chore(deps): update cert-manager group to v1.10.2 (patch)

[renovate]

This PR contains the following updates:

Package	Update	Change
cert-manager (source)	patch	v1.10.0 -> v1.10.2
quay.io/jetstack/cert-manager-controller	patch	v1.10.0 -> v1.10.2

---

Release Notes

cert-manager/cert-manager (cert-manager)

v1.10.2

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

v1.10.2 is primarily a performance enhancement release which might reduce memory consumption by up to 50% in some cases thanks to some brilliant work by @​irbekrm! 🎉

It also patches several vulnerabilities reported by scanners and updates the base images used for cert-manager containers. In addition, it removes a potentially confusing log line which had been introduced in v1.10.0 which implied that an error had occurred when using external issuers even though there'd been no error.

Changes since v1.10.1

Feature

• Enable support for Kubernetes 1.26 in tests (#​5647, @​SgtCoDFish)

Bug or Regression

• Fixes a bug where the cert-manager controller was caching all Secrets twice (#​5704, @​irbekrm)
• Bump helm version to fix CVE-2022-23525 (#​5676, @​SgtCoDFish)
• Don't log errors relating to selfsigned issuer checks for external issuers (#​5687, @​SgtCoDFish)
• Fix golang.org/x/text vulnerability (#​5592, @​SgtCoDfish)
• Upgrade golang/x/net to fix CVE-2022-41717 (#​5635, @​SgtCoDFish)
• Upgrade to go 1.19.4 to fix CVE-2022-41717 (#​5620, @​SgtCoDfish)
• Use manually specified tmpdir template when verifying CRDs (#​5682, @​SgtCoDFish)

Other (Cleanup or Flake)

• Bump distroless base images to latest versions (#​5677, @​SgtCoDFish)

v1.10.1

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

cert-manager v1.10.1 is a bug fix release which fixes a problem which prevented the Venafi Issuer from connecting to TPP servers where the vedauth API endpoints were configured to accept client certificates.
It is also compiled with a newer version of Go 1.19 (v1.19.3) which fixes some vulnerabilities in the Go standard library.

Changes since v1.10.0

Bug or Regression

• The Venafi Issuer now supports TLS 1.2 renegotiation, so that it can connect to TPP servers where the vedauth API endpoints are configured to accept client certificates.
  (Note: This does not mean that the Venafi Issuer supports client certificate authentication).
  (#​5576, @​wallrj)
• Upgrade to latest go patch release
  (#​5560, @​SgtCoDFish )

---

Configuration

📅 Schedule: Branch creation - "on sunday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ COPYPASTE	jscpd	yes		no	0.72s
✅ KUBERNETES	kubeval	2		0	0.63s
✅ REPOSITORY	git_diff	yes		no	0.01s
✅ REPOSITORY	secretlint	yes		no	0.98s
✅ YAML	prettier	2		0	0.53s
✅ YAML	yamllint	2		0	0.27s

See errors details in artifact MegaLinter reports on CI Job page
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by