queue to be emptied once a day

Unprioritized issues older than 7 days (310)

Resolution: Add a priority/ or triage/ label

Average age: 694.9d, Avg wait: 459.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7829 Support to auto delete Certificaterequest 16d 14d 16d
kind/feature
contributor-last
recv
recv-q
similar
7834 Provide race condition mitigation support 10d 10d 10d
kind/feature
recv
7826 If issuer is incorrect, it is still shown as READY 17d 17d 17d
author-last
recv
7825 Support setting resources limit/request for ACME HTTP01 solver pod via podTemplate
17d 17d 17d
kind/feature
contributor-last
recv
7828 Cert-manager created multiple CertificateRequests (over 30k) for a valid certificate 17d 17d 17d
kind/bug
recv
7821 Request to support AWS ACM Exportable certificates
13
2wk 2wk 2wk
kind/feature
recv
similar
7797 Refactor metrics into a collector format 3wk 3wk 3wk
kind/feature
assigned
assignee-updated
contributor-last
recv
7788 Be able to default `acme.cert-manager.io/http01-edit-in-place: "true"` behavior in deployment/chart values 4wk 4wk 4wk
kind/feature
assigned
assignee-updated
author-last
recv
recv-q
7779 RevisionHistoryLimit should follow Kubernetes definition 5wk 5wk 5wk
recv
similar
7822 Tracking: Kubernetes Gateway API follow up tasks
2
2wk 17d 2wk
recv
7772 Reviewing the use of https://github.com/SSLMate/go-pkcs12 5wk 5wk 5wk
kind/feature
contributor-last
recv
recv-q
7766 Certificate: Let me specify the concatenation order for CombinedPEM output format 7wk 7wk 7wk
kind/feature
author-last
recv
recv-q
7768 Stuck in a loop with `multiple challenge solver pods found for challenge` 6wk 6wk 6wk
kind/bug
recv
7765 Propagation tests fails when using IPv6 recursive DNS nameservers 7wk 7wk 7wk
kind/bug
recv
7760 Is the zone responsible for a domain changes, cert-manager will not pick it up 7wk 7wk 7wk
kind/bug
author-last
recv
7755 cert-manager-challenges Error presenting challenge: expected array of Record 1mo 7wk 1mo
recv
recv-q
7751 Custom key usage extensions 1mo 1mo 1mo
kind/feature
recv
7749 Http and PROXY protocol
2
1mo 1mo 1mo
recv
7747 [suggestion] Add Kustomize install documentation 1mo 1mo 1mo
kind/feature
author-last
recv
recv-q
7717 After uninstalling cert-manager, ingress resources can still only be accessed via https 2mo 2mo 2mo
recv
7716 Don't have CRD for `ControllerConfiguration`. 2mo 2mo 2mo
commented
member-last
send
7699 Adding Helm Unittest to all certmanager projects 2mo 2mo 2mo
assigned
assignee-updated
contributor-last
recv
7691 Why is the value of the certificate expiration time captured in blackbox different from the value of the certificate expiration time exposed by certmanager 2mo 2mo 2mo
contributor-last
recv
recv-q
7687 Webhook refusing connection even when Ready 2mo 2mo 2mo
kind/bug
recv
7741 Certmanager attempts infinite renewals if the Issuer Certificate read from Vault has expired
3
2mo 1mo 1mo
kind/bug
commented
recv
7673 Support for acmesolver.tolerations/affinity/nodeSelector 3mo 2mo 3mo
kind/feature
author-last
recv
recv-q
7668 Allow custom values in Helm chart schema by relaxing additionalProperties: false
2
3mo 3d 3mo
lifecycle/stale
contributor-last
pr-unreviewed
recv
7660 cert-manager produces invalid (per RFC5280) certificates when `cert sign` usage is set along with another usage 3mo 1mo 3mo
kind/bug
contributor-last
recv
recv-q
7659 Challenge and resolver pod/ingress killed too soon
3mo 2mo 3mo
author-last
recv
7656 Add multiple DNS provider resolvers to an single webhook not working 3mo 5d 3mo
lifecycle/stale
contributor-last
pr-unreviewed
recv
7649 [GKE][Cert-Manager]Document Might Need Implementation Details Update to GSA/KSA Integration 3mo 4wk 3mo
kind/bug
author-last
recv
recv-q
7648 Solver selector issue 3mo 2mo 3mo
kind/bug
author-last
recv
7647 Support GatewayAPI's XGateway
3mo 11d
lifecycle/frozen
kind/feature
contributor-last
7645 Support cross-signed intermediate CAs issued with Vault
2
3mo 11d 3mo
kind/feature
author-last
recv
7636 cermanager order in pending state 3mo 3wk 3mo
lifecycle/stale
contributor-last
recv
7635 Mirroring bind9 image for e2e tests 3mo 3wk
lifecycle/stale
contributor-last
7630 certmanager_http_acme_client_request_count is missed from the metrics?
2
3mo 2d 3mo
kind/bug
lifecycle/stale
contributor-last
recv
7629 http01-override-ingress-class is not updated when Ingress annotation is updated 3mo 3wk 3mo
kind/bug
lifecycle/stale
author-last
recv
recv-q
7625 Clean install fails to create Issuer
4
3mo 2mo 3mo
kind/bug
recv
recv-q
7610 Expose MaxFailures as a helm paramater for FileCertificateSource 4mo 5d 4mo
kind/feature
lifecycle/rotten
contributor-last
recv
7598 More fine-grained control of powerful RBAC permission granted via Helm chart
2
4
4mo 8d 1mo
kind/feature
assigned
assignee-updated
commented
contributor-last
pr-merged
recv-q
send
7594 Cloudflare delegated domains returns Found no Zones for domain _acme-challenge.mydomain.com
4mo 2mo 4mo
kind/bug
recv
7590 Allow issuer fallback
4mo 14d 4mo
lifecycle/rotten
contributor-last
recv
7588 Allow setting secret type to value other than default kubernetes.io/tls
4mo 3wk 4mo
kind/feature
lifecycle/stale
commented
contributor-last
recv
7587 Spaceship support 4mo 14d 4mo
lifecycle/rotten
contributor-last
recv
recv-q
7586 BookMyName support 4mo 14d 4mo
lifecycle/rotten
contributor-last
recv
recv-q
7585 Continuous access token requests when using Venafi TPP password/username authentication 4mo 19d 4mo
kind/bug
lifecycle/rotten
contributor-last
recv
7581 Cert-manager is no longer triggered when multiple tls.hosts exists without secretName. 4mo 3wk 4mo
kind/bug
lifecycle/rotten
contributor-last
recv
7580 CNameStrategy Follow not working with Cloudflare 4mo 16d 4mo
lifecycle/rotten
contributor-last
recv
7572 Certificate Issuance takes long time up to 50 minutes when attempting to create 40+ certificates
2
4mo 14d 4mo
lifecycle/stale
contributor-last
recv
7561 Feature Request RFC: Push notifications from cert-manager to <other service> when certificates are issued 5mo 2mo 5mo
kind/feature
author-last
recv
7556 clockHealth check failed: livez
5mo 6wk 5mo
author-last
recv
recv-q
7551 Unhelpful log messages 5mo 5wk
contributor-last
7536 Digicert ACME order is failing due to invalid validity_years 5mo 2mo 5mo
author-last
recv
7531 punycode issue 5mo 2mo 5mo
author-last
recv
7522 Non standard "cert-manager.io" used in event "Reason" 5mo 2mo 5mo
kind/bug
contributor-last
recv
7520 ClusterIssuer read caBundle from Secret
2
5mo 2mo 5mo
kind/feature
contributor-last
pr-unreviewed
recv
7514 Replace some of the webhook functionality with `ValidatingAdmissionPolicy` & CEL 5mo 2mo 5mo
kind/feature
author-last
recv
7510 Key Size for Acme Account Key
5mo 4wk 5mo
kind/feature
pr-new-commits
recv
7506 Issues with new PEM maximum sizes
6
5mo 16d 5mo
kind/bug
lifecycle/stale
contributor-last
pr-unreviewed
recv
recv-q
7502 Failed to call webhook with HTTPS 6mo 16d 6mo
kind/bug
lifecycle/rotten
recv
recv-q
7684 Add support for namespaced deployment
2mo 7d 2mo
kind/feature
pr-merged
recv
recv-q
similar
7492 `UseCertificateRequestBasicConstraints` should probably add `Critical` for `isCA` 6mo 2mo 6mo
contributor-last
recv
7486 `"Unhandled Error" err="ingress '...' in work queue no longer exists"` should be handled (clean up dangling `Certificate`)
5
