Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(helm): update cert-manager ( v1.16.2 → v1.16.4 ) #2588

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(helm): update cert-manager ( v1.16.2 → v1.16.4 ) #2588

wants to merge 1 commit into from
+1 −1

Conversation

snoopy82481-bot[bot]
Copy link
Contributor

@snoopy82481-bot snoopy82481-bot bot commented Jan 16, 2025
edited
Loading

This PR contains the following updates:

Package Update Change
cert-manager (source) patch v1.16.2 -> v1.16.4

Release Notes

cert-manager/cert-manager (cert-manager)

v1.16.4

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

This release is primarily intended to address a breaking change in Cloudflare's API which impacted ACME DNS-01 challenges using Cloudflare.

Many thanks to the community members who reported this issue!

Changes by Kind

Bug or Regression

v1.16.3

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

v1.16.3 is a patch release mainly focused around bumping dependencies to address reported CVEs: CVE-2024-45337 and CVE-2024-45338.

We don't believe that cert-manager is actually vulnerable; this release is instead intended to satisfy vulnerability scanners.

It also includes a bug fix to the new renewBeforePercentage field. If you were using renewBeforePercentage, see PR #​7421 for more information.

Changes

Bug
Other

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@snoopy82481-bot snoopy82481-bot bot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. area/kubernetes Changes made in the kubernetes namespace directory labels Jan 16, 2025
@snoopy82481-bot
Copy link
Contributor Author

snoopy82481-bot bot commented Jan 16, 2025
edited
Loading 

--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-cainjector

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-cainjector

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-cainjector
-        image: quay.io/jetstack/cert-manager-cainjector:v1.16.2
+        image: quay.io/jetstack/cert-manager-cainjector:v1.16.4
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --leader-election-namespace=kube-system
         ports:
         - containerPort: 9402
--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager

@@ -31,19 +31,19 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-controller
-        image: quay.io/jetstack/cert-manager-controller:v1.16.2
+        image: quay.io/jetstack/cert-manager-controller:v1.16.4
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --cluster-resource-namespace=$(POD_NAMESPACE)
         - --leader-election-namespace=kube-system
-        - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.16.2
+        - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.16.4
         - --dns01-recursive-nameservers=1.1.1.1:53,9.9.9.9:53
         - --dns01-recursive-nameservers-only
         - --feature-gates=ExperimentalGatewayAPISupport=true
         - --max-concurrent-challenges=60
         ports:
         - containerPort: 9402
--- HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-webhook

+++ HelmRelease: cert-manager/cert-manager Deployment: cert-manager/cert-manager-webhook

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-webhook
-        image: quay.io/jetstack/cert-manager-webhook:v1.16.2
+        image: quay.io/jetstack/cert-manager-webhook:v1.16.4
         imagePullPolicy: IfNotPresent
         args:
         - --v=2
         - --secure-port=10250
         - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE)
         - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca
--- HelmRelease: cert-manager/cert-manager Job: cert-manager/cert-manager-startupapicheck

+++ HelmRelease: cert-manager/cert-manager Job: cert-manager/cert-manager-startupapicheck

@@ -31,13 +31,13 @@

       securityContext:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
       containers:
       - name: cert-manager-startupapicheck
-        image: quay.io/jetstack/cert-manager-startupapicheck:v1.16.2
+        image: quay.io/jetstack/cert-manager-startupapicheck:v1.16.4
         imagePullPolicy: IfNotPresent
         args:
         - check
         - api
         - --wait=1m
         - -v

@snoopy82481-bot
Copy link
Contributor Author

snoopy82481-bot bot commented Jan 16, 2025
edited
Loading 

--- kubernetes/apps/cert-manager/cert-manager/app Kustomization: flux-system/cert-manager HelmRelease: cert-manager/cert-manager

+++ kubernetes/apps/cert-manager/cert-manager/app Kustomization: flux-system/cert-manager HelmRelease: cert-manager/cert-manager

@@ -13,13 +13,13 @@

     spec:
       chart: cert-manager
       sourceRef:
         kind: HelmRepository
         name: jetstack
         namespace: flux-system
-      version: v1.16.2
+      version: v1.16.4
   install:
     remediation:
       retries: 5
   interval: 30m
   maxHistory: 2
   rollback:

@snoopy82481-bot
fix(helm): update cert-manager ( v1.16.2 → v1.16.4 )
08fec2f 
| datasource | package      | from    | to      |
| ---------- | ------------ | ------- | ------- |
| helm       | cert-manager | v1.16.2 | v1.16.4 |
@snoopy82481-bot snoopy82481-bot bot force-pushed the renovate/patch-cert-manager branch from 93577dc to 08fec2f Compare February 13, 2025 13:10
@snoopy82481-bot snoopy82481-bot bot changed the title fix(helm): update cert-manager ( v1.16.2 → v1.16.3 ) fix(helm): update cert-manager ( v1.16.2 → v1.16.4 ) Feb 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@snoopy82481 snoopy82481 Awaiting requested review from snoopy82481 snoopy82481 is a code owner

Assignees
No one assigned
Labels
area/kubernetes Changes made in the kubernetes namespace directory renovate/helm size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. type/patch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants