cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
v1.14.5 fixes a bug in the DigitalOcean DNS-01 provider which could cause incorrect DNS records to be deleted when using a domain with a CNAME. Special thanks to @BobyMCbobs for reporting this issue and testing the fix!
It also patches CVE-2023-45288.
Known Issues
ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see 1.14 release notes for more information.
Changes
Bug or Regression
DigitalOcean: Ensure that only TXT records are considered for deletion when cleaning up after an ACME challenge (#6893 , @SgtCoDFish)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/cert-manager/cert-manager from 1.14.4 to 1.14.5.
Release notes
Sourced from github.com/cert-manager/cert-manager's releases.
Commits
6a09152Merge pull request #6955 from SgtCoDFish/release-1.14-ignore-CVE-2020-8559b774723[release-1.14] ignore trivy false positive CVE-2020-8559c1bc830Merge pull request #6942 from inteon/release-1.14_aclfb5b0acMerge pull request #6940 from cert-manager-bot/cherry-pick-6938-to-release-1.14a298c14disable rclone gcs bucket ACL53656b4remove docker custom network hack, since the test environment itself has been...04b2a8cMerge pull request #6931 from SgtCoDFish/release-1.14-CVE-2023-45288ca8832bMerge pull request #6936 from cert-manager-bot/cherry-pick-6923-to-release-1.14c35059afix flaky dns test, make sure dns server has started before sending requests8294b60[release-1.14] fix CVE-2023-45288, bump base images, bump goDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show