v0.2.0

Warning

v0.2.z is a major departure from v0.1.z and contains major breaking changes to make certgen generic and reusable by projects other than Cilium. All CLI flags that were specific to Cilium, Hubble or Cluster Mesh have been removed and a new way to configure certgen has been introduced.

As @giorio94 explains in #220, the configuration to generate certificates is now provided as yaml via --config or --config-file and looks like the following example:

certs:
- name: foo
  namespace: kube-system
  commonName: foo.cilium.io
  hosts:
 - foo.cilium.io
  - qux.cilium.io
  - 192.0.2.237
  usage:
 - signing
  - key encipherment
  - server auth
  validity: 72h
- name: bar
  ...

What's Changed

• Generalize the certificate generation configuration by @giorio94 in #220
• Prepare for v0.2.0 release by @rolinh in #230
• ci: use main as default branch by @kaworu in #225
• ci: bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in #227

Full Changelog: v0.1.13...v0.2.0

v0.1.13

What's Changed

• Add support for generating Hubble metrics certificates by @chancez in #199
• clustermesh: drop unnecessary localhost SAN from the admin certificate by @giorio94 in #219
• prepare for branching v0.1 by @kaworu in #222
• update Go to v1.22.3 and golangci-lint to v1.58.1 by @rolinh in #216
• v0.1: update Go to v1.22.4 by @rolinh in #228
• version: prepare for v0.1.13 release by @rolinh in #229
• [v0.1] ci: bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in #226
• build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #204
• build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #207
• build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #214
• build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in #218
• build(deps): bump actions/download-artifact from 4.1.4 to 4.1.5 by @dependabot in #201
• build(deps): bump actions/download-artifact from 4.1.5 to 4.1.6 by @dependabot in #206
• build(deps): bump actions/download-artifact from 4.1.6 to 4.1.7 by @dependabot in #208
• build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #211
• build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #202
• build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #205
• build(deps): bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #221
• build(deps): bump github.com/spf13/viper from 1.18.2 to 1.19.0 by @dependabot in #223
• build(deps): bump golang/govulncheck-action from 1.0.2 to 1.0.3 by @dependabot in #224
• build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in #209
• build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in #210
• build(deps): bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in #212
• build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 by @dependabot in #213
• build(deps): bump golangci/golangci-lint-action from 6.0.0 to 6.0.1 by @dependabot in #215
• build(deps): bump the k8s-deps group across 1 directory with 3 updates by @dependabot in #203
• build(deps): bump the k8s-deps group with 3 updates by @dependabot in #217

New Contributors

• @chancez made their first contribution in #199

Full Changelog: v0.1.11...v0.1.13

v0.1.11

What's Changed

• bump Golang to v1.22.1 by @kaworu in #190
• bump Go to v1.22.2, update deps and prepare for v0.1.11 release by @rolinh in #198
• build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #192
• build(deps): bump actions/download-artifact from 4.1.1 to 4.1.2 by @dependabot in #182
• build(deps): bump actions/download-artifact from 4.1.2 to 4.1.3 by @dependabot in #186
• build(deps): bump actions/download-artifact from 4.1.3 to 4.1.4 by @dependabot in #188
• build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #180
• build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #181
• build(deps): bump docker/build-push-action from 5.1.0 to 5.2.0 by @dependabot in #191
• build(deps): bump docker/build-push-action from 5.2.0 to 5.3.0 by @dependabot in #195
• build(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #193
• build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #187
• build(deps): bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by @dependabot in #194
• build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #197
• build(deps): bump github.com/cloudflare/cfssl from 1.6.4 to 1.6.5 by @dependabot in #189
• build(deps): bump golang/govulncheck-action from 1.0.1 to 1.0.2 by @dependabot in #185
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in #183
• build(deps): bump the k8s-deps group with 3 updates by @dependabot in #184
• build(deps): bump the k8s-deps group with 3 updates by @dependabot in #196

Full Changelog: v0.1.10...v0.1.11

v0.1.10

What's Changed

• Bump Go to v1.21.4 by @kaworu in #165
• Prepare for v0.1.10 release by @rolinh in #179
• ci: Bump Go to v1.21.5 by @kaworu in #169
• build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #146
• build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #149
• build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #156
• build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #159
• build(deps): bump actions/download-artifact from 3.0.2 to 4.0.0 by @dependabot in #171
• build(deps): bump actions/download-artifact from 4.0.0 to 4.1.0 by @dependabot in #173
• build(deps): bump actions/download-artifact from 4.1.0 to 4.1.1 by @dependabot in #175
• build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #142
• build(deps): bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #166
• build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #150
• build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 by @dependabot in #172
• build(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in #176
• build(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in #178
• build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 by @dependabot in #152
• build(deps): bump docker/build-push-action from 5.0.0 to 5.1.0 by @dependabot in #164
• build(deps): bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in #153
• build(deps): bump docker/setup-buildx-action from 2.10.0 to 3.0.0 by @dependabot in #154
• build(deps): bump docker/setup-buildx-action from 2.9.1 to 2.10.0 by @dependabot in #148
• build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #161
• build(deps): bump github.com/spf13/viper from 1.16.0 to 1.17.0 by @dependabot in #158
• build(deps): bump github.com/spf13/viper from 1.17.0 to 1.18.0 by @dependabot in #167
• build(deps): bump github.com/spf13/viper from 1.18.0 to 1.18.1 by @dependabot in #168
• build(deps): bump github.com/spf13/viper from 1.18.1 to 1.18.2 by @dependabot in #174
• build(deps): bump golang/govulncheck-action from 1.0.0 to 1.0.1 by @dependabot in #157
• build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot in #143
• build(deps): bump the k8s-deps group with 2 updates by @dependabot in #144
• build(deps): bump the k8s-deps group with 2 updates by @dependabot in #147
• build(deps): bump the k8s-deps group with 2 updates by @dependabot in #155
• build(deps): bump the k8s-deps group with 2 updates by @dependabot in #160
• build(deps): bump the k8s-deps group with 2 updates by @dependabot in #162
• build(deps): bump the k8s-deps group with 2 updates by @dependabot in #170
• build(deps): bump the k8s-deps group with 2 updates by @dependabot in #177

