Skip to content

Trust Manager releases

Trust Manager is a small Kubernetes operator that helps reduce the overhead of managing TLS trust bundles in your clusters.

It orchestrates bundles of trusted X.509 certificates that are primarily used for validating certificates during a TLS handshake but can be used in other situations, too.

Learn about current and past releases of Trust Manager.

Latest release

‚Äč The latest stable version of Trust Manager is v0.11.0.

Downloads

  • Docker Image: private-registry.venafi.cloud/trust-manager/trust-manager:v0.11.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.11.0
  • Helm Chart: oci://private-registry.venafi.cloud/charts/trust-manager:v0.11.0
  • Docker Image: private-registry.venafi.eu/trust-manager/trust-manager:v0.11.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.11.0
  • Helm Chart: oci://private-registry.venafi.eu/charts/trust-manager:v0.11.0

Release v0.11.0

Trust Manager v0.11.0 was released on June 3, 2024.

Key features

  • JSON logging

    JSON logging can be enabled through the new app.logFormat Helm value, which defaults to text but can be set to json. For example:

    helm upgrade trust-manager jetstack/trust-manager \
        --set app.logFormat=json \
        --install \
        --namespace cert-manager \
        --wait
    
    kubectl logs -n cert-manager trust-manager-xxxxx
    {"time":"2024-06-03T14:05:12.468612847Z","level":"INFO","msg":"successfully loaded default package from filesystem","logger":"trust/bundle","path":"/packages/cert-manager-package-debian.json"}
    ...
    
  • Log Level Parsing

    This release also changes how log levels are parsed when passed in to trust-manager.

    Previously, non-numeric log levels would be silently ignored, so if you set a log level of "v5" rather than "5", the setting would not take effect, and the log level would default to 1. Now, log levels must be valid integers, and Trust Manager will fail to start if a log level is invalid.

  • Fixes and improvements

    • Updated to use the Go version specified in the Makefile tools module.
    • Replaced deprecated klog.New in tests with ktesting.NewTestContext.
    • Deduplicated code for syncing target configmaps and secrets.
    • Fixed all linter issues and un-ignore golanci-lint linter exceptions.
Downloads
  • Docker Image: private-registry.venafi.cloud/trust-manager/trust-manager:v0.11.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.11.0
  • Helm Chart: oci://private-registry.venafi.cloud/charts/trust-manager:v0.11.0
  • Docker Image: private-registry.venafi.eu/trust-manager/trust-manager:v0.11.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.11.0
  • Helm Chart: oci://private-registry.venafi.eu/charts/trust-manager:v0.11.0

Release v0.10.1

Trust Manager v0.10.1 was released on May 29, 2024.

Key features

  • Release v0.10.1 fixes an issue in the Trust Manager build process causing it to be built with an out-of-date Go version (1.22.0). Trust Manager v0.10.1 now builds with Go v1.22.3.
Downloads
  • Docker Image: private-registry.venafi.cloud/trust-manager/trust-manager:v0.10.1
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.10.1
  • Helm Chart: oci://private-registry.venafi.cloud/charts/trust-manager:v0.10.1
  • Docker Image: private-registry.venafi.eu/trust-manager/trust-manager:v0.10.1
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.10.1
  • Helm Chart: oci://private-registry.venafi.eu/charts/trust-manager:v0.10.1

Release v0.10.0

Trust Manager v0.10.0 was released on May 13, 2024.

Key features

  • Trust Manager has been updated to use Makefile modules.
  • Release v0.10.0 also upgrades the Go version used to build to 1.22.3 to fix the following vulnerability: GO-2024-2824 (CVE-2024-24788).
  • The google.golang.org/protobuf library has been updated to v1.33.0 to fix the following vulnerability: CVE-2024-24786.
  • This release also includes dependency version updates and minor bug fixes.
Downloads
  • Docker Image: private-registry.venafi.cloud/trust-manager/trust-manager:v0.10.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.10.0
  • Helm Chart: oci://private-registry.venafi.cloud/charts/trust-manager:v0.10.0
  • Docker Image: private-registry.venafi.eu/trust-manager/trust-manager:v0.10.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.10.0
  • Helm Chart: oci://private-registry.venafi.eu/charts/trust-manager:v0.10.0

Release v0.9.2

Trust Manager v0.9.2 was released on March 26, 2024.

Key features

  • This release fixes an minor Helm schema issue with the nameoverride value.
  • The following vulnerability was fixed by upgrading to google.golang.org/protobuf@v1.33.0: CVE-2024-24786 s.
Downloads
  • Docker Image: private-registry.venafi.cloud/trust-manager/trust-manager:v0.9.2
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.9.2
  • Helm Chart: oci://private-registry.venafi.cloud/charts/trust-manager:v0.9.2
  • Docker Image: private-registry.venafi.eu/trust-manager/trust-manager:v0.9.2
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.9.2
  • Helm Chart: oci://private-registry.venafi.eu/charts/trust-manager:v0.9.2

Release v0.9.1

Trust Manager v0.9.1 was released on March 13, 2024.

Key features

  • A helm chart schema fix for the replicaCount field to assist further chart templating.
  • This release also further improves support for the s390x architecture introduced in v0.9.0 by building the Debian trust package for s390x.
Downloads
  • Docker Image: private-registry.venafi.cloud/trust-manager/trust-manager:v0.9.1
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.9.1
  • Helm Chart: oci://private-registry.venafi.cloud/charts/trust-manager:v0.9.1
  • Docker Image: private-registry.venafi.eu/trust-manager/trust-manager:v0.9.1
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.9.1
  • Helm Chart: oci://private-registry.venafi.eu/charts/trust-manager:v0.9.1

Release v0.9.0

Trust Manager v0.9.0 was released on March 7, 2024.

Key features

  • This release fixes an issue which broke passwordless PKCS#12 files when read by Java. It's possible that this could have an effect on non-Java platforms, but in testing it seemed safe for both Go and Java.
  • This release also adds support for the s390x architecture for Trust Manager.
  • A new crds.keep option was added to reduce the risk of losing important data when uninstalling Trust Manager.
  • An issue with certificate deduplication when certs were present in multiple sources was also fixed in this release.
Downloads
  • Docker Image: private-registry.venafi.cloud/trust-manager/trust-manager:v0.9.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.9.0
  • Helm Chart: oci://private-registry.venafi.cloud/charts/trust-manager:v0.9.0
  • Docker Image: private-registry.venafi.eu/trust-manager/trust-manager:v0.9.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.9.0
  • Helm Chart: oci://private-registry.venafi.eu/charts/trust-manager:v0.9.0

Release v0.8.0

Trust Manager v0.8.0 was released on January 19, 2024.

Key features

  • This release adds an option at startup to filter expired certificates from all bundles and the ability to include Secret and ConfigMap resources via labels.

    Removal of .status.target

    Trust Manager v0.8.0 removes the .status.target field from Bundle resources. If you relied on this field previously, you should be able to calculate it from the spec of your Bundle.

Downloads
  • Docker Image: private-registry.venafi.cloud/trust-manager/trust-manager:v0.8.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.8.0
  • Helm Chart: oci://private-registry.venafi.cloud/charts/trust-manager:v0.8.0
  • Docker Image: private-registry.venafi.eu/trust-manager/trust-manager:v0.8.0
  • Helm Chart: oci://registry.venafi.cloud/charts/trust-manager:v0.8.0
  • Helm Chart: oci://private-registry.venafi.eu/charts/trust-manager:v0.8.0