-api flag to enable the integration. (#6961, @​ThatsMrTalbot)
• Add support to specify a custom key alias in a JKS Keystore (#6807, @​bwaldrep)
• Add the ability to communicate with Vault via mTLS when strict client certificates is enabled at Vault server side (#6614, @​rodrigorfk)
• Added option to provide additional audiences in the service account auth section for vault (#6718, @​andrey-dubnik)

... (truncated)

Commits

• 5b04ec6 Merge pull request #7130 from SgtCoDFish/release-1.15-bump-http-lib
• 7936ff0 [release-1.15] Bump go-retryablehttp to address CVE-2024-6104
• 3da4f98 Merge pull request #7111 from inteon/release-1.15_vault_bugfix
• db2a8f5 add testcase
• c680694 only retry when encountering a Vault non-InvalidData error
• c91273a BUGFIX: retry signing when encountering transient error
• d95c635 Merge pull request #7092 from ThatsMrTalbot/chore/update-azidentity-1.6.0
• 48bf30a chore: updating github.com/Azure/azure-sdk-for-go/sdk/azidentity to address C...
• 9b53314 Merge pull request #7091 from cert-manager-bot/cherry-pick-7090-to-release-1.15
• 7ec86d2 feat: normalize azure errors
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[JNKPercona]

Test name	Status
arbiter	passed
balancer	passed
custom-replset-name	passed
custom-tls	passed
cross-site-sharded	passed
data-at-rest-encryption	passed
data-sharded	passed
demand-backup	passed
demand-backup-eks-credentials	passed
demand-backup-physical	passed
demand-backup-physical-sharded	passed
demand-backup-sharded	passed
expose-sharded	passed
ignore-labels-annotations	passed
init-deploy	passed
finalizer	passed
ldap	passed
ldap-tls	passed
limits	passed
liveness	passed
mongod-major-upgrade	passed
mongod-major-upgrade-sharded	passed
monitoring-2-0	passed
multi-cluster-service	passed
non-voting	passed
one-pod	passed
operator-self-healing-chaos	passed
pitr	passed
pitr-sharded	passed
pitr-physical	passed
pvc-resize	passed
recover-no-primary	passed
rs-shard-migration	passed
scaling	passed
scheduled-backup	passed
security-context	passed
self-healing-chaos	passed
service-per-pod	passed
serviceless-external-nodes	passed
smart-update	passed
split-horizon	passed
storage	passed
tls-issue-cert-manager	passed
upgrade	passed
upgrade-consistency	passed
upgrade-consistency-sharded-tls	passed
upgrade-sharded	passed
users	passed
version-service	passed
We run 49 out of 49

commit: https://github.com/percona/percona-server-mongodb-operator/pull/1582/commits/3e1c1c98878d7a8c6e9032918e343a912b26f649 image: perconalab/percona-server-mongodb-operator:PR-1582-3e1c1c98