-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathrelease_notes.txt
66 lines (57 loc) · 3.39 KB
/
release_notes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
Version 0.6.8 (Build Version 0.1.140)
- Changed secret name generation method
- Added release_notes.txt file
- Fixed bug connected to illegal characters in secret names
Version 0.6.9 (Build Version 0.1.141)
- Renewal process will not be started without certificate details
Version 1.0.0 (Build Version 0.1.149)
- Changed name of project
- Added support for private key rotation policy set to "always"
- Changed CRD version to v1
- Upgrade golang version to 1.16.15
- Added CSR approve check
- Support for cert-manager using API v1
Version 1.0.1 (Build Version 1.0.0)
- Added NCM Issuer version to logging
Version 1.0.2 (Build Version 1.0.1)
- Update go version to 1.17
Version 1.0.3 (Build Version 1.0.2)
- Added possibility to specify secondary NCM EXTERNAL API server in case of lack of connection to the main one,
server is specified as a parameter "ncmSERVER2" in issuer or cluster issuer yaml file
- Fixed misinterpretation in case of manually triggering rotation of a private key
- Fixed bug related to getting certificate object when the certificate name is long
- Added possibility to include certificate chain in ca.crt by setting "chainInSigner" in issuer or cluster issuer
yaml file to "true"
- Added possibility to include only end-entity certificate in tls.crt by setting "onlyEECert" in issuer or cluster
issuer yaml file to "true"
- Bumped go from 1.17 to 1.19.6
- Fixed bugs during certificate renewal
Version 1.0.3 (Build Version 1.0.3)
- Fixed misinterpretation when PK rotation policy is set to "Always"
Version 1.1.0 (Build version 1.1.0)
- The Issuer and ClusterIssuer definitions are improved to use more user-friendly names and grouped into appropriate
sections
- Improved NCM API selection mechanism
- Improved handling CSR statuses returned by NCM
- Helm chart is rewritten according to the rules given in the Helm documentation
- Added option to set HTTP client timeout
- Added option to set a time indicating how often NCM API(s) availability should be checked (related to new NCM API
selection mechanism)
- Added Prometheus support to allow monitoring of the total number of enrollment or renewal operations. Each of these
operations also has metrics responsible for determining how many of them were successful or failed. The metrics
attempt to reflect the number of CSRs or renewals sent to the NCM, if request is rejected or postponed by NCM,
this state will be reflected as failure of the enrollment operation, while accepting and returning appropriate
resource will result in successful enrollment or renewal operation (use the prefix "ncm_issuer" in Prometheus query
to see all possible metrics)
- Added possibility to configure verbosity of logging
- Added sidecar for debugging purposes
- Fixed occasionally encountered data-races when accessing saved Issuer or ClusterIssuer config
Version 1.1.1 (Build version 1.1.1)
- Changed the list of supported Kubernetes version to 1.24 - 1.29
Version 1.1.2 (Build version 1.1.2)
- Support for setting notBefore and notAfter parameters in NCM certificate requests corresponding to suggested Duration
parameter in cert-manager.io/v1 Certificate object kind. notBefore is set to the current time when cert is being
enrolled. Feature is available for NCM >= 24.11, in older release new parameters are ignored
- Added issuer .spec.caID/CASHREF validation, so there is an error presented if the user specifies wrongly
formatted value
- Bumped Go version to 1.22.10