Automatically provision and manage TLS certificates in Kubernetes
APACHE-2.0 License
Bot releases are visible (Hide)
Published by jetstack-release-bot over 3 years ago
Published by jetstack-release-bot over 3 years ago
kubectl get cert-manager
and kubectl get cert-manager-acme
(#3583, @meyskens)--leader-election-lease-duration
, --leader-election-renew-deadline
and --leader-election-retry-period
(#3527, @ndrpnt)Published by jetstack-release-bot almost 4 years ago
This release of cert-manager only supports Kubernetes 1.16 and above
Fix Vault issuer not to store a root CA into a certificate bundle (tls.crt
). Also, Vault issuer now stores a root CA instead of an issuing CA into a CA bundle (ca.crt
), from a CA chain returned from Vault. (#3433, @sorah)
cert-manager.io/duration
and cert-manager.io/renew-before
annotations and uses those values to set the Certificate.Spec.Duration and Certificate.Spec.RenewBefore fields. (#3465, @wallrj)The cert-manager Authors
(#3500, @meyskens)Published by jetstack-release-bot almost 4 years ago
Published by jetstack-release-bot almost 4 years ago
Published by jetstack-release-bot almost 4 years ago
Published by jetstack-release-bot about 4 years ago
Published by jetstack-release-bot about 4 years ago
Published by jetstack-release-bot about 4 years ago
Published by jetstack-release-bot about 4 years ago
With cert-manager v1.0
we're putting a seal of trust on 3 years of development on the cert-manager project.
In these 3 years cert-manager has grown in functionality and stability, but mostly in the community.
Today we see many people using cert-manager to secure their Kubernetes clusters, as well as cert-manager
being integrated into many other parts in the ecosystem.
In the past 16 releases many bugs got fixed, and things that needed to be broken were broken.
Several iterations on the API improved the user experience.
We solved 1500 GitHub Issues with even more PRs by 253 contributors.
With releasing v1.0
we're officially making a statement that cert-manager is a mature project now.
We will also be making a compatibility promise with our v1
API.
A big thank you to everyone who helped to build cert-manager in the past 3 years!
Let v1.0
be the first of many big achievements!
The v1.0
release is a stability release with a few focus areas:
v1
APIkubectl cert-manager status
command to help with investigating issuesWe invite you to read more about these changes on our website
kubectl
and helm
will have issues updating the CRD resources once installed. For more info check https://cert-manager.io/docs/installation/upgrading/upgrading-0.16-1.0/
status certificate
(#3102, @hzhou97)priorityClassName
field to podTemplate
for ACME HTTP01 issuers (#3112, @meyskens)serviceAccountName
field to podTemplate
for ACME HTTP01 issuers (#3139, @paulwilljones)v1
API version (#3177, @wallrj)webhook.hostNetwork
option to the Helm Chart to run the webhook in hostNetwork mode (#3113, @jfrancisco0)disableAccountKeyGeneration
to ACMEIssuer
to be able to not generate new account key and reuse existing ones. (#3141, @hzhou97)status certificate
command. (#3186, @hzhou97)status certificate
command if ACME Issuer is used. (#3154, @hzhou97)status certificate
command (#3131, @hzhou97)prefferedChain
in ACME (#3208, @meyskens)Published by jetstack-release-bot about 4 years ago
kubectl
and helm
will have issues updating the CRD resources once installed. For more info check https://cert-manager.io/docs/installation/upgrading/upgrading-0.15-0.16/
preferredChain
in ACME (#3208, @meyskens)Published by jetstack-release-bot about 4 years ago
kubectl
and helm
will have issues updating the CRD resources once installed. For more info check https://cert-manager.io/docs/installation/upgrading/upgrading-0.15-0.16/
onlyUseExistingAccountKey
to ACMEIssuer
to be able to not generate new account key and reuse existing ones. (#3141, @hzhou97)status certificate
command. (#3186, @hzhou97)Published by jetstack-release-bot about 4 years ago
v1
API version (#3177, @wallrj)status certificate
command if ACME Issuer is used. (#3154, @hzhou97)Published by jetstack-release-bot about 4 years ago
status certificate
(#3102, @hzhou97)priorityClassName
field to podTemplate
for ACME HTTP01 issuers (#3112, @meyskens)serviceAccountName
field to podTemplate
for ACME HTTP01 issuers (#3139, @paulwilljones)webhook.hostNetwork
option to the Helm Chart to run the webhook in hostNetwork mode (#3113, @jfrancisco0)status certificate
command (#3131, @hzhou97)Published by jetstack-release-bot about 4 years ago
Old versions of kubectl
and helm
will have issues updating the CRD resources once installed. For more info check https://cert-manager.io/docs/installation/upgrading/upgrading-0.15-0.16/
Support for AuditSink resources in the auditregistration.k8s.io/v1alpha1
API group has been removed (#3056, @munnerz)
status certificate
(#3102, @hzhou97)v1beta1
API version (#3038, @munnerz)status certificate
command. (#3090, @hzhou97)O = cert-manager
in the Venafi issuer if DN is empty (#2946, @meyskens)kubectl cert-manager convert
to not work when conversions need to be performed (#3018, @hzhou97)kubectl explain
(#3031, @munnerz)architecture
attribute (#3001, @meyskens)Published by jetstack-release-bot over 4 years ago
status certificate
command. (#3090, @hzhou97)Published by jetstack-release-bot over 4 years ago
auditregistration.k8s.io/v1alpha1
API group has been removed (#3056, @munnerz)v1beta1
API version (#3038, @munnerz)kubectl cert-manager convert
to not work when conversions need to be performed (#3018, @hzhou97)kubectl explain
(#3031, @munnerz)architecture
attribute (#3001, @meyskens)Published by jetstack-release-bot over 4 years ago