6mo 2mo 6mo
kind/bug
contributor-last
recv
recv-q
7476 [Helm Chart] - Wrong handling of image registry and repository
2
6mo 2mo 6mo
kind/bug
author-last
recv
recv-q
7463 Set "ownerReference" for generated Secret via Go-SDK 7mo 13d 7mo
lifecycle/rotten
contributor-last
recv
recv-q
7422 Please provide standalone helm chart for CRDs
9
7mo 1mo 7mo
kind/feature
recv
7388 Kid missing in the new order request
8mo 6wk 8mo
kind/bug
recv
recv-q
7385 Failed calling webhook "webhook.cert-manager.io": Forbidden 8mo 1d 8mo
kind/bug
lifecycle/rotten
contributor-last
recv
recv-q
6184 Conflicting ingressClassName http01 issuer spec and acme.cert-manager.io/http01-ingress-class annotation
13
2y 3wk 2y
kind/bug
recv
recv-q
similar
7438 certificate not updated after enabling SSA 7mo 6wk 7mo
kind/bug
author-last
recv
6010 Support the ACME Renewal Information (ARI) extension
2
2y 5wk 5wk
kind/feature
author-last
commented
recv
recv-q
5904 Support Azure Private DNS Zones for DNS Challenge
4
5
18
2y 1d 1d
kind/feature
commented
contributor-last
recv-q
send
5864 Certmgr allows creating certificates expiring after ca expiration.
4
22
2y 2d 5mo
lifecycle/frozen
kind/bug
commented
contributor-last
pr-new-commits
send
5566 upload Helm charts to OCI registry and sign them with cosign
4
44
2y 4wk 2mo
kind/feature
commented
pr-merged
recv-q
send
4749 rfc2136 seems to not work with deep subdomains
3y 3wk 3y
kind/bug
area/acme/dns01
recv
recv-q
4349 allowing greater configuration for the cloud provider tests
3y 3y 3y
lifecycle/frozen
kind/feature
commented
contributor-last
send
7473 Create certificate based on HTTPRoute configuration
16
2
38
6mo 2mo 3mo
kind/feature
commented
pr-approved
pr-unreviewed
send
7688 Feature Request: Vertical Pod Autoscaler Support for cert-manager
3
2mo 2mo 2mo
kind/feature
contributor-last
pr-new-commits
recv
recv-q
similar
6622 `make update-licenses` is non-deterministic.
2y 4wk 4wk
kind/bug
commented
member-last
pr-merged
pr-unreviewed
6312 Report issuer/clusterissuer status as a metric
14
2y 2mo 3mo
kind/feature
commented
pr-unreviewed
send
6160 Helm Chart global repository
2
2y 5mo 5mo
lifecycle/frozen
commented
member-last
pr-reviewed-with-comment
send
1715 The ingress annotation `cert-manager.io/secret-template` is not documented
4wk 4wk
contributor-last
1692 Restoring from backup removes essential uid in ownerReferences, breaking Ingress-Certificate relationship 1mo 1mo 1mo
author-last
recv
1643 Let's Encrypt Ending Support for Notification Emails 5mo 5mo 5mo
recv
1625 Configuration issue potentially leading to a memory leak 5mo 5mo 5mo
recv
1623 Claim about v1beta1/v1alpha2 support for gateway api is misleading 5mo 5mo 5mo
recv
1620 Cert Manager allows the creation of Illegal wilcard SANs 6mo 6mo 6mo
recv
1609 Azure DNS Documentation Update
7mo 6mo 7mo
author-last
recv
recv-q
similar
1608 Renaming Securing NGINX-ingress to ingress-nginx 7mo 7mo 7mo
recv
similar
1695 Create redirects for cert-manager annotations 7wk 7wk 7wk
pr-new-commits
recv
similar
1586 Now that cert-manager 1.16 has been released, `--set config.enableGatewayAPI=true` is now the recommended approach for projects that show instructions on how to enable cert-manager's gateway API support, especially on visible projects like Cilium:
9mo 9mo
pr-merged
1585 Broken install instructions due wrong cert_manager_latest_version - v1.16.1 9mo 9mo 9mo
recv
1552 Broken inbound link from IBM 10mo 10mo 10mo
recv
1546 Self upgrade PRs don't run checks
10mo 10mo 10mo
commented
member-last
1490 GKE tutorial falsely claims it's possible to create LE certificate without domain (only IP) 1y 8mo 1y
author-last
recv
1388 Create a section for sane `Certificate` defaults
2y 2y
1261 Switch to Docusaurus? 2y 2y
1596 Wrong key for cloudflare secret ref in DNS Validation tutorial page 8mo 8mo 8mo
recv
1241 Remove Bitnami kubeprod as installation method 2y 2y 2y
recv
1168 Rendering issues for generated API docs
2y 2y 2y
commented
member-last
pr-merged
1257 ErrRegisterACMEAccount 2y 2y 2y
recv
1062 Document process for offboarding maintainers 2y 2y 2y
recv
similar
998 Documentation venafi configuration references venafi documentation page which returns 403 3y 2y 3y
contributor-last
recv
993 Document which resources do/do not get garbage collected 3y 3y 3y
good first issue
contributor-last
recv
1054 Run spell checker in a pre-commit hook 2y 2y 2y
good first issue
kind/cleanup
recv
944 Document how to install cert-manager in a different namespace
3
3y 1y 3y
good first issue
recv
recv-q
866 Securing NGINX-ingress 3y 3y 3y
recv
similar
847 missing documentation/information olm based installation metric prometheus 3y 3y 3y
contributor-last
recv
836 Syncing Secrets Across Namespaces
3y 3y 3y
recv
841 remove dependency on golang from cmctl and kubectl-plugin installation documentation
3y 3y 3y
contributor-last
pr-merged
recv
recv-q
776 Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret 3y 3y 3y
commented
member-last
send
706 Default key usages 3y 3y 3y
recv
697 [IRSA] Needs `runAsUser: 1001`
3y 9mo 9mo
commented
member-last
pr-merged
send
693 Azure DNS pod identity incorrectly documents principal_id 3y 2y 3y
author-last
commented
recv
recv-q
672 List required Google CloudDNS permissions exhaustively 3y 3y 3y
recv
662 Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"
4y 3y 4y
recv
642 Move/ link to Webhook debugging docs 4y 4y
604 Make it so that it is easier to find the doc for fixing webhook issues 4y 3y 4y
contributor-last
recv
583 cert-manager with ZeroSSL
45
4y 3y 3y
commented
send
568 Add a diagram for LetsEncrypt cert issuance flow to the docs
4
4y 4y 4y
recv
561 Certificate Resources 4y 4y 4y
recv
similar
554 HTTP Validation, privateKeySecretRef
4y 4y 4y
contributor-last
recv
549 Effort towards a more user-friendly website 4y 4y
543 Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates
4
4y 4y 4y
commented
member-last
send
1125 Describe cert-manager feature policy 2y 2y 2y
contributor-last
recv
recv-q
532 Rework of the landing page (cert-manager.io)
3
4y 3y 4y
help wanted
good first issue
commented
member-last
send
469 DNS01: Delegated Domains for DNS01 example yaml solvers list items 4y 4y 4y
recv
466 installation/compatiblity 4y 4y 4y
recv
457 cainjector docs are missing the option to inject certs in apiservice resources
4y 4y 4y
recv
425 Document ocspServers 4y 4y 4y
kind/documentation
commented
member-last
386 Uninstalling on Kubernetes - How to delete all those user created resources?
4y 4y 4y
contributor-last
recv
326 Securing Ingresses with Venafi 4y 4y 4y
contributor-last
recv
similar
295 Route53 4y 4y 4y
kind/documentation
commented
member-last
send
542 Document the Istio VirtualService HTTP01 configuration options 4y 4y
868 Document RBAC 3y 3y 3y
contributor-last
recv
similar
844 Document feature gates 3y 3y 3y
recv
similar
758 API reference docs: enum values not documented with typedef 3y 3y 3y
recv
1061 Document onboarding process for new maintainers 2y 2y 2y
recv
similar
79 Design for partial automation of release process 3y 3y 3y
commented
member-last
send
42 Publish latest release number as part of creating a final release
3y 3y 3y
commented
member-last
send
31 Move the manual steps of our release process to cmrel commands
4y 3y 3y
commented
member-last
pr-closed
