jetstack
diff --git a/‎LICENSES‎
Lines changed: 1 addition & 0 deletions b/‎LICENSES‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎README.md‎
Lines changed: 4 additions & 3 deletions b/‎README.md‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎RELEASE.md‎
Lines changed: 16 additions & 12 deletions b/‎RELEASE.md‎
Lines changed: 16 additions & 12 deletions
diff --git a/‎deploy/charts/venafi-kubernetes-agent/Chart.yaml‎
Lines changed: 1 addition & 1 deletion b/‎deploy/charts/venafi-kubernetes-agent/Chart.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎deploy/charts/venafi-kubernetes-agent/README.md‎
Lines changed: 13 additions & 12 deletions b/‎deploy/charts/venafi-kubernetes-agent/README.md‎
Lines changed: 13 additions & 12 deletions
@@ -61,6 +61,7 @@ github.com/go418/concurrentcache,Apache-2.0
 github.com/go418/concurrentcache/logger,Apache-2.0
 github.com/gogo/protobuf,BSD-3-Clause
 github.com/golang-jwt/jwt/v4,MIT
+github.com/golang-jwt/jwt/v5,MIT
 github.com/google/btree,Apache-2.0
 github.com/google/cel-go,Apache-2.0
 github.com/google/cel-go,BSD-3-Clause
 
@@ -1,4 +1,4 @@
-# Venafi Kubernetes Agent
+# Discovery Agent
 
 [![tests](https://github.com/jetstack/jetstack-secure/actions/workflows/tests.yaml/badge.svg?branch=master&event=push)](https://github.com/jetstack/jetstack-secure/actions/workflows/tests.yaml)
 [![Go Reference](https://pkg.go.dev/badge/github.com/jetstack/jetstack-secure.svg)](https://pkg.go.dev/github.com/jetstack/jetstack-secure)
@@ -30,6 +30,7 @@ go run . agent \
 ```
 
 > Some examples of agent configuration files:
+>
 > - [./agent.yaml](./agent.yaml).
 > - [./examples/one-shot-secret.yaml](./examples/one-shot-secret.yaml).
 > - [./examples/cert-manager-agent.yaml](./examples/cert-manager-agent.yaml).
@@ -61,5 +62,5 @@ The following metrics are collected:
 
 An end to end test script is available in the [./hack/e2e/test.sh](./hack/e2e/test.sh) directory. It is configured to run in CI
 in the tests.yaml GitHub Actions workflow. To run the script you will need to add the `test-e2e` label to the PR.
-The script creates a cluster in GKE and cleanups after itself unless the `keep-e2e-cluster` label is set on the PR. Adding that 
-label will leave the cluster running for further debugging but it will incur costs so manually delete the cluster when done.
+The script creates a cluster in GKE and cleanups after itself unless the `keep-e2e-cluster` label is set on the PR. Adding that
+label will leave the cluster running for further debugging but it will incur costs so manually delete the cluster when done.
@@ -10,6 +10,7 @@ The release process is semi-automated.
 > [!NOTE]
 >
 > Upon pushing the tag, a GitHub Action will do the following:
+>
 > - Build and publish the container image: `quay.io/jetstack/venafi-agent`,
 > - Build and publish the Helm chart: `oci://quay.io/jetstack/charts/venafi-kubernetes-agent`,
 > - Build and publish the container image: `quay.io/jetstack/disco-agent`,
@@ -20,28 +21,30 @@ The release process is semi-automated.
 
    You will need to install `go-mod-upgrade`:
 
-    ```bash
-    go install github.com/oligot/go-mod-upgrade@latest
-    ```
+   ```bash
+   go install github.com/oligot/go-mod-upgrade@latest
+   ```
 
-    Then, run the following:
+   Then, run the following:
 
-    ```bash
-    go-mod-upgrade
-    make generate
-    ```
+   ```bash
+   go-mod-upgrade
+   make generate
+   ```
 
-    Finally, create a PR with the changes and merge it.
+   Finally, create a PR with the changes and merge it.
 
 2. Open the [tests GitHub Actions workflow][tests-workflow]
    and verify that it succeeds on the master branch.
 
 3. Run govulncheck:
+
    ```bash
    make verify-govulncheck
    ```
 
 4. Create a tag for the new release:
+
    ```sh
    export VERSION=v1.1.0
    git tag --annotate --message="Release ${VERSION}" "${VERSION}"
@@ -51,6 +54,7 @@ The release process is semi-automated.
 5. Wait until the GitHub Actions finishes.
 
 6. Navigate to the GitHub Releases page and select the draft release to edit.
+
    1. Click on “Generate release notes” to automatically compile the changelog.
    2. Review and refine the generated notes to ensure they’re clear and useful
       for end users.
@@ -59,7 +63,7 @@ The release process is semi-automated.
 
 7. Publish the release.
 
-8. Inform the `#venctl` channel that a new version of Venafi Kubernetes Agent has been
+8. Inform the `#venctl` channel that a new version of Discovery Agent has been
    released. Make sure to share any breaking change that may affect `venctl connect`
    or `venctl generate`.
 
@@ -73,7 +77,7 @@ The release process is semi-automated.
 For context, the new tag will create the following images:
 
 | Image                                                     | Automation                                                                                   |
-|-----------------------------------------------------------|----------------------------------------------------------------------------------------------|
+| --------------------------------------------------------- | -------------------------------------------------------------------------------------------- |
 | `quay.io/jetstack/venafi-agent`                           | Automatically built by the [release action](.github/workflows/release.yml) on Git tag pushes |
 | `quay.io/jetstack/disco-agent`                            | Automatically built by the [release action](.github/workflows/release.yml) on Git tag pushes |
 | `registry.venafi.cloud/venafi-agent/venafi-agent`         | Automatically mirrored by Harbor Replication rule                                            |
@@ -83,7 +87,7 @@ For context, the new tag will create the following images:
 and the following OCI Helm charts:
 
 | Helm Chart                                                           | Automation                                                                                   |
-|----------------------------------------------------------------------|----------------------------------------------------------------------------------------------|
+| -------------------------------------------------------------------- | -------------------------------------------------------------------------------------------- |
 | `oci://quay.io/jetstack/charts/venafi-kubernetes-agent`              | Automatically built by the [release action](.github/workflows/release.yml) on Git tag pushes |
 | `oci://quay.io/jetstack/charts/disco-agent`                          | Automatically built by the [release action](.github/workflows/release.yml) on Git tag pushes |
 | `oci://registry.venafi.cloud/charts/venafi-kubernetes-agent`         | Automatically mirrored by Harbor Replication rule                                            |
 
@@ -3,7 +3,7 @@ name: venafi-kubernetes-agent
 type: application
 
 description: |-
-  The Venafi Kubernetes Agent connects your Kubernetes or Openshift cluster to the Venafi Control Plane.
+  The Discovery Agent connects your Kubernetes or OpenShift cluster to the CyberArk Certificate Manager.
 
 maintainers:
   - name: Venafi
 
@@ -1,11 +1,12 @@
 # venafi-kubernetes-agent
 
-The Venafi Kubernetes Agent connects your Kubernetes or OpenShift cluster to the Venafi Control Plane.
-You will require a Venafi Control Plane account to connect your cluster.
+The Discovery Agent connects your Kubernetes or OpenShift cluster to the CyberArk Certificate Manager (formerly Venafi Control Plane).
+You will require a CyberArk Certificate Manager account to connect your cluster.
 If you do not have one, you can sign up for a free trial now at:
+
 - https://venafi.com/try-venafi/tls-protect/
 
-> 📖 Read the [Venafi Kubernetes Agent documentation](https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/),
+> 📖 Read the [Discovery Agent documentation](https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/),
 > to learn how install and configure this Helm chart.
 
 ## Values
@@ -104,7 +105,7 @@ default replicas, do not scale up
 > registry.venafi.cloud/venafi-agent/venafi-agent
 > ```
 
-The container image for the Venafi Enhanced Issuer manager.
+The container image for the Discovery Agent.
 #### **image.pullPolicy** ~ `string`
 > Default value:
 > ```yaml
@@ -282,7 +283,7 @@ extraArgs:
 > []
 > ```
 
-Additional volumes to add to the Venafi Kubernetes Agent container. This is useful for mounting a custom CA bundle. For example:
+Additional volumes to add to the Discovery Agent container. This is useful for mounting a custom CA bundle. For example:
 
