queue to be emptied once a day

Unprioritized issues older than 7 days (253)

Resolution: Add a priority/ or triage/ label

Average age: 454.5d, Avg wait: 216.4d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8530 Allow usage of the new DNS-PERSIST-01 challange for ACME
9
 18d 18d 18d
kind/feature
recv
similar
8572 Solver ingressTemplate annotations are not applied to existing Ingress resources when acme.cert-manager.io/http01-edit-in-place: 'true' is set
7d 7d 7d
kind/bug
recv
similar
8522 Support pulling additional fields from secret when using external account binding
3wk 3wk 3wk
kind/feature
recv
recv-q
8513 Exclude namespace(s) from CA Injector 3wk 3wk 3wk
kind/feature
recv
8512 ArtifactHub install command causes Helm fallback warning due to missing v prefix 3wk 3wk 3wk
recv
8499 Add custom labels to be exposed in prometheus metrics 4wk 4wk 4wk
kind/feature
author-last
recv
8493 cloudflare DNS01 - Client.Timeout exceeded while awaiting headers
2
5
 4wk 16d 19d
good first issue
help wanted
kind/bug
assigned
assignee-updated
commented
pr-unreviewed
recv-q
send
8481 FYI: cert-manager-webhook-libdns
4wk 4wk 4wk
recv
similar
8514 v1.19.3: Internal keymanager race condition triggers InvalidCertificate backoff when using external issuers (Google CAS)
3wk 1d 3wk
assigned
assignee-updated
pr-closed
pr-new-commits
recv
recv-q
8476 Helm chart defaults leaderElection namespace to kube-system, blocking cert-manager controller and certificate creation 4wk 4wk 4wk
kind/bug
author-last
commented
recv
recv-q
8479 Subject Key Identifier (SKI) missing on issued certificates by self-signed CA 4wk 4wk 4wk
kind/feature
pr-new-commits
recv
8458 Vault approle configuration 5wk 5wk 5wk
kind/feature
recv
8450 Introducing DelayedInformers for CRD check 6wk 5wk 5wk
kind/feature
assigned
assignee-updated
commented
contributor-last
send
8416 Make Venafi client timeout configurable for slower servers 7wk 5wk 5wk
kind/feature
commented
member-last
send
8378 Support `PodCertificateRequest`
2mo 2mo 2mo
kind/feature
collaborator-last
commented
send
similar
8372 HTTP-01 challenge: support stateless http-01 challenge 2mo 2mo 2mo
kind/feature
recv
8364 Replace Hetzner DNS01 Webhook 2mo 2mo 2mo
collaborator-last
commented
send
8373 DNS-PERSIST-01 challenge support (planned for late Q1 2026)
2
76
 2mo 18d 2mo
kind/feature
recv
similar
8340 Top-level: CA Issuer rotation problem 2mo 2mo
cybr
8319 Improve cert-manager's event handler to allow us to selectively skip some reconciliations 3mo 2mo
cybr
8309 Dependency Dashboard 3mo 5h 3mo
recv
8280 Unblocking SSA: Document changes in SSA-by-default 3mo 3mo
cybr
8279 Unblocking SSA: Fix unit tests 3mo 3mo
cybr
8277 Unblocking Server Side Apply (SSA) by Default 3mo 5wk 5wk
cybr
commented
member-last
8363 helm: Set `ttlSecondsAfterFinished` on Jobs 2mo 3wk 4wk
good first issue
kind/feature
commented
pr-closed
pr-reviewed-with-comment
recv
8251 Top-level ticket: ListenerSet
5
 3mo 7d 7d
cybr
commented
contributor-last
pr-merged
recv-q
send
8235 Cert-manager support for Issuer-managed keys 4mo 4mo 4mo
kind/feature
author-last
commented
recv
8218 Include Vault hostname as default JWT audiences
4mo 5wk 5wk
kind/feature
assigned
assignee-updated
commented
member-last
pr-merged
send
8257 Update helm install NOTES
3mo 5wk 5wk
good first issue
commented
member-last
pr-closed
pr-merged
send
8209 Add revocation at certificate deletion
3
 4mo 4mo 4mo
kind/feature
recv
similar
8194 Update e2e Documentation - for the make e2e-setup command 4mo 4mo 4mo
kind/feature
collaborator-last
commented
send
8183 Add helm diff output to cert-manager PRs 4mo 3mo 4mo
assigned
assignee-updated
collaborator-last
commented
send
8095 DNS-01 Delegated zone is not following CNAME and creating wrong records
4
 5mo 4mo 4mo
kind/bug
author-last
commented
recv
recv-q
8094 HTTP-01 challenge returns 502 with App Gateway (works with NGINX ingress controller) 5mo 4wk 5mo
recv
recv-q
8086 ACME ClusterIssuer not recovering after Vault restart 5mo 5mo 5mo
kind/bug
recv
8201 Timeout contacting Cloudflare API during cert-manager DNS-01 challenge 4mo 3mo 4mo
commented
send
8023 ACME issuer fails when CA includes Name Constraints with x509: unhandled critical extension 6mo 8d 6mo
lifecycle/stale
commented
contributor-last
recv
recv-q
7914 Output tls.crt in CA cert to another secret 7mo 4wk 7mo
kind/feature
lifecycle/stale
contributor-last
recv
7868 Metrics for webhook certificate
3
 7mo 4mo 7mo
kind/feature
author-last
recv
8082 EOF during self check with Pomerium 5mo 5mo 5mo
recv
7862 Requesting a certificate from ZeroSSL sometimes takes more than 10 minutes to complete
7
 7mo 5mo 7mo
kind/bug
recv
7834 Provide race condition mitigation support 8mo 2mo 8mo
kind/feature
author-last
recv
7829 Support to auto delete Certificaterequest
8mo 2mo 8mo
kind/feature
lifecycle/stale
commented
contributor-last
send
similar
7864 failed to call webhook: certificate has expired or is not yet valid
2
 7mo 2mo 7mo
kind/bug
assigned
assignee-updated
contributor-last
recv
recv-q
similar
7828 Cert-manager created multiple CertificateRequests (over 30k) for a valid certificate
8mo 4mo 7mo
kind/bug
commented
send
similar
7821 Request to support AWS ACM Exportable certificates
57
 8mo 2mo 5mo
kind/feature
commented
send
similar
7817 Support `global.nodeSelector` in the Helm chart
2
 8mo 4mo 8mo
kind/feature
contributor-last
pr-merged
recv
7788 Be able to default `acme.cert-manager.io/http01-edit-in-place: "true"` behavior in deployment/chart values
4
 9mo 3mo 3mo
kind/feature
collaborator-last
commented
send
7779 RevisionHistoryLimit should follow Kubernetes definition 9mo 6d 9mo
lifecycle/rotten
contributor-last
recv
7772 Reviewing the use of https://github.com/SSLMate/go-pkcs12 9mo 5d 9mo
kind/feature
lifecycle/rotten
commented
contributor-last
send
7768 Stuck in a loop with `multiple challenge solver pods found for challenge` 9mo 3mo 9mo
kind/bug
author-last
recv
7766 Certificate: Let me specify the concatenation order for CombinedPEM output format
9mo 19d 9mo
kind/feature
author-last
recv
recv-q
7765 Propagation tests fails when using IPv6 recursive DNS nameservers
9mo 2wk 9mo
kind/bug
lifecycle/rotten
recv
7760 Is the zone responsible for a domain changes, cert-manager will not pick it up 9mo 3wk 9mo
kind/bug
lifecycle/rotten
contributor-last
recv
7755 cert-manager-challenges Error presenting challenge: expected array of Record 9mo 3wk 9mo
lifecycle/rotten
contributor-last
recv
recv-q
7751 Custom key usage extensions 10mo 6d 5wk
kind/feature
commented
recv
recv-q
7749 Http and PROXY protocol
5
 10mo 3wk 10mo
lifecycle/rotten
contributor-last
recv
7747 [suggestion] Add Kustomize install documentation
5
6
 10mo 5mo 10mo
kind/feature
commented
recv
recv-q
7717 After uninstalling cert-manager, ingress resources can still only be accessed via https 10mo 5wk 10mo
lifecycle/rotten
contributor-last
recv
7822 Tracking: Kubernetes Gateway API follow up tasks
5
 8mo 3mo 3mo
commented
member-last
pr-merged
send
7660 cert-manager produces invalid (per RFC5280) certificates when `cert sign` usage is set along with another usage 11mo 4wk 10mo
kind/bug
lifecycle/rotten
commented
contributor-last
send
7659 Challenge and resolver pod/ingress killed too soon
2
 11mo 5wk 11mo
lifecycle/rotten
contributor-last
recv
7684 Add support for namespaced deployment
11mo 2mo 11mo
kind/feature
lifecycle/stale
contributor-last
pr-merged
recv
recv-q
similar
7649 [GKE][Cert-Manager]Document Might Need Implementation Details Update to GSA/KSA Integration 11mo 7h 11mo
kind/bug
lifecycle/rotten
contributor-last
recv
recv-q
7625 Clean install fails to create Issuer
4
 1y 6wk 1y
kind/bug
lifecycle/rotten
contributor-last
recv
recv-q
7594 Cloudflare delegated domains returns Found no Zones for domain _acme-challenge.mydomain.com
1y 6wk 1y
kind/bug
lifecycle/rotten
contributor-last
recv
7645 Support cross-signed intermediate CAs issued with Vault
2
 11mo 5wk 5wk
kind/feature
commented
member-last
send
7561 Feature Request RFC: Push notifications from cert-manager to <other service> when certificates are issued 1y 4mo 4mo
kind/feature
author-last
commented
recv
recv-q
7551 Unhelpful log messages 1y 3mo
lifecycle/frozen
contributor-last
7531 punycode issue 1y 4mo 1y
author-last
recv
7522 Non standard "cert-manager.io" used in event "Reason" 1y 4mo 10mo
lifecycle/frozen
kind/bug
commented
contributor-last
recv
7520 ClusterIssuer read caBundle from Secret
7
 1y 3mo 10mo
kind/feature
commented
pr-unreviewed
send
7492 `UseCertificateRequestBasicConstraints` should probably add `Critical` for `isCA` 1y 4mo 10mo
lifecycle/frozen
commented
contributor-last
recv
7510 Key Size for Acme Account Key
1y 3d 1y
kind/feature
lifecycle/rotten
contributor-last
pr-new-commits
recv
7476 [Helm Chart] - Wrong handling of image registry and repository
4
 1y 3mo 3mo
kind/bug
commented
member-last
pr-closed
send
7486 `"Unhandled Error" err="ingress '...' in work queue no longer exists"` should be handled (clean up dangling `Certificate`)
6
 1y 4mo 1y
lifecycle/frozen
kind/bug
contributor-last
recv
recv-q
7438 certificate not updated after enabling SSA 1y 3mo 1y
kind/bug
author-last
recv
7422 Please provide standalone helm chart for CRDs
20
 1y 4d 1y
kind/feature
lifecycle/stale
contributor-last
recv
6622 `make update-licenses` is non-deterministic.
2y 3d 9mo
kind/bug
lifecycle/rotten
commented
contributor-last
pr-merged
pr-unreviewed
6224 Option to store certificate history in individual secrets
2
 2y 5mo 6mo
kind/feature
commented
contributor-last
recv-q
send
6010 Support the ACME Renewal Information (ARI) extension
13
 2y 3mo 9mo
kind/feature
author-last
commented
recv
recv-q
7473 Create certificate based on HTTPRoute configuration
61
7
86
 1y 1d 5wk
kind/feature
assigned
assignee-updated
commented
pr-closed
pr-merged
recv-q
send
4749 rfc2136 seems to not work with deep subdomains
4y 4mo 4y
kind/bug
area/acme/dns01
recv
recv-q
5566 upload Helm charts to OCI registry and sign them with cosign
4
56
 3y 5mo 5mo
kind/feature
commented
member-last
pr-merged
send
8234 Vault Issuer: certmanager spams thousands of CertificateRequest resources if Issuer is configured to use the Vault issue endpoint rather than the sign endpoint
4mo 4mo 4mo
kind/bug
commented
member-last
send
5864 Certmgr allows creating certificates expiring after ca expiration.
4
33
 3y 4mo 10mo
lifecycle/frozen
kind/bug
cybr
commented
pr-new-commits
recv-q
send
7388 Kid missing in the new order request
2
 1y 3mo 1y
kind/bug
pr-unreviewed
recv
recv-q
1935 add third party cert-manager-webhook-infomaniak 6wk 6wk 6wk
recv
1926 Change the Cert Manager Webhook DNS01 of Hetzner Cloud 6wk 6wk 6wk
author-last
pr-unreviewed
recv
1985 Replace github.com/lukeapage/node-markdown-spellcheck
10d 10d 10d
help wanted
good first issue
commented
contributor-last
pr-closed
recv-q
1874 Dependency Dashboard 3mo 6h 3mo
recv
1802 Invalid certificate 5mo 5mo 5mo
recv
1715 The ingress annotation `cert-manager.io/secret-template` is not documented
2
 9mo 9mo
contributor-last
similar
1643 Let's Encrypt Ending Support for Notification Emails 1y 7mo 1y
recv
1625 Configuration issue potentially leading to a memory leak 1y 1y 1y
recv
1623 Claim about v1beta1/v1alpha2 support for gateway api is misleading 1y 1y 1y
recv
1620 Cert Manager allows the creation of Illegal wilcard SANs 1y 1y 1y
recv
1608 Renaming Securing NGINX-ingress to ingress-nginx 1y 1y 1y
recv
1585 Broken install instructions due wrong cert_manager_latest_version - v1.16.1 1y 1y 1y
recv
1546 Self upgrade PRs don't run checks
2y 4mo 2y
cybr
commented
member-last
1490 GKE tutorial falsely claims it's possible to create LE certificate without domain (only IP) 2y 1y 2y
author-last
recv
1586 Now that cert-manager 1.16 has been released, `--set config.enableGatewayAPI=true` is now the recommended approach for projects that show instructions on how to enable cert-manager's gateway API support, especially on visible projects like Cilium:
1y 1y
pr-merged
944 Document how to install cert-manager in a different namespace
4
 3y 2y 3y
good first issue
recv
recv-q
1806 Tutorial depends on no longer available image of kuard
4
 4mo 4mo 4mo
recv
1596 Wrong key for cloudflare secret ref in DNS Validation tutorial page 1y 1y 1y
recv
697 [IRSA] Needs `runAsUser: 1001`
4y 1y 1y
commented
member-last
pr-merged
send
209 Dependency Dashboard
3mo 4h 3mo
pr-merged
recv
501 Error logs not very helpful
2
 1y 1y 1y
recv
687 Dependency Dashboard 3mo 5h 3mo
recv
431 istio-csr pod healthz check fails for long time in v0.11.0 and v0.12.0 1y 1y 1y
recv
recv-q
287 Getting Readiness probe failed when using cert-manager-istio-csr 2y 2y 2y
author-last
recv
recv-q
similar
244 Populate Subject Fields in Certificate
2y 1y 2y
recv
223 False positive warnings from trivy and dependabot
7
 2y 2y
283 Document / improve that sometimes the issuer needs to set `ca.crt`
2y 2y
153 It is possible to have several CAs within the same cluster.
3
 3y 1y 2y
commented
send
137 Documentation on rotating the root certificate
2
 4y 10mo 4y
recv
recv-q
130 Document best-practices for minimal vault role configuration for istio-csr 4y 2y 4y
recv
recv-q
84 csr readiness probe failed, istio ingress pod also failed
2
 4y 2y 4y
support
recv
recv-q
similar
113 Integrating with istio helm chart installs
15
 4y 1y 4y
recv
recv-q
176 certificateDuration is not used for the Istio CSR generated certificate requests
3y 6mo 3y
pr-closed
recv
recv-q
803 Request to build images for main
5wk 5wk 5wk
commented
member-last
send
713 Remove deprecated approverpolicy_certificaterequest_ metrics 5mo 5mo
667 Cannot create secret cert-manager-approver-policy-tls 6mo 6mo 6mo
commented
contributor-last
recv
similar
782 Ensuring approver-policy is ready to accept CRDs after install 1mo 1mo
good first issue
similar
638 Approver cannot find applicable policy 9mo 8mo 9mo
author-last
recv
recv-q
466 Document How to Configure Common Scenarios 2y 2y 2y
recv
452 CRDs in the Release files
3
 2y 2y 2y
recv
394 Limit number of SANs by policy
2y 2y 2y
commented
member-last
send
288 Feature: Take control of approval for the whole cluster
2
 2y 2y 2y
commented
member-last
819 Pods are crash-looping after upgrade to v0.23.1
14d 19h 19h
kind/bug
commented
member-last
pr-merged
send
203 Improve CRD fields for specifying key requirements
3
 3y 1y 1y
commented
member-last
send
169 Webhook Custom CA 3y 10mo 10mo
help wanted
commented
contributor-last
recv-q
send
761 Dependency Dashboard 3mo 6h 3mo
recv
216 Simplify configuration by creating RBAC by default
2
 3y 11mo 11mo
help wanted
commented
contributor-last
pr-merged
pr-unreviewed
recv-q
send
559 Flakey Tests in pull-cert-manager-approver-policy-test 1y 1y
similar
881 Helm install fails when extraObjects contains Bundles 4wk 4wk 4wk
recv
848 Request for cryptographic mechanisms used in cert-manager-trust-manager 7wk 7wk 7wk
recv
similar
841 Does trust-manager require cluster level permissions to read secrets?
7wk 7wk 7wk
author-last
commented
recv
recv-q
837 Ensuring trust-manager is ready to accept CRDs after install 1mo 1mo
good first issue
pr-unreviewed
similar
835 Helm Chart cannot set securityContext 1mo 1mo 1mo
recv
815 Support Debian Trixie for trust packages 2mo 2mo
cybr
805 Dependency Dashboard 3mo 5h 3mo
recv
800 When creating a trust bundle with additionalFormats/pkcs12, no pkcs12 is produced
3mo 13d 13d
commented
send
892 Eliminate the duplicate code for managing default trust bundle images 16d 16d
assigned
assignee-updated
pr-reviewed-with-comment
778 Add option to use a specific issuer in the helm chart 4mo 4mo 4mo
recv
750 Feat: Emit Events on the controller Pod instead of cluster-scoped Bundle 5mo 5mo 5mo
commented
contributor-last
recv
742 Add option to disable webhook in Helm chart 6mo 3mo 6mo
kind/feature
author-last
commented
recv
741 Using an Image Volume to deploy certifiats
6mo 5mo 6mo
commented
member-last
send
650 Pod goes out of readiness 8mo 2mo 8mo
lifecycle/stale
contributor-last
recv
645 Unable to pass helm lint due to certificate yaml stripping too much whitespace 8mo 2mo 8mo
lifecycle/stale
commented
contributor-last
send
629 The crds is not installed automatically when trust-manager is a sub-chart 10mo 2mo 10mo
lifecycle/stale
contributor-last
recv
recv-q
761 Feat: Add a namespaced trust bundle CRD alongside the cluster-scoped Bundle 5mo 3mo 5mo
commented
contributor-last
recv
recv-q
592 Feature: ClusterTrustBundle as Sources
11mo 4mo 4mo
commented
member-last
send
similar
