v0.5.0

What's Changed

You can now use more annotations! Thanks to @ctrought's work in #29, you can now use the following subject annotations:

• cert-manager.io/email-sans,
• cert-manager.io/subject-organizations,
• cert-manager.io/subject-organizationalunits,
• cert-manager.io/subject-countries,
• cert-manager.io/subject-provinces,
• cert-manager.io/subject-localities,
• cert-manager.io/subject-postalcodes,
• cert-manager.io/subject-streetaddresses,
• cert-manager.io/subject-serialnumber.

The documentation for the annotations is identical to the Ingress annotations and can be read in the Ingress Usage page.

Additionally, to help migrating the annotations from Ingresses to Routes, the annotation cert-manager.io/issuer can now be used as an alternative to cert-manager.io/issuer-name. Both annotations offer the same functionality. Note that the annotation cert-manager.io/cluster-issuer has not been brought to openshift-routes.

New Contributors

• @ctrought made their first contribution in #29

Full Changelog: v0.4.0...v0.5.0

v0.4.0

Changelog

• You can now use the annotation cert-manager.io/private-key-size on Route resources to configure the key size for the generation of the private key. The default key sizes are still 2048 bits for the RSA signature algorithm (and hashed with SHA-256), and the P-256 curve for the ECDSA signature algorithm (hashed with SHA-256). The possible values are the same as when using the annotation on Ingress resources described in the Ingress Usage page. Shout out to @snorwin for implementing the feature in #48!

• The Helm chart is now accessible as an OCI image thanks to @jacksgt! You can install the chart using the command:

  helm upgrade --install openshift-routes oci://ghcr.io/cert-manager/charts/openshift-routes

• ArgoCD will no longer complain due to the mis-indented automountServiceAccountToken in the Helm chart. Thank you @snorwin for spotting this.

New Contributors

• @snorwin made their first contribution in #47

Full Changelog: v0.3.1...v0.4.0

v0.3.1

What's Changed

• Openshift-routes now has an Helm chart thanks to @jacksgt! For now, using the Helm chart requires you to clone the project locally.
• Three CVEs were fixed (CVE-2023-39325, CVE-2023-3978, and CVE-2023-44487).

Note from @maelvls: this should have been a minor version bump since there was the addition of the Helm chart. But I had forgotten about theHelm chart addition and created a patch version instead. My bad!

Full Changelog: v0.3.0...v0.3.1

v0.3.0

What's Changed

• Openshift-routes now supports Route.spec.subdomain. This feature was contributed by @jacksgt in #27.
• Openshift-routes now supports ECDSA keys. This improvement was contributed by @vinny-sabatini in #28.
• Renewal was happening too early. @seandilda found that the renewal was happening at ⅓ of the duration of the certificate instead of ⅔. If you are using Let's Encrypt, your 90-days certificates would get rotated after 30 days instead of 60 days. This was fixed in the pull request #25.
• The static manifest contained an error that prevented the use of the /metrics endpoint. It is now fixed thanks to @vinny-sabatini in #33.

New Contributors

• @vinny-sabatini made their first contribution in #33
• @seandilda made their first contribution in #25

Full Changelog: v0.2.0...v0.3.0

v0.2.0

Changelog

• b2f988d The certificate is now re-issued when the host field changes on the Route resource (thanks to @jacksgt)
• 8787f37 Use Go 1.20

v0.1.3

Changelog

• 4d2d199 Ignore CA as it may cause extended validation errors (@jakexks)

v0.1.2

Changelog

• 7f5b7a9 add PATCH to Events for clusterrole (thanks to @nate-duke)

v0.1.0

Changelog

• f2a5b9d Clarify why this project exists
• 5b0a087 Initial Release
• 0fc5110 Initial commit