Merge pull request #60715 from xenolinux/cert-manager-1-11-RN

OSDOCS#6275: Add release notes for cert-manager Operator 1.11

Author: snarayan-redhat

modules/cert-manager-issuer-types.adoc

@@ -11,3 +11,4 @@ The {cert-manager-operator} supports the following issuer types:
 * Automated Certificate Management Environment (ACME)
 * Certificate authority (CA)
 * Self-signed
+* link:https://cert-manager.io/docs/configuration/vault/[Vault]

security/cert_manager_operator/cert-manager-operator-release-notes.adoc

@@ -12,6 +12,54 @@ These release notes track the development of {cert-manager-operator}.
 
 For more information, see xref:../../security/cert_manager_operator/index.adoc#cert-manager-operator-about[About the {cert-manager-operator}].
 
+[id="cert-manager-operator-release-notes-1.11.1"]
+== Release notes for {cert-manager-operator} 1.11.1
+
+Issued: 2023-06-21
+
+The following advisory is available for the {cert-manager-operator} 1.11.1:
+
+* link:https://access.redhat.com/errata/RHEA-2023:113193[RHEA-2023:113193]
+
+For more information, see the link:https://cert-manager.io/docs/release-notes/release-notes-1.11/[cert-manager project release notes for v1.11].
+
+[id="cert-manager-operator-1.11.1-new-features-and-enhancements"]
+=== New features and enhancements
+
+This is the general availability (GA) release of the {cert-manager-operator}.
+
+[id="cert-manager-log-level-1.11.1"]
+==== Setting log levels for cert-manager and the {cert-manager-operator}
+* To troubleshoot issues with cert-manager and the {cert-manager-operator}, you can now configure the log level verbosity by setting a log level for cert-manager and the {cert-manager-operator}. For more information, see xref:../../security/cert_manager_operator/cert-manager-log-levels.adoc#cert-manager-log-levels[Configuring log levels for cert-manager and the {cert-manager-operator}].
+
+[id="cert-manager-authentication-aws-1.11.1"]
+==== Authenticating the {cert-manager-operator} with AWS
+* You can now configure cloud credentials for the {cert-manager-operator} on AWS clusters with Security Token Service (STS) and without STS. For more information, see xref:../../security/cert_manager_operator/cert-manager-authenticate-aws.adoc#cert-manager-authenticate-aws[Authenticating the {cert-manager-operator} on AWS  Security Token Service] and xref:../../security/cert_manager_operator/cert-manager-authentication-non-sts.adoc#cert-manager-authentication-non-sts[Authenticating the {cert-manager-operator} on AWS].
+
+[id="cert-manager-authentication-gcp-1.11.1"]
+==== Authenticating the {cert-manager-operator} with GCP
+* You can now configure cloud credentials for the {cert-manager-operator} on GCP clusters with Workload Identity and without Workload Identity. For more information, see xref:../../security/cert_manager_operator/cert-manager-authenticate-gcp.adoc#cert-manager-authenticate-gcp[Authenticating the {cert-manager-operator} with GCP Workload Identity] and xref:../../security/cert_manager_operator/cert-manager-authenticate-non-sts-gcp.adoc#cert-manager-authenticate-non-sts-gcp[Authenticating the {cert-manager-operator} with GCP]
+
+[id="cert-manager-operator-1.11.1-bug-fixes"]
+=== Bug fixes
+
+* Previously, the `cm-acme-http-solver` pod did not use the latest published Red Hat image `registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9`. With this release, the `cm-acme-http-solver` pod uses the latest published Red Hat image `registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9`. (link:https://issues.redhat.com/browse/OCPBUGS-10821[*OCPBUGS-10821*])
+
+* Previously, the {cert-manager-operator} did not support changing labels for cert-manager pods such as controller, CA injector, and Webhook pods. With this release, you can add labels to cert-manager pods. (link:https://issues.redhat.com/browse/OCPBUGS-8466[*OCPBUGS-8466*])
+
+* Previously, you could not update the log verbosity level in the {cert-manager-operator}. You can now update the log verbosity level by using an environmental variable `OPERATOR_LOG_LEVEL` in its subscription resource. (link:https://issues.redhat.com/browse/OCPBUGS-9994[*OCPBUGS-9994*])
+
+* Previously, when uninstalling the {cert-manager-operator}, if you select the *Delete all operand instances for this operator* checkbox in the {product-title} web console, the Operator was not uninstalled properly. The {cert-manager-operator} is now properly uninstalled. (link:https://issues.redhat.com/browse/OCPBUGS-9960[*OCPBUGS-9960*])
+
+* Previously, the {cert-manager-operator} did not support using Google workload identity federation. The {cert-manager-operator} now supports using Google workload identity federation. (link:https://issues.redhat.com/browse/OCPBUGS-9998[*OCPBUGS-9998*])
+
+[id="cert-manager-operator-1.11.1-known-issues"]
+=== Known issues
+
+* After installing the {cert-manager-operator}, if you navigate to *Operators → Installed Operators* and select *Operator details* in the {product-title} web console, you cannot see the cert-manager resources that are created across all namespaces. As a workaround, you can navigate to *Home -> API Explorer* to see the cert-manager resources. (link:https://issues.redhat.com/browse/OCPBUGS-11647[*OCPBUGS-11647*])
+
+* After uninstalling the {cert-manager-operator} by using the web console, the {cert-manager-operator} does not remove the cert-manager controller, CA injector, and Webhook pods automatically from the `cert-manager` namespace. As a workaround, you can manually delete the cert-manager controller, CA injector, and Webhook pod deployments present in the `cert-manager` namespace. (link:https://issues.redhat.com/browse/OCPBUGS-13679[*OCPBUGS-13679*])
+
 [id="cert-manager-operator-release-notes-1.10.2"]
 == Release notes for {cert-manager-operator} 1.10.2
 
