Overview All releases

Version History

v1.15.0-alpha.0 v1.14.5 v1.14.4 v1.14.3 v1.14.2 v1.14.1 v1.14.0 v1.14.0-beta.0 v1.14.0-alpha.1 v1.14.0-alpha.0 v1.13.6 v1.13.5 v1.13.4 v1.13.3 v1.13.2 v1.13.1 v1.13.0 v1.13.0-beta.0 v1.13.0-alpha.0 v1.12.10 v1.12.9 v1.12.8 v1.12.7 v1.12.6 v1.12.5 v1.12.4 v1.12.3 v1.12.2 v1.12.1 v1.12.0

v1.12.0-beta.2

v1.12.0-beta.1

v1.12.0-beta.0

v1.12.0-alpha.2

v1.12.0-alpha.1

v1.12.0-alpha.0

v1.11.5 v1.11.4 v1.11.3 v1.11.2 v1.11.1

v1.11.1-beta.0

v1.11.0

v1.11.0-beta.1

v1.11.0-beta.0

v1.11.0-alpha.2

v1.11.0-alpha.1

v1.11.0-alpha.0

v1.10.2 v1.10.1 v1.10.0

v1.10.0-beta.0

v1.10.0-alpha.0

v1.9.2

v1.9.2-beta.0

v1.9.1

v1.9.0

v1.9.0-beta.1

v1.9.0-beta.0

v1.9.0-alpha.0

v1.8.2 v1.8.1 v1.8.0

v1.8.0-beta.0

v1.8.0-alpha.2

v1.8.0-alpha.1

v1.8.0-alpha.0

v1.7.3 v1.7.2 v1.7.1 v1.7.0

v1.7.0-beta.0

v1.7.0-alpha.1

v1.7.0-alpha.0

v1.6.3 v1.6.2

v1.6.1

v1.6.0

v1.6.0-beta.0

v1.6.0-alpha.2

v1.6.0-alpha.1

v1.6.0-alpha.0

v1.5.5

v1.5.4

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.5.0-beta.1

v1.5.0-beta.0

v1.5.0-alpha.0

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0-beta.1

v1.4.0-beta.0

v1.4.0-alpha.1

v1.4.0-alpha.0

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.3.0-beta.0

v1.3.0-alpha.1

v1.3.0-alpha.0

v1.2.0

v1.2.0-alpha.2

v1.2.0-alpha.1

v1.2.0-alpha.0

v1.1.1

v1.1.0

v1.1.0-alpha.1

v1.1.0-alpha.0

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v1.0.0-beta.1

v1.0.0-beta.0

v1.0.0-alpha.1

v1.0.0-alpha.0

v0.16.1

v0.16.0

v0.16.0-alpha.1

v0.16.0-alpha.0

v0.15.2

v0.15.1

v0.15-alpha.3

v0.15.0

v0.15.0-beta.1

v0.15.0-beta.0

v0.15.0-alpha.2

v0.15.0-alpha.1

v0.15.0-alpha.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.14.0-alpha.1

v0.14.0-alpha.0

v0.13.1

v0.13.0

v0.13.0-alpha.0

v0.12.0

v0.12.0-beta.1

v0.12.0-beta.0

v0.11.1

v0.11.0

v0.11.0-beta.0

v0.11.0-alpha.0

v0.10.1

v0.10.0

v0.10.0-alpha.0

v0.9.1

v0.9.0

v0.9.0-beta.0

v0.9.0-alpha.0

v0.8.1

v0.8.0

v0.8.0-beta.0

v0.8.0-alpha.0

v0.7.2

v0.7.1

v0.7.0

v0.6.2

v0.6.1

v0.6.0

v0.6.0-beta.0

v0.6.0-alpha.1

v0.6.0-alpha.0

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.2

v0.3.1

v0.3.0

v0.3.0-alpha.2

v0.3.0-alpha.1

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.2

v0.1.1

v0.1.0

cert-manager - v1.9.0

Changes since v1.8.2

Changes by Kind

Feature

Added support for pulling both AWS access key IDs and secret keys from Kubernetes secrets (#5194, @Compy)
Adds make clean-all for starting a fresh development environment and make which-go for getting go version information when developing cert-manager (#5118, @SgtCoDFish)
Adds make upload-release target for publishing cert-manager releases to GCS, simplifying the cert-manager release process simpler and making it easier to change (#5205, @SgtCoDFish)
Adds a new alpha Prometheus summary vector metric certmanager_http_venafi_client_request_duration_seconds which allows tracking the latency of Venafi API calls. The metric is labelled by the type of API call. Example PromQL query: certmanager_http_venafi_client_request_duration_seconds{api_call="request_certificate"} will show the average latency of calls to the Venafi certificate request endpoint (#5053, @irbekrm)
Adds more verbose logging info for certificate renewal in the DynamicSource webhook to include DNSNames (#5142, @AcidLeroy)
Adds new LICENSES format and ability to verify and update licenses through make (#5243, @SgtCoDFish)
Adds private key Ingress annotations to set private key properties for Certificate (#5239, @oGi4i)
Adds the cert-manager.io/revision-history-limit annotation for Ingress resources, to limit the number of CertificateRequests which are kept for a Certificate (#5221, @oGi4i)
Adds the literalSubject field for Certificate resources. This is an alpha feature, enabled by passing the flag --feature-gates=LiteralCertificateSubject=true to the cert-manager controller and webhook. literalSubject allows fine-grained control of the subject a certificate should have when issued and is intended for power-users with specific use cases in mind (#5002, @spockz)
Change default build dir from bin to _bin, which plays better with certain tools which might treat bin as just another source directory (#5130, @SgtCoDFish)
Helm: Adds a new namespace parameter which allows users to override the namespace in which resources will be created. This also allows users to set the namespace of the chart when using cert-manager as a sub chart. (#5141, @andrewgkew)
Helm: Allow for users to not auto-mount service account tokens see also k/k#57601 (#5016, @sveba)
Use multiple retries when provisioning tools using curl, to reduce flakes in tests and development environments (#5272, @SgtCoDFish)

Bug or Regression

CertificateRequests controllers must wait for the core secrets informer to be synced (#5224, @rodrigorfk)
Ensure that make release-artifacts only builds unsigned artifacts as intended (#5181, @SgtCoDFish)
Ensure the startupapicheck is only scheduled on Linux nodes in the helm chart (#5136, @craigminihan)
Fixed a bug where the Venafi Issuer would not verify its access token (TPP) or API key (Cloud) before becoming ready. Venafi Issuers now remotely verify the access token or API key (#5212, @jahrlin)
Fixed release artifact archives generated by Make so that a leading ./ is stripped from paths. This ensures that behaviour is the same as v1.7 and earlier (#5050, @jahrlin)
Increase timeouts for issuer and clusterissuer controllers to 2 minutes and increase ACME client HTTP timeouts to 90 seconds, in order to enable the use of slower ACME issuers which take a long time to process certain requests. (#5226, @SgtCoDFish)
Increases Venafi Issuer timeout for retrieving a certificate increased to 60 seconds, up from 10. This gives TPP instances longer to complete their workflows and make the certificate available before cert-manager times out and re-queues the request. (#5247, @hawksight)
Remove pkg/util/coverage which broke compatibility with go 1.18; thanks @davidsbond for finding the issue! (#5032, @SgtCoDFish)
cmctl and kubectl cert-manager now report their actual versions instead of "canary", fixing issue #5020 (#5286, @jetstack-bot)

Other (Cleanup or Flake)

Adds make update-all as a convenience target to run before raising a PR (#5251, @SgtCoDFish)
Adds make targets for updating and verifying CRDs and codegen (#5242, @SgtCoDFish)
Bump cert-manager's version of Go to 1.18 (#5152, @lucacome)
Bumps distroless base images to their latest versions (#5222, @irbekrm)
CertificateSigningRequest: no longer mark a request as failed when using the SelfSigned issuer, and the Secret referenced in experimental.cert-manager.io/private-key-secret-name doesn't exist. (#5332, @jetstack-bot)
Only require python for the one test we have which needs it, rather than requiring it globally (#5245, @SgtCoDFish)
Remove deprecated field securityContext.enabled from helm chart (#4721, @Dean-Coakley)
Removes support for networking/v1beta Ingresses in ingress-shim. (#5250, @irbekrm)
Reverts additional check for ServiceMonitor (#5202, @irbekrm)
Updates Kubernetes libraries to v0.24.2. (#5097, @lucacome)
Updates warning message that is thrown if issuance fails because private key does not match spec, but private key regeneration is disabled. See https://github.com/cert-manager/cert-manager/pull/5199. (#5199, @irbekrm)

Details

date

July 22, 2022, 3:13 p.m.

name

v1.9.0

type

Minor

official page

https://github.com/cert-manager/cert-manager/releases/tag/v1.9.0

👇

🔍View and search all cert-manager releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity