Releases: cert-manager/openshift-routes
v0.5.0
What's Changed
You can now use more annotations! Thanks to @ctrought's work in #29, you can now use the following subject annotations:
cert-manager.io/email-sans
,cert-manager.io/subject-organizations
,cert-manager.io/subject-organizationalunits
,cert-manager.io/subject-countries
,cert-manager.io/subject-provinces
,cert-manager.io/subject-localities
,cert-manager.io/subject-postalcodes
,cert-manager.io/subject-streetaddresses
,cert-manager.io/subject-serialnumber
.
The documentation for the annotations is identical to the Ingress annotations and can be read in the Ingress Usage page.
Additionally, to help migrating the annotations from Ingresses to Routes, the annotation cert-manager.io/issuer
can now be used as an alternative to cert-manager.io/issuer-name
. Both annotations offer the same functionality. Note that the annotation cert-manager.io/cluster-issuer
has not been brought to openshift-routes.
New Contributors
Full Changelog: v0.4.0...v0.5.0
v0.4.0
Changelog
-
You can now use the annotation
cert-manager.io/private-key-size
on Route resources to configure the key size for the generation of the private key. The default key sizes are still 2048 bits for the RSA signature algorithm (and hashed with SHA-256), and the P-256 curve for the ECDSA signature algorithm (hashed with SHA-256). The possible values are the same as when using the annotation on Ingress resources described in the Ingress Usage page. Shout out to @snorwin for implementing the feature in #48! -
The Helm chart is now accessible as an OCI image thanks to @jacksgt! You can install the chart using the command:
helm upgrade --install openshift-routes oci://ghcr.io/cert-manager/charts/openshift-routes
-
ArgoCD will no longer complain due to the mis-indented
automountServiceAccountToken
in the Helm chart. Thank you @snorwin for spotting this.
New Contributors
Full Changelog: v0.3.1...v0.4.0
v0.3.1
What's Changed
- Openshift-routes now has an Helm chart thanks to @jacksgt! For now, using the Helm chart requires you to clone the project locally.
- Three CVEs were fixed (CVE-2023-39325, CVE-2023-3978, and CVE-2023-44487).
Note from @maelvls: this should have been a minor version bump since there was the addition of the Helm chart. But I had forgotten about theHelm chart addition and created a patch version instead. My bad!
Full Changelog: v0.3.0...v0.3.1
v0.3.0
What's Changed
- Openshift-routes now supports
Route.spec.subdomain
. This feature was contributed by @jacksgt in #27. - Openshift-routes now supports ECDSA keys. This improvement was contributed by @vinny-sabatini in #28.
- Renewal was happening too early. @seandilda found that the renewal was happening at ⅓ of the duration of the certificate instead of ⅔. If you are using Let's Encrypt, your 90-days certificates would get rotated after 30 days instead of 60 days. This was fixed in the pull request #25.
- The static manifest contained an error that prevented the use of the
/metrics
endpoint. It is now fixed thanks to @vinny-sabatini in #33.
New Contributors
- @vinny-sabatini made their first contribution in #33
- @seandilda made their first contribution in #25
Full Changelog: v0.2.0...v0.3.0
v0.2.0
v0.1.3
v0.1.2
Changelog
- 7f5b7a9 add PATCH to Events for clusterrole (thanks to @nate-duke)