KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
cert-manager 1.14 brings a variety of features, security improvements and bug fixes, including: support for creating X.509 certificates with "Other Name" fields, and support for creating CA certificates with "Name Constraints" and "Authority Information Accessors" extensions.
⚠️ Known Issues
ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see release docs for more info and mitigations
BUGFIX: cert-manager CA and SelfSigned issuers incorrectly copied the critical flag from the CSR instead of re-calculating that field themselves. (#6727, @jetstack-bot)
Helm: Fix a bug in the logic that differentiates between 0 and an empty value. (#6729, @jetstack-bot)
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
cert-manager 1.14 brings a variety of features, security improvements and bug fixes, including: support for creating X.509 certificates with "Other Name" fields, and support for creating CA certificates with "Name Constraints" and "Authority Information Accessors" extensions.
⚠️ This version has known issues. Please install v1.14.2 instead.
⚠️ Known Issues (please install v1.14.2)
ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see release docs for more info and mitigations
In cert-manager v1.14.0 and v1.14.1, the CA and SelfSigned issuers issue certificates with SANs set to non-critical even when the subject is empty. It incorrectly copies the critical field from the CSR.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot will merge this PR once CI passes on it, as requested by @roxbot.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps github.com/cert-manager/cert-manager from 1.13.3 to 1.14.2.
Release notes
Sourced from github.com/cert-manager/cert-manager's releases.
... (truncated)
Commits
306e329Merge pull request #6737 from jetstack-bot/cherry-pick-6734-to-release-1.14180c58ebump base images9bf4908Merge pull request #6735 from jetstack-bot/cherry-pick-6732-to-release-1.1477c4bc3bump golang0caa338Merge pull request #6729 from jetstack-bot/cherry-pick-6713-to-release-1.149f00466add comments that explain the empty value trick201223afix the Helm trick that we use to differentiate between 0 and an empty value2499e95Merge pull request #6727 from jetstack-bot/cherry-pick-6724-to-release-1.149ea674efix changed behavior: set critical flag of SANs extension based on subject543d31cMerge pull request #6726 from jetstack-bot/cherry-pick-6725-to-release-1.14Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot will merge this PR once CI passes on it, as requested by @roxbot.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show