From fdb5ab51b879e875d1241c300d9462d0ff8d6dc5 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Tue, 10 Mar 2026 19:45:31 +0000 Subject: [PATCH] Automated Manifest Update (#4583) This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/4583 Co-authored-by: gitea-bot Co-committed-by: gitea-bot --- .../ClusterRole-cert-manager-cainjector.yaml | 4 +- ...ClusterRole-cert-manager-cluster-view.yaml | 4 +- ...er-controller-approve:cert-manager-io.yaml | 4 +- ...-cert-manager-controller-certificates.yaml | 4 +- ...controller-certificatesigningrequests.yaml | 4 +- ...le-cert-manager-controller-challenges.yaml | 4 +- ...ert-manager-controller-clusterissuers.yaml | 4 +- ...-cert-manager-controller-ingress-shim.yaml | 8 +-- ...rRole-cert-manager-controller-issuers.yaml | 4 +- ...erRole-cert-manager-controller-orders.yaml | 4 +- .../ClusterRole-cert-manager-edit.yaml | 4 +- .../ClusterRole-cert-manager-view.yaml | 4 +- ...-manager-webhook:subjectaccessreviews.yaml | 4 +- ...erRoleBinding-cert-manager-cainjector.yaml | 4 +- ...er-controller-approve:cert-manager-io.yaml | 4 +- ...-cert-manager-controller-certificates.yaml | 4 +- ...controller-certificatesigningrequests.yaml | 4 +- ...ng-cert-manager-controller-challenges.yaml | 4 +- ...ert-manager-controller-clusterissuers.yaml | 4 +- ...-cert-manager-controller-ingress-shim.yaml | 4 +- ...nding-cert-manager-controller-issuers.yaml | 4 +- ...inding-cert-manager-controller-orders.yaml | 4 +- ...-manager-webhook:subjectaccessreviews.yaml | 4 +- ...n-certificaterequests.cert-manager.io.yaml | 8 ++- ...finition-certificates.cert-manager.io.yaml | 11 +-- ...ition-challenges.acme.cert-manager.io.yaml | 44 +++++++++--- ...nition-clusterissuers.cert-manager.io.yaml | 72 ++++++++++++------- ...rceDefinition-issuers.cert-manager.io.yaml | 72 ++++++++++++------- ...efinition-orders.acme.cert-manager.io.yaml | 8 ++- .../Deployment-cert-manager-cainjector.yaml | 10 +-- .../Deployment-cert-manager-webhook.yaml | 10 +-- .../cert-manager/Deployment-cert-manager.yaml | 12 ++-- .../Job-cert-manager-startupapicheck.yaml | 10 +-- ...ookConfiguration-cert-manager-webhook.yaml | 4 +- ...ert-manager-cainjector:leaderelection.yaml | 4 +- ...t-manager-startupapicheck:create-cert.yaml | 4 +- .../Role-cert-manager-tokenrequest.yaml | 4 +- ...-cert-manager-webhook:dynamic-serving.yaml | 4 +- .../Role-cert-manager:leaderelection.yaml | 4 +- ...ert-manager-cainjector:leaderelection.yaml | 4 +- ...t-manager-startupapicheck:create-cert.yaml | 4 +- ...RoleBinding-cert-manager-tokenrequest.yaml | 4 +- ...-cert-manager-webhook:dynamic-serving.yaml | 4 +- ...leBinding-cert-manager:leaderelection.yaml | 4 +- .../Service-cert-manager-cainjector.yaml | 4 +- .../Service-cert-manager-webhook.yaml | 4 +- .../cert-manager/Service-cert-manager.yaml | 4 +- ...erviceAccount-cert-manager-cainjector.yaml | 4 +- ...eAccount-cert-manager-startupapicheck.yaml | 4 +- .../ServiceAccount-cert-manager-webhook.yaml | 4 +- .../ServiceAccount-cert-manager.yaml | 4 +- .../ServiceMonitor-cert-manager.yaml | 6 +- ...ookConfiguration-cert-manager-webhook.yaml | 4 +- 53 files changed, 251 insertions(+), 184 deletions(-) diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cainjector.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cainjector.yaml index ab883d9d0..2277d1dd8 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cainjector.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cainjector.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["cert-manager.io"] resources: ["certificates"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cluster-view.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cluster-view.yaml index 6f2109614..cff32c686 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cluster-view.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-cluster-view.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" rules: - apiGroups: ["cert-manager.io"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-approve:cert-manager-io.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-approve:cert-manager-io.yaml index 85508dd33..f4870c761 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-approve:cert-manager-io.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-approve:cert-manager-io.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["cert-manager.io"] resources: ["signers"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificates.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificates.yaml index 06e502ab1..3d0ece8c7 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificates.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificates.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificatesigningrequests.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificatesigningrequests.yaml index 06ecfbc2a..9ee7b1c21 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificatesigningrequests.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-certificatesigningrequests.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["certificates.k8s.io"] resources: ["certificatesigningrequests"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-challenges.