feat(cert-manager): upgrade to v1.20.2 and enable Gateway API support #150

Merged
unkinben merged 1 commits from benvin/cert-manager-upgrade into main 2026-05-23 22:38:39 +10:00
Owner

Summary

  • Upgrades cert-manager from v1.19.2 to v1.20.2
  • Enables enableGatewayAPI: true via the ControllerConfiguration config block

Why

cert-manager's Gateway API integration was not enabled. Without it, cert-manager.io/* annotations on Gateway resources are ignored and no certificates are issued. This is required for the consul and vault PRs (#148, #149) to have their TLS certs automatically provisioned from their Gateway annotations.

In v1.20.2, ExperimentalGatewayAPISupport is BETA and defaults to true — enabling enableGatewayAPI in the controller config activates the gateway-shim controller.

Test plan

  • cert-manager rolls out cleanly (v1.20.2 pods become Ready)
  • After rollout, existing Gateway-annotated services (artifactapi, puppet, litellm) retain valid certs
  • New Gateway resources with cert-manager.io/cluster-issuer annotations trigger Certificate creation
## Summary - Upgrades cert-manager from v1.19.2 to v1.20.2 - Enables `enableGatewayAPI: true` via the `ControllerConfiguration` config block ## Why cert-manager's Gateway API integration was not enabled. Without it, `cert-manager.io/*` annotations on Gateway resources are ignored and no certificates are issued. This is required for the consul and vault PRs (#148, #149) to have their TLS certs automatically provisioned from their Gateway annotations. In v1.20.2, `ExperimentalGatewayAPISupport` is BETA and defaults to true — enabling `enableGatewayAPI` in the controller config activates the gateway-shim controller. ## Test plan - [ ] cert-manager rolls out cleanly (v1.20.2 pods become Ready) - [ ] After rollout, existing Gateway-annotated services (artifactapi, puppet, litellm) retain valid certs - [ ] New Gateway resources with `cert-manager.io/cluster-issuer` annotations trigger Certificate creation
unkinben added 1 commit 2026-05-23 22:27:29 +10:00
feat(cert-manager): upgrade to v1.20.2 and enable Gateway API support
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful
e20b7285bf
- Upgrade chart from v1.19.2 to v1.20.2
- Enable enableGatewayAPI via ControllerConfiguration config block
  so cert-manager watches Gateway resources and issues certs from
  cert-manager.io/* annotations (required for consul/vault Gateway certs)
unkinben merged commit bcd4c1a722 into main 2026-05-23 22:38:39 +10:00
unkinben deleted branch benvin/cert-manager-upgrade 2026-05-23 22:38:39 +10:00
Sign in to join this conversation.
No Reviewers
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: unkin/argocd-apps#150