[CANCELLED] [release-next] Merge master into release-next#2000
Conversation
Signed-off-by: László Csupity <sztyup@sztyup.com>
Rackspace Cloud DNS is supported with cert-manager with the cert-manager-webhook-rackspace webhook. [1]: https://docs.rackspace.com/docs/cloud-dns [2]: https://github.com/rackerlabs/cert-manager-webhook-rackspace Signed-off-by: Doug Goldstein <doug.goldstein@rackspace.com>
Signed-off-by: Jesper Noordsij <45041769+jnoordsij@users.noreply.github.com>
Signed-off-by: Jesper Noordsij <45041769+jnoordsij@users.noreply.github.com>
Signed-off-by: Renovate Bot <renovate-bot@users.noreply.github.com>
…github-actions chore(deps): update actions/setup-node digest to 6044e13
Signed-off-by: Renovate Bot <renovate-bot@users.noreply.github.com>
Signed-off-by: Renovate Bot <renovate-bot@users.noreply.github.com>
Signed-off-by: cert-manager-bot <cert-manager-bot@users.noreply.github.com>
…aster [CI] Merge self-upgrade-master into master
cert-manager/testing#1138 adds testing for k8s 1.35 with cert-manager 1.19 Signed-off-by: Ashley Davis <ashley.davis@cyberark.com>
…npm-packages fix(deps): update misc npm packages
…ls-17.x chore(deps): update dependency globals to v17
Signed-off-by: cert-manager-bot <cert-manager-bot@users.noreply.github.com>
…aster [CI] Merge self-upgrade-master into master
Update supported releases to reflect changes for c-m 1.19
Signed-off-by: cert-manager-bot <cert-manager-bot@users.noreply.github.com>
…aster [CI] Merge self-upgrade-master into master
Signed-off-by: cert-manager-bot <cert-manager-bot@users.noreply.github.com>
…aster [CI] Merge self-upgrade-master into master
Signed-off-by: Renovate Bot <renovate-bot@users.noreply.github.com>
Signed-off-by: Rohit Chaudhari <100275369+rohitkbc@users.noreply.github.com>
…github-actions chore(deps): update actions/checkout action to v6.0.2
Signed-off-by: Renovate Bot <renovate-bot@users.noreply.github.com>
…npm-packages fix(deps): update misc npm packages
Bumps the npm_and_yarn group with 1 update in the / directory: [lodash](https://github.com/lodash/lodash). Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…_and_yarn/npm_and_yarn-f3562b46b9 build(deps-dev): bump lodash from 4.17.21 to 4.17.23 in the npm_and_yarn group across 1 directory
* Remove Azure basic load balancer Basic SKU is no longer supported as of September 30, 2025. Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> * Remove preview feature introduction Azure workload Identity is in GA now. Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> * Update content/docs/tutorials/getting-started-aks-letsencrypt/README.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> --------- Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Remove outdated information regarding Let's Encrypt ACME client behavior
…t-manager#1897) * Update Gateway API bundle installation instruction Src: https://gateway-api.sigs.k8s.io/guides/getting-started/#install-standard-channel Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> * Update Gateway API bundle installation instruction Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> * Fix link to Gateway API bundle installation guide Updated the installation link for the Gateway API bundle to the correct guide. Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> * Update content/docs/configuration/acme/http01/README.md Co-authored-by: Erik Godding Boye <egboye@gmail.com> Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Erik Godding Boye <egboye@gmail.com> Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> * Add v1.4.1 to spelling list Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> --------- Signed-off-by: Joey Chen <142381267+JoeyC-Dev@users.noreply.github.com> Co-authored-by: Erik Godding Boye <egboye@gmail.com>
…elease-next [release-next] Merge master into release-next
Signed-off-by: Maël Valais <mael@vls.dev>
…rge-master-into-release-next Revert "[release-next] Merge master into release-next"
cert-manager-prow
bot
added
dco-signoff: no
Signed-off-by: Maël Valais <mael@vls.dev>
maelvls
force-pushed
the
merge-master-into-release-next-second-try
branch
from
aeda4be to
a824d17
Compare
|
Thanks for your pull request. Before we can look at it, you'll need to add a 'DCO signoff' to your commits. 📝 Please follow instructions in the contributing guide to update your commits with the DCO Full details of the Developer Certificate of Origin can be found at developercertificate.org. The list of commits missing DCO signoff:
DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
maelvls
changed the title
✅ Deploy Preview for cert-manager ready!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify project configuration. |
maelvls
added
approved
|
[APPROVALNOTIFIER] This PR is APPROVED Approval requirements bypassed by manually added approval. This pull-request has been approved by: The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
✅ Deploy Preview for cert-manager ready!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify project configuration. |
|
/override dco |
|
@maelvls: Overrode contexts on behalf of maelvls: dco DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
maelvls
added
dco-signoff: yes
cert-manager-prow
bot
merged commit 5bfd862
into
cert-manager:release-next
There was a problem hiding this comment.
