Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cmctl for openSUSE:Factory checked in at 2022-07-28 20:58:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cmctl (Old) and /work/SRC/openSUSE:Factory/.cmctl.new.1533 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cmctl" Thu Jul 28 20:58:20 2022 rev:6 rq:991372 version:1.9.1 Changes: -------- --- /work/SRC/openSUSE:Factory/cmctl/cmctl.changes 2022-07-26 19:43:45.933913546 +0200 +++ /work/SRC/openSUSE:Factory/.cmctl.new.1533/cmctl.changes 2022-07-28 20:58:34.875558534 +0200 @@ -1,0 +2,8 @@ +Wed Jul 27 06:38:05 UTC 2022 - ka...@b1-systems.de + +- Update to version 1.9.1: + * Add code comment which states that it is valid to use neither an AccessKeyID or AccessKeySecretRef + * In PR https://github.com/cert-manager/cert-manager/pull/5194, we introduced a validation whereby an issuer would be rejected if it did not contain AccessKeyID or SecretAccessKeyID when using the route53 DNS solver. This is incorrect, since neither should need to be defined when using AWS ambient credentials. + * remove issue error if role is specified + +------------------------------------------------------------------- Old: ---- cert-manager-1.9.0.tar.gz New: ---- cert-manager-1.9.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cmctl.spec ++++++ --- /var/tmp/diff_new_pack.x3misD/_old 2022-07-28 20:58:37.031564605 +0200 +++ /var/tmp/diff_new_pack.x3misD/_new 2022-07-28 20:58:37.035564616 +0200 @@ -21,7 +21,7 @@ %define archive_name cert-manager Name: cmctl -Version: 1.9.0 +Version: 1.9.1 Release: 0 Summary: CLI tool that can help you to manage cert-manager resources inside your cluster License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.x3misD/_old 2022-07-28 20:58:37.067564707 +0200 +++ /var/tmp/diff_new_pack.x3misD/_new 2022-07-28 20:58:37.071564717 +0200 @@ -3,7 +3,7 @@ <param name="url">https://github.com/cert-manager/cert-manager</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">v1.9.0</param> + <param name="revision">v1.9.1</param> <param name="versionformat">@PARENT_TAG@</param> <param name="changesgenerate">enable</param> <param name="versionrewrite-pattern">v(.*)</param> @@ -16,7 +16,7 @@ <param name="compression">gz</param> </service> <service name="go_modules" mode="disabled"> - <param name="archive">cert-manager-1.9.0.tar.gz</param> + <param name="archive">cert-manager-1.9.1.tar.gz</param> </service> </services> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.x3misD/_old 2022-07-28 20:58:37.095564785 +0200 +++ /var/tmp/diff_new_pack.x3misD/_new 2022-07-28 20:58:37.095564785 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/cert-manager/cert-manager</param> - <param name="changesrevision">cd6836f7c86c12cfebb28cd054a2e8d0e5f04e0b</param></service></servicedata> + <param name="changesrevision">856bca0c53f7bf09a8fe9bebb98e22268c186a0a</param></service></servicedata> (No newline at EOF) ++++++ cert-manager-1.9.0.tar.gz -> cert-manager-1.9.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cert-manager-1.9.0/internal/apis/certmanager/validation/issuer.go new/cert-manager-1.9.1/internal/apis/certmanager/validation/issuer.go --- old/cert-manager-1.9.0/internal/apis/certmanager/validation/issuer.go 2022-07-21 17:37:56.000000000 +0200 +++ new/cert-manager-1.9.1/internal/apis/certmanager/validation/issuer.go 2022-07-26 14:15:52.000000000 +0200 @@ -404,10 +404,9 @@ if len(p.Route53.Region) == 0 { el = append(el, field.Required(fldPath.Child("route53", "region"), "")) } - // accessKeyID or accessKeyIDSecretRef must be specified, but not both - if len(p.Route53.AccessKeyID) == 0 && p.Route53.SecretAccessKeyID == nil { - el = append(el, field.Required(fldPath.Child("route53"), "accessKeyID or accessKeyIDSecretRef is required")) - } + // We don't include a validation here asserting that either the + // AccessKeyID or SecretAccessKeyID must be specified, because it is + // valid to use neither when using ambient credentials. if len(p.Route53.AccessKeyID) > 0 && p.Route53.SecretAccessKeyID != nil { el = append(el, field.Required(fldPath.Child("route53"), "accessKeyID and accessKeyIDSecretRef cannot both be specified")) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cert-manager-1.9.0/internal/apis/certmanager/validation/issuer_test.go new/cert-manager-1.9.1/internal/apis/certmanager/validation/issuer_test.go --- old/cert-manager-1.9.0/internal/apis/certmanager/validation/issuer_test.go 2022-07-21 17:37:56.000000000 +0200 +++ new/cert-manager-1.9.1/internal/apis/certmanager/validation/issuer_test.go 2022-07-26 14:15:52.000000000 +0200 @@ -711,18 +711,15 @@ }, errs: []*field.Error{ field.Required(fldPath.Child("route53", "region"), ""), - field.Required(fldPath.Child("route53"), "accessKeyID or accessKeyIDSecretRef is required"), }, }, - "missing route53 accessKeyID and accessKeyIDSecretRef": { + "missing route53 accessKeyID and accessKeyIDSecretRef should be valid because ambient credentials may be used instead": { cfg: &cmacme.ACMEChallengeSolverDNS01{ Route53: &cmacme.ACMEIssuerDNS01ProviderRoute53{ Region: "valid", }, }, - errs: []*field.Error{ - field.Required(fldPath.Child("route53"), "accessKeyID or accessKeyIDSecretRef is required"), - }, + errs: []*field.Error{}, }, "both route53 accessKeyID and accessKeyIDSecretRef specified": { cfg: &cmacme.ACMEChallengeSolverDNS01{ ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/cmctl/vendor.tar.gz /work/SRC/openSUSE:Factory/.cmctl.new.1533/vendor.tar.gz differ: char 5, line 1