Full Changelog: v0.1.9...v0.1.10

v0.1.9

What's Changed

• Bump Golang and golangci-lint by @kaworu in #114
• CODEOWNERS: Fix renamed teams by @gandro in #81
• Update Go, golangci-lint, and vendors by @kaworu in #72
• ci: add docker to dependabot by @kaworu in #113
• ci: fix indentation of golangci-lint action by @rolinh in #119
• ci: increase PR limits for dependabot by @rolinh in #121
• ci: let dependabot update k8s deps as a group of deps by @rolinh in #138
• ci: run govulncheck to find vulnerable dependencies by @rolinh in #140
• github: Replace deprecated command with environment file by @jongwooo in #137
• vendor: update yaml.v3 to v3.0.1 by @kaworu in #76
• version: prepare for v0.1.9 release by @rolinh in #141
• build(deps): bump actions/checkout from 2.4.0 to 3 by @dependabot in #61
• build(deps): bump actions/checkout from 3.0.0 to 3.0.2 by @dependabot in #69
• build(deps): bump actions/checkout from 3.0.2 to 3.1.0 by @dependabot in #86
• build(deps): bump actions/checkout from 3.1.0 to 3.2.0 by @dependabot in #103
• build(deps): bump actions/checkout from 3.2.0 to 3.3.0 by @dependabot in #104
• build(deps): bump actions/checkout from 3.3.0 to 3.5.2 by @dependabot in #122
• build(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #129
• build(deps): bump actions/download-artifact from 2.1.0 to 3 by @dependabot in #62
• build(deps): bump actions/download-artifact from 3.0.0 to 3.0.1 by @dependabot in #97
• build(deps): bump actions/download-artifact from 3.0.1 to 3.0.2 by @dependabot in #106
• build(deps): bump actions/setup-go from 2.1.5 to 3 by @dependabot in #58
• build(deps): bump actions/setup-go from 3.1.0 to 3.2.0 by @dependabot in #74
• build(deps): bump actions/setup-go from 3.2.0 to 3.2.1 by @dependabot in #78
• build(deps): bump actions/setup-go from 3.2.1 to 3.3.0 by @dependabot in #83
• build(deps): bump actions/setup-go from 3.3.0 to 3.3.1 by @dependabot in #93
• build(deps): bump actions/setup-go from 3.3.1 to 3.4.0 by @dependabot in #101
• build(deps): bump actions/setup-go from 3.4.0 to 3.5.0 by @dependabot in #102
• build(deps): bump actions/setup-go from 3.5.0 to 4.0.1 by @dependabot in #120
• build(deps): bump actions/upload-artifact from 2.3.1 to 3 by @dependabot in #63
• build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.0 by @dependabot in #73
• build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.1 by @dependabot in #96
• build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2 by @dependabot in #105
• build(deps): bump docker/build-push-action from 2.9.0 to 3 by @dependabot in #67
• build(deps): bump docker/build-push-action from 3.0.0 to 3.1.0 by @dependabot in #79
• build(deps): bump docker/build-push-action from 3.1.0 to 3.1.1 by @dependabot in #82
• build(deps): bump docker/build-push-action from 3.1.1 to 3.2.0 by @dependabot in #90
• build(deps): bump docker/build-push-action from 3.2.0 to 3.3.0 by @dependabot in #107
• build(deps): bump docker/build-push-action from 3.3.0 to 4.0.0 by @dependabot in #111
• build(deps): bump docker/build-push-action from 4.0.0 to 4.1.0 by @dependabot in #130
• build(deps): bump docker/build-push-action from 4.1.0 to 4.1.1 by @dependabot in #132
• build(deps): bump docker/login-action from 1.12.0 to 1.14.1 by @dependabot in #60
• build(deps): bump docker/login-action from 1.14.1 to 2 by @dependabot in #68
• build(deps): bump docker/login-action from 2.0.0 to 2.1.0 by @dependabot in #89
• build(deps): bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in #127
• build(deps): bump docker/setup-buildx-action from 1.6.0 to 2 by @dependabot in #70
• build(deps): bump docker/setup-buildx-action from 2.0.0 to 2.1.0 by @dependabot in #91
• build(deps): bump docker/setup-buildx-action from 2.1.0 to 2.2.0 by @dependabot in #92
• build(deps): bump docker/setup-buildx-action from 2.2.0 to 2.2.1 by @dependabot in #94
• build(deps): bump docker/setup-buildx-action from 2.2.1 to 2.4.1 by @dependabot in #110
• build(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 by @dependabot in #123
• build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 by @dependabot in #128
• build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 by @dependabot in #133
• build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 by @dependabot in #134
• build(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.0 by @dependabot in #135
• build(deps): bump docker/setup-buildx-action from 2.9.0 to 2.9.1 by @dependabot in #136
• build(deps): bump github.com/cloudflare/cfssl from 1.6.1 to 1.6.2 by @dependabot in #84
• build(deps): bump github.com/cloudflare/cfssl from 1.6.2 to 1.6.3 by @dependabot in #87
• build(deps): bump github.com/cloudflare/cfssl from 1.6.3 to 1.6.4 by @dependabot in #116
• build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 by @dependabot in #80
• build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by @dependabot in #118
• build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 by @dependabot in #126
• build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 by @dependabot in #64
• build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 by @dependabot in #77
• build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in #88
• build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 by @dependabot in #98
• build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in #115
• build(deps): bump github.com/spf13/viper from 1.10.1 to 1.11.0 by @dependabot in #66
• build(deps): bump github.com/spf13/viper from 1.11.0 to 1.12.0 by @dependabot in #75
• build(deps): bump github.com/spf13/viper from 1.12.0 to 1.13.0 by @dependabot in #85
• build(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 by @dependabot in #99
• build(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 by @dependabot in #108
• build(deps): bump github.com/spf13/viper from 1.15.0 to 1.16.0 by @dependabot in #124
• build(deps): bump golangci/golangci-lint-action from 2 to 3.1.0 by @dependabot in #59
• build(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 by @dependabot in #71
• build(deps): bump golangci/golangci-lint-action from 3.2.0 to 3.3.0 by @dependabot in #95
• build(deps): bump golangci/golangci-lint-action from 3.3.0 to 3.3.1 by @dependabot in #100
• build(deps): bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 by @dependabot in #109
• build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 by @dependabot in #125
• build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @dependabot in #131
• build(deps): bump the k8s-deps group with 2 updates by @dependabot in #139

New Contributors

• @jongwooo made their first contribution in #137

Full Changelog: https://git...

v0.1.8

This release fixes a race condition which can happen if jobs concurrently try to generate the Cilium CA.