Pull request overview
This PR syncs release-next with master as part of the cert-manager website release process, bringing in updated tooling/dependencies and aligning documentation and release metadata with the latest release state.
Changes:
- Bumps website build/runtime/tooling dependencies (Next/React ecosystem, prettier/stylelint, and makefile tool versions).
- Updates documentation across current and versioned docs (Gateway/Ingress guidance, Azure workload identity instructions, approver-policy docs, and provider links).
- Adjusts release-related website content (latest version variable, release notes entries, manifest/redirects, and release-process documentation).
Reviewed changes
Copilot reviewed 55 out of 57 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/gendocs/postprocess/package-lock.json | Updates lockfile integrity fields and prettier version for docs postprocessing tool. |
| public/docs/tutorials/getting-started-aks-letsencrypt/values.yaml | Removes ServiceAccount label example, leaving pod label only. |
| public/docs/installation/best-practice/values.best-practice.yaml | Removes networkPolicy example blocks from best-practice values. |
| public/_redirects | Removes several shortlink redirects for annotations and ACME/Gateway-related anchors. |
| package.json | Updates engine constraints, build command, and bumps multiple dependencies/devDependencies. |
| make/_shared/tools/00_mod.mk | Bumps pinned tool versions (helm/kubectl/kyverno/etc) and vendored Go version + checksums. |
| make/_shared/repository-base/base/.github/workflows/make-self-upgrade.yaml | Updates pinned actions/checkout and actions/setup-go SHAs. |
| lib/serialize.js | Adds blockJS: false to MDX serialization options (next-mdx-remote v6). |
| lib/announcements.js | Adds blockJS: false to MDX serialization options for announcements. |
| klone.yaml | Updates makefile-modules repo hash used by klone targets. |
| content/v1.9-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.8-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.7-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.6-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.18-docs/policy/approval/approver-policy/README.md | Fixes typo contraints → constraints. |
| content/v1.18-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.17-docs/policy/approval/approver-policy/README.md | Fixes typo contraints → constraints. |
| content/v1.17-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.16-docs/policy/approval/approver-policy/README.md | Fixes typo contraints → constraints. |
| content/v1.16-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.15-docs/policy/approval/approver-policy/README.md | Fixes typo contraints → constraints. |
| content/v1.15-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.14-docs/policy/approval/approver-policy/README.md | Fixes typo contraints → constraints. |
| content/v1.14-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.13-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.12-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.11-docs/projects/approver-policy.md | Fixes typo contraints → constraints. |
| content/v1.11-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/v1.10-docs/configuration/acme/dns01/README.md | Updates Linode webhook link. |
| content/docs/variables.json | Sets cert_manager_latest_version to v1.19.4. |
| content/docs/usage/ingress.md | Simplifies HTTP-01 ingress-class annotation documentation. |
| content/docs/usage/gateway.md | Updates ingress link, revises Gateway API guidance, and removes ListenerSet section. |
| content/docs/tutorials/getting-started-aks-letsencrypt/README.md | Updates AKS tutorial verification date and workload identity instructions. |
| content/docs/releases/upgrading/upgrading-1.19-1.20.md | Removes placeholder upgrading doc. |
| content/docs/releases/release-notes/release-notes-1.20.md | Removes placeholder 1.20 release notes page. |
| content/docs/releases/release-notes/release-notes-1.19.md | Adds release notes for v1.19.4 and v1.19.3. |
| content/docs/releases/release-notes/release-notes-1.18.md | Adds v1.18.6 and v1.18.5 notes and trims trailing spaces. |