 ```yaml
 volumes:
@@ -303,7 +304,7 @@ In order to create the ConfigMap, you can use the following command:
 > []
 > ```
 
-Additional volume mounts to add to the Venafi Kubernetes Agent container. This is useful for mounting a custom CA bundle. Any PEM certificate mounted under /etc/ssl/certs will be loaded by the Venafi Kubernetes Agent. For
+Additional volume mounts to add to the Discovery Agent container. This is useful for mounting a custom CA bundle. Any PEM certificate mounted under /etc/ssl/certs will be loaded by the Discovery Agent. For
 
 ```yaml
 example:
@@ -342,8 +343,8 @@ Configure VenafiConnection authentication
 > false
 > ```
 
-When set to true, the Venafi Kubernetes Agent will authenticate to. Venafi using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the. Secret with `authentication.secretName` will _not_ be mounted into the  
-Venafi Kubernetes Agent Pod.
+When set to true, the Discovery Agent will authenticate to. Venafi using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the. Secret with `authentication.secretName` will _not_ be mounted into the  
+Discovery Agent Pod.
 #### **authentication.venafiConnection.name** ~ `string`
 > Default value:
 > ```yaml
@@ -364,7 +365,7 @@ The namespace of a VenafiConnection resource which contains the configuration fo
 > https://api.venafi.cloud/
 > ```
 
-API URL of the Venafi Control Plane API. For EU tenants, set this value to https://api.venafi.eu/. If you are using the VenafiConnection authentication method, you must set the API URL using the field `spec.vcp.url` on the  
+API URL of the CyberArk Certificate Manager API. For EU tenants, set this value to https://api.venafi.eu/. If you are using the VenafiConnection authentication method, you must set the API URL using the field `spec.vcp.url` on the  
 VenafiConnection resource instead.
 #### **config.clientId** ~ `string`
 > Default value:
@@ -373,7 +374,7 @@ VenafiConnection resource instead.
 > ```
 
 The client-id to be used for authenticating with the Venafi Control. Plane. Only useful when using a Key Pair Service Account in the Venafi. Control Plane. You can obtain the cliend ID by creating a Key Pair Service  
-Account in the Venafi Control Plane.
+Account in the CyberArk Certificate Manager.
 #### **config.period** ~ `string`
 > Default value:
 > ```yaml
@@ -438,7 +439,7 @@ Control Plane.
 > []
 > ```
 
-You can configure Venafi Kubernetes Agent to exclude some annotations or labels from being pushed to the Venafi Control Plane. All Kubernetes objects are affected. The objects are still pushed, but the specified annotations and labels are removed before being sent to the Venafi Control Plane.  
+You can configure Discovery Agent to exclude some annotations or labels from being pushed to the CyberArk Certificate Manager. All Kubernetes objects are affected. The objects are still pushed, but the specified annotations and labels are removed before being sent to the CyberArk Certificate Manager.  
   
 Dots is the only character that needs to be escaped in the regex. Use either double quotes with escaped single quotes or unquoted strings for the regex to avoid YAML parsing issues with `\.`.  
   
@@ -501,4 +502,4 @@ This option makes it so that the "helm.sh/resource-policy": keep annotation is a
 
 When set to false, the rendered output does not contain the. VenafiConnection CRDs and RBAC. This is useful for when the. Venafi Connection resources are already installed separately.
 
-<!-- /AUTO-GENERATED -->
+<!-- /AUTO-GENERATED -->