@@ -51,6 +99,10 @@ This is the general availability (GA) release of the {cert-manager-operator}.
 
 * The {cert-manager-operator} now supports injecting custom CA certificates and propagating cluster-wide egress proxy environment variables.
 
+* You can customize the {cert-manager-operator} API fields by overriding environment variables and arguments. For more information, see xref:../../security/cert_manager_operator/cert-manager-customizing-api-fields.adoc#cert-manager-customizing-api-fields[Customizing cert-manager Operator API fields]
+
+* You can enable monitoring and metrics collection for the {cert-manager-operator} by using a service monitor to perform the custom metrics scraping. After you have enabled monitoring for the {cert-manager-operator}, you can query its metrics by using the {product-title} web console. For more information, see xref:../../security/cert_manager_operator/cert-manager-monitoring.adoc#cert-manager-monitoring[Enabling monitoring for the {cert-manager-operator}]
+
 [id="cert-manager-operator-1.10.2-bug-fixes"]
 === Bug fixes
 
@@ -72,4 +124,4 @@ Using the `unsupportedConfigOverrides` section to modify the configuration of an
 
 * The {cert-manager-operator} does not support using Google workload identity federation. (link:https://issues.redhat.com/browse/OCPBUGS-9998[*OCPBUGS-9998*])
 
-* When uninstalling the {cert-manager-operator}, if you select the *Delete all operand instances for this operator* checkbox in the {product-title} web console, the Operator is not uninstalled properly. As a workaround, do not select this checkbox when uninstalling the {cert-manager-operator}. (link:https://issues.redhat.com/browse/OCPBUGS-9960[*OCPBUGS-9960*])
+* When uninstalling the {cert-manager-operator}, if you select the *Delete all operand instances for this operator* checkbox in the {product-title} web console, the Operator is not uninstalled properly. As a workaround, do not select this checkbox when uninstalling the {cert-manager-operator}. (link:https://issues.redhat.com/browse/OCPBUGS-9960[*OCPBUGS-9960*])