- 🧹 maintenance release, only updated dependenies.
- ⏩ update golang.org/x/net v0.33.0 to address CVE-2024-45338
- 🧹 maintenance release, only updated dependenies.
- ⏩ update golang.org/x/crypto v0.31.0
- 🧹 maintenance release, only updated dependenies.
- ⏩ update go 1.23.3
- ⏩ update github.com/cert-manager/cert-manager v1.16.2
- ⏩ update k8s.io/api v0.31.3
- ⏩ update k8s.io/apiextensions-apiserver v0.31.3
- ⏩ update k8s.io/apimachinery v0.31.3
- ⏩ update k8s.io/client-go v0.31.3
- ✨ Add new
configVersion
to assist with breaking change - 🌿 Prefix Helm Chart error messages with 'Error:'
- 🐛 Address minor typography issues in documentation.
- 🌿 support adding customer labels to pod
- 📄 slightly improve documentation in values.yaml
- ⏩ Use Alpine to 3.20 and Golang 1.23 as build image
- ⏩ Use Alpine to 3.20 as base image
- ⏩ Use Go 1.23.0 to build webhook
- ⏩ Bump github.com/cert-manager/cert-manager 1.14.1 to 1.15.3
- ⏩ Bump github.com/ovh/go-ovh from 1.4.3 to 1.6.0
- ⏩ Bump k8s.io/api from 0.29.1 to 0.30.1
- ⏩ Bump k8s.io/apiextensions-apiserver from 0.29.1 to 0.30.1
- ⏩ Bump golang.org/x/net from 0.20.0 to 0.23.0
- 🌿 rename schemaVersion to configVersion
- 🐛 fix error when handling commented configVersion
- 🌿 improve version check
- 🌿 support adding customer labels to pod
- 📄 slightly improve documentation in values.yaml
- ✨ Add new
schemaVersion
to assist with breaking change - 🌿 Prefix error messages with 'Error:'
- 🐛 Address minor typography issues in documentation.
- ⏩ Use Alpine to 3.20 and Golang 1.23 as build image
- ⏩ Use Alpine to 3.20 as base image
- ⏩ Use Go 1.23.0 to build webhook
- ⏩ Bump github.com/cert-manager/cert-manager 1.14.1 to 1.15.3
- ⏩ Bump github.com/ovh/go-ovh from 1.4.3 to 1.6.0
- ⏩ Bump k8s.io/api from 0.29.1 to 0.30.1
- ⏩ Bump k8s.io/apiextensions-apiserver from 0.29.1 to 0.30.1
- ⏩ Bump golang.org/x/net from 0.20.0 to 0.23.0
⚠️ SeparatesecurityContext
for bothcontainer
andpod
. Seevalues.yaml
for more details. See #32. Authored by Mathieu Sensei.- ✨ Support
podAnnotations
. See #32. Authored by Mathieu Sensei. - 🌿 Comment out
image.tag
as it's not needed unless someone wants to override the container image version
- ⏩ Use Alpine to 3.19.1 as base image
- ⏩ Use Go 1.21.6 to build webhook
- ⏩ Bump github.com/cert-manager/cert-manager 1.13.0 to 1.14.1
- ⏩ Bump github.com/ovh/go-ovh from 1.4.2 to 1.4.3
- ⏩ Bump golang.org/x/crypto from 0.14.0 to 0.18.0
- ⏩ Bump golang.org/x/net from 0.17.0 to 0.20.0
- ⏩ Bump k8s.io/api from 0.29.0 to 0.29.1
- ⏩ Bump k8s.io/apiextensions-apiserver from 0.29.0 to 0.29.1
- ⏩ Bump google.golang.org/grpc from 1.58.2 to 1.58.3. See Dependabot
- ⏩ Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.35.0 to 0.46.0. See Dependabot
- ⏩ Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace from 1.19.0 to 1.20.0
- ⏩ Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc from 1.19.0 to 1.20.0
- ⏩ Bump go.opentelemetry.io/otel/sdk from 1.19.0 to 1.20.0
- ⏩ Bump golang.org/x/sys from 0.13.0 to 0.14.0
- 🔥 Alpine 3.18.4 is vulnerable to the following CVEs. Should be fixed in 3.18.5 release.
- ⏩ bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.45.0 to address CVE-2023-45142. See Dependabot.
- ⏩ bump golang.org/x/net from 0.15.0 to 0.17.0. See Dependabot PR.
- ✨ add support for
readOnlyRootFilesystem
on the deployment (thanks @Benzhaomin) - ✨ add Deployment annotation support (thanks @Benzhaomin)
- ✨ add ref link about
nodeSelector
,tolerations
,affinity
andannotations
- ✨ choose rbac role type (default
Role
) (thanks @Alissia01) - 📄 document 3 more configuration entries in
values.yaml
- 🌿 make this chart compatible with helm 3 by settings
apiVersion
tov2
- 🌿 drop
v
inappVersion
andversion
fields, set"0.5.0"
- 🌿 udpate
image.tag
value to use SemVer 2.0 and set its values to"0.5.0"
- 🐛 typo fix
- ⏩ update k8s.io/apiserver to v0.28.2 due to security (dependabot)
- ⏩ upgrade github.com/cert-manager/cert-manager to v1.13.0
- ⏩ build with go 1.20
- ⏩ upgrade k8s dependencies to 0.28.1
- ⏩ use alpine 3.18 as base image
- ⏩ update dependency for github.com/ovh/go-ovh to v1.4.2
- ⏩ Bump google.golang.org/grpc from 1.51.0 to 1.53.0
- ✨ add support for
readOnlyRootFilesystem
on the deployment (thanks @Benzhaomin) - 🐛 typo fix
- ✨ add annotation support (thanks @Benzhaomin)
- ✨ add ref link about
nodeSelector
,tolerations
,affinity
andannotations
- ✨ choose rbac role type (default
Role
) - ⏩ build with go 1.20
- ⏩ upgrade k8s dependencies to 0.28.1
- ⏩ upgrade github.com/cert-manager/cert-manager to v1.13.0
- ⏩ use alpine 3.18 as base image
- ⏩ Bump google.golang.org/grpc from 1.51.0 to 1.53.0
- 📄 document 3 more configuration entries in
values.yaml
- 🌿 make this chart compatible with helm 3 by settings
apiVersion
tov2
- 🌿 drop
v
inappVersion
andversion
fields, set"0.5.0"
- 🌿 udpate
image.tag
value to use SemVer 2.0 and set its values to"0.5.0"
- ⏩ update dependency for github.com/ovh/go-ovh to v1.4.2
- ✨ build images for amd64, arm64 and armv7 architectures
- 🐙 add issue templates for bugs and feature requests
- 🤖 configure dependabot to get alerts on vulnerabilities
- 📄 add disclaimer about support and code of conduct
- ✨ integration with artifacthub.io
- 📄 minor inconsistency fix in README.md
- 📄 add steps to make a release
- ⏩ update cert-manager dependency to v1.11.0
- ⏩ update k8s dependency to v0.26.0
- ⏩ build image using Go 1.19.7
- ⏩ upgrade alpine to 3.17
- ⏩ update Chart.yaml and
values.yaml
to use latest container image
- 📄 minor consistency fix in README.md
- ✨ start work to integrade with artifacthub.io
- ⏩ update cert-manager dependency to v1.11.0
- ⏩ update k8s dependency to v0.26.0
- ✨ build image using Go 1.19.5
- ✨ initial work to build arm64 and armv7 images
- 🐛 include minutes and seconds in certificates duration fields. see argoproj/argo-cd#6008 for details. via @aegaeonit
- ✨ optimize Dockerfile for better builds
- ✨ explicitly use Alpine 3.16 throughout the Dockerfile
- ✨ run the webhook as
nobody
/nogroup
- ✨ reduce container image from 107MB down to 56.2MB
- ✨ add CNAME strategy to issuers in #8. Thanks (@Zcool85)
- ✨ build image using Go 1.19.4
⚠️ breaking changes ahead if comming from previous version- 📄 documentation and helm chart hosted at https://aureq.github.io/cert-manager-webhook-ovh/
- ✨ deploy multiple
Issuer
(namespaced) andClusterIssuer
via chart - ✨ either specify your OVH credentials, or use an existing secret
- ✨ OVH credential are all stored in a secret (ApplicationKey, ApplicaitonSecret, ConsumerKey)
- ✨ deploy necessary permissions to access the OVH credentials
- ✨ role based access control to access secrets across namespaces
- 🚀 publish container image on GitHub Container Registry
- 🚀 publish Helm Chart on GitHub pages
- ⬆️ upgrade dependencies to reduce warnings
- ✨ drop root privileges
- ✨ add support for HTTP/HTTPS proxy
- 🚀 use kubernetes recommended labels
- ✨ move some helm logic in _helpers.tpl
- ✨ completely rework
values.yaml
to support creating issuers and ovh credentials - ✨ create role and bind it so the webhook can access necessary secrets
- ⬆️ upgrade dependencies to reduce warnings
- cert-manager
v1.5.3
tov1.9.1
- go-ovh
v1.1.0
tov1.3.0
- client-go
v0.22.1
tov0.24.2
- cert-manager
- build webhook using golang
1.18
- ✨ add image pull secrets to helm chart by Julian Stiller)
- 🐛 fix base64 encoded secrets by @julienkosinski
- 🔥 drop root privilges (missing attribution)
- 🐛 fix how security context is checked
- ✨ add RBAC (missing attribution)
- ⬆️ upgrade to Alpine Linux 3.16 container image
- 🐛 fix
Makefile
references and enable HTTP proxy to local build environment - ✨ set
CAP_NET_BIND_SERVICE
to binary to bind on privileged ports without root privileges (missing attribution) - 🐛 add
libpcap
to container image - ✨ create logo based on cert-manager logo and icons8
- ✨ more fields populated in
Chart.yaml
- 🌱 some ground work to automate the release process via GitHub Actions and GitHub packages
⚠️ breaking changes ahead- ✨ major helm chart improvements
- ✨ deploy multiple
Issuer
(namespaced) andClusterIssuer
via chart - ✨ either specify your OVH credentials, or use an existing secret
- ✨ OVH credential are all stored in a secret (ApplicationKey, ApplicaitonSecret, ConsumerKey)
- ✨ deploy necessary permissions to access the OVH credentials
- ✨ role based access control to access secrets across namespaces
- ✨ move some helm logic in _helpers.tpl
- ✨ completely rework
values.yaml
to support creating issuers and ovh credentials - ✨ create role and bind it so the webhook can access necessary secrets
- 📄 documentation and helm chart hosted at https://aureq.github.io/cert-manager-webhook-ovh/
- 🚀 publish container image on GitHub Container Registry
- 🚀 publish Helm Chart on GitHub pages
- ⬆️ upgrade dependencies to reduce warnings
- ✨ drop root privileges
- 🌱 some ground work to automate the release process via GitHub Actions
- ✨ add support for HTTP proxy
- ⬆️ upgrade dependencies to reduce warnings
- cert-manager
v1.5.3
tov1.9.1
- go-ovh
v1.1.0
tov1.3.0
- client-go
v0.22.1
tov0.24.2
- cert-manager
- build webhook using golang
1.18
- ✨ add image pull secrets to helm chart by Julian Stiller)
- 🐛 fix base64 encoded secrets by @julienkosinski
- 🔥 drop root privilges (missing attribution)
- 🐛 fix how security context is checked
- ✨ add RBAC (missing attribution)
- ⬆️ upgrade to Alpine Linux 3.16 container image
- 🐛 fix
Makefile
references and enable HTTP proxy to local build environment - ✨ set
CAP_NET_BIND_SERVICE
to binary to bind on privileged ports without root privileges (missing attribution) - 🐛 add
libpcap
to container image - ✨ create logo based on cert-manager logo and icons8
- ✨ more fields populated in
Chart.yaml
- 🌱 some ground work to automate the release process via GitHub Actions and GitHub packages
- Initial work by @baarde
- cert-manager-webhook-ovh
- Commit
ab4d192