| content/docs/releases/README.md | Updates release table dates/versions and changes 1.20 link target. |
| content/docs/reference/api-docs.md | Updates “generated with … commit” footer hash. |
| content/docs/reference/annotations.md | Removes several annotation sections and rewrites http01-ingress-class text. |
| content/docs/policy/approval/approver-policy/api-reference.md | Updates cr map field docs to include username/groups. |
| content/docs/policy/approval/approver-policy/README.md | Fixes typo and updates cr variable field description. |
| content/docs/manifest.json | Removes 1.20 pages from Release Notes routes. |
| content/docs/installation/best-practice.md | Removes NetworkPolicy Helm chart explanation and refines Challenge namespace wording. |
| content/docs/contributing/release-process.md | Refactors release process instructions and adds website release-notes generation steps. |
| content/docs/configuration/venafi.md | Removes “Issuer Custom Fields” section for v1.20+. |
| content/docs/configuration/acme/http01/README.md | Removes notes about per-Ingress class override annotations; updates Gateway API install instructions. |
| content/docs/configuration/acme/dns01/azuredns.md | Updates Azure workload identity setup instructions and examples. |
| content/docs/configuration/acme/dns01/README.md | Updates Linode link and adds Rackspace webhook link. |
| content/docs/configuration/acme/README.md | Removes explanatory comment lines from ACME email example. |
| content/announcements/2025-11-26-ingress-nginx-eol-and-gateway-api.md | Updates target date for XListenerSet support in 1.20. |
| components/Footer.jsx | Replaces hard-coded copyright year with new Date().getFullYear(). |
| .spelling | Updates custom dictionary entries (adds names; removes some version/annotation tokens). |
| .github/workflows/make-self-upgrade.yaml | Updates pinned actions/checkout and actions/setup-go SHAs. |
| .github/workflows/check.yaml | Updates pinned actions/checkout and actions/setup-node SHAs. |
| .github/renovate.json5 | Changes Renovate preset source to cert-manager/makefile-modules. |
Files not reviewed (1)
- scripts/gendocs/postprocess/package-lock.json: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| https://cert-manager.io/private-key-secret-name https://cert-manager.io/docs/reference/annotations#cert-managerioprivate-key-secret-name 301! | ||
| https://cert-manager.io/private-key-size https://cert-manager.io/docs/reference/annotations#cert-managerioprivate-key-size 301! | ||
| https://cert-manager.io/renew-before https://cert-manager.io/docs/reference/annotations#cert-manageriorenew-before 301! | ||
| https://cert-manager.io/renew-before-percentage https://cert-manager.io/docs/reference/annotations#cert-manageriorenew-before-percentage 301! | ||
| https://cert-manager.io/revision-history-limit https://cert-manager.io/docs/reference/annotations#cert-manageriorevision-history-limit 301! |
There was a problem hiding this comment.
The redirect for https://cert-manager.io/renew-before-percentage was removed, but cert-manager.io/renew-before-percentage is still documented in content/docs/reference/annotations.md. Removing this redirect will cause older links to 404; please add the redirect back (or redirect it to the updated canonical location/anchor).
| v1.18.0 | ||
| v1.18.0. | ||
| v1.19 | ||
| v1.19.0 | ||
| v1.19.1 | ||
| v1.20.0 | ||
| v1.19.2 | ||
| v1.20.0 | ||
| alpha.0 | ||
| beta.0 | ||
| v1.4.1 | ||
| v1.5 |
There was a problem hiding this comment.
.spelling removed entries like v1.20.0 and beta.0, but these strings still appear in checked markdown (e.g. content/docs/contributing/release-process.md contains Releasing v1.20.0`` and multiple -beta.0 examples). This will likely reintroduce CI spellcheck failures; please re-add the removed tokens (or adjust the spellcheck configuration to ignore them).
| ```bash | ||
| export IDENTITY_NAME=cert-manager | ||
| az identity create --name "${IDENTITY_NAME}" | ||
| export IDENTITY_RESOURCE_GROUP=<your-resource-group> # ❗ Replace with your Azure resource group |
There was a problem hiding this comment.