19 Incorrect command line help: should include a --branch argument 4y 4y 4y
kind/cleanup
commented
contributor-last
516 Add PodDisruptionBudget to helm chart 3mo 3mo 3mo
pr-unreviewed
recv
501 Error logs not very helpful 4mo 3mo 4mo
recv
431 istio-csr pod healthz check fails for long time in v0.11.0 and v0.12.0 8mo 7mo 8mo
recv
recv-q
413 Panic: runtime error on new installation 9mo 8mo 9mo
author-last
recv
recv-q
287 Getting Readiness probe failed when using cert-manager-istio-csr 1y 1y 1y
author-last
recv
recv-q
similar
283 Document / improve that sometimes the issuer needs to set `ca.crt`
1y 1y
244 Populate Subject Fields in Certificate
1y 8mo 1y
recv
224 ClusterRole & ClusterRoleBindings for istio-csr 2y 2y 2y
recv
223 False positive warnings from trivy and dependabot
7
2y 1y
213 charts.jetstack.io beding cluster presents a challenge and breaks deployment 2y 2y 2y
recv
211 Add custom annotations to deployment
2y 2y 2y
pr-closed
pr-merged
recv
161 updating ConfigMap data doesn't stop
3y 3y 3y
contributor-last
recv
recv-q
155 Invalid certificate chain when using Vault with Intermediate CA 3y 2y 3y
recv
recv-q
197 add the compatibility matrix for Kubernetes versions to README 2y 2y 2y
recv
145 Not able to use Istio-CSR in istio(1.13.*)
3y 3y 3y
author-last
pr-closed
recv
141 Istio-csr pods were hung unable to handle request causes entire cluster downtime for new pods/expired pods. 3y 2y 3y
recv
recv-q
138 istio-csr doesn't retry upon failed certificate requests
3y 2y 3y
recv
137 Documentation on rotating the root certificate
3y 2mo 3y
recv
recv-q
153 It is possible to have several CAs within the same cluster.
3
3y 8mo 2y
commented
send
133 latest supported cert-manager version with cert-manager-istio-csr? 3y 3y 3y
contributor-last
recv
136 Document available metrics 3y 3y 3y
recv
similar
131 metrics to check certificate expiry for istio workloads ? 3y 3y 3y
contributor-last
recv
recv-q
130 Document best-practices for minimal vault role configuration for istio-csr 3y 2y 3y
recv
recv-q
118 E2E tests running against the wrong k8s version
3y 3y
108 [doc] confusion with `ca.pem` and Readiness probe failed on ingress and egress gateways 3y 3y 3y
author-last
recv
recv-q
106 Helm chart is failing with "certificate.spec.revisionHistoryLimit" issue 3y 3y 3y
contributor-last
recv
similar
87 Failing to integrate with GCP CAS
3y 3y 3y
contributor-last
recv
recv-q
84 csr readiness probe failed, istio ingress pod also failed
2
3y 1y 3y
support
recv
recv-q
similar
83 commonName required for AWS PCA 4y 3y 4y
recv
recv-q
64 Is there way to hot restart envoy proxy using istio-csr? I'm trying to renew root certificate by changing the istio-ca secret manually. The workload does not pick the new root certificate unless I delete the workload pods 4y 4y 4y
recv
recv-q
53 Generate workload certificates with DNS in the SAN 4y 4y 4y
recv
recv-q
94 Can't get aws pca to work 3y 3y 3y
recv
117 public ca.crt aka caBundle is not being updated/propagated until the cert-manager and istiod components are restarted 3y 3y 3y
recv
176 certificateDuration is not used for the Istio CSR generated certificate requests 2y 7mo 2y
pr-closed
pr-reviewed-with-comment
recv
recv-q
similar
534 helm value app.certmanager.additionalAnnotations interprets "JSON like" string as json and cannot render mainfests 2mo 2mo 2mo
author-last
pr-unreviewed
recv
113 Integrating with istio helm chart installs
15
3y 9mo 3y
recv
recv-q
638 Approver cannot find applicable policy 7wk 1d 7wk
recv
466 Document How to Configure Common Scenarios 1y 1y 1y
recv
452 CRDs in the Release files
3
1y 1y 1y
recv
559 Flakey Tests in pull-cert-manager-approver-policy-test 6mo 6mo 6mo
recv
similar
394 Limit number of SANs by policy
1y 1y 1y
contributor-last
recv
288 Feature: Take control of approval for the whole cluster
2
2y 1y 1y
commented
member-last
271 Include binary artifacts your releases. 2y 2y 2y
recv
216 Simplify configuration by creating RBAC by default
2
2y 3mo
help wanted
contributor-last
pr-merged
pr-unreviewed
recv-q
203 Improve CRD fields for specifying key requirements
3
2y 7mo
contributor-last
recv-q
449 Rotation Policy Constraint 1y 7mo 1y
contributor-last
recv
recv-q
61 Flakey Tests in pull-cert-manager-approver-policy-verify
3y 3y
kind/bug
pr-merged
similar
169 Webhook Custom CA 2y 2mo 2y
help wanted
contributor-last
recv
recv-q
641 Feature Request: Optional Sources in Bundle Configuration
2
3wk 3wk 3wk
author-last
recv
645 Unable to pass helm lint due to certificate yaml stripping too much whitespace 17d 17d 17d
contributor-last
recv
recv-q
629 The crds is not installed automatically when trust-manager is a sub-chart 2mo 4d 2mo
recv
recv-q
588 Add ability to monitor validity period for CAs in bundle
4
3mo 2mo 3mo
kind/feature
help wanted
contributor-last
recv
recv-q
465 Installing trust-manager just after installing cert-manager makes it FAIL forever 8mo 1d 3mo
lifecycle/stale
commented
contributor-last
send
301 Add support for kubectl installation 1y 6mo 1y
lifecycle/frozen
author-last
commented
open-milestone
recv
recv-q
similar
592 Feature: ClusterTrustBundle as Sources
2mo 2mo
contributor-last
similar
591 Feature: ClusterTrustBundle as Target
4
2mo 2mo
contributor-last
pr-merged
similar
222 [Feature] - Ability to inject a CA cert into a cert-manager managed secret resource
16
2y 2d 2d
commented
contributor-last
pr-merged
recv-q
205 Allow to select multiple "trust" namespaces
34
2y 9d 2y
recv
recv-q
142 expose bundles CRD as release artifact
10
2y 11h 2y
recv
recv-q
242 New version of Bundle API
2
4
2y 2mo 2y
lifecycle/frozen
commented
pr-merged
pr-new-commits
pr-unreviewed
recv
131 Feature: per namespace trust bundle
4
2y 7d 2y
lifecycle/frozen
contributor-last
recv
recv-q
63 nit: Rename "Bundle" to "ClusterBundle"
16
2y 7d 2y
lifecycle/frozen
commented
contributor-last
open-milestone
pr-merged
send
574 Add a top level variable called `enabled` to the Helm chart schema 3mo 16d 3mo
help wanted
good first issue
author-last
pr-unreviewed
recv
recv-q
39 Don't sync targets to all namespaces by default
8
3y 2mo 8mo
lifecycle/frozen
commented
contributor-last
open-milestone
pr-merged
send
4 Feature: By default, require only self-signed certificates in a bundle
4y 7d 7d
kind/feature
help wanted
good first issue
commented
contributor-last
recv-q
99 Allow removing Bundles whilst keeping the synced CA certs
5
2y 2mo 2y
lifecycle/frozen
contributor-last
pr-unreviewed
560 Support rotated certificate sources
24
4mo 9d 4mo
recv
recv-q
similar
245 Split Bundle controller into multiple controllers
2y 6mo 6mo
lifecycle/frozen
commented
member-last
pr-unreviewed
send
243 More flexible and better organized target specification in API
4
2y 2mo 2y
lifecycle/frozen
commented
contributor-last
pr-merged
recv
recv-q
60 overriding trusted namespace
8
14
2y 2mo 11mo
commented
contributor-last
recv-q
send
204 clarify SetCAOnCertificateRequest deprecation status 6mo 3wk 3wk
commented
member-last
send
similar
231 ### Question about Configuring Retries in cert-manager 3mo 3mo 3mo
recv
385 Helm Install of cert-manager-csi-driver Fails on Minikube with /dev/bus/usb Errors 3mo 3mo 3mo
author-last
recv
371 Specify private key algorithm/size
4mo 2mo 4mo
pr-unreviewed
recv
267 Does cert-manager-csi-driver support AWS EKS with AWS Fargate nodes? 1y 1y 1y
recv
171 E2E Test Cleanup 2y 2y 2y
