[pull] master from cert-manager:master #1066
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Nikola <[email protected]>
Signed-off-by: Renovate Bot <[email protected]>
…onsi-deps fix(deps): update module github.com/onsi/ginkgo/v2 to v2.27.2 (master)
Signed-off-by: Erik Godding Boye <[email protected]>
adds logs for cases when acme server return us fatal error
Signed-off-by: cert-manager-bot <[email protected]>
Signed-off-by: Tim Ramlot <[email protected]>
Signed-off-by: Renovate Bot <[email protected]>
Signed-off-by: Renovate Bot <[email protected]>
- Redact AWS and Azure SDK http errors in controller error normalizer - Remove azuredns stabilizeError/NormalizedError and return original errors - Use %w when wrapping Azure errors so callers can redact them - Update tests to expect redacted messages and remove obsolete checks - Stabilize DigitalOcean ErrorResponse errors too Signed-off-by: Richard Wall <[email protected]>
…-go-deps fix(deps): update module sigs.k8s.io/controller-runtime to v0.22.4 (master)
Centralize the stabilization of DNS01 API errors
Deprecate GenericIssuer.GetObjectMeta
fix(deps): update cloud go deps (master)
[CI] Merge self-upgrade-master into master
Co-authored-by: Atanas Chuchev <[email protected]> Signed-off-by: iossifbenbassat123 <[email protected]>
Co-authored-by: Atanas Chuchev <[email protected]> Signed-off-by: iossifbenbassat123 <[email protected]>
Co-authored-by: Atanas Chuchev <[email protected]> Signed-off-by: iossifbenbassat123 <[email protected]>
Co-authored-by: Atanas Chuchev <[email protected]> Signed-off-by: iossifbenbassat123 <[email protected]>
Signed-off-by: Iossif Benbassat <[email protected]>
Signed-off-by: Iossif Benbassat <[email protected]>
Signed-off-by: Iossif Benbassat <[email protected]>
Signed-off-by: Iossif Benbassat <[email protected]>
Signed-off-by: Iossif Benbassat <[email protected]>
Signed-off-by: Iossif Benbassat <[email protected]>
Signed-off-by: Erik Godding Boye <[email protected]>
Signed-off-by: Iossif Benbassat <[email protected]>
Signed-off-by: Iossif Benbassat <[email protected]>
…ext-consistency Cleanup: Rebranding of Venafi Issuer to CyberArk
[CI] Merge self-upgrade-master into master
fix: update helm install NOTES to include GWAPI instructions
Signed-off-by: Hemant Joshi <[email protected]>
fix(ci): adding 1.35 kind version
* adding labels to lease Signed-off-by: hjoshi123 <[email protected]> Signed-off-by: Hemant Joshi <[email protected]> * Update cmd/cainjector/app/controller.go Co-authored-by: Erik Godding Boye <[email protected]> Signed-off-by: Hemant Joshi <[email protected]> --------- Signed-off-by: hjoshi123 <[email protected]> Signed-off-by: Hemant Joshi <[email protected]> Signed-off-by: Hemant Joshi <[email protected]> Co-authored-by: Erik Godding Boye <[email protected]>
Vault's JWT/OIDC authentication requires "bound_audiences" to be set and match at least one of the audiences on the JWT. This is in contrast to Vault's Kubernetes authentication method in which "bound_audiences" is optional. In addition, the "bound_audiences" configuration is static. As "bound_audiences" is required with the JWT/OIDC method, the per-issuer audience generated by cert-manager was difficult to use in common use cases. Either the Vault operator must define new Vault role bindings for every combination of namespace and issuer names, or every issuer must be created with a static issuer defined. Switching from the Kubernetes method to the JWT/OIDC method would also require every issuer to be updated with the audience. This changeset adds the value of the issuer's ".spec.vault.server" to the default audience list. This gives the Vault operator a static value to define for "bound_audiences". Bug: #8218 Signed-off-by: Terin Stock <[email protected]>
feat(vault): add server as default audience
Add unhealthyPodEvictionPolicy to supported PDB options
Signed-off-by: Erik Godding Boye <[email protected]>
Replace custom Challenge SSA with upstream
Signed-off-by: Renovate Bot <[email protected]>
Signed-off-by: cert-manager-bot <[email protected]>
[CI] Merge self-upgrade-master into master
fix(deps): update module google.golang.org/api to v0.259.0 (master)
Signed-off-by: Renovate Bot <[email protected]>
…onsi-deps fix(deps): update github.com/onsi deps (master)
Signed-off-by: cert-manager-bot <[email protected]>
[CI] Merge self-upgrade-master into master
Signed-off-by: Renovate Bot <[email protected]>
- Update kyverno and kyvernopre images for amd64 and arm64 to v1.16.2 - Bump chart version used in e2e setup from 3.2.4 to 3.6.2 Signed-off-by: Richard Wall <[email protected]>
Bump kyverno images to v1.16.2 and chart to 3.6.2
fix(deps): update module github.com/miekg/dns to v1.1.70 (master)
Signed-off-by: Renovate Bot <[email protected]>
fix(deps): update cloud go deps (master)
Signed-off-by: Renovate Bot <[email protected]>
Signed-off-by: Renovate Bot <[email protected]>
fix(deps): update module github.com/hashicorp/vault/sdk to v0.21.0 (master)
Signed-off-by: cert-manager-bot <[email protected]>
[CI] Merge self-upgrade-master into master
fix(deps): update module github.com/aws/aws-sdk-go-v2/config to v1.32.7 (master)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
18 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )