openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

OSDOCS-14771: cert-manager 1.16.0 RN

Browse Source
This commit is contained in:
Sebastian Kopacz
2025-05-28 11:43:16 -04:00
committed by openshift-cherrypick-robot
parent 5fa9dbf791
commit 5f321b4e92
1 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
security/cert_manager_operator/cert-manager-operator-release-notes.adoc
View File

@@ -12,6 +12,51 @@ These release notes track the development of {cert-manager-operator}.
For more information, see xref:../../security/cert_manager_operator/index.adoc#cert-manager-operator-about[About the {cert-manager-operator}].
[id="cert-manager-operator-release-notes-1-16-0_{context}"]
== {cert-manager-operator} 1.16.0
Issued: 2025-05-27
The following advisories are available for the {cert-manager-operator} 1.16.0:
* link:https://access.redhat.com/errata/RHEA-2025:8163[RHEA-2025:8163]
* link:https://access.redhat.com/errata/RHEA-2025:8164[RHEA-2025:8164]
* link:https://access.redhat.com/errata/RHEA-2025:8165[RHEA-2025:8165]
* link:https://access.redhat.com/errata/RHEA-2025:8198[RHEA-2025:8198]
Version `1.16.0` of the {cert-manager-operator} is based on the upstream cert-manager version `v1.16.4`. For more information, see the link:https://cert-manager.io/docs/releases/release-notes/release-notes-1.16/#v1164[cert-manager project release notes for v1.16.4].
[id="cert-manager-operator-1-16-0-features-enhancements_{context}"]
=== New features and enhancements
*Disconnected environment support*
With this release, the {cert-manager-operator} has been verified to be mirrored to and installed in a disconnected environment.
The Operator has also been validated to work with the following issuer types in disconnected environments: ACME, CA, Self-signed, and Vault.
Specifically, private or self-hosted ACME servers have been validated, as Let's Encrypt or other public ACME services are not feasible options in disconnected environments.
The oc-mirror plugin v2 is the preferred method to mirror Operator images.
For more information, see xref:../../disconnected/mirroring/about-installing-oc-mirror-v2.adoc#about-installing-oc-mirror-v2[Mirroring images for a disconnected installation by using the oc-mirror plugin v2].
*Extended operand metrics support*
With this release, cert-manager webhook and cainjector operands now expose Prometheus metrics on port 9402 by default via the `/metrics` service endpoint.
You can configure OpenShift Monitoring to collect metrics from all cert-manager operands by enabling the built-in user workload monitoring stack.
For more information, see xref:../../security/cert_manager_operator/cert-manager-monitoring.adoc#cert-manager-monitoring[Monitoring {cert-manager-operator}].
*Streaming Lists enablement*
With this release, the {cert-manager-operator} now uses the new upstream WatchListClient feature.
This enables use of the Streaming Lists feature of the Kubernetes API server, which reduces the load on the API server.
The peak memory use of the cert-manager components when they start up is optimized on {product-title} 4.14 and later.
[id="cert-manager-operator-1-16-0-CVEs_{context}"]
=== CVEs
* link:https://access.redhat.com/security/cve/CVE-2024-45337[CVE-2024-45337]
* link:https://access.redhat.com/security/cve/CVE-2024-45338[CVE-2024-45338]
* link:https://access.redhat.com/security/cve/CVE-2025-22866[CVE-2025-22866]
[id="cert-manager-operator-release-notes-1-15-1_{context}"]
== {cert-manager-operator} 1.15.1