good first issue
commented
member-last
353 mismatch between the key and the certificate signature algorithm
6mo 6mo 6mo
recv
134 Volume empty
4
2y 2y 2y
recv
130 JKS support
5
2y 1y 2y
recv
recv-q
125 Is it too late to align cert-manager annotations?
2y 2y 2y
recv
similar
119 Certificate is re-requested when container restarts 2y 2y 2y
recv
similar
116 Does csi-driver support Wìndows nodes? 2y 2y 2y
contributor-last
recv
74 Investigate and change the default mounted host path for driver 3y 3y 3y
recv
33 New key being used with old certificate 4y 4y 4y
recv
383 [Feature Request] Adding attributes that available in Certificate CRD to CSI Driver
3mo 3mo 3mo
recv
26 Cannot `chmod` a read only filesystem
14
5y 3y 5y
pr-closed
recv
recv-q
21 MountVolume.SetUp failed: cannot set blockOwnerDeletion: cannot find RESTMapping for APIVersion core/v1 Kind Pod 5y 5y 5y
recv
17 ability to specify pod IP in volume attributes
7
5y 7mo 5y
commented
recv
recv-q
264 Certificate renewal doesn't change file 'modified date'
1y 1y 1y
recv
256 Broken comma-separated splitting logic 1y 1y
241 Missing cert-manager.io/revision-history-limit volume attributes for CSI-Driver
5
1y 1y 1y
recv
136 SubPath support is broken or missing 2y 2y 2y
recv
29 Deleting a pod with a cert-manager-csi volume mounted results in the pod termination hanging. 4y 4y 4y
recv
42 Intermittent csi-driver-spiffe failure: Unable to mount cert 2y 2y 2y
commented
member-last
send
128 Incorrect logger initialisation 1y 1y
39 csi-driver-spiffe vs csi-driver
5
2y 2y 2y
commented
member-last
send
38 Add Envoy Secret discovery service (SDS) support 2y 2y 2y
recv
41 The default `csiDataDir` value might collide with csi-driver 2y 2y
19 Add support for certificate expiry configuration
6
2y 2y 2y
recv
204 Support for creating certificate for wildcard route 10d 10d 10d
recv
similar
58 certificate cannot be renewed, error message: "key does not match certificate"
4
1y 1y 1y
recv
recv-q
116 Release static manifests (no helm) for v0.6.0-alpha.0+
8mo 8mo 8mo
recv
54 Same certificate in path based Routes
2
2y 4mo 2y
pr-closed
recv
46 Ability to configure CertificateRequest revision history limit
2
2y 2y 2y
recv
similar
38 Route with cert-manager annotations is not created
4
2y 5wk 2y
commented
send
similar
26 Missing CONTRIBUTING.md
2y 2y 2y
recv
14 Annotation generates CertificatesRequests repeatedly until blocked by letsencrypt 2y 2y 2y
commented
member-last
send
similar
13 Can the plugin be configured to use a wildcard certificate?
2
2y 2y 2y
pr-closed
recv
recv-q
12 Does this plugin support DNS validation? 2y 2y 2y
recv
174 Standby Replicas without lease use lots of CPU 3mo 3mo 3mo
recv
56 Support for destinationCaCertificate / Reencrypt Routes
1y 1y 1y
recv
similar
70 OLM deployment with ArgoCD is OutOfSync
3y 2y 2y
commented
send
46 Cert-manager operator fails to issue certificates 3y 3y 3y
recv
17 Operator prevents passing extraArgs helm value
7
4y 2y 4y
recv
recv-q
22 Customize the deployment of cert-manager installed via OLM
5
6
4y 9mo 3y
commented
recv
recv-q
40 Optional auto rotating/renewing certificates 2y 1y 2y
contributor-last
recv
recv-q
74 Consistency issues due to the use of mount binds 7mo 7mo 7mo
author-last
commented
recv
recv-q
8 Drivers can create CertificateRequests for pods that don't exist in very rare edge cases 4y 4y
contributor-last
56 Struggling to get controller running in local KIND cluster
4mo 2mo 2mo
commented
member-last
send
62 Limit the controller-manager to access secrets only from specific namespace 5wk 5wk 5wk
recv
63 Is it possible to only create Issuer and remove the CluserIssuer 5wk 5wk 5wk
recv
122 asdf cmctl installer issues
2
9mo 9mo 9mo
author-last
commented
recv
128 cmctl always reports v0.0.0 in the user-agent header 9mo 4mo
691 Document how to test ProwJobs locally 3y 3y 3y
recv
653 Allow adding newly required presubmits that aren't run against older branches
3y 3y 3y
recv
626 Misconfiguration causing many errors in the hook logs 3y 3y
656 Try out rootless containers for running jobs
3y 3y
pr-closed
602 Image build jobs always appear to error 3y 3y 3y
recv
499 RBAC Rules for trusted prowjobs
2
4y 3y 4y
contributor-last
recv
593 Document how updates to job config files make it to the Prow cluster 3y 3y 3y
recv
520 Document how infra images are built
4y 4y 4y
pr-merged
recv
similar
492 Onboard with CertManager prow cluster for running CI tests for jniebuhr/aws-pca-issuer
2
4y 4y 4y
kind/feature
recv
700 Ensure optional periodics get run if relevant files change 3y 3y 3y
recv
295 `make generate-golangci-lint-config` clobbers local exclusions added to the local config. 5wk 5wk
202 Makefile Modules, Go Versions and Vendoring
9mo 9mo 9mo
commented
154 Publish SBOMs 1y 11mo 11mo
kind/feature
good first issue
commented
member-last
send
26 helm-tool inject adds trailing white space to the generated markdown 1y 1y
kind/bug
25 helm-tool inject sometimes omits the context (prefix) of commented out values in the generated markdown 1y 1y
kind/bug
contributor-last
51 reviewer confusion 3mo 3mo 3mo
commented
member-last
43 Allow non-Venafi employee maintainers full release capabilities
2
7mo 5mo 5mo
assigned
assignee-updated
commented
contributor-last
recv
35 Post-Graduation Suggestion Tracker
10mo 10mo 10mo
commented
member-last
pr-merged
80 How to deal with K8s timelimit in 30s ? 7mo 7mo 7mo
recv
74 Why cert-manager looks for a CNAME record instead of a TXT record? 11mo 11mo 11mo
recv
72 readyz and healthz api 1y 1y 1y
recv
49 cannot create resource "godaddy" in API group 2y 2y 2y
recv
recv-q
46 Code reference a pull request to be merged, but the pull request was closed by a robot 2y 2y 2y
recv
37 Add logging example
3y 1y 3y
pr-closed
recv
81 How to enable leader election in the webhook? 5mo 5mo 5mo
recv
10 How to add api key secret during testing
2
5y 4y 5y
pr-closed
recv
26 Guidance on how to deploy webhook solver into a kubernetes cluster
5
4y 2y 4y
pr-closed
pr-unreviewed
recv
recv-q
6 security description 6y 6y 6y
commented
member-last
send
2 Set up basic e2e test that deploys the webhook and ensures we can POST a challenge 6y 6y
8 Question: namespace to install the resources
5y 5y 5y
pr-closed
pr-unreviewed
recv
similar
8 Find solution for automatically disabled GitHub Actions 11mo 11mo
18 Feature: Git bundles? 3mo 3mo
1 Feature request: output a boilerplate file 2y 2y
197 Kubectl One-line Installation Support 10mo 8mo 8mo
commented
member-last
send
similar
94 admission webhook denied GoogleCASIssuer must be one of Issuer or ClusterIssuer
2y 2y 2y
recv
66 ClusterIssuer not responding to ingress annotations
3y 2y 3y
recv
recv-q
similar
162 Issue: Broken config when using commonLabels 1y 1y 1y
recv
57 README is slightly incomplete 3y 3y 3y
recv
148 Certificate chain is not split correctly
5
1y 1y 1y
author-last
pr-reviewed-with-comment
recv
recv-q
49 Should surface certificateAuthorityId more clearly in docs 3y 3y 3y
documentation
recv
133 Allow to use a custom Service Account
5
1y 11mo 1y
pr-unreviewed
recv
102 certificate renewal does not work in due to auth issue to privatecaapi end point 2y 8mo 2y
recv
85 can't get cas issuer to work doesn't matter which way I go with number of issues
2
2y 2y 2y
recv
65 Set revisionHistoryLimit to 1 to reduce load on the issuer 3y 8mo 8mo
author-last
commented
recv

Uncommented older than 7 days (256)

Resolution: Add a priority/ or triage/ label

Average age: 696.0d, Avg wait: 658.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7311 helm schema validation should validate `featureGates`
9mo 4wk 9mo
kind/feature
priority/backlog
lifecycle/stale
contributor-last
recv
recv-q
7301 Metrics for updated / patched certificates should be cleaned
9mo 8h 9mo
kind/bug
priority/awaiting-more-evidence
assigned
assignee-updated
contributor-last
recv
recv-q
7288 Missing UID in webhook challenge request 9mo 1mo 9mo
kind/bug
priority/backlog
author-last
recv
7267 `error finalizing order` message is light on details
2
10mo 2mo 10mo
priority/important-soon
contributor-last
recv
7218 cert-manager set don't fragment (DF) bit 11mo 7d 11mo
kind/bug
priority/important-longterm
lifecycle/stale
assigned
assignee-updated
contributor-last
recv
recv-q
7156 Consider exposing previous certificates/keys in the kubernetes secret so that workloads can implement a grace period when a certificate rotates
9
1y 19d 1y
kind/feature
priority/backlog
lifecycle/rotten
contributor-last
recv
7138 Failed to generate serving certificate
64
1y 7wk 1y
kind/bug
priority/important-soon
assigned
assignee-updated
pr-approved
pr-merged
recv
recv-q
6820 Ongoing dependency evaluation
1y 11mo 1y
lifecycle/frozen
priority/important-longterm
contributor-last
recv
6754 Schedule certificate renewal outside business hours
11
1y 7wk 1y
kind/feature
priority/important-longterm
pr-unreviewed
recv
recv-q
6741 ACME account private key and URI are not updated if the path of the ACME server is changed
5
1y 10mo 1y
lifecycle/frozen
kind/bug
priority/important-soon
contributor-last
recv
6472 Create TLSA records automatically
10
2y 2mo 2y
kind/feature
priority/backlog
author-last
recv
6229 Race condition when two identical certificate requests are made from different clusters
7
2y 16d 2y
help wanted
kind/bug
priority/important-longterm
lifecycle/rotten
area/acme/dns01
contributor-last
pr-merged
recv
recv-q
5917 Waiting for DNS-01 challenge propagation: DNS record for mydomain.com not yet propagated
38
2y 9d 2y
kind/bug
priority/important-longterm
assigned
assignee-updated
recv
recv-q
5783 Add k8s.io/client-go/applyconfigurations style *ApplyConfigurations for the included CRDs
2y 2mo 2y
kind/feature
priority/backlog
assigned
assignee-updated
contributor-last
pr-closed
recv
5751 Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together
2y 10mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
recv
recv-q
5540 Changelog annotations to chart 2y 2mo 2y
kind/feature
priority/backlog
author-last
recv
1549 Brand guideline page 10mo 10mo 10mo
priority/backlog
author-last
recv
1063 "Securing Ingresses with Venafi" tutorial contains link to missing manifest
2y 8mo 2y
priority/important-longterm
author-last
pr-merged
recv
1473 Add ArtifactHub packages to website 1y 10mo 1y
priority/backlog
recv
850 Document available cert-manager Prometheus metrics
3y 2y 3y
documentation
good first issue
priority/important-longterm
recv
recv-q
similar
354 DigitalOcean access-token should not be base64-encoded 4y 4y 4y
priority/awaiting-more-evidence
author-last
recv
recv-q
237 docs for ACMEChallengeSolverHTTP01Ingress doesn't specify what `class` values are available
5y 5y 5y
priority/backlog
kind/documentation
contributor-last
pr-closed
recv
232 Document keystored in usage/certificate 5y 5y 5y
priority/backlog
kind/documentation
contributor-last
recv
197 Document ACME account mismatch 5y 4mo 5y
good first issue
priority/backlog
kind/documentation
recv
recv-q
130 FAQ: How does cert-manager handle ingresses with valid TLS secrets? 5y 5y 5y
help wanted
priority/backlog
kind/documentation
contributor-last
recv
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 5y 5y 5y
priority/backlog
kind/documentation
contributor-last
recv
228 Documentation needs correction for external-account-bindings
5y 3mo 5y
good first issue
priority/backlog
kind/documentation
contributor-last
pr-merged
recv
33 Support CRDs as target
5
3y 2mo 3y
priority/backlog
contributor-last
recv
recv-q
297 Allow all resources to be namespaced
4
1y 4d 1y
lifecycle/rotten
priority/backlog
contributor-last
recv
recv-q
similar
58 Support injection pem into an existing configmap
8
2y 2mo 2y
priority/important-longterm
lifecycle/frozen
assigned
assignee-updated
contributor-last
pr-closed
pr-merged
pr-unreviewed
recv
3 Restrict operator RBAC permissions
5y 10mo 5y
priority/backlog
pr-merged
recv
33 Create e2e test to validate CertificateRequest garbage collection 2y 11mo 2y
priority/backlog
assigned
recv
83 As cmctl user, I want to use different kubectl context on command line ( --context='kubectl-context-abc' )
1y 11mo 1y
priority/important-longterm
recv
690 Clean up Presets
3y 10mo 3y
priority/backlog
pr-merged
recv
594 Document infra image bumps and versioning 3y 10mo 3y
priority/backlog
recv
similar
693 Set up periodics against 'previous previous' branch 3y 10mo 3y
priority/backlog
recv
63 make test prints the apiKey 1y 10mo 1y
priority/important-soon
recv
38 Set repository to be a GitHub template repository
3y 10mo 3y
priority/important-longterm
recv
218 previously listed items omitted