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-challenges.yaml index d5fa2086b..bce5f131c 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-challenges.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-challenges.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["acme.cert-manager.io"] resources: ["challenges", "challenges/status"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-clusterissuers.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-clusterissuers.yaml index 42fa7ee2c..ac52fd8d3 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-clusterissuers.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-clusterissuers.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["cert-manager.io"] resources: ["clusterissuers", "clusterissuers/status"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-ingress-shim.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-ingress-shim.yaml index f8da8c575..49f2ed16b 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-ingress-shim.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-ingress-shim.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests"] @@ -24,10 +24,10 @@ rules: resources: ["ingresses/finalizers"] verbs: ["update"] - apiGroups: ["gateway.networking.k8s.io"] - resources: ["gateways", "httproutes"] + resources: ["gateways", "httproutes", "listenersets"] verbs: ["get", "list", "watch"] - apiGroups: ["gateway.networking.k8s.io"] - resources: ["gateways/finalizers", "httproutes/finalizers"] + resources: ["gateways/finalizers", "httproutes/finalizers", "listenersets/finalizers"] verbs: ["update"] - apiGroups: [""] resources: ["events"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-issuers.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-issuers.yaml index 2429ec658..3d19529fa 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-issuers.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-issuers.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["cert-manager.io"] resources: ["issuers", "issuers/status"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-orders.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-orders.yaml index 3d7c32495..c88f9f556 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-orders.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-controller-orders.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["acme.cert-manager.io"] resources: ["orders", "orders/status"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-edit.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-edit.yaml index 5a999db8e..13c3f8d23 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-edit.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-edit.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" rules: diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-view.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-view.yaml index ed883c5fd..69475ca9e 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-view.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-view.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-webhook:subjectaccessreviews.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-webhook:subjectaccessreviews.yaml index 76e132560..e1608138d 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-webhook:subjectaccessreviews.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRole-cert-manager-webhook:subjectaccessreviews.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["authorization.k8s.io"] resources: ["subjectaccessreviews"] diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-cainjector.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-cainjector.yaml index 638401350..72bb02d9d 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-cainjector.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-cainjector.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-approve:cert-manager-io.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-approve:cert-manager-io.yaml index 219d678cd..3b860a02f 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-approve:cert-manager-io.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-approve:cert-manager-io.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificates.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificates.yaml index 788eed6b3..3f4226799 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificates.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificates.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificatesigningrequests.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificatesigningrequests.yaml index b666fd451..68cba3055 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificatesigningrequests.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-certificatesigningrequests.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-challenges.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-challenges.yaml index 94ab4a400..47e162b58 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-challenges.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-challenges.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-clusterissuers.