588 Add ability to monitor validity period for CAs in bundle
5
 11mo 3d 7wk
kind/feature
help wanted
assigned
assignee-updated
commented
send
560 Support rotated certificate sources
35
 1y 2mo 11mo
commented
recv
recv-q
similar
465 Installing trust-manager just after installing cert-manager makes it FAIL forever 1y 2mo 5mo
lifecycle/rotten
commented
contributor-last
recv
301 Add support for kubectl installation
2y 1y 2y
lifecycle/frozen
author-last
commented
open-milestone
recv
recv-q
similar
245 Split Bundle controller into multiple controllers
2y 1y 1y
lifecycle/frozen
commented
member-last
pr-merged
send
591 Feature: ClusterTrustBundle as Target
12
 11mo 4mo 4mo
commented
member-last
pr-merged
send
similar
142 expose bundles CRD as release artifact
2
11
 2y 4wk 7mo
help wanted
lifecycle/stale
commented
contributor-last
recv-q
send
131 Feature: per namespace trust bundle
8
 2y 5mo 8mo
lifecycle/frozen
commented
send
99 Allow removing Bundles whilst keeping the synced CA certs
5
 3y 10mo 10mo
lifecycle/frozen
commented
member-last
pr-unreviewed
63 nit: Rename "Bundle" to "ClusterBundle"
18
 3y 8mo 8mo
lifecycle/frozen
commented
member-last
open-milestone
pr-merged
send
60 overriding trusted namespace
10
18
 3y 6d 10mo
commented
recv-q
send
243 More flexible and better organized target specification in API
5
 2y 2mo 4mo
lifecycle/frozen
commented
pr-merged
39 Don't sync targets to all namespaces by default
8
 3y 10mo 10mo
lifecycle/frozen
commented
member-last
open-milestone
pr-merged
send
242 New version of Bundle API
2
4
 2y 11mo 1y
lifecycle/frozen
commented
pr-closed
pr-merged
222 [Feature] - Ability to inject a CA cert into a cert-manager managed secret resource
16
 2y 6d 6mo
lifecycle/stale
commented
contributor-last
pr-merged
send
205 Allow to select multiple "trust" namespaces
48
 2y 4wk 8mo
commented
send
886 Allow creating `ClusterRole` aggregations 3wk 3wk 3wk
kind/feature
recv
4 Feature: By default, require only self-signed certificates in a bundle
4y 2mo 8mo
kind/feature
help wanted
good first issue
lifecycle/stale
commented
contributor-last
send
362 Dependency Dashboard 3mo 5h 3mo
recv
279 Persisting identifiers for retry calls to Sign() 7mo 7wk 7wk
commented
member-last
send
231 ### Question about Configuring Retries in cert-manager 11mo 7wk 7wk
commented
member-last
send
204 clarify SetCAOnCertificateRequest deprecation status 1y 8mo 8mo
commented
member-last
send
583 Security Posture improvements 16d 8d 16d
recv
recv-q
530 Dependency Dashboard 3mo 6h 3mo
recv
521 RFC: Cert-Manager CSI Driver as Secret Store Provider
3mo 3mo 3mo
recv
385 Helm Install of cert-manager-csi-driver Fails on Minikube with /dev/bus/usb Errors 11mo 11mo 11mo
author-last
recv
353 mismatch between the key and the certificate signature algorithm
1y 1y 1y
recv
383 [Feature Request] Adding attributes that available in Certificate CRD to CSI Driver
5
 11mo 11mo 11mo
recv
267 Does cert-manager-csi-driver support AWS EKS with AWS Fargate nodes? 2y 2y 2y
recv
264 Certificate renewal doesn't change file 'modified date'
2y 2y 2y
recv
171 E2E Test Cleanup 2y 2y 2y
good first issue
commented
member-last
130 JKS support
6
 3y 2y 3y
recv
recv-q
241 Missing cert-manager.io/revision-history-limit volume attributes for CSI-Driver
6
 2y 2y 2y
recv
256 Broken comma-separated splitting logic 2y 2y
17 ability to specify pod IP in volume attributes
7
 6y 1y 5y
commented
recv
recv-q
411 Dependency Dashboard 3mo 4h 3mo
recv
128 Incorrect logger initialisation 2y 2y
41 The default `csiDataDir` value might collide with csi-driver
2y 5mo
contributor-last
pr-merged
recv-q
295 Dependency Dashboard 3mo 9h 3mo
recv
204 Support for creating certificate for wildcard route 8mo 3mo 8mo
recv
similar
306 [FEATURE]Enable setting private key encoding via annotation 2mo 2mo 2mo
kind/feature
author-last
pr-reviewed-with-comment
recv
174 Standby Replicas without lease use lots of CPU 11mo 11mo 11mo
recv
58 certificate cannot be renewed, error message: "key does not match certificate"
4
 2y 2y 2y
recv
recv-q
116 Release static manifests (no helm) for v0.6.0-alpha.0+
2
 1y 1y 1y
recv
56 Support for destinationCaCertificate / Reencrypt Routes
2
 2y 2y 2y
recv
similar
38 Route with cert-manager annotations is not created
4
 2y 9mo 2y
commented
send
54 Same certificate in path based Routes
2
 2y 1y 2y
pr-closed
recv
70 OLM deployment with ArgoCD is OutOfSync
3y 3y 3y
commented
send
46 Cert-manager operator fails to issue certificates 4y 4y 4y
recv
17 Operator prevents passing extraArgs helm value
7
 5y 3y 5y
recv
recv-q
22 Customize the deployment of cert-manager installed via OLM
5
6
 4y 1y 3y
commented
recv
recv-q
74 Consistency issues due to the use of mount binds 1y 1y 1y
author-last
commented
recv
recv-q
40 Optional auto rotating/renewing certificates 3y 2y 3y
contributor-last
recv
recv-q
similar
144 Dependency Dashboard 3mo 4h 3mo
recv
100 Dependency Dashboard 3mo 1h 3mo
recv
56 Struggling to get controller running in local KIND cluster
1y 10mo 10mo
commented
member-last
send
63 Is it possible to only create Issuer and remove the CluserIssuer 9mo 9mo 9mo
recv
62 Limit the controller-manager to access secrets only from specific namespace 9mo 9mo 9mo
recv
361 Dependency Dashboard 3mo 4h 3mo
recv
264 commands should provide help when called w/o arguments if they require inputs 7mo 7mo 7mo
commented
member-last
send
122 asdf cmctl installer issues
2
 1y 1y 1y
author-last
commented
recv
128 cmctl always reports v0.0.0 in the user-agent header 1y 1y
65 Dependency Dashboard 2mo 9h 2mo
recv
59 Process regarding worrying emails sent to the maintainers mailing list
6mo 5mo 5mo
commented
member-last
1125 Dependency Dashboard 3mo 4h 3mo
recv
487 Dependency Dashboard 3mo 1h 3mo
recv
295 `make generate-golangci-lint-config` clobbers local exclusions added to the local config. 9mo 9mo
202 Makefile Modules, Go Versions and Vendoring
1y 1y 1y
commented
contributor-last
154 Publish SBOMs 2y 2y 2y
kind/feature
good first issue
commented
member-last
send
451 Re-enable testing with specific kubernetes versions in subprojects 4mo 4mo 4mo
cybr
commented
member-last
send
481 Embed go version in `go install` binaries in cache 3mo 3mo
202 Dependency Dashboard 3mo 5h 3mo
recv
25 helm-tool inject sometimes omits the context (prefix) of commented out values in the generated markdown 2y 2y
kind/bug
contributor-last
26 helm-tool inject adds trailing white space to the generated markdown 2y 2y
kind/bug
64 Open Standup: Updating an event didn't send new invitations to already registered people
3mo 3mo 3mo
commented
member-last
send
63 CNCF-paid GitHub Actions runners 4mo 3mo 3mo
commented
member-last
62 Lazy vote: Enhancing the triaging process 4mo 4mo
60 Lazy vote: Zoom for standup meetings to be able to add the standups to the LFX calendar
4mo 3mo 3mo
commented
member-last
35 Post-Graduation Suggestion Tracker
2y 2y 2y
commented
member-last
pr-merged
92 Dependency Dashboard 3mo 13h 3mo
recv
74 Why cert-manager looks for a CNAME record instead of a TXT record? 2y 2y 2y
recv
72 readyz and healthz api 2y 2y 2y
recv
46 Code reference a pull request to be merged, but the pull request was closed by a robot 3y 3wk 3y
recv
2 Set up basic e2e test that deploys the webhook and ensures we can POST a challenge
6y 5mo
contributor-last
pr-closed
recv-q
37 Add logging example
4y 2y 4y
pr-closed
recv
80 How to deal with K8s timelimit in 30s ? 1y 1y 1y
recv
81 How to enable leader election in the webhook? 1y 1y 1y
recv
31 BROKEN CI 2mo 2mo
cybr
24 Dependency Dashboard 2mo 1d 2mo
recv
8 Find solution for automatically disabled GitHub Actions 2y 2y
22 Dependency Dashboard 2mo 1d 2mo
recv
18 Feature: Git bundles? 11mo 11mo
7 Dependency Dashboard 2mo 3wk 2mo
recv
375 Dependency Dashboard 3mo 9h 3mo
recv
197 Kubectl One-line Installation Support 2y 1y 1y
commented
member-last
send
similar
162 Issue: Broken config when using commonLabels 2y 2y 2y
recv
148 Certificate chain is not split correctly
5
 2y 2y 2y
author-last
pr-reviewed-with-comment
recv
recv-q
133 Allow to use a custom Service Account
5
 2y 2y 2y
pr-unreviewed
recv
102 certificate renewal does not work in due to auth issue to privatecaapi end point 3y 1y 3y
recv
361 [Helm] allow `enabled` as key in values schema 3mo 3mo 3mo
recv

Uncommented older than 7 days (154)

Resolution: Add a priority/ or triage/ label

Average age: 539.5d, Avg wait: 485.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8121 Support for Creating CertificateRequest from Kubernetes Secret 5mo 4mo 5mo
kind/feature
triage/needs-information
contributor-last
recv
recv-q
similar
8085 Feature Request: Add annotation to disable automatic certificate renewal
5mo 5mo 5mo
priority/important-longterm
pr-closed
recv
similar
8058 Cert-manager fails to import ECDSA private keys generated by openssl 6mo 5mo 6mo
kind/bug
priority/important-longterm
pr-changes-requested
recv
7826 If issuer is incorrect, it is still shown as READY 8mo 4mo 8mo
kind/bug
priority/important-longterm
assigned
assignee-updated
author-last
pr-new-commits
recv
recv-q
7288 Missing UID in webhook challenge request 1y 3wk 1y
kind/bug
priority/backlog
lifecycle/rotten
contributor-last
recv
6820 Ongoing dependency evaluation
2y 2y 2y
lifecycle/frozen
priority/important-longterm
contributor-last
recv
6741 ACME account private key and URI are not updated if the path of the ACME server is changed
7
 2y 3mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
recv
6472 Create TLSA records automatically
15
 2y 6wk 2y
kind/feature
priority/backlog
contributor-last
recv
5917 Waiting for DNS-01 challenge propagation: DNS record for mydomain.com not yet propagated
42
 2y 4wk 2y
kind/bug
priority/important-longterm
assigned
assignee-updated
recv
recv-q
5751 Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together
3y 3mo 3y
lifecycle/frozen
kind/bug
priority/important-soon
author-last
pr-closed
recv
recv-q
5540 Changelog annotations to chart
3y 4wk 3y
kind/feature
priority/backlog
author-last
recv
1549 Brand guideline page 2y 2y 2y
priority/backlog
contributor-last
recv
1473 Add ArtifactHub packages to website 2y 2y 2y
priority/backlog
recv
1063 "Securing Ingresses with Venafi" tutorial contains link to missing manifest
3y 1y 3y
priority/important-longterm
author-last
pr-merged
recv
850 Document available cert-manager Prometheus metrics
4y 3y 4y
documentation
good first issue
priority/important-longterm
recv
recv-q
354 DigitalOcean access-token should not be base64-encoded 5y 5y 5y
priority/awaiting-more-evidence
author-last
recv
recv-q
237 docs for ACMEChallengeSolverHTTP01Ingress doesn't specify what `class` values are available
5y 5y 5y
priority/backlog
kind/documentation
contributor-last
pr-closed
recv
228 Documentation needs correction for external-account-bindings
5y 11mo 5y
good first issue
priority/backlog
kind/documentation
contributor-last
pr-merged
recv
197 Document ACME account mismatch 5y 1y 5y
good first issue
priority/backlog
kind/documentation
recv
recv-q
130 FAQ: How does cert-manager handle ingresses with valid TLS secrets? 6y 5y 6y
help wanted
priority/backlog
kind/documentation
contributor-last
recv
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 6y 5y 6y
priority/backlog
kind/documentation
contributor-last
recv
3 Restrict operator RBAC permissions
5y 2y 5y
priority/backlog
pr-merged
recv
83 As cmctl user, I want to use different kubectl context on command line ( --context='kubectl-context-abc' )
3
 2y 2y 2y
priority/important-longterm
recv
690 Clean up Presets
3y 2y 3y
priority/backlog
pr-merged
recv
594 Document infra image bumps and versioning 4y 2y 4y
priority/backlog
recv
38 Set repository to be a GitHub template repository
3y 2y 3y
priority/important-longterm
recv
128 previously listed items omitted

Important soon, but no updates in 90 days (17)

Resolution: Downgrade to important-longterm

Average age: 1298.7d, Avg wait: 71.9d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6741 ACME account private key and URI are not updated if the path of the ACME server is changed
7
 2y 3mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
recv
6709 1.14 Release Review
3
 2y 2y 2y
lifecycle/frozen
priority/important-soon
commented
contributor-last
send
6331 CSR not signed by referenced private key
10
 2y 3mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
commented
contributor-last
recv-q
send
5298 Complete the Migration Away From Jetstack Names 3y 2y 2y
lifecycle/frozen
kind/cleanup
priority/important-soon
commented
member-last
send
3992 Add non-CRD yaml file
4
 4y 3mo 2y
priority/important-soon
area/deploy
author-last
commented
recv
5751 Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together
3y 3mo 3y
lifecycle/frozen
kind/bug
priority/important-soon
author-last
pr-closed
recv
recv-q
2930 Mirror to gcr.io or dockerhub
2
29
 5y 1y 1y
lifecycle/frozen
kind/feature
priority/important-soon
area/deploy
assigned
assignee-updated
commented
contributor-last
send
3381 Setup separate package for cert-manager API
5
 5y 1y 1y
lifecycle/frozen
kind/feature
priority/important-soon
assigned
assignee-updated
commented
member-last
send
5867 Controller can't handle hitting request rate limits of zerossl ACME API
7
12
31
 3y 11mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
commented
pr-closed
pr-merged
recv-q
send
7234 AWS Route53: Stale/Stuck Challenges should be deleted after a given timeout
4
 2y 3mo 1y
kind/bug
priority/important-soon
assigned
assignee-updated
commented
contributor-last
pr-closed
pr-merged
pr-reviewed-with-comment
recv
recv-q
1425 The `issuer.vault.spec.caBundleSecretRef` docs are missing 2y 2y
priority/important-soon
955 Document when the vault pki role required setting `require_cn=false`
2
 3y 1y
priority/important-soon
802 Spelling errors are unclear in pull request CI results and spell checker is unmaintained
4y 2y
kind/bug
priority/important-soon
contributor-last
pr-merged
195 Document keystores 5y 3y 5y
priority/important-soon
kind/documentation
commented
contributor-last
send
174 Add documentation for CRD conversion webhook ca injection 5y 5y 5y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
1174 Document the docker images and how to find them
3y 3y 3y
good first issue
priority/important-soon
kind/documentation
commented
member-last
send
127 cmctl version reports only the old CRD version if I upgrade cert-manager without including the CRDs 1y 1y
priority/important-soon

Important longterm, but no updates in 180 days (21)

Resolution: Downgrade to backlog

Average age: 1417.4d, Avg wait: 244.1d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6969 Should upgrade status managed fields from CSA to SSA when ServerSideApply feature gate enabled 2y 1y 2y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
contributor-last
send
6051 Detecting Gateway hostnames based on attached HTTPRoutes
7
31
 2y 7mo 8mo
lifecycle/frozen
kind/feature
priority/important-longterm
commented
pr-merged
send
4950 General flakiness of our end-to-end suite
3
 4y 2y 3y
lifecycle/frozen
priority/important-longterm
kind/flake
commented
member-last
pr-closed
pr-merged
send
4191 Setting default values for Pod's "resources"?
7
 4y 1y 1y
lifecycle/frozen
priority/important-longterm
commented
contributor-last
recv-q
send
3521 Integration with ExternalDNS
4
52
 5y 6mo 1y
help wanted
lifecycle/frozen
kind/feature
priority/important-longterm
commented
recv-q
2525 Better support multi-namespace & single-namespace deployments
27
 6y 10mo 2y
lifecycle/frozen
kind/feature
priority/important-longterm
area/deploy
commented
contributor-last
pr-closed
send
similar
2178 Handling 'unregistering' certificates from Venafi TPP
22
 6y 2y 2y
lifecycle/frozen
kind/feature
priority/important-longterm
area/venafi
commented
member-last
send
1194 Confusing paragraph - cert-manager integration. 3y 2y 2y
documentation
priority/important-longterm
commented
member-last
send
975 Some pages do not make it clear what the user should read next 3y 1y
priority/important-longterm
401 Bring tutorials up to date 5y 3y 3y
priority/important-longterm
commented
member-last
send
1186 Document that/why we don't use Helm's CRD installation mechanism 3y 2y 2y
good first issue
priority/important-longterm
kind/documentation
assigned
assignee-updated
commented
member-last
send
223 Document wildcard certificate tutorial 5y 5y 5y
priority/important-longterm
kind/documentation
commented
contributor-last
send
58 Support injection pem into an existing configmap
8
 3y 10mo 10mo
priority/important-longterm
lifecycle/frozen
assigned
assignee-updated
commented
member-last
pr-closed
pr-merged
pr-unreviewed
send
129 Increase e2e test timeouts 2y 2y
priority/important-longterm
98 Document new release process for all repos 2y 2y
priority/important-longterm
assigned
3 Make unit testing easier/make examples work
6y 2y 4y
priority/important-longterm
commented
member-last
pr-closed
send
5 previously listed items omitted: #6820 #1063 #850 #83 #38

Pull Requests: Review Ready (94)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 128.2d, Avg wait: 82.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8588 feat(deploy/charts): adding validate for prometheus crds
2d 3h 16h
release-note
kind/feature
size/M
dco-signoff: yes
area/deploy
collaborator-last
commented
new-commits
8602 fix(deps): update module github.com/segmentio/encoding to v0.5.4 (master) 5h 5h 5h
size/XS
release-note-none
kind/cleanup
dco-signoff: yes
area/testing
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
8600 fix(deps): update module google.golang.org/api to v0.271.0 (master) 11h 5h 11h
release-note-none
size/S
kind/cleanup
dco-signoff: yes
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
8594 Fix typo "commonname" in PreferredChain field comment 1d 1d 1d
release-note-none
size/S
area/api
kind/cleanup
needs-ok-to-test
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
unreviewed
8592 docs: Update Helm repository references to OCI registry 1d 1d 1d
release-note
size/S
kind/documentation
needs-ok-to-test
dco-signoff: yes
area/deploy
author-last
recv
recv-q
unreviewed
8577 fix(keymanager): preserve expected secret when cleaning up duplicates 5d 1d 5d
release-note
needs-ok-to-test
size/M
dco-signoff: yes
needs-kind
author-last
new-commits
recv
recv-q
8571 fix(certificate-shim): trying to fix flaky tests 7d 4d 4d
size/L
release-note-none
kind/cleanup
dco-signoff: yes
collaborator-last
commented
new-commits
8395 Clarify code around DNS01 Self Check 1mo 4d 5d
release-note-none
kind/cleanup
size/M
area/acme
dco-signoff: yes
ok-to-test
area/acme/dns01
author-last
commented
recv
recv-q
reviewed-with-comment
8258 feat(certificate): renewal policy and windows code
3
 3mo 2d 2d
release-note
area/api
kind/feature
size/XXL
area/acme
dco-signoff: yes
area/testing
area/acme/dns01
area/deploy
collaborator-last
commented
open-milestone
reviewed-with-comment
similar
7733 fixes #5864: cert-manager CA to issue certs after verify with CA Certs Validity
10mo 5d 9mo
size/L
release-note
kind/bug
kind/feature
lifecycle/rotten
dco-signoff: yes
ok-to-test
commented
contributor-last
new-commits
recv
recv-q
8574 feat(design): proposed ari design 5d 5d
size/L
release-note-none
kind/design
dco-signoff: yes
contributor-last
recv-q
unreviewed
7852 adds cli option configure ACME challange authorization timeout
8mo 5d 7mo
release-note
area/api
kind/feature
size/M
area/acme
dco-signoff: yes
ok-to-test
author-last
commented
new-commits
recv
recv-q
similar
8523 feat(helm): add opt-in ttlSecondsAfterFinished for startupapicheck Job
2
 3wk 7d 8d
release-note
size/S
dco-signoff: yes
ok-to-test
area/deploy
needs-kind
author-last
commented
recv
reviewed-with-comment
similar
8534 feat: add --dns01-timeout flag to make DNS01 provider API timeout configurable 16d 16d 16d
release-note
area/api
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
area/acme/dns01
needs-kind
contributor-last
recv
recv-q
unreviewed
8480 Add Subject Key Identifier (SKI) to issued certificates
3
 4wk 3wk 4wk
size/L
release-note
kind/feature
dco-signoff: yes
area/testing
ok-to-test
author-last
commented
new-commits
recv
8440 feat(chart): Set ttlSecondsAfterFinished for statupapicheck 6wk 4wk 6wk
release-note
size/S
kind/feature
needs-ok-to-test
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
similar
unreviewed
8464 improve dynamic source serving certificate renewal logic 5wk 4wk 5wk
release-note
kind/bug
size/M
dco-signoff: yes
ok-to-test
commented
contributor-last
recv
unreviewed
8255 add dns issuer secrets validation before marking it as ready 3mo 5wk 2mo
release-note
size/XL
lgtm
kind/bug
area/acme
dco-signoff: yes
area/testing
ok-to-test
commented
contributor-last
new-commits
recv
recv-q
8407 Use generics to make predicates typed 7wk 7wk 7wk
size/L
release-note-none
kind/cleanup
dco-signoff: yes
area/testing
commented
member-last
new-commits
8367 feat(helm) add startupProbe and readinessProbe to cert-manager-controller 2mo 2mo 2mo
release-note-none
kind/feature
needs-ok-to-test
size/M
dco-signoff: yes
area/deploy
commented
contributor-last
recv
recv-q
unreviewed
8262 Bugfix #7388 kid missing issue with Infisical ACME server or any other ACME that requires EAB
3mo 2mo 3mo
size/L
release-note
needs-ok-to-test
area/acme
dco-signoff: yes
needs-kind
author-last
commented
recv
unreviewed
7289 Design proposal for delayed certificate activation 1y 3mo 1y
size/L
release-note-none
kind/design
needs-ok-to-test
lifecycle/stale
dco-signoff: yes
commented
contributor-last
recv
recv-q
reviewed-with-comment
7583 Support for ACME servers that don't finalize within the ACME client finalizer retry window 1y 3mo 1y
release-note
kind/bug
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
recv
recv-q
unreviewed
7614 Lower the minimum certificate duration from 1 hour to 5 minutes 1y 4mo 1y
release-note
size/S
area/api
kind/feature
dco-signoff: yes
ok-to-test
contributor-last
recv
recv-q
unreviewed
2002 [master] Freeze 1.19 and bump versions before merging release-next 8h 8h
dco-signoff: yes
size/XXL
contributor-last
recv-q
reviewed-with-comment
1997 [release-next] Release Notes for cert-manager v1.20.0 11h 8h
dco-signoff: yes
size/L
contributor-last
new-commits
recv-q
1587 Custom Certificate Support for cert-manager Webhook Endpoint 1y 9h 1y
dco-signoff: yes
size/S
recv
recv-q
unreviewed
1607 Document Log Level settings. Document DNS01 delegation using multiple providers. 1y 9h 1y
dco-signoff: yes
size/M
recv
recv-q
unreviewed
1909 docs: add ACK RRSA supported AliDNS webhook 2mo 9h 6wk
size/XS
dco-signoff: yes
author-last
commented
new-commits
recv
1602 acme troubleshooting: how to fix errored challenges 1y 9h 1y
size/XS
dco-signoff: yes
contributor-last
recv
recv-q
reviewed-with-comment
1989 chore(deps): update misc npm packages 8d 9h 8d
dco-signoff: yes
size/M
ok-to-test
dependencies
recv
recv-q
similar
unreviewed
1994 chore(deps): lock file maintenance 2d 9h 2d
dco-signoff: yes
size/L
ok-to-test
dependencies
recv
recv-q
unreviewed
1959 chore(deps): update eslint monorepo to v10 (major) 4wk 9h 4wk
size/XS
dco-signoff: yes
ok-to-test
dependencies
contributor-last
recv
recv-q
unreviewed
1992 chore(deps): update actions/setup-node digest to 53b8394 7d 9h 7d
size/XS
dco-signoff: yes
ok-to-test
dependencies
recv
recv-q
similar
unreviewed
210 chore(deps): pin dependencies 3mo 4h 3mo
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
unreviewed
261 fix(deps): update module google.golang.org/api to v0.271.0 1d 11h 1d
dco-signoff: yes
size/M
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
262 fix(deps): update module cloud.google.com/go/storage to v1.61.0 17h 17h 17h
dco-signoff: yes
size/S
dependencies
ok-to-test
contributor-last
recv
recv-q
unreviewed
260 chore(deps): update docker.io/library/golang docker tag to v1.26 1d 1d 1d
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
258 chore(deps): update docker.io/library/golang:1.26-alpine docker digest to 2389ebf 5d 5d 5d
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
225 fix(deps): update module helm.sh/helm/v3 to v4 3mo 5d 3mo
dco-signoff: yes
size/M
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
760 fix(deps): update misc go deps 13h 5h 13h
dco-signoff: yes
size/M
ok-to-test
dependencies
contributor-last
recv
recv-q
unreviewed
637 Fix/chartadditional annotations for cli args 5mo 3wk 5mo
dco-signoff: yes
size/XS
ok-to-test
commented
contributor-last
recv
recv-q
reviewed-with-comment
838 [CI] Merge self-upgrade-main into main 6h 5h 6h
dco-signoff: yes
size/M
release-note-none
kind/cleanup
ok-to-test
skip-review
contributor-last
recv
recv-q
similar
unreviewed
837 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 6h 13h
dco-signoff: yes
size/XS
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
835 Fix race condition with default deny and approving policies 1d 1d 1d
dco-signoff: yes
size/L
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
834 test: add unit tests for ServiceAccount CEL library 1d 1d 1d
dco-signoff: yes
size/L
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
833 fix: correct typos in code comments and documentation 1d 1d 1d
dco-signoff: yes
needs-ok-to-test
size/S
contributor-last
recv
recv-q
unreviewed
895 Allow specifying a custom type for Secret targets 13d 13h 5d
dco-signoff: yes
size/XL
ok-to-test
author-last
commented
new-commits
recv
871 Introduce KAL optional fields checks
4wk 4d 4d
dco-signoff: yes
size/XL
commented
member-last
reviewed-with-comment
900 chart: add startupapicheck to ensure trust-manager is ready after install 9d 9d 9d
dco-signoff: yes
needs-ok-to-test
size/XL
contributor-last
recv
recv-q
unreviewed
683 feat: Add a very basic pre-commit configuration 7mo 3wk 6mo
dco-signoff: yes
size/XS
lifecycle/stale
commented
contributor-last
new-commits
420 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 5h 13h
dependencies
dco-signoff: yes
size/L
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
417 fix(deps): update module k8s.io/klog/v2 to v2.140.0 4d 4d 4d
dependencies
dco-signoff: yes
size/S
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
188 Remove SetCertificateRequestConditionError
3
 1y 13d 13d
dco-signoff: yes
size/XXL
commented
member-last
new-commits
600 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 6h 13h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
474 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 4h 13h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
303 feat: add support for setting private key encoding 3mo 2mo 3mo
dco-signoff: yes
size/L
needs-ok-to-test
recv
recv-q
reviewed-with-comment
similar
148 limit-namespaces for namespace-scope deployments
1y 1y 1y
dco-signoff: no
size/S
needs-ok-to-test
author-last
recv
recv-q
unreviewed
345 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 13h 13h
dco-signoff: yes
dependencies
size/L
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
187 fix(deps): update misc go deps 11d 4h 11d
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
unreviewed
192 [CI] Merge self-upgrade-main into main 5h 5h 5h
dco-signoff: yes
size/S
kind/cleanup
release-note-none
ok-to-test
skip-review
contributor-last
recv
recv-q
similar
unreviewed
190 fix(deps): update module golang.org/x/sync to v0.20.0 2d 2d 2d
dco-signoff: yes
size/XS
ok-to-test
dependencies
skip-review
contributor-last
recv
recv-q
similar
unreviewed
71 Refactor filesystem.go and adapt tests to use a real file system 1y 8mo 8mo
dco-signoff: yes
size/L
commented
member-last
reviewed-with-comment
189 fix(deps): update module k8s.io/klog/v2 to v2.140.0 4d 4d 4d
dco-signoff: yes
size/S
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
138 chore(deps): update docker.io/golang:1.26 docker digest to c7e98cc 7d 1h 7d
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
143 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 13h 13h
dco-signoff: yes
size/L
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
140 chore(deps): update dependency golangci/golangci-lint to v2.11.3 5d 17h 5d
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
142 fix(deps): update module k8s.io/klog/v2 to v2.140.0 4d 4d 4d
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
434 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 4h 13h
dco-signoff: yes
size/L
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
435 [CI] Merge self-upgrade-main into main 5h 5h 5h
dco-signoff: yes
size/S
ok-to-test
release-note-none
kind/cleanup
skip-review
contributor-last
recv
recv-q
similar
unreviewed
429 chore(deps): update docker/login-action action to v4 6d 6d 6d
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
68 chore(deps): update terraform google to v7.23.0 5wk 9h 5wk
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
1157 Update k8s-infra-prow images, cert-manager-infra-images images as needed 8d 11h 8d
dco-signoff: yes
size/M
contributor-last
recv
recv-q
unreviewed
1159 fix(deps): update module google.golang.org/api to v0.271.0 1d 13h 1d
dco-signoff: yes
size/M
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
560 chore(deps): update tools 8d 9h 8d
dco-signoff: yes
size/M
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
564 chore(deps): update dependency cert-manager/cert-manager to v1.20.0 13h 13h 13h
dco-signoff: yes
size/S
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
549 Split (helm) generate-crds target 3wk 3wk 3wk
dco-signoff: yes
size/M
commented
member-last
reviewed-with-comment
55 feat: add test module 2y 2y 2y
dco-signoff: yes
size/M
commented
contributor-last
recv
reviewed-with-comment
470 feat(helm): adding `helm-diff` target
4mo 3mo 3mo
dco-signoff: yes
size/S
cybr
ok-to-test
commented
contributor-last
new-commits
recv
recv-q
109 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 13h 13h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
64 Add imagePullSecrets to template 2y 2y 2y
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
59 cleanup: remove unused NOTES.txt file 2y 2y 2y
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
1 Manage the cert-manager GitHub organisation from this repo 2y 2y 2y
dco-signoff: yes
size/XXL
commented
member-last
unreviewed
58 chore(deps): update misc github actions 1d 1d 1d
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
8 Optionally output a unified diff
2mo 3wk 3wk
dco-signoff: yes
size/XL
needs-ok-to-test
author-last
commented
recv
recv-q
unreviewed
13 Various QA fixes 3wk 3wk 3wk
dco-signoff: yes
size/L
needs-ok-to-test
author-last
commented
new-commits
recv
4 Add support for custom license templates 2y 6mo
dco-signoff: yes
size/S
contributor-last
recv-q
unreviewed
457 fix(deps): update module github.com/cert-manager/cert-manager to v1.20.0 13h 13h 13h
size/M
ok-to-test
dependencies
dco-signoff: yes
contributor-last
recv
recv-q
similar
unreviewed
454 fix(deps): update module google.golang.org/api to v0.271.0 1d 9h 1d
size/M
ok-to-test
dependencies
dco-signoff: yes
contributor-last
recv
recv-q
similar
unreviewed
455 Replace math/rand with math/rand/v2 1d 1d 1d
size/S
dco-signoff: yes
contributor-last
recv
recv-q
unreviewed
453 fix(deps): update module k8s.io/klog/v2 to v2.140.0 4d 4d 4d
size/XS
ok-to-test
dependencies
dco-signoff: yes
contributor-last
recv
recv-q
similar
unreviewed
345 chore: add existing securityContext settings to values 4mo 4mo 4mo
size/M
dco-signoff: yes
contributor-last
recv
recv-q
similar
unreviewed
143 feat: allow creating or reusing an existing sa 2y 9mo 2y
ok-to-test
recv
recv-q
unreviewed
141 re-adding required clusterrole permission 2y 1y 2y
size/XS
author-last
recv
unreviewed

Unkinded Issues (228)

Resolution: Add a kind/ or triage/support label

Average age: 627.6d, Avg wait: 273.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7895 if certificate is already expired, it shown like a True
2
 7mo 2mo 5mo
help wanted
priority/important-soon
commented
pr-new-commits
pr-reviewed-with-comment
recv
7699 Adding Helm Unittest to all certmanager projects 10mo 2mo 2mo
priority/backlog
assigned
assignee-updated
commented
member-last
send
6799 ACME challenges stopped working after 1.13/1.14 update
2y 9d 2y
priority/critical-urgent
lifecycle/rotten
commented
contributor-last
recv
recv-q
5861 cert manager API showing error - "x509: certificate has expired or is not yet valid"
3
 3y 2mo 2mo
good first issue
lifecycle/frozen
priority/important-longterm
assigned
assignee-updated
commented
contributor-last
pr-unreviewed
send
similar
6179 CRDs shouldn't be templated in Helm
5
2
30
 2y 2d 6mo
priority/backlog
lifecycle/stale
commented
contributor-last
recv-q
send
1262 v1.9 to v1.10 upgrade instructions does not mention container name change
2y 1y 2y
priority/backlog
assigned
assignee-updated
commented
member-last
send
1101 Feature request for updating documentation. 3y 2y 2y
priority/backlog
commented
member-last
send
similar
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
5
 5y 2y 5y
documentation
help wanted
priority/backlog
commented
pr-merged
recv-q
2 Set up periodic job to publish an experimental release build
6y 4y
priority/backlog
assigned
contributor-last
830 Race condition with a combination of approving policies and a default deny policy 5d 5d 5d
recv
908 v0.22.0: image template does not work when installing trust-manager and cert-manager from one umbrella chart
3
 20h 20h 20h
recv
297 Allow all resources to be namespaced
7
 2y 5mo 5mo
priority/backlog
commented
member-last
send
33 Support CRDs as target
5
 3y 2mo 8mo
priority/backlog
lifecycle/stale
commented
contributor-last
send
45 Unable to mount and read only file error
5
 4y 2y 2y
priority/awaiting-more-evidence
commented
send
132 Investigate test timeouts 2y 2y
priority/backlog
33 Create e2e test to validate CertificateRequest garbage collection 3y 2y 2y
priority/backlog
assigned
commented
member-last
send
81 Configuring Peribolos for Github org management 7y 2y 2y
priority/backlog
commented
member-last
send
3 Migrating all cert-manager projects to "Makefile modules" 2y 3mo 8mo
priority/backlog
commented
member-last
43 Allow non-Venafi employee maintainers full release capabilities
3
 1y 3mo 3mo
priority/backlog
assigned
assignee-updated
commented
member-last
27 failed with: OpenAPI spec does not exist
2
6
 4y 2y 2y
priority/critical-urgent
commented
pr-closed
pr-unreviewed
send
208 previously listed items omitted

Unprioritized Recent Issues (257)

Resolution: Add a priority/ or triage/ label

Average age: 447.5d, Avg wait: 213.1d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8591 GKE Gateway controller + ClusterIssuer configured for http01 create a solver pod that works but that does not attach to the gateway 1d 20h 1d
kind/bug
author-last
recv
recv-q
8586 Misconfiguration caused hammering of DigitalOcean API 3d 3d 3d
kind/bug
recv
255 previously listed items omitted

Uncommented Recent Issues (4)

Resolution: Add a comment

Average age: 2.8d, Avg wait: 2.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4 previously listed items omitted: #8586 #8591 #830 #908

New, has multiple reactions, but not important-soon (1)

Resolution: Check if issue should be prioritized as important-soon

Average age: 0.8d, Avg wait: 0.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
908 v0.22.0: image template does not work when installing trust-manager and cert-manager from one umbrella chart
3
 20h 20h 20h
recv
New, has multiple commenters, but not important-soon: No matching items

needs information, has update (1)

Resolution: Comment and remove triage/needs-information tag

Average age: 162.7d, Avg wait: 158.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8121 Support for Creating CertificateRequest from Kubernetes Secret 5mo 4mo 5mo
kind/feature
triage/needs-information
contributor-last
recv
recv-q
similar

Recently updated issue has a question (3)

Resolution: Add an answer

Average age: 1381.3d, Avg wait: 2.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7751 Custom key usage extensions 10mo 6d 5wk
kind/feature
commented
recv
recv-q
1292 Allowing skipping HTTP01 and DNS01 self-check on a per-solver basis
17
4
230
 7y 3d 4y
area/api
help wanted
kind/feature
priority/important-longterm
area/acme
commented
pr-closed
recv-q
send
60 overriding trusted namespace
10
18
 3y 6d 10mo
commented
recv-q
send
Triage Party v1.4.0