This bash snippet uses angle brackets in the placeholder (export IDENTITY_RESOURCE_GROUP=<your-resource-group>). If a reader copy/pastes it without editing, <...> will be treated by the shell as redirection and will fail in a non-obvious way. Consider using a safe placeholder (e.g. YOUR_RESOURCE_GROUP), quoting the placeholder, or moving the placeholder into a comment instead.
| export IDENTITY_RESOURCE_GROUP=<your-resource-group> # ❗ Replace with your Azure resource group | |
| export IDENTITY_RESOURCE_GROUP=YOUR_RESOURCE_GROUP # ❗ Replace with your Azure resource group |
| managedIdentity: | ||
| # client ID of the managed identity; overrides AZURE_CLIENT_ID from the environment | ||
| clientID: $IDENTITY_CLIENT_ID | ||
| # # optional: tenant ID of the managed identity; overrides AZURE_TENANT_ID from the environment. |
There was a problem hiding this comment.
There appears to be a typo in the YAML comments: # # optional: tenant ID .... This should likely be a single # comment marker to avoid confusing readers.
| # # optional: tenant ID of the managed identity; overrides AZURE_TENANT_ID from the environment. | |
| # optional: tenant ID of the managed identity; overrides AZURE_TENANT_ID from the environment. |
| export default function Footer() { | ||
| const currentYear = new Date().getFullYear() | ||
| return ( | ||
| <footer className="mt-[-117px]"> | ||
| <div className="relative w-screen h-[117px] overflow-x-hidden"> | ||
| <FooterSepartor className="absolute top-0 left-[-696px]" /> | ||
| </div> | ||
| <div className="bg-dark-2 pb-10 pt-5"> | ||
| <div className="container text-sm text-white"> | ||
| <p>© 2025 The cert-manager Authors.</p> | ||
| <p>© {currentYear} The cert-manager Authors.</p> | ||
| <p className="mb-6"> | ||
| © 2025 The Linux Foundation. All rights reserved. | ||
| © {currentYear} The Linux Foundation. All rights reserved. |
There was a problem hiding this comment.
This site is configured for static export (output: 'export' in next.config.js). Using new Date().getFullYear() directly in the render output can cause hydration mismatches if the exported HTML was built in a different year than when a user visits (or if the build output is cached across New Year). Prefer injecting a build-time constant (e.g. via a prop or environment variable baked into the export) or keep the year static to avoid runtime divergence.
| @@ -240,6 +207,11 @@ page if a step is missing or if it is outdated. | |||
| + }, | |||
There was a problem hiding this comment.
The file path in this step looks incorrect for this repository: release notes live under content/docs/releases/release-notes/ (e.g. content/docs/releases/release-notes/release-notes-1.19.md), not content/docs/release-notes/. The example manifest path shown a few lines below (/docs/release-notes/...) also seems to be missing the /releases/ segment. Please update the paths in these instructions to match the actual website repo structure so the release process doc remains copy/paste accurate.
| https://cert-manager.io/issuer https://cert-manager.io/docs/reference/annotations#cert-managerioissuer 301! | ||
| https://cert-manager.io/issuer-group https://cert-manager.io/docs/reference/annotations#cert-managerioissuer-group 301! | ||
| https://cert-manager.io/issuer-kind https://cert-manager.io/docs/reference/annotations#cert-managerioissuer-kind 301! | ||
| https://cert-manager.io/issuer-name https://cert-manager.io/docs/reference/annotations#cert-managerioissuer-name 301! | ||
| https://cert-manager.io/private-key-algorithm https://cert-manager.io/docs/reference/annotations#cert-managerioprivate-key-algorithm 301! |
There was a problem hiding this comment.
Two annotation shortlink redirects were removed here, but the corresponding sections still exist in content/docs/reference/annotations.md (e.g. ## cert-manager.io/issuer-name). Dropping the redirect will break existing inbound links to https://cert-manager.io/issuer-name; please restore the redirect entry (or provide an alternative redirect that preserves this short URL).
maelvls
changed the title
maelvls
changed the title
As part of https://cert-manager.io/docs/contributing/release-process/. I need release-next to match master before I can proceed with #1998.
CANCELLED: I had mistakenly merged release-next into master in #1996, and this PR wasn't doing much as it is just merging master back into release-next. I've decided to force-push to undo these changes as things were getting out of hand. You won't see this commit in the
release-nextbranch anymore. Here is the series of PRs that got aborted: