Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update build tools - autoclosed #606

Conversation

renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Jun 26, 2024

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
cert-manager/cert-manager minor v1.15.0 -> v1.16.2 age adoption passing confidence
github.com/elastic/crd-ref-docs minor v0.0.12 -> v0.1.0 age adoption passing confidence
google-github-actions/get-secretmanager-secrets action minor v2.1.3 -> v2.2.2 age adoption passing confidence
hashicorp/terraform minor v1.8.5 -> v1.9.8 age adoption passing confidence

Release Notes

cert-manager/cert-manager (cert-manager/cert-manager)

v1.16.2

Compare Source

v1.16.1

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

The cert-manager 1.16 release includes: new Helm chart features, more Prometheus metrics, memory optimizations, and various improvements and bug fixes for the ACME issuer and Venafi Issuer.

📖 Read the complete 1.16 release notes before upgrading.

📜Changes since v1.16.0

Bug or Regression
  • BUGFIX: Helm schema validation: the new schema validation was too strict for the "global" section. Since the global section is shared across all charts and sub-charts, we must also allow unknown fields. (#​7348, @inteon)
  • BUGFIX: Helm will now accept percentages for the podDisruptionBudget.minAvailable and podDisruptionBudget.maxAvailable values. (#​7345, @inteon)
  • Helm: allow enabled to be set as a value to toggle cert-manager as a dependency. (#​7356, @inteon)
  • BUGFIX: A change in v1.16.0 caused cert-manager's ACME ClusterIssuer to look in the wrong namespace for resources required for the issuance (e.g. credential Secrets). This is now fixed in v1.16.1. (#​7342, @inteon)

v1.16.0

Compare Source

v1.15.4

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

This patch release of cert-manager 1.15 makes several changes to how PEM input is validated, adding maximum sizes appropriate to the type of PEM data which is being parsed.

This is to prevent an unacceptable slow-down in parsing specially crafted PEM data. The issue was found by Google's OSS-Fuzz project.

The issue is low severity; to exploit the PEM issue would require privileged access which would likely allow Denial-of-Service through other methods.

In addition, since most PEM data parsed by cert-manager comes from ConfigMap or Secret resources which have
a max size limit of approximately 1MB, it's difficult to force cert-manager to parse large amounts of PEM data.

Further information will be published in a security advisory when all supported cert-manager releases have been patched.

In addition, the version of Go used to build cert-manager 1.15 was updated along with the base images, and a Route53 bug fix was backported.

Changes by Kind

Bug or Regression
  • Bugfix: Prevent aggressive Route53 retries caused by STS authentication failures by removing the Amazon Request ID from STS errors. (#​7261, @​cert-manager-bot)
  • Set a maximum size for PEM inputs which cert-manager will accept to remove possibility of taking a long time to process an input (#​7402, @​SgtCoDFish)
Other (Cleanup or Flake)

v1.15.3

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

🔗 See v1.15.0 for more information about cert-manager 1.15 and read-before-upgrade info.

📜 Changes since v1.15.2
Bug or Regression
  • BUGFIX: the dynamic certificate source used by the webhook TLS server failed to detect a root CA approaching expiration, due to a calculation error. This will cause the webhook TLS server to fail renewing its CA certificate. Please upgrade before the expiration of this CA certificate is reached. (#​7232, @​cert-manager-bot)

v1.15.2

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

🔗 See v1.15.0 for more information about cert-manager 1.15 and read-before-upgrade info.

📜 Changes since v1.15.1
Bug or Regression

v1.15.1

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

🔗 See v1.15.0 for more information about cert-manager 1.15 and read-before-upgrade info.

📜 Changes since v1.15.0

Bug or Regression
  • BUGFIX: fix issue that caused Vault issuer to not retry signing when an error was encountered. (#​7111, @​inteon)
Other (Cleanup or Flake)
elastic/crd-ref-docs (github.com/elastic/crd-ref-docs)

v0.1.0

Changelog

google-github-actions/get-secretmanager-secrets (google-github-actions/get-secretmanager-secrets)

v2.2.2

Compare Source

What's Changed

Full Changelog: google-github-actions/get-secretmanager-secrets@v2.2.1...v2.2.2

v2.2.1

Compare Source

What's Changed

Full Changelog: google-github-actions/get-secretmanager-secrets@v2.2.0...v2.2.1

v2.2.0

Compare Source

What's Changed

Full Changelog: google-github-actions/get-secretmanager-secrets@v2.1.4...v2.2.0

v2.1.4

Compare Source

What's Changed

Full Changelog: google-github-actions/get-secretmanager-secrets@v2.1.3...v2.1.4

hashicorp/terraform (hashicorp/terraform)

v1.9.8

Compare Source

1.9.8 (October 16, 2024)

BUG FIXES:

  • init: Highlight missing subdirectories of registry modules in error message (#​35848)
  • init: Prevent crash when loading provider_meta blocks with invalid names (#​35842)
  • config generation: Escape all invalid syntax in generate map keys with quotes (#​35837)
  • plan: also validate provider requirements from state (#​35864)

v1.9.7

Compare Source

1.9.7 (October 2, 2024)

BUG FIXES:

  • config generation: escape map keys with whitespaces (#​35754)

v1.9.6

Compare Source

1.9.6 (September 18, 2024)

BUG FIXES:

  • plan renderer: Render complete changes within unknown nested blocks. (#​35644)
  • plan renderer: Fix crash when attempting to render unknown nested blocks that contain attributes forcing resource replacement. (#​35644)
  • plan renderer: Fix crash when rendering a plan that contains null attributes being update to unknown values. (#​35709)

v1.9.5

Compare Source

1.9.5 (August 20, 2024)

ENHANCEMENTS:

  • cloud: The cloud block can now interact with workspaces that have HCP resource IDs. (#​35495)

BUG FIXES:

  • core: removed blocks with provisioners were not executed when the resource was in a nested module. (#​35611)

v1.9.4

Compare Source

1.9.4 (August 7, 2024)

BUG FIXES:

  • core: Unneeded variable validations were being executed during a destroy plan, which could cause plans starting with incomplete state to fail. (#​35511)
  • init: Don't crash when discovering invalid syntax in duplicate required_providers blocks. (#​35533)

v1.9.3

Compare Source

1.9.3 (July 24, 2024)

ENHANCEMENTS:

  • Terraform now returns a more specific error message in the awkward situation where an input variable validation rule is known to have failed (condition returned false) but the error message is derived from an unknown value. (#​35400)

BUG FIXES:

  • core: Terraform no longer performs an unnecessary refresh when removing an instance targeted by a removed block. (#​35458)
  • config generation: Fix validation error when using nested computed or deprecated attributes. (#​35484)
  • Updated to newer github.com/hashicorp/go-retryablehttp version, addressing CVE-2024-6104, and bringing in updates for several indirect dependencies. (#​35473)
  • Moved to building with Go 1.22.5, which addresses CVE-2024-24791 and several other non-security bugs. (#​35494)

v1.9.2

Compare Source

1.9.2 (July 10, 2024)

BUG FIXES:

  • core: Fix panic when self-referencing direct instances from count and for_each meta attributes. (#​35432)

v1.9.1

Compare Source

v1.9.0

Compare Source


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate-bot renovate-bot requested a review from a team as a code owner June 26, 2024 20:13
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from 1b14336 to 26aeddb Compare July 9, 2024 16:44
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from 26aeddb to 2a24058 Compare July 9, 2024 19:15
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from 2a24058 to 98f9571 Compare July 10, 2024 11:45
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from 98f9571 to 12527c0 Compare July 16, 2024 19:57
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from 12527c0 to 2236362 Compare July 24, 2024 16:06
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from 2236362 to dc8ffde Compare July 24, 2024 20:34
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from dc8ffde to 2357481 Compare July 25, 2024 13:37
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from 2357481 to f7c7b97 Compare July 25, 2024 16:37
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from f7c7b97 to b9c3f39 Compare July 29, 2024 17:08
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 29, 2024
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch from b9c3f39 to 8aca29f Compare July 30, 2024 13:35
@jackwotherspoon jackwotherspoon removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Aug 2, 2024
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch 2 times, most recently from 1c332c3 to fadef56 Compare August 6, 2024 03:47
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch 4 times, most recently from ee381c1 to d3740df Compare August 22, 2024 21:15
@renovate-bot renovate-bot requested a review from a team as a code owner September 16, 2024 15:33
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch 3 times, most recently from 237b6f7 to 8bbb813 Compare October 9, 2024 13:31
@renovate-bot renovate-bot force-pushed the renovate/build-tools branch 4 times, most recently from 2ba3b9f to 8a07660 Compare October 30, 2024 22:55
@renovate-bot renovate-bot changed the title chore(deps): update build tools chore(deps): update build tools - autoclosed Nov 22, 2024
@renovate-bot renovate-bot deleted the renovate/build-tools branch November 22, 2024 16:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants