chore: cert-manager readme update

charts/kubezero-cert-manager/README.md

@@ -1,35 +1,38 @@
 # kubezero-cert-manager
 
-![Version: 0.7.3](https://img.shields.io/badge/Version-0.7.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.3](https://img.shields.io/badge/AppVersion-1.5.3-informational?style=flat-square)
+![Version: 0.8.0](https://img.shields.io/badge/Version-0.8.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.6.1](https://img.shields.io/badge/AppVersion-1.6.1-informational?style=flat-square)
 
 KubeZero Umbrella Chart for cert-manager
 
 **Homepage:** <https://kubezero.com>
 
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| Stefan Reimer | stefan@zero-downtime.net |  |
+
 ## Requirements
 
-Kubernetes: `>= 1.18.0`
+Kubernetes: `>= 1.20.0`
 
 | Repository | Name | Version |
 |------------|------|---------|
-| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.3 |
+| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.4 |
-| https://charts.jetstack.io | cert-manager | 1.5.3 |
+| https://charts.jetstack.io | cert-manager | 1.6.1 |
 
-## AWS - IAM Role
+## AWS - OIDC IAM roles
-If you use kiam or kube2iam and restrict access on nodes running cert-manager please adjust:
-```
-cert-manager.podAnnotations:
-  iam.amazonaws.com/role: <ROLE>
-```
 
 ## Resolver Secrets
 If your resolvers need additional sercrets like CloudFlare API tokens etc. make sure to provide these secrets separatly matching your defined issuers.
 
+## Resources
+- [Backup & Restore](https://cert-manager.io/docs/tutorials/backup/)
 ## Values
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/master" | string | `""` |  |
+| cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` |  |
 | cert-manager.cainjector.tolerations[0].effect | string | `"NoSchedule"` |  |
 | cert-manager.cainjector.tolerations[0].key | string | `"node-role.kubernetes.io/master"` |  |
 | cert-manager.enabled | bool | `true` |  |
@@ -37,12 +40,12 @@ If your resolvers need additional sercrets like CloudFlare API tokens etc. make
 | cert-manager.global.leaderElection.namespace | string | `"cert-manager"` |  |
 | cert-manager.ingressShim.defaultIssuerKind | string | `"ClusterIssuer"` |  |
 | cert-manager.ingressShim.defaultIssuerName | string | `"letsencrypt-dns-prod"` |  |
-| cert-manager.nodeSelector."node-role.kubernetes.io/master" | string | `""` |  |
+| cert-manager.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` |  |
 | cert-manager.prometheus.servicemonitor.enabled | bool | `false` |  |
 | cert-manager.startupapicheck.enabled | bool | `false` |  |
 | cert-manager.tolerations[0].effect | string | `"NoSchedule"` |  |
 | cert-manager.tolerations[0].key | string | `"node-role.kubernetes.io/master"` |  |
-| cert-manager.webhook.nodeSelector."node-role.kubernetes.io/master" | string | `""` |  |
+| cert-manager.webhook.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` |  |
 | cert-manager.webhook.tolerations[0].effect | string | `"NoSchedule"` |  |
 | cert-manager.webhook.tolerations[0].key | string | `"node-role.kubernetes.io/master"` |  |
 | clusterIssuer | object | `{}` |  |