Important soon, but no updates in 90 days (17)

Resolution: Downgrade to important-longterm

Average age: 1050.7d, Avg wait: 106.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6709 1.14 Release Review
3
1y 10mo 1y
lifecycle/frozen
priority/important-soon
commented
contributor-last
send
5298 Complete the Migration Away From Jetstack Names 3y 10mo 1y
lifecycle/frozen
kind/cleanup
priority/important-soon
commented
member-last
send
3381 Setup separate package for cert-manager API
5
4y 5mo 9mo
lifecycle/frozen
kind/feature
priority/important-soon
assigned
assignee-updated
commented
contributor-last
send
2930 Mirror to gcr.io or dockerhub
2
29
5y 3mo 1y
lifecycle/frozen
kind/feature
priority/important-soon
area/deploy
assigned
assignee-updated
commented
contributor-last
send
6132 Checklist: CNCF Graduation
2y 9mo 9mo
lifecycle/frozen
priority/important-soon
commented
member-last
pr-unreviewed
5867 Controller can't handle hitting request rate limits of zerossl ACME API
7
12
31
2y 3mo 1y
lifecycle/frozen
kind/bug
priority/important-soon
commented
pr-closed
pr-merged
recv-q
send
1425 The `issuer.vault.spec.caBundleSecretRef` docs are missing 1y 11mo
priority/important-soon
1174 Document the docker images and how to find them
2y 2y 2y
good first issue
priority/important-soon
kind/documentation
commented
member-last
send
955 Document when the vault pki role required setting `require_cn=false`
3y 8mo
priority/important-soon
899 Upgrading from v1.7 to v1.8 check command should exclude null.
2
3y 8mo 8mo
priority/important-soon
commented
member-last
pr-approved
send
802 Spelling errors are unclear in pull request CI results and spell checker is unmaintained
3y 10mo
kind/bug
priority/important-soon
contributor-last
pr-merged
195 Document keystores 5y 2y 5y
priority/important-soon
kind/documentation
commented
contributor-last
send
174 Add documentation for CRD conversion webhook ca injection 5y 5y 5y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
127 cmctl version reports only the old CRD version if I upgrade cert-manager without including the CRDs 9mo 8mo
priority/important-soon
3 previously listed items omitted: #6741 #5751 #63

Important longterm, but no updates in 180 days (19)

Resolution: Downgrade to backlog

Average age: 1120.7d, Avg wait: 205.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6969 Should upgrade status managed fields from CSA to SSA when ServerSideApply feature gate enabled 1y 8mo 1y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
contributor-last
send
5959 `ImagePullBackoff` on `cm-acme-http-solver` pod, if using private registries
20
2y 8mo 2y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
contributor-last
recv-q
send
4950 General flakiness of our end-to-end suite
3
3y 11mo 3y
lifecycle/frozen
priority/important-longterm
kind/flake
commented
member-last
pr-closed
pr-merged
send
4191 Setting default values for Pod's "resources"?
7
4y 8mo 8mo
lifecycle/frozen
priority/important-longterm
commented
contributor-last
recv-q
send
2178 Handling 'unregistering' certificates from Venafi TPP
22
5y 1y 1y
lifecycle/frozen
kind/feature
priority/important-longterm
area/venafi
commented
member-last
send
4685 Unexpected EOF during watch stream event decoding: unexpected EOF -- possibly due to api server upgrades / restarts
11
3y 11mo 1y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
member-last
send
1194 Confusing paragraph - cert-manager integration. 2y 10mo 2y
documentation
priority/important-longterm
commented
member-last
send
1186 Document that/why we don't use Helm's CRD installation mechanism 2y 11mo 11mo
good first issue
priority/important-longterm
kind/documentation
assigned
assignee-updated
commented
member-last
send
975 Some pages do not make it clear what the user should read next 3y 8mo
priority/important-longterm
401 Bring tutorials up to date 4y 2y 2y
priority/important-longterm
commented
member-last
send
223 Document wildcard certificate tutorial 5y 5y 5y
priority/important-longterm
kind/documentation
commented
contributor-last
send
129 Increase e2e test timeouts 1y 10mo
priority/important-longterm
98 Document new release process for all repos 1y 11mo
priority/important-longterm
assigned
3 Make unit testing easier/make examples work
6y 10mo 3y
priority/important-longterm
commented
member-last
pr-closed
send
5 previously listed items omitted: #6820 #1063 #850 #83 #38

Pull Requests: Review Ready (69)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 144.8d, Avg wait: 95.7d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7642 fixes #7506: enable configurable max key/cert sizes, defaulting to original safe values introduced in #7401 3mo 4h 3mo
release-note
size/XL
area/api
kind/bug
kind/feature
needs-ok-to-test
dco-signoff: yes
area/testing
area/deploy
recv
recv-q
unreviewed
7853 Refactor Acme.Setup: get rid of confusing defer logic 14h 13h
size/L
release-note-none
kind/cleanup
area/acme
dco-signoff: yes
contributor-last
recv-q
unreviewed
7852 adds cli option configure ACME challange authorization timeout 1d 16h 1d
release-note
area/api
kind/feature
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
contributor-last
recv
recv-q
similar
unreviewed
7851 Use ginkgo context 1d 1d
release-note-none
kind/cleanup
size/XXL
dco-signoff: yes
area/testing
contributor-last
recv-q
reviewed-with-comment
7824 Add Azure Private DNS support to cert-manager 2wk 1d 2wk
release-note
area/api
kind/feature
needs-ok-to-test
size/XXL
area/acme
dco-signoff: yes
area/acme/dns01
area/deploy
contributor-last
recv
recv-q
reviewed-with-comment
7842 Use makefile modules for CRD generation 6d 2d 2d
release-note-none
area/api
kind/cleanup
size/XXL
area/acme
dco-signoff: yes
area/testing
area/deploy
commented
member-last
new-commits
7614 Lower the minimum certificate duration from 1 hour to 5 minutes 4mo 4d 4mo
release-note
size/S
area/api
kind/feature
needs-ok-to-test
dco-signoff: yes
contributor-last
recv
recv-q
unreviewed
7718 Switch to makefile modules completely (part 1) 2mo 6d 3wk
release-note-none
area/api
kind/cleanup
size/XXL
area/acme
dco-signoff: yes
area/testing
area/deploy
commented
member-last
new-commits
7805 fix: refactor challenge controller to be entirely non blocking 3wk 3wk 3wk
release-note
area/api
kind/bug
size/XXL
area/acme
dco-signoff: yes
area/testing
area/acme/dns01
area/acme/http01
area/deploy
contributor-last
recv
recv-q
similar
unreviewed
7289 Design proposal for delayed certificate activation 9mo 4wk 5mo
size/L
release-note-none
kind/design
needs-ok-to-test
dco-signoff: yes
commented
contributor-last
open-milestone
recv
recv-q
reviewed-with-comment
7733 fixes #5864: cert-manager CA to issue certs after verify with CA Certs Validity
2mo 5wk 5wk
size/L
release-note
kind/bug
kind/feature
dco-signoff: yes
ok-to-test
author-last
commented
new-commits
recv
recv-q
7702 Add option to only render CRDs from helm 2mo 5wk 2mo
size/L
release-note
kind/feature
needs-ok-to-test
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
unreviewed
7689 Add Vertical Pod Autoscaler
2
2mo 5wk 2mo
size/L
release-note
approved
kind/feature
dco-signoff: yes
ok-to-test
area/deploy
author-last
commented
new-commits
recv
recv-q
7439 helm: add checksum/config annotations 7mo 6wk 7mo
release-note-none
size/S
kind/feature
needs-ok-to-test
dco-signoff: yes
area/deploy
author-last
recv
recv-q
unreviewed
7583 Support for ACME servers that don't finalize within the ACME client finalizer retry window 4mo 7wk 4mo
release-note
kind/bug
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
author-last
recv
recv-q
unreviewed
7764 Doc: Add leaderElection.namespace recommendation 7wk 7wk 7wk
size/XS
release-note-none
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
contributor-last
recv
recv-q
unreviewed
7761 Helm: Fix naming format of tokenrequest RBAC resources 7wk 7wk 7wk
size/XS
release-note-none
kind/cleanup
needs-ok-to-test
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
unreviewed
7748 Design: "Image Configuration in Helm Chart"
2
1mo 1mo 1mo
size/L
release-note-none
kind/design
dco-signoff: yes
commented
contributor-last
new-commits
recv-q
7654 Implement fallback for git_version creation in forked environments 3mo 1mo 3mo
release-note-none
size/S
kind/cleanup
needs-ok-to-test
dco-signoff: yes
contributor-last
recv
recv-q
reviewed-with-comment
7726 [helm] Add IPv6 rules to the default network policy 2mo 2mo 2mo
release-note
size/S
kind/feature
dco-signoff: yes
ok-to-test
area/deploy
contributor-last
recv
recv-q
unreviewed
7537 feat: Added support for unhealthyPodEvictionPolicy to PDBs 5mo 2mo 5mo
release-note
kind/feature
size/M
dco-signoff: yes
ok-to-test
area/deploy
contributor-last
recv
recv-q
reviewed-with-comment
similar
7728 Add unhealthyPodEvictionPolicy to supported PDB options
2mo 2mo 2mo
release-note
kind/feature
needs-ok-to-test
size/M
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
similar
unreviewed
7725 chore: allow additional properties in Helm setup #7668
2
2mo 2mo 2mo
size/XS
release-note-none
needs-ok-to-test
dco-signoff: no
area/deploy
needs-kind
contributor-last
recv
recv-q
unreviewed
1723 Update documentation example for `preferredChain` 17d 17d 17d
size/XS
dco-signoff: yes
recv
recv-q
unreviewed
1721 Remove whitespace-nowrap from Toc component 3wk 3wk 3wk
size/XS
dco-signoff: yes
recv
recv-q
unreviewed
1716 Bump next from 14.2.28 to 14.2.30 in the npm_and_yarn group across 1 directory 3wk 3wk 3wk
dco-signoff: yes
size/M
dependencies
javascript
recv
recv-q
unreviewed
1696 Create redirects for cert-manager annotations
4
7wk 4wk 4wk
dco-signoff: yes
size/XL
commented
contributor-last
new-commits
recv
1589 Apply change proposed in issue 899 8mo 6wk
size/XS
dco-signoff: yes
approved
contributor-last
recv-q
1694 enhance restore cert-manager resources 1mo 1mo 1mo
dco-signoff: yes
size/S
recv
recv-q
unreviewed
1607 Document Log Level settings. Document DNS01 delegation using multiple providers. 7mo 7mo 7mo
dco-signoff: yes
size/M
recv
recv-q
unreviewed
1728 [CI] Merge self-upgrade-master into master 5d 21h 5d
dco-signoff: yes
size/L
skip-review
recv
recv-q
similar
unreviewed
1602 acme troubleshooting: how to fix errored challenges 7mo 7mo 7mo
size/XS
dco-signoff: yes
recv
recv-q
unreviewed
1259 Fixed Azure Workload identity doc 2y 2y 2y
dco-signoff: yes
size/S
recv
unreviewed
1587 Custom Certificate Support for cert-manager Webhook Endpoint 9mo 9mo 9mo
dco-signoff: yes
size/S
recv
recv-q
unreviewed
200 Bump the all group across 1 directory with 12 updates 4mo 4mo 4mo
dco-signoff: yes
needs-ok-to-test
size/L
dependencies
go
contributor-last
recv
recv-q
unreviewed
569 Bump github.com/cert-manager/cert-manager from 1.18.1 to 1.18.2 in the all group 7d 23h 7d
dco-signoff: yes
size/XS
needs-ok-to-test
dependencies
go
contributor-last
recv
recv-q
similar
unreviewed
537 fix: make handling of additionalAnnotations more robust
2
2mo 6wk 2mo
dco-signoff: yes
size/XS
needs-ok-to-test
author-last
recv
recv-q
unreviewed
517 Add `PodDisruptionBudget` to helm chart 3mo 3mo 3mo
dco-signoff: yes
size/M
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
469 Add app.server.certificateDuration 6mo 6mo 6mo
dco-signoff: yes
size/M
needs-ok-to-test
contributor-last
recv
recv-q
reviewed-with-comment
649 build(deps): bump github.com/cert-manager/cert-manager from 1.18.1 to 1.18.2 in the all group 8d 9h 8d
dco-signoff: yes
size/XS
needs-ok-to-test
dependencies
go
contributor-last
recv
recv-q
similar
unreviewed
628 Grant cert-manager RBAC to use all policies by default 2mo 2mo 2mo
dco-signoff: yes
size/M
commented
contributor-last
recv
recv-q
unreviewed
648 refactor: dedicated struct for building source data 6d 6d 6d
dco-signoff: yes
size/L
contributor-last
recv
recv-q
unreviewed
558 feat(helm-chart): add ability to set pod level security context 4mo 2mo 4mo
dco-signoff: yes
ok-to-test
size/S
contributor-last
recv
recv-q
unreviewed
475 Replace webhook validations with CEL validation
7mo 2mo 7mo
dco-signoff: yes
size/XL
commented
contributor-last
new-commits
recv
recv-q
188 Remove SetCertificateRequestConditionError 7mo 17d
dco-signoff: yes
size/XL
contributor-last
recv-q
unreviewed
404 Add support for ECDSA and Ed25519 algorithms, make key size configurable 2mo 15d 2mo
dco-signoff: yes
size/L
needs-ok-to-test
recv
recv-q
unreviewed
425 Bump golang.org/x/sync from 0.15.0 to 0.16.0 in the all group 10h 10h 10h
dco-signoff: yes
size/XS
needs-ok-to-test
dependencies
go
contributor-last
recv
recv-q
unreviewed
148 limit-namespaces for namespace-scope deployments
5mo 5mo 5mo
dco-signoff: no
size/S
needs-ok-to-test
author-last
recv
recv-q
unreviewed
203 Bump the all group across 1 directory with 6 updates 3wk 16min 3wk
dco-signoff: yes
size/M
dependencies
go
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
73 Support prometheus metrics 7mo 2wk 4wk
size/XXL
dco-signoff: yes
ok-to-test
commented
contributor-last
recv
reviewed-with-comment
71 Refactor filesystem.go and adapt tests to use a real file system 7mo 6d 6d
dco-signoff: yes
size/L
commented
member-last
reviewed-with-comment
58 Upgrade golangci-lint to the latest version 2mo 2mo 2mo
dco-signoff: yes
size/M
contributor-last
recv
recv-q
reviewed-with-comment
59 Update dependencies and the Go version 2mo 2mo 2mo
dco-signoff: yes
size/L
contributor-last
new-commits
recv
recv-q
250 Bump the all group across 1 directory with 2 updates 23min 23min 23min
dco-signoff: yes
needs-ok-to-test
size/M
dependencies
go
contributor-last
recv
recv-q
unreviewed
1103 Drop separate licenses check on master 1d 1d
dco-signoff: yes
size/M
contributor-last
recv-q
unreviewed
1088 Update k8s-infra-prow images, cert-manager-infra-images images as needed 2mo 23h 2mo
dco-signoff: yes
size/M
contributor-last
recv
recv-q
unreviewed
1102 Stale bot: staleness after 1 year, close after 2 years 2d 2d 2d
dco-signoff: yes
size/S
commented
member-last
unreviewed
293 Add Helm chart image baking 1mo 1mo
dco-signoff: yes
size/S
contributor-last
recv-q
similar
unreviewed
55 feat: add test module 1y 1y 1y
dco-signoff: yes
size/M
author-last
commented
recv
reviewed-with-comment
104 Add Chart image baking 1mo 1mo
dco-signoff: yes
size/L
contributor-last
recv-q
similar
unreviewed
64 Add imagePullSecrets to template 1y 1y 1y
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
79 Bump github.com/cert-manager/cert-manager from 1.15.1 to 1.15.4 in the go_modules group across 1 directory 7mo 7mo 7mo
size/XS
dco-signoff: yes
needs-ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
59 cleanup: remove unused NOTES.txt file 2y 2y 2y
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
1 Manage the cert-manager GitHub organisation from this repo 1y 11mo 1y
dco-signoff: yes
size/XXL
commented
member-last
unreviewed
4 Add support for custom license templates 2y 2y
dco-signoff: yes
size/S
contributor-last
unreviewed
282 Bump the all group across 1 directory with 7 updates 15h 15h 15h
size/M
dependencies
go
dco-signoff: yes
contributor-last
recv
recv-q
unreviewed
143 feat: allow creating or reusing an existing sa 1y 7wk 1y
ok-to-test
recv
recv-q
unreviewed
278 [CI] Merge self-upgrade-main into main 3wk 21h 3wk
size/L
skip-review
dco-signoff: yes
contributor-last
recv
recv-q
similar
unreviewed
141 re-adding required clusterrole permission 1y 5mo 1y
size/XS
author-last
recv
unreviewed

Unkinded Issues (288)

Resolution: Add a kind/ or triage/support label

Average age: 815.7d, Avg wait: 522.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6799 ACME challenges stopped working after 1.13/1.14 update
1y 5wk 1y
priority/critical-urgent
commented
recv
recv-q
3992 Add non-CRD yaml file
4
4y 7wk 11mo
priority/important-soon
area/deploy
author-last
commented
recv
6179 CRDs shouldn't be templated in Helm
5
28
2y 17d 2y
priority/backlog
lifecycle/rotten
commented
contributor-last
recv
recv-q
1262 v1.9 to v1.10 upgrade instructions does not mention container name change
2y 4mo 11mo
priority/backlog
assigned
assignee-updated
commented
member-last
send
1101 Feature request for updating documentation. 2y 10mo 10mo
priority/backlog
commented
member-last
send
similar
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
5
4y 2y 4y
documentation
help wanted
priority/backlog
commented
pr-merged
recv-q
2 Set up periodic job to publish an experimental release build
5y 4y
priority/backlog
assigned
contributor-last
650 Pod goes out of readiness 5d 5d 5d
recv
45 Unable to mount and read only file error
5
3y 10mo 10mo
priority/awaiting-more-evidence
commented
send
132 Investigate test timeouts 1y 10mo
priority/backlog
60 Support prometheus metrics
2y 8mo 8mo
priority/backlog
commented
member-last
pr-reviewed-with-comment
send
81 Configuring Peribolos for Github org management 6y 10mo 10mo
priority/backlog
commented
member-last
send
3 Migrating all cert-manager sub-projects to "Makefile modules" 2y 17d 17d
priority/backlog
commented
member-last
27 failed with: OpenAPI spec does not exist
2
6
4y 10mo 2y
priority/critical-urgent
commented
pr-closed
pr-unreviewed
send
274 previously listed items omitted

Unprioritized Recent Issues (314)

Resolution: Add a priority/ or triage/ label

Average age: 686.0d, Avg wait: 453.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7845 ClusterIssuer.cert-manager.io "letsencrypt" is invalid: spec.acme.privateKeySecretRef: Required value...
5
3d 3d 3d
kind/bug
author-last
recv
7849 dns-update (rfc2136) over TCP (rfc1035) 1d 1d 1d
kind/feature
recv
7846 ClusterIssuer.Status.Acme.URI disappeared 1d 1d 1d
kind/bug
recv
311 previously listed items omitted

Uncommented Recent Issues (4)

Resolution: Add a comment

Average age: 2.9d, Avg wait: 2.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4 previously listed items omitted: #7849 #7846 #7845 #650

New, has multiple reactions, but not important-soon (1)

Resolution: Check if issue should be prioritized as important-soon

Average age: 3.2d, Avg wait: 2.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7845 ClusterIssuer.cert-manager.io "letsencrypt" is invalid: spec.acme.privateKeySecretRef: Required value...
5
3d 3d 3d
kind/bug
author-last
recv
New, has multiple commenters, but not important-soon: No matching items

needs information, has update (1)

Resolution: Comment and remove triage/needs-information tag

Average age: 104.8d, Avg wait: 100.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7643 jkspassword.txt file in secret is having default password 3mo 2mo 3mo
kind/bug
triage/needs-information
commented
contributor-last
recv
recv-q

Recently updated issue has a question (1)

Resolution: Add an answer

Average age: 62.8d, Avg wait: 20.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
629 The crds is not installed automatically when trust-manager is a sub-chart 2mo 4d 2mo
recv
recv-q
Triage Party v1.4.0