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-clusterissuers.yaml index 871ad1c82..e4b5701ee 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-clusterissuers.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-clusterissuers.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-ingress-shim.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-ingress-shim.yaml index 5b1d4bee0..be189e51a 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-ingress-shim.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-ingress-shim.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-issuers.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-issuers.yaml index f4d9b1828..9890af0ec 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-issuers.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-issuers.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-orders.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-orders.yaml index 28bbe49ff..4f47d9579 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-orders.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-controller-orders.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-webhook:subjectaccessreviews.yaml b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-webhook:subjectaccessreviews.yaml index 4bd039ca3..412c7d784 100644 --- a/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-webhook:subjectaccessreviews.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ClusterRoleBinding-cert-manager-webhook:subjectaccessreviews.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificaterequests.cert-manager.io.yaml b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificaterequests.cert-manager.io.yaml index 4ee2364d7..6628c885d 100644 --- a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificaterequests.cert-manager.io.yaml +++ b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificaterequests.cert-manager.io.yaml @@ -9,9 +9,9 @@ metadata: app.kubernetes.io/name: "cert-manager" app.kubernetes.io/instance: "cert-manager" app.kubernetes.io/component: "crds" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: group: cert-manager.io names: @@ -315,6 +315,10 @@ spec: type: string type: object type: object + selectableFields: + - jsonPath: .spec.issuerRef.group + - jsonPath: .spec.issuerRef.kind + - jsonPath: .spec.issuerRef.name served: true storage: true subresources: diff --git a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificates.cert-manager.io.yaml b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificates.cert-manager.io.yaml index ccb7b9d10..9005952f1 100644 --- a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificates.cert-manager.io.yaml +++ b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-certificates.cert-manager.io.yaml @@ -9,9 +9,9 @@ metadata: app.kubernetes.io/name: "cert-manager" app.kubernetes.io/instance: "cert-manager" app.kubernetes.io/component: "crds" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: group: cert-manager.io names: @@ -454,9 +454,6 @@ spec: will be generated whenever a re-issuance occurs. Default is `Always`. The default was changed from `Never` to `Always` in cert-manager >=v1.18.0. - The new default can be disabled by setting the - `--feature-gates=DefaultPrivateKeyRotationPolicyAlways=false` option on - the controller component. enum: - Never - Always @@ -812,6 +809,10 @@ spec: type: integer type: object type: object + selectableFields: + - jsonPath: .spec.issuerRef.group + - jsonPath: .spec.issuerRef.kind + - jsonPath: .spec.issuerRef.name served: true storage: true subresources: diff --git a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-challenges.acme.cert-manager.io.yaml b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-challenges.acme.cert-manager.io.yaml index 28fedae72..4116d5d6f 100644 --- a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-challenges.acme.cert-manager.io.yaml +++ b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-challenges.acme.cert-manager.io.yaml @@ -9,9 +9,9 @@ metadata: app.kubernetes.io/name: "cert-manager" app.kubernetes.io/instance: "cert-manager" app.kubernetes.io/component: "crds" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: group: acme.cert-manager.io names: @@ -286,6 +286,22 @@ spec: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set. type: string + zoneType: + description: |- + ZoneType determines which type of Azure DNS zone to use. + + Valid values are: + - AzurePublicZone (default): Use a public Azure DNS zone. + - AzurePrivateZone: Use an Azure Private DNS zone. + + If not specified, AzurePublicZone is used. + + Support for Azure Private DNS zones is currently + experimental and may change in future releases. + enum: + - AzurePublicZone + - AzurePrivateZone + type: string required: - resourceGroupName - subscriptionID @@ -409,7 +425,7 @@ spec: description: |- The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be - enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. + enclosed in square brackets (e.g [2001:db8::1]); port is optional. This field is required. type: string protocol: @@ -459,8 +475,8 @@ spec: description: |- The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials type: string accessKeyIDSecretRef: @@ -468,8 +484,8 @@ spec: The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials properties: key: @@ -558,8 +574,8 @@ spec: secretAccessKeySecretRef: description: |- The SecretAccessKey is used for authentication. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials properties: key: @@ -1916,9 +1932,10 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). type: string tolerationSeconds: description: |- @@ -3127,9 +3144,10 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). type: string tolerationSeconds: description: |- @@ -3277,6 +3295,10 @@ spec: - metadata - spec type: object + selectableFields: + - jsonPath: .spec.issuerRef.group + - jsonPath: .spec.issuerRef.kind + - jsonPath: .spec.issuerRef.name served: true storage: true subresources: diff --git a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-clusterissuers.cert-manager.io.yaml b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-clusterissuers.cert-manager.io.yaml index 52997dbf2..d7b7a017a 100644 --- a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-clusterissuers.cert-manager.io.yaml +++ b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-clusterissuers.cert-manager.io.yaml @@ -9,9 +9,9 @@ metadata: app.kubernetes.io/name: "cert-manager" app.kubernetes.io/instance: "cert-manager" app.kubernetes.io/component: "crds" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: group: cert-manager.io names: @@ -399,6 +399,22 @@ spec: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set. type: string + zoneType: + description: |- + ZoneType determines which type of Azure DNS zone to use. + + Valid values are: + - AzurePublicZone (default): Use a public Azure DNS zone. + - AzurePrivateZone: Use an Azure Private DNS zone. + + If not specified, AzurePublicZone is used. + + Support for Azure Private DNS zones is currently + experimental and may change in future releases. + enum: + - AzurePublicZone + - AzurePrivateZone + type: string required: - resourceGroupName - subscriptionID @@ -522,7 +538,7 @@ spec: description: |- The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be - enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. + enclosed in square brackets (e.g [2001:db8::1]); port is optional. This field is required. type: string protocol: @@ -572,8 +588,8 @@ spec: description: |- The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials type: string accessKeyIDSecretRef: @@ -581,8 +597,8 @@ spec: The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials properties: key: @@ -671,8 +687,8 @@ spec: secretAccessKeySecretRef: description: |- The SecretAccessKey is used for authentication. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials properties: key: @@ -2029,9 +2045,10 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). type: string tolerationSeconds: description: |- @@ -3240,9 +3257,10 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). type: string tolerationSeconds: description: |- @@ -3499,8 +3517,8 @@ spec: properties: audiences: description: |- - TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token - consisting of the issuer's namespace and name is always included. + TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. + The default audiences are always included in the token. items: type: string type: array @@ -3628,16 +3646,16 @@ spec: type: object venafi: description: |- - Venafi configures this issuer to sign certificates using a Venafi TPP - or Venafi Cloud policy zone. + Venafi configures this issuer to sign certificates using a CyberArk Certificate Manager Self-Hosted + or SaaS policy zone. properties: cloud: description: |- - Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. + Cloud specifies the CyberArk Certificate Manager SaaS configuration settings. + Only one of CyberArk Certificate Manager may be specified. properties: apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + description: APITokenSecretRef is a secret key selector for the CyberArk Certificate Manager SaaS API token. properties: key: description: |- @@ -3655,7 +3673,7 @@ spec: type: object url: description: |- - URL is the base URL for Venafi Cloud. + URL is the base URL for CyberArk Certificate Manager SaaS. Defaults to "https://api.venafi.cloud/". type: string required: @@ -3663,13 +3681,13 @@ spec: type: object tpp: description: |- - TPP specifies Trust Protection Platform configuration settings. - Only one of TPP or Cloud may be specified. + TPP specifies CyberArk Certificate Manager Self-Hosted configuration settings. + Only one of CyberArk Certificate Manager may be specified. properties: caBundle: description: |- Base64-encoded bundle of PEM CAs which will be used to validate the certificate - chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. + chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. format: byte @@ -3677,7 +3695,7 @@ spec: caBundleSecretRef: description: |- Reference to a Secret containing a base64-encoded bundle of PEM CAs - which will be used to validate the certificate chain presented by the TPP server. + which will be used to validate the certificate chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. @@ -3698,7 +3716,7 @@ spec: type: object credentialsRef: description: |- - CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials. + CredentialsRef is a reference to a Secret containing the CyberArk Certificate Manager Self-Hosted API credentials. The secret must contain the key 'access-token' for the Access Token Authentication, or two keys, 'username' and 'password' for the API Keys Authentication. properties: @@ -3712,7 +3730,7 @@ spec: type: object url: description: |- - URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, + URL is the base URL for the vedsdk endpoint of the CyberArk Certificate Manager Self-Hosted instance, for example: "https://tpp.example.com/vedsdk". type: string required: @@ -3721,8 +3739,8 @@ spec: type: object zone: description: |- - Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by the named + Zone is the Certificate Manager Policy Zone to use for this issuer. + All requests made to the Certificate Manager platform will be restricted by the named zone policy. This field is required. type: string diff --git a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-issuers.cert-manager.io.yaml b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-issuers.cert-manager.io.yaml index d21826c2a..4ecaa2fb2 100644 --- a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-issuers.cert-manager.io.yaml +++ b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-issuers.cert-manager.io.yaml @@ -9,9 +9,9 @@ metadata: app.kubernetes.io/name: "cert-manager" app.kubernetes.io/instance: "cert-manager" app.kubernetes.io/component: "crds" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: group: cert-manager.io names: @@ -398,6 +398,22 @@ spec: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set. type: string + zoneType: + description: |- + ZoneType determines which type of Azure DNS zone to use. + + Valid values are: + - AzurePublicZone (default): Use a public Azure DNS zone. + - AzurePrivateZone: Use an Azure Private DNS zone. + + If not specified, AzurePublicZone is used. + + Support for Azure Private DNS zones is currently + experimental and may change in future releases. + enum: + - AzurePublicZone + - AzurePrivateZone + type: string required: - resourceGroupName - subscriptionID @@ -521,7 +537,7 @@ spec: description: |- The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be - enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. + enclosed in square brackets (e.g [2001:db8::1]); port is optional. This field is required. type: string protocol: @@ -571,8 +587,8 @@ spec: description: |- The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials type: string accessKeyIDSecretRef: @@ -580,8 +596,8 @@ spec: The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials properties: key: @@ -670,8 +686,8 @@ spec: secretAccessKeySecretRef: description: |- The SecretAccessKey is used for authentication. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, + If neither the Access Key nor Key ID are set, we fall back to using env + vars, shared credentials file, or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials properties: key: @@ -2028,9 +2044,10 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). type: string tolerationSeconds: description: |- @@ -3239,9 +3256,10 @@ spec: operator: description: |- Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). type: string tolerationSeconds: description: |- @@ -3498,8 +3516,8 @@ spec: properties: audiences: description: |- - TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token - consisting of the issuer's namespace and name is always included. + TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. + The default audiences are always included in the token. items: type: string type: array @@ -3627,16 +3645,16 @@ spec: type: object venafi: description: |- - Venafi configures this issuer to sign certificates using a Venafi TPP - or Venafi Cloud policy zone. + Venafi configures this issuer to sign certificates using a CyberArk Certificate Manager Self-Hosted + or SaaS policy zone. properties: cloud: description: |- - Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. + Cloud specifies the CyberArk Certificate Manager SaaS configuration settings. + Only one of CyberArk Certificate Manager may be specified. properties: apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + description: APITokenSecretRef is a secret key selector for the CyberArk Certificate Manager SaaS API token. properties: key: description: |- @@ -3654,7 +3672,7 @@ spec: type: object url: description: |- - URL is the base URL for Venafi Cloud. + URL is the base URL for CyberArk Certificate Manager SaaS. Defaults to "https://api.venafi.cloud/". type: string required: @@ -3662,13 +3680,13 @@ spec: type: object tpp: description: |- - TPP specifies Trust Protection Platform configuration settings. - Only one of TPP or Cloud may be specified. + TPP specifies CyberArk Certificate Manager Self-Hosted configuration settings. + Only one of CyberArk Certificate Manager may be specified. properties: caBundle: description: |- Base64-encoded bundle of PEM CAs which will be used to validate the certificate - chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. + chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. format: byte @@ -3676,7 +3694,7 @@ spec: caBundleSecretRef: description: |- Reference to a Secret containing a base64-encoded bundle of PEM CAs - which will be used to validate the certificate chain presented by the TPP server. + which will be used to validate the certificate chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. @@ -3697,7 +3715,7 @@ spec: type: object credentialsRef: description: |- - CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials. + CredentialsRef is a reference to a Secret containing the CyberArk Certificate Manager Self-Hosted API credentials. The secret must contain the key 'access-token' for the Access Token Authentication, or two keys, 'username' and 'password' for the API Keys Authentication. properties: @@ -3711,7 +3729,7 @@ spec: type: object url: description: |- - URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, + URL is the base URL for the vedsdk endpoint of the CyberArk Certificate Manager Self-Hosted instance, for example: "https://tpp.example.com/vedsdk". type: string required: @@ -3720,8 +3738,8 @@ spec: type: object zone: description: |- - Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by the named + Zone is the Certificate Manager Policy Zone to use for this issuer. + All requests made to the Certificate Manager platform will be restricted by the named zone policy. This field is required. type: string diff --git a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-orders.acme.cert-manager.io.yaml b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-orders.acme.cert-manager.io.yaml index f6d5716b4..c4e1eb210 100644 --- a/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-orders.acme.cert-manager.io.yaml +++ b/clusters/cl01tl/manifests/cert-manager/CustomResourceDefinition-orders.acme.cert-manager.io.yaml @@ -9,9 +9,9 @@ metadata: app.kubernetes.io/name: "cert-manager" app.kubernetes.io/instance: "cert-manager" app.kubernetes.io/component: "crds" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: group: acme.cert-manager.io names: @@ -270,6 +270,10 @@ spec: - metadata - spec type: object + selectableFields: + - jsonPath: .spec.issuerRef.group + - jsonPath: .spec.issuerRef.kind + - jsonPath: .spec.issuerRef.name served: true storage: true subresources: diff --git a/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-cainjector.yaml b/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-cainjector.yaml index 5429b961f..c1a4816f9 100644 --- a/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-cainjector.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-cainjector.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: replicas: 2 selector: @@ -25,9 +25,9 @@ spec: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: serviceAccountName: cert-manager-cainjector enableServiceLinks: false @@ -37,7 +37,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-cainjector - image: "quay.io/jetstack/cert-manager-cainjector:v1.19.4" + image: "quay.io/jetstack/cert-manager-cainjector:v1.20.0" imagePullPolicy: IfNotPresent args: - --v=2 diff --git a/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-webhook.yaml b/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-webhook.yaml index dc0609b46..a9776281e 100644 --- a/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-webhook.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager-webhook.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: replicas: 1 selector: @@ -25,9 +25,9 @@ spec: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: serviceAccountName: cert-manager-webhook enableServiceLinks: false @@ -37,7 +37,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-webhook - image: "quay.io/jetstack/cert-manager-webhook:v1.19.4" + image: "quay.io/jetstack/cert-manager-webhook:v1.20.0" imagePullPolicy: IfNotPresent args: - --v=2 diff --git a/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager.yaml b/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager.yaml index c1037bc5c..ca5feb2c9 100644 --- a/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Deployment-cert-manager.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: replicas: 2 selector: @@ -25,9 +25,9 @@ spec: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: serviceAccountName: cert-manager enableServiceLinks: false @@ -37,13 +37,13 @@ spec: type: RuntimeDefault containers: - name: cert-manager-controller - image: "quay.io/jetstack/cert-manager-controller:v1.19.4" + image: "quay.io/jetstack/cert-manager-controller:v1.20.0" imagePullPolicy: IfNotPresent args: - --v=2 - --cluster-resource-namespace=$(POD_NAMESPACE) - --leader-election-namespace=kube-system - - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.19.4 + - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.20.0 - --enable-gateway-api - --max-concurrent-challenges=60 ports: diff --git a/clusters/cl01tl/manifests/cert-manager/Job-cert-manager-startupapicheck.yaml b/clusters/cl01tl/manifests/cert-manager/Job-cert-manager-startupapicheck.yaml index f1a23d62a..1fcec33b6 100644 --- a/clusters/cl01tl/manifests/cert-manager/Job-cert-manager-startupapicheck.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Job-cert-manager-startupapicheck.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: startupapicheck app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "startupapicheck" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 annotations: helm.sh/hook: post-install helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded @@ -24,9 +24,9 @@ spec: app.kubernetes.io/name: startupapicheck app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "startupapicheck" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: restartPolicy: OnFailure serviceAccountName: cert-manager-startupapicheck @@ -37,7 +37,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-startupapicheck - image: "quay.io/jetstack/cert-manager-startupapicheck:v1.19.4" + image: "quay.io/jetstack/cert-manager-startupapicheck:v1.20.0" imagePullPolicy: IfNotPresent args: - check diff --git a/clusters/cl01tl/manifests/cert-manager/MutatingWebhookConfiguration-cert-manager-webhook.yaml b/clusters/cl01tl/manifests/cert-manager/MutatingWebhookConfiguration-cert-manager-webhook.yaml index 5595e4ada..a6bde9fca 100644 --- a/clusters/cl01tl/manifests/cert-manager/MutatingWebhookConfiguration-cert-manager-webhook.yaml +++ b/clusters/cl01tl/manifests/cert-manager/MutatingWebhookConfiguration-cert-manager-webhook.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 annotations: cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" webhooks: diff --git a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-cainjector:leaderelection.yaml b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-cainjector:leaderelection.yaml index 3bd616bd8..6a184a995 100644 --- a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-cainjector:leaderelection.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-cainjector:leaderelection.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["coordination.k8s.io"] resources: ["leases"] diff --git a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-startupapicheck:create-cert.yaml b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-startupapicheck:create-cert.yaml index eddb393a1..7fc35d09c 100644 --- a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-startupapicheck:create-cert.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-startupapicheck:create-cert.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: startupapicheck app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "startupapicheck" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 annotations: helm.sh/hook: post-install helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded diff --git a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-tokenrequest.yaml b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-tokenrequest.yaml index 668ccf535..4c0adcd88 100644 --- a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-tokenrequest.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-tokenrequest.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: [""] resources: ["serviceaccounts/token"] diff --git a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-webhook:dynamic-serving.yaml b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-webhook:dynamic-serving.yaml index 6559dc415..124cf5e52 100644 --- a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-webhook:dynamic-serving.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager-webhook:dynamic-serving.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: [""] resources: ["secrets"] diff --git a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager:leaderelection.yaml b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager:leaderelection.yaml index 59285c95b..fa2c55de9 100644 --- a/clusters/cl01tl/manifests/cert-manager/Role-cert-manager:leaderelection.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Role-cert-manager:leaderelection.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 rules: - apiGroups: ["coordination.k8s.io"] resources: ["leases"] diff --git a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-cainjector:leaderelection.yaml b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-cainjector:leaderelection.yaml index b416278ec..a4482bca9 100644 --- a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-cainjector:leaderelection.yaml +++ b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-cainjector:leaderelection.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-startupapicheck:create-cert.yaml b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-startupapicheck:create-cert.yaml index bdc35900d..462e2354c 100644 --- a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-startupapicheck:create-cert.yaml +++ b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-startupapicheck:create-cert.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: startupapicheck app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "startupapicheck" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 annotations: helm.sh/hook: post-install helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded diff --git a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-tokenrequest.yaml b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-tokenrequest.yaml index 0e06d0ea5..47077f9af 100644 --- a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-tokenrequest.yaml +++ b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-tokenrequest.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-webhook:dynamic-serving.yaml b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-webhook:dynamic-serving.yaml index 010c3e11e..eb88d380e 100644 --- a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-webhook:dynamic-serving.yaml +++ b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager-webhook:dynamic-serving.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager:leaderelection.yaml b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager:leaderelection.yaml index 363d04617..dbaf20b80 100644 --- a/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager:leaderelection.yaml +++ b/clusters/cl01tl/manifests/cert-manager/RoleBinding-cert-manager:leaderelection.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/clusters/cl01tl/manifests/cert-manager/Service-cert-manager-cainjector.yaml b/clusters/cl01tl/manifests/cert-manager/Service-cert-manager-cainjector.yaml index 7b898bc30..bf5aafe75 100644 --- a/clusters/cl01tl/manifests/cert-manager/Service-cert-manager-cainjector.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Service-cert-manager-cainjector.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: type: ClusterIP ports: diff --git a/clusters/cl01tl/manifests/cert-manager/Service-cert-manager-webhook.yaml b/clusters/cl01tl/manifests/cert-manager/Service-cert-manager-webhook.yaml index c01a9f910..c66c0f439 100644 --- a/clusters/cl01tl/manifests/cert-manager/Service-cert-manager-webhook.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Service-cert-manager-webhook.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: type: ClusterIP ports: diff --git a/clusters/cl01tl/manifests/cert-manager/Service-cert-manager.yaml b/clusters/cl01tl/manifests/cert-manager/Service-cert-manager.yaml index 973ba7dee..72139a599 100644 --- a/clusters/cl01tl/manifests/cert-manager/Service-cert-manager.yaml +++ b/clusters/cl01tl/manifests/cert-manager/Service-cert-manager.yaml @@ -8,9 +8,9 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 spec: type: ClusterIP ports: diff --git a/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-cainjector.yaml b/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-cainjector.yaml index 1fdf30c30..f7b36a120 100644 --- a/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-cainjector.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-cainjector.yaml @@ -9,6 +9,6 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 diff --git a/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-startupapicheck.yaml b/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-startupapicheck.yaml index 861f7f853..f74472d40 100644 --- a/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-startupapicheck.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-startupapicheck.yaml @@ -13,6 +13,6 @@ metadata: app.kubernetes.io/name: startupapicheck app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "startupapicheck" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 diff --git a/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-webhook.yaml b/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-webhook.yaml index 6064b2b02..4b8438058 100644 --- a/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-webhook.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager-webhook.yaml @@ -9,6 +9,6 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 diff --git a/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager.yaml b/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager.yaml index fba0b52c7..053a0a3b3 100644 --- a/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ServiceAccount-cert-manager.yaml @@ -9,6 +9,6 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 diff --git a/clusters/cl01tl/manifests/cert-manager/ServiceMonitor-cert-manager.yaml b/clusters/cl01tl/manifests/cert-manager/ServiceMonitor-cert-manager.yaml index c9784845f..a51b273a8 100644 --- a/clusters/cl01tl/manifests/cert-manager/ServiceMonitor-cert-manager.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ServiceMonitor-cert-manager.yaml @@ -8,12 +8,12 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 prometheus: default spec: - jobLabel: cert-manager + jobLabel: app.kubernetes.io/name selector: matchExpressions: - key: app.kubernetes.io/name diff --git a/clusters/cl01tl/manifests/cert-manager/ValidatingWebhookConfiguration-cert-manager-webhook.yaml b/clusters/cl01tl/manifests/cert-manager/ValidatingWebhookConfiguration-cert-manager-webhook.yaml index fab5af883..1dd38926b 100644 --- a/clusters/cl01tl/manifests/cert-manager/ValidatingWebhookConfiguration-cert-manager-webhook.yaml +++ b/clusters/cl01tl/manifests/cert-manager/ValidatingWebhookConfiguration-cert-manager-webhook.yaml @@ -7,9 +7,9 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.19.4" + app.kubernetes.io/version: "v1.20.0" app.kubernetes.io/managed-by: Helm - helm.sh/chart: cert-manager-v1.19.4 + helm.sh/chart: cert-manager-v1.20.0 annotations: cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" webhooks: