v1.38.0

[gardener/gardener-extension-shoot-cert-service]

🐛 Bug Fixes

• [OPERATOR] The CustomResourceDefinitions deployed to shoot clusters are now labelled with shoot.gardener.cloud/no-cleanup=true to prevent gardenlet to deleting them during shoot deletion. by @MartinWeindel [#195]
• [OPERATOR] The CustomResourceDefinitions deployed to shoot clusters are now annotated with resources.gardener.cloud/skip-health-check=true to prevent gardener-resource-manager from recreating them too fast during shoot deletion. by @rfranzke [#194]

🏃 Others

• [OPERATOR] Bumps golang from 1.21.0 to 1.21.1. by @dependabot[bot] [#193]
• [OPERATOR] The following dependency is updated:
  • github.com/gardener/gardener: v1.77.0-> v1.80.1
  • k8s.io/* : v0.26.3 -> v0.28.2
  • sigs.k8s.io/controller-runtime: v0.14.6-> v0.16.2 by @acumino [#196]

[gardener/cert-management]

🐛 Bug Fixes

• [OPERATOR] Fix edge case of inconsistent certificate/secret: request certificate in this case. by @MartinWeindel [gardener/cert-management#138]
• [USER] Disable followCNAME by default again as it was activated implicitly by github.com/go-acme/lego version upgrade by @MartinWeindel [gardener/cert-management#140]

🏃 Others

• [OPERATOR] Bumps golang from 1.21.1 to 1.21.2. by @MartinWeindel [gardener/cert-management#142]
• [OPERATOR] Update k8s dependencies by updating controller-manager-library by @MartinWeindel [gardener/cert-management#142]

v1.37.2

[gardener/gardener-extension-shoot-cert-service]

🐛 Bug Fixes

• [OPERATOR] The CustomResourceDefinitions deployed to shoot clusters are now annotated with resources.gardener.cloud/skip-health-check=true to prevent gardener-resource-manager from recreating them too fast during shoot deletion. by Johannes Scheerer <johannes.scheerer@sap.com> [$7ab1bd02618105eed26fbdd829016be587ad0891]

v1.37.1

[gardener/cert-management]

🐛 Bug Fixes

• [OPERATOR] Fix edge case of inconsistent certificate/secret: request certificate in this case. by @MartinWeindel [gardener/cert-management@dbff065]
• [USER] Disable followCNAME by default again as it was activated implicitly by github.com/go-acme/lego version upgrade by @MartinWeindel [gardener/cert-management@dbff065]

v1.37.0

[gardener/gardener-extension-shoot-cert-service]

🐛 Bug Fixes

• [OPERATOR] No alerting for certificates in error state by @MartinWeindel [#190]

v1.36.0

[gardener/cert-management]

✨ New Features

• [USER] Support for preferred chains to select a certificate chain returned for a certificate request from the ACME server by @MartinWeindel [gardener/cert-management#137]

v1.35.0

[gardener/gardener-extension-shoot-cert-service]

⚠️ Breaking Changes

• [OPERATOR] The security.gardener.cloud/pod-security-enforce annotation in the ControllerRegistration is set to baseline. With this, the pods running in the extension namespace should comply with baseline pod-security standard. by @shafeeqes [#175]

🏃 Others

• [OPERATOR] Bumps github.com/gardener/gardener from 1.75.0 to 1.76.2. by @dependabot[bot] [#179]
• [OPERATOR] Refactor imagevector package to conform to usage pattern in gardener/gardener by @MartinWeindel [#181]
• [OPERATOR] Bumps golang from 1.20.6 to 1.21.0. by @dependabot[bot] [#178]
• [OPERATOR] Bumps github.com/gardener/gardener from 1.76.2 to 1.77.0. by @dependabot[bot] [#180]
• [USER] Add configuration field certExpirationAlertDays to allow overriding default value in shoot manifest. by @MartinWeindel [#176]

[gardener/cert-management]

⚠️ Breaking Changes

• [OPERATOR] Support of CRDs of version apiextensions.k8s.io/v1beta1 is dropped. by @acumino [gardener/cert-management#133]

🐛 Bug Fixes

• [OPERATOR] Fix optional deployment of CRDs which was broken with release v0.10.8 by @MartinWeindel [gardener/cert-management#135]

🏃 Others

• [OPERATOR] Bump golang from 1.20.6 to 1.20.7 by @MartinWeindel [gardener/cert-management#134]

v1.34.0

[gardener/cert-management]

🐛 Bug Fixes

• [USER] Allow to specify shoot issuer in annotation cert.gardener.cloud/issuer annotation with format namespace/name. by @MartinWeindel [gardener/cert-management#132]

[gardener/gardener-extension-shoot-cert-service]

⚠️ Breaking Changes

• [OPERATOR] extension-shoot-cert-service no longer supports Shoots with Кubernetes version < 1.22. by @shafeeqes [#169]

🏃 Others

• [OPERATOR] Updated builder image from golang:1.20.5 to golang:1.20.6 by @MartinWeindel [#173]

v1.33.0

[gardener-extension-shoot-cert-service]

✨ New Features

• [USER] The shoot-cert-service extension now supports workerless Shoots. (gardener/gardener-extension-shoot-cert-service#164, @acumino)

🏃 Others

• [OPERATOR] Add dashboard panel for certificate object expire date. (gardener/gardener-extension-shoot-cert-service#166, @MartinWeindel)
• [OPERATOR] Updated golang from version 1.20.4 to 1.20.5. (gardener/gardener-extension-shoot-cert-service#166, @MartinWeindel)
• [OPERATOR] Old and obsolete logging configurations are cleaned up. (gardener/gardener-extension-shoot-cert-service#168, @vlvasilev)
• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-shoot-cert-service#164, @acumino)
  • github.com/gardener/gardener: v1.65.3 -> v1.71.0
  • k8s.io/* : v0.26.1 -> v0.26.3
  • sigs.k8s.io/controller-runtime: v0.14.4-> v0.14.6

[cert-management]

✨ New Features

• [OPERATOR] Added metrics named cert_management_cert_object_expire for certificate expiration date. (gardener/cert-management#131, @MartinWeindel)

🏃 Others

• [OPERATOR] The Helm chart is now adapted such that it works well in garden cluster with enabled NetworkPolicy protection (default since gardener/gardener@v1.71 when garden cluster is managed by gardener-operator). (gardener/cert-management#128, @rfranzke)
• [OPERATOR] Updated golang builder image from version 1.20.4 to 1.20.5. (gardener/cert-management#131, @MartinWeindel)

v1.32.0

[gardener-extension-shoot-cert-service]

🏃 Others

• [OPERATOR] Update builder image from golang:1.20.2 to golang:1.20.4 (gardener/gardener-extension-shoot-cert-service#162, @MartinWeindel)

[cert-management]

🏃 Others

• [OPERATOR] Updated controller-manager-library dependency. (gardener/cert-management#127, @MartinWeindel)
• [OPERATOR] Updated builder image from golang:1.20.3 to golang:1.20.4 (gardener/cert-management#127, @MartinWeindel)
• [OPERATOR] The Cert-Management Helm charts supports setting .Values.podLabels. Those labels are added to the podTemplate section of the Cert-Management deployment. (gardener/cert-management#125, @timuthy)
• [OPERATOR] Bump builder image from golang version 1.20.2 to 1.20.3 (gardener/cert-management#126, @MartinWeindel)

v1.31.0

[gardener-extension-shoot-cert-service]

🐛 Bug Fixes

• [OPERATOR] The stale healthcheck conditions from the shoot-cert-service extension are now properly cleaned up. (gardener/gardener-extension-shoot-cert-service#154, @shafeeqes)

🏃 Others

• [OPERATOR] Bump builder image from golang:1.19.5 to golang:1.20.2 (gardener/gardener-extension-shoot-cert-service#153, @MartinWeindel)
• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-shoot-cert-service#154, @shafeeqes)
  • github.com/gardener/gardener: v1.65.0 -> v1.65.3

[cert-management]

✨ New Features

• [USER] The certificate spec can contain an optional section secretLabels to specify labels for the certificate secret. (gardener/cert-management#123, @MartinWeindel)

🏃 Others

• [OPERATOR] Bump builder image from golang version 1.20.1 to 1.20.2 (gardener/cert-management#124, @MartinWeindel)