We have updated cert-manager from v0.13.1 to v0.15.1, bringing a number of new features and improvements. Cert-manager is the component responsible for providing you automatic certificates through for example LetsEncrypt.
Some highlights that come with this update:
-
Enablement of the improved validation and conversion webhook
The webhook component of cert-manager is now required. This means that deploying cert-manager related resources, like
IssuersandCertificateswill now be validated first.Furthermore in preparation of newer cert-manager API versions like
v1alpha3and beyond, the conversion webhook makes sure that API clients can utilize bothv1alpha2and newer APIs simultaneaously, similar to other core resources in Kubernetes. This will enable future API version to be released in a seamless manner. -
Availability of JKS and PKCS#12 keystores
Cert-manager added support for JKS and PKCS#12 bundle files as an output from Certificate resources. The
keystoregot added to the Certificate spec which makes cert-manager add an additional keystore in your Certificate’s Secret resource. -
kubectl cert-manager tool
Cert-manager now provides a
kubectlplugin to assist with controlling it inside your K8s cluster. Currently the use is limited toconvertandrenewcommands, and the plugin can be downloaded from the cert-manager GitHub release page.
For full details and other changes, please refer to the upstream cert-manager release notes:
- https://cert-manager.io/docs/release-notes/release-notes-0.14/
- https://cert-manager.io/docs/release-notes/release-notes-0.15/
This update has been rolled out to all clusters already and you are not required to take further action.