Releases: cert-manager/aws-privateca-issuer
v1.2.4
v1.2.3
Features:
- #223 Add option to add extra volumes and mounts
Bugfixes:
- #215 Change golang versioning type to Docker
- #216 Update renovate.json to prevent dependency mismatch
- #221 Fix whitespace linting error
- #224 Do not add resource and env block to container if empty
- #225 Change VERSION creation command to fetch tags from main repo
- #227 Append 'v' if using default value for image
Maintenance:
- #197 Added vulnerabilityAlerts option to Renovate
- #200 Change Renovate schedule
- #202 Add support for pod labels via helm chart override
Dependency Updates:
| Package | Change |
|---|---|
| k8s.io/client-go | v0.24.1 -> v0.25.4 |
| golang | 1.18.1 -> 1.19 |
| sigs.k8s.io/controller-runtime | v0.11.2 -> v0.13.1 |
| github.com/aws/aws-sdk-go-v2/config | v1.15.5 -> v1.18.4 |
| github.com/aws/aws-sdk-go-v2/credentials | v1.12.0 -> v1.13.4 |
| github.com/aws/aws-sdk-go-v2/service/sts | v1.16.4 -> v1.17.6 |
| github.com/aws/aws-sdk-go-v2 | v1.16.3 -> v1.17.2 |
| github.com/aws/aws-sdk-go-v2/service/acmpca | v1.17.6 -> v1.19.1 |
| github.com/aws/aws-sdk-go-v2/service/iam | v1.18.4 -> v1.18.24 |
| github.com/aws/aws-sdk-go-v2/service/ram | v1.16.7 -> v1.16.25 |
| k8s.io/api | v0.24.0 -> v0.25.4 |
| k8s.io/apimachinery | v0.24.0 -> v0.25.4 |
| github.com/stretchr/testify | v1.7.1 -> v1.8.1 |
| cert-manager/cert-manager | v1.8.0 -> v1.10.1 |
| github.com/cert-manager/cert-manager | v1.8.0 -> v1.10.1 |
| k8s.io/utils | 3a6ce19 -> 99ec85e |
| go (source) | 1.17 -> 1.19 |
v1.2.2
Bugfixes
Maintenance
#184 Configure Renovate
#191 Switch go-get-tool to go-install-tool
#192 Remove dependency dashboard (again)
Dependency Updates
Major Versions
#187 Update actions/cache action to v3
#188 Update actions/checkout action to v3
Minor Versions
This list is a merge of the tables in #185 and #193
| Package | Type | Update | Change |
|---|---|---|---|
| cert-manager/cert-manager | minor | 1.7.0 -> v1.8.0 |
|
| github.com/aws/aws-sdk-go-v2 | require | patch | v1.16.2 -> v1.16.3 |
| github.com/aws/aws-sdk-go-v2/config | require | patch | v1.15.3 -> v1.15.5 |
| github.com/aws/aws-sdk-go-v2/credentials | require | minor | v1.11.2 -> v1.12.0 |
| github.com/aws/aws-sdk-go-v2/service/acmpca | require | patch | v1.17.2 -> v1.17.6 |
| github.com/aws/aws-sdk-go-v2/service/iam | require | patch | v1.18.2 -> v1.18.4 |
| github.com/aws/aws-sdk-go-v2/service/ram | require | patch | v1.16.3 -> v1.16.7 |
| github.com/aws/aws-sdk-go-v2/service/sts | require | patch | v1.16.3 -> v1.16.4 |
| github.com/jetstack/cert-manager | require | minor | v1.7.2 -> v1.8.0 |
| golang | stage | minor | 1.17 -> 1.18 |
| k8s.io/api | require | patch | v0.23.5 -> v0.24.0 |
| k8s.io/apimachinery | require | patch | v0.23.5 -> v0.24.0 |
| k8s.io/client-go | require | patch | v0.23.5 -> v0.24.0 |
| k8s.io/utils | require | digest | 6203023 -> 3a6ce19 |
Full Changelog: v1.2.1...v1.2.2
v1.2.1
Bugfixes
#134 Fix PATH variable in testing workflow
#151 Use appVersion as default image tag so Helm doesn't always install the latest release by default
Maintenance
#118 Remove safe-to-test label when pushing a new commit to a PR
#123 Update Logr dependency to v1.2.2
#125 Update Go version to v1.17.7
#137 Setup Dependabot to automatically create PRs for outdated dependencies
#138 Add blog test to GitHub workflow
#139 Support running GitHub workflows via workflow dispatch to test GitHub workflows
#153 Update AWS Go SDK to v1.15.0
#154 Update AWS IAM SDK to v1.18.0
#155 Update AWS ACM PCA SDK to v1.16.0
#157 Update AWS STS SDK to v1.16.0
#158 Update AWS RAM SDK to v1.16.0
#159 Update AWS SDK config to v1.15.0
#166 Change Dependabot from daily to weekly updates
v1.2.0
v1.1.0
Bugfixes:
- Changed BlankEndEntityCertificate_CSRPassthrough -> BlankEndEntityCertificate_APICSRPassthrough to support cross account in the default case - #94
- Fixed user-agent injection for logs
Features:
- Added support to request CA certificates, if the isCA flag is set on cert-manager certificates, the aws-privateca-issuer plugin will vend a certificate issued via the acm-pca:::template/SubordinateCACertificate_PathLen0/V1 template - #55
v1.0.0
Important
- This release will be tagged v1.0.0 and signify production readiness for this plugin
Bugfixes:
- #12 STS GetCallerIdentity failing because of a region not specified bug
- #35 Certificates with Validity Duration under 24h failing to Issue
Features:
- #42 Add support for arbitrary AWS accessKey/secretKey k8s secrets
- #82 Ability to set enviornment variables via the helm chart's values.yaml, set via
env
Maintenance:
- #64 Added several templates for use when cutting an issue against the repository
- #68 End-to-End test were re-written from a bash script to Go. Updated README for instructions on running the tests.
- #73 Added a post release helm test to verify functionality of container repository and helm chart
- #85 Add Github workflows to automatically run the end-to-end test on every PR. These will be required to pass before a PR is merged in
- #86 Update Helm Chart on release
- #87 Update Helm chart to point to new ECR
Release v0.3.1
Bugfix:
- IRSA Authentication Issue resolved: #40
Release 0.3.0
Important
- The IAM policy needed for running the issuer has been updated since the last version.
acm-pca:DescribeCertificateAuthorityis now necessary to generate certificates. Please refer to the Readme for a working policy document. - The chart name for helm has changed. It will now be called
aws-privateca-issuer. The last version supporting the old name will be 0.1.2, future versions will only use the new name.
Features:
- #29 Add support for certificate usages with templateARN
Bugfixes:
- #12 Fixes issues with missing issuer group
- #31 Support longer names for resources
- #35 Use the PrivateCA's Signature Algorithm as the Signature Algorithm
Maintenance: