- Issued:
- 2023-10-02
- Updated:
- 2023-10-02
RHEA-2023:5339 - Product Enhancement Advisory
Synopsis
cert-manager Operator for Red Hat OpenShift 1.12.0
Type/Severity
Product Enhancement Advisory
Topic
cert-manager Operator for Red Hat OpenShift 1.12.0
Description
The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities
and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide
certificates-as-a-service to developers working within your Kubernetes cluster.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
The steps to apply the upgraded images are different depending on the installation plan approval policy you used
when installing the cert-manager Operator for Red Hat OpenShift.
- If the approval policy is set to , then the Operator will be upgraded automatically when there is a
new version of the Operator. No further action is required to upgrade. This is the default setting.
- If you changed the approval policy to , then you must manually approve the upgrade to the Operator.
See https://github.com/openshift/cert-manager-operator/blob/master/README.md for additional information.
Affected Products
- Cert Manager support for Red Hat OpenShift release 1.12 x86_64
Fixes
- CM-117 - cert-manager operator 1.12 release
- CM-114 - As a developer, I would like to improve the E2E test cases for our operator
- OCPBUGS-18780 - Operand pods CrashLoopBackOff in cert-manager-operator 1.12.0 fresh installation
- CM-200 - Operator version displayed on web console may mislead users
- CM-112 - As a user I would want cert-manager operator to be available in Red Hat Ecosystem catalogue
- CM-115 - Bump cert-manager to 1.12.x
- CM-182 - Bump operator to cert-manager 1.12.4
- CM-198 - cert-manager operator docs update and release notes tracker
- OCPBUGS-13830 - No way to config cpu/memory limits/requests for cert-manager and cert-manager-operator
- OCPBUGS-8210 - When acme issuer sets "disableAccountKeyGeneration: true", updating privateKeySecretRef secret won't change the acme account
References
(none)
x86_64
cert-manager/cert-manager-operator-bundle@sha256:918df552cd9f904824e45ba4c7ec120120a2aef6ada87658a4b641d376313854 |
cert-manager/cert-manager-operator-rhel9@sha256:84d1e1d9fe97e35348c56daaba91515da8102b5f3d92001da46fafbf1288c6fa |
cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:51653480bb08e6c82cec0b8c95fc3d6264c4309bd511229007bea9b5cb8a849e |
cert-manager/jetstack-cert-manager-rhel9@sha256:c2db05818ec4c508bd95cf8d36147bde5816942e22c8240dfed066a6c073d07d |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.