What's Changed

• ci: add golangci by @kaworu in #44
• build(deps): bump github.com/spf13/viper from 1.10.0 to 1.10.1 by @dependabot in #51
• build(deps): bump docker/login-action from 1.10.0 to 1.12.0 by @dependabot in #50
• build(deps): bump actions/setup-go from 2.1.4 to 2.1.5 by @dependabot in #52
• build(deps): bump docker/build-push-action from 2.7.0 to 2.8.0 by @dependabot in #53
• build(deps): bump docker/build-push-action from 2.8.0 to 2.9.0 by @dependabot in #54
• bug: Avoid race condition while generate secret with re-use flag by @sayboras in #55
• version: Prepare for 0.1.8 release by @gandro in #56

New Contributors

• @sayboras made their first contribution in #55

Full Changelog: v0.1.7...v0.1.8

Docker Manifests

certgen

docker.io/cilium/certgen:v0.1.8@sha256:4a456552a5f192992a6edcec2febb1c54870d665173a33dc7d876129b199ddbd
quay.io/cilium/certgen:v0.1.8@sha256:4a456552a5f192992a6edcec2febb1c54870d665173a33dc7d876129b199ddbd

v0.1.7

This release removes the ability to create separate CA's for Cluster Mesh and Hubble. Instead, certgen now uses single Cilium CA such that the generated certs are compatible with the Cilium CLI. See cilium/cilium#18278

Docker Manifests

certgen

docker.io/cilium/certgen:v0.1.7@sha256:abe8519df8181446db310a70cf9fe6c13883dd4bc22b1cbeaa2db8e3a8e300f9
quay.io/cilium/certgen:v0.1.7@sha256:abe8519df8181446db310a70cf9fe6c13883dd4bc22b1cbeaa2db8e3a8e300f9

What's Changed

• build(deps): bump github.com/spf13/viper from 1.7.1 to 1.8.1 by @dependabot in #27
• build(deps): bump docker/build-push-action from 2.6.1 to 2.7.0 by @dependabot in #29
• build(deps): bump github.com/cloudflare/cfssl from 1.4.1 to 1.6.0 by @dependabot in #28
• doc: update RELEASE.md to reflect that GitHub action is used to build the images by @kaworu in #31
• build(deps): bump actions/setup-go from 2.1.3 to 2.1.4 by @dependabot in #33
• go: update to Go 1.17.0 by @kaworu in #30
• build(deps): bump docker/setup-buildx-action from 1.5.1 to 1.6.0 by @dependabot in #34
• build(deps): bump k8s.io/client-go from 0.19.2 to 0.22.1 by @dependabot in #32
• build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.2.1 by @dependabot in #35
• vendor: bump k8s.io/* deps to v0.22.2 and viper to v1.9.0 by @rolinh in #37
• Update Go and drop explicit go vet check by @tklauser in #38
• build(deps): bump actions/checkout from 2 to 2.3.5 by @dependabot in #39
• build(deps): bump actions/checkout from 2.3.5 to 2.4.0 by @dependabot in #40
• build(deps): bump github.com/spf13/viper from 1.9.0 to 1.10.0 by @dependabot in #45
• build(deps): bump actions/upload-artifact from 2.2.4 to 2.3.0 by @dependabot in #42
• build(deps): bump actions/download-artifact from 2.0.10 to 2.1.0 by @dependabot in #46
• Generate: Bring certgen inline with cilium-cli by @soggiest in #41
• build(deps): bump actions/upload-artifact from 2.3.0 to 2.3.1 by @dependabot in #47
• build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 by @dependabot in #49
• version: Prepare for v0.1.7 release by @gandro in #48

New Contributors

• @rolinh made their first contribution in #37
• @tklauser made their first contribution in #38
• @soggiest made their first contribution in #41

Full Changelog: v0.1.6...v0.1.7

v0.1.6

CHANGELOG

This is a maintenance release which only includes bumped dependencies and an improved release process.

v0.1.5

CHANGELOG

• Include *.mesh.cilium.io in clustermesh-apiserver server cert (see #20)

v0.1.4

CHANGELOG

• Update to Go v1.16
• TLS Secrets now contains the CA certificate in ca.crt (see #15)