Bump github.com/cert-manager/cert-manager from 1.10.1 to 1.11.0

[dependabot]

Bumps github.com/cert-manager/cert-manager from 1.10.1 to 1.11.0.

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.11.0-beta.1

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

⚠️ cert-manager v1.11.0-beta.1 is a pre-release beta version intended for testing. It might not be suitable for production uses.

Thanks also to @​wallrj, @​lucacome and @​inteon for their help/contributions to this release!

Changes since v1.11.0-beta.0

Bug or Regression

• Ensure extraArgs in Helm takes precedence over the new acmesolver image options (#5702, @​SgtCoDFish)
• Fix cainjector's --namespace flag. Users who want to prevent cainjector from reading all Secrets and Certificates in all namespaces (i.e to prevent excessive memory consumption) can now scope it to a single namespace using the --namespace flag. A cainjector that is only used as part of cert-manager installation only needs access to the cert-manager installation namespace. (#5694, @​irbekrm)
• Fixes a bug where cert-manager controller was caching all Secrets twice (#5691, @​irbekrm)

Other

• certificate.spec.secretName Secrets will now be labelled with controller.cert-manager.io/fao label (#5703, @​irbekrm)

v1.11.0-beta.0

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

⚠️ cert-manager v1.11.0-beta.0 is a pre-release beta version intended for testing. It might not be suitable for production uses.

Changes since v1.11.0-alpha.2

Feature

• Helm: allow configuring the image used by ACME HTTP-01 solver (#5554, @​yann-soubeyrand)

Bug or Regression

• Don't log errors relating to selfsigned issuer checks for external issuers (#5681, @​SgtCoDFish)
• Fixed a bug in AzureDNS resolver that led to early reconciliations in misconfigured Workload Identity-enabled setups (when Federated Identity Credential is not linked with a controller's k8s service account) (#5663, @​weisdd)
• Use manually specified tmpdir template when verifying CRDs (#5680, @​SgtCoDFish)
• VCert was upgraded to v4.23.0, fixing two bugs in cert-manager. The first bug was preventing the Venafi issuer from renewing certificates when using TPP has been fixed. You should no longer see your certificates getting stuck with "WebSDK CertRequest Module Requested Certificate" or "This certificate cannot be processed while it is in an error state. Fix any errors, and then click Retry.". The second bug that was fixed prevented the use of algorithm: Ed25519 in Certificate resources with VaaS. (#5674, @​maelvls)

v1.11.0-alpha.2

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

⚠️ cert-manager v1.11.0-alpha.2 is a pre-release alpha version intended for testing. It might not be suitable for production uses.

Changes since v1.11.0-alpha.1

Feature

• Add the --max-concurrent-challenges controller flag to the helm chart (#5638, @​lvyanru8200)
• Adds the ability to specify a custom CA bundle in Issuers when connecting to an ACME server (#5644, @​SgtCoDFish)
• Enable testing against Kubernetes 1.26 and test with Kubernetes 1.26 by default (#5646, @​SgtCoDFish)
• Experimental make targets for pushing images to an OCI registry using ko and redeploying cert-manager to the cluster referenced by your current KUBECONFIG context. (#5655, @​wallrj)

... (truncated)

Commits

• 2a0ef53 Merge pull request #5714 from jetstack-bot/cherry-pick-5712-to-release-1.11
• 5660024 Bump go to 1.19.5
• 5cb22cc Merge pull request #5707 from SgtCoDFish/release-1.11-bumpcontainerd
• 40858c2 Bump containerd to fix reported vuln
• 0a3b52f bump base images to latest
• 6a848de Merge pull request #5703 from jetstack-bot/cherry-pick-5660-to-release-1.11
• d3fbe40 Policy check ensures that cert.sepc.secretName secret gets labelled
• 568b646 Keymanager controller ensures that temporary private key Secrets are labelled
• bbca506 Issuing controller ensures that cert.spec.secretName secrets are labelled
• 5a66ed8 Adds a new label to cert-manager API
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Dependabot tried to add @janisz as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/heckler1/kube-linter/pulls/28/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the heckler1/kube-linter repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request