queue to be emptied once a day

Unprioritized issues older than 7 days (308)

Resolution: Add a priority/ or triage/ label

Average age: 678.1d, Avg wait: 447.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7772 Reviewing the use of https://github.com/SSLMate/go-pkcs12 12d 8d 12d
kind/feature
contributor-last
recv
recv-q
7766 Certificate: Let me specify the concatenation order for CombinedPEM output format 3wk 3wk 3wk
kind/feature
author-last
recv
recv-q
7760 Is the zone responsible for a domain changes, cert-manager will not pick it up 3wk 3wk 3wk
kind/bug
author-last
recv
7779 RevisionHistoryLimit should follow Kubernetes definition 10d 10d 10d
recv
similar
7755 cert-manager-challenges Error presenting challenge: expected array of Record 4wk 3wk 4wk
recv
recv-q
7749 Http and PROXY protocol
4wk 4wk 4wk
recv
7747 [suggestion] Add Kustomize install documentation 4wk 4wk 4wk
kind/feature
author-last
recv
recv-q
7751 Custom key usage extensions 4wk 4wk 4wk
kind/feature
recv
7717 After uninstalling cert-manager, ingress resources can still only be accessed via https 6wk 6wk 6wk
recv
7716 Don't have CRD for `ControllerConfiguration`. 6wk 6wk 6wk
commented
member-last
send
7699 Adding Helm Unittest to all certmanager projects 7wk 7wk 7wk
assigned
assignee-updated
contributor-last
recv
7691 Why is the value of the certificate expiration time captured in blackbox different from the value of the certificate expiration time exposed by certmanager 1mo 1mo 1mo
contributor-last
recv
recv-q
7741 Certmanager attempts infinite renewals if the Issuer Certificate read from Vault has expired
3
 5wk 4wk 4wk
kind/bug
commented
recv
7687 Webhook refusing connection even when Ready 2mo 2mo 2mo
kind/bug
recv
7685 ACME GCP CA - Error waiting for authorization 2mo 2mo 2mo
kind/bug
recv
7688 Feature Request: Vertical Pod Autoscaler Support for cert-manager
3
 2mo 1mo 2mo
kind/feature
contributor-last
pr-new-commits
recv
recv-q
7673 Support for acmesolver.tolerations/affinity/nodeSelector 2mo 2mo 2mo
kind/feature
author-last
recv
recv-q
7668 Allow custom values in Helm chart schema by relaxing additionalProperties: false
2
 2mo 2mo 2mo
recv
7660 cert-manager produces invalid (per RFC5280) certificates when `cert sign` usage is set along with another usage 2mo 4wk 2mo
kind/bug
contributor-last
recv
recv-q
7659 Challenge and resolver pod/ingress killed too soon
2mo 6wk 2mo
author-last
recv
7684 Add support for namespaced deployment
2mo 7wk 2mo
kind/feature
contributor-last
pr-merged
recv
similar
7649 [GKE][Cert-Manager]Document Might Need Implementation Details Update to GSA/KSA Integration 2mo 3d 2mo
kind/bug
author-last
recv
recv-q
7648 Solver selector issue 2mo 2mo 2mo
kind/bug
author-last
recv
7647 Support GatewayAPI's XGateway
2mo 2mo
kind/feature
7645 Support cross-signed intermediate CAs issued with Vault
2
 2mo 2mo 2mo
kind/feature
recv
7636 cermanager order in pending state 2mo 2mo 2mo
recv
7635 Mirroring bind9 image for e2e tests 2mo 2mo
7630 certmanager_http_acme_client_request_count is missed from the metrics?
2
 2mo 2mo 2mo
kind/bug
recv
7629 http01-override-ingress-class is not updated when Ingress annotation is updated 2mo 2mo 2mo
kind/bug
recv
7625 Clean install fails to create Issuer
4
 3mo 6wk 3mo
kind/bug
recv
recv-q
7656 Add multiple DNS provider resolvers to an single webhook not working 2mo 2mo 2mo
pr-unreviewed
recv
7610 Expose MaxFailures as a helm paramater for FileCertificateSource 3mo 8d 3mo
kind/feature
lifecycle/stale
contributor-last
recv
7594 Cloudflare delegated domains returns Found no Zones for domain _acme-challenge.mydomain.com
3mo 6wk 3mo
kind/bug
recv
7590 Allow issuer fallback
3mo 18d 3mo
lifecycle/stale
contributor-last
recv
7588 Allow setting secret type to value other than default kubernetes.io/tls
3mo 2mo 3mo
kind/feature
commented
recv
7587 Spaceship support 3mo 2wk 3mo
lifecycle/stale
contributor-last
recv
recv-q
7586 BookMyName support 3mo 2wk 3mo
lifecycle/stale
contributor-last
recv
recv-q
7585 Continuous access token requests when using Venafi TPP password/username authentication 3mo 3wk 3mo
kind/bug
lifecycle/stale
contributor-last
recv
7617 cert-manager-webhook fails to renew it's own certificate
11
 3mo 3wk 3mo
kind/bug
contributor-last
recv
recv-q
7581 Cert-manager is no longer triggered when multiple tls.hosts exists without secretName. 3mo 3wk 3mo
kind/bug
lifecycle/stale
contributor-last
recv
7580 CNameStrategy Follow not working with Cloudflare 3mo 2wk 3mo
lifecycle/stale
contributor-last
recv
7572 Certificate Issuance takes long time up to 50 minutes when attempting to create 40+ certificates
2
 4mo 2mo 4mo
recv
7561 Feature Request RFC: Push notifications from cert-manager to <other service> when certificates are issued 4mo 4wk 4mo
kind/feature
author-last
recv
7556 clockHealth check failed: livez
4mo 19d 4mo
author-last
recv
recv-q
7551 Unhelpful log messages 4mo 9d
contributor-last
7544 Self test of domain without acme ingress ready 4mo 12d 4mo
lifecycle/rotten
contributor-last
recv
7536 Digicert ACME order is failing due to invalid validity_years 4mo 6wk 4mo
author-last
recv
7531 punycode issue 4mo 6wk 4mo
author-last
recv
7522 Non standard "cert-manager.io" used in event "Reason" 4mo 7wk 4mo
kind/bug
contributor-last
recv
7578 cert-manager should not use domains it doesn't control
3mo 3wk 3mo
lifecycle/stale
contributor-last
pr-unreviewed
recv
7514 Replace some of the webhook functionality with `ValidatingAdmissionPolicy` & CEL 4mo 1mo 4mo
kind/feature
author-last
recv
7511 Issuing certificate as Secret does not exist
3
 4mo 4wk 4mo
lifecycle/rotten
contributor-last
recv
similar
7520 ClusterIssuer read caBundle from Secret
2
 4mo 7wk 4mo
kind/feature
contributor-last
pr-unreviewed
recv
7510 Key Size for Acme Account Key
4mo 6d 4mo
kind/feature
pr-new-commits
recv
7493 400 Bad response error prevents order finalization 5mo 3wk 5mo
kind/bug
lifecycle/rotten
contributor-last
recv
recv-q
7492 `UseCertificateRequestBasicConstraints` should probably add `Critical` for `isCA` 5mo 5wk 5mo
contributor-last
recv
7502 Failed to call webhook with HTTPS 5mo 3wk 5mo
kind/bug
lifecycle/rotten
contributor-last
recv
7486 `"Unhandled Error" err="ingress '...' in work queue no longer exists"` should be handled (clean up dangling `Certificate`)
5
 5mo 5wk 5mo
kind/bug
contributor-last
recv
recv-q
7476 [Helm Chart] - Wrong handling of image registry and repository
2
 5mo 7wk 5mo
kind/bug
author-last
recv
recv-q
7482 Cert-manager-startupapicheck job failed after migration from 1.15.x --> 1.16.x
5mo 3d 5mo
kind/bug
lifecycle/rotten
contributor-last
recv
recv-q
7463 Set "ownerReference" for generated Secret via Go-SDK 6mo 16d 6mo
lifecycle/stale
contributor-last
recv
recv-q
7473 Create certificate based on HTTPRoute configuration
14
33
 5mo 1mo 2mo
kind/feature
commented
pr-unreviewed
send
7444 non-acme api error: Context deadline exeeced
6
 6mo 2wk 6mo
kind/bug
author-last
pr-new-commits
recv
7438 certificate not updated after enabling SSA 6mo 2wk 6mo
kind/bug
author-last
recv
7416 Shorter retry period for failed issuance
3
 7mo 4d 7mo
kind/feature
lifecycle/rotten
contributor-last
recv
7388 Kid missing in the new order request
7mo 19d 7mo
kind/bug
recv
recv-q
7385 Failed calling webhook "webhook.cert-manager.io": Forbidden 7mo 4d 7mo
kind/bug
lifecycle/stale
contributor-last
recv
recv-q
7422 Please provide standalone helm chart for CRDs
7
 6mo 4wk 6mo
kind/feature
recv
6312 Report issuer/clusterissuer status as a metric
14
 2y 5wk 2mo
kind/feature
commented
pr-unreviewed
send
6184 Conflicting ingressClassName http01 issuer spec and acme.cert-manager.io/http01-ingress-class annotation
13
 2y 2mo 2y
kind/bug
recv
recv-q
similar
6160 Helm Chart global repository
2
 2y 4mo 4mo
lifecycle/frozen
commented
member-last
pr-reviewed-with-comment
send
6010 Support the ACME Renewal Information (ARI) extension
2y 9d 10d
kind/feature
author-last
commented
recv
recv-q
5904 Support Azure Private DNS Zones for DNS Challenge
4
4
16
 2y 5d 5wk
kind/feature
lifecycle/rotten
commented
contributor-last
recv-q
send
6622 `make update-licenses` is non-deterministic.
1y 7d 7d
kind/bug
commented
member-last
pr-merged
pr-unreviewed
5566 upload Helm charts to OCI registry and sign them with cosign
4
43
 2y 1d 7wk
kind/feature
commented
pr-merged
recv-q
send
4749 rfc2136 seems to not work with deep subdomains
3y 2mo 3y
kind/bug
area/acme/dns01
recv
recv-q
4349 allowing greater configuration for the cloud provider tests
3y 3y 3y
lifecycle/frozen
kind/feature
commented
contributor-last
send
5864 Certmgr allows creating certificates expiring after ca expiration.
4
22
 2y 4wk 5mo
kind/bug
commented
contributor-last
pr-new-commits
send
7700 Expose metrics regarding challenge status
7wk 3wk 7wk
kind/feature
assigned
assignee-updated
contributor-last
pr-new-commits
recv
recv-q
7765 Propagation tests fails when using IPv6 recursive DNS nameservers 3wk 3wk 3wk
kind/bug
recv
7506 Issues with new PEM maximum sizes
6
 5mo 2mo 5mo
kind/bug
pr-unreviewed
recv
recv-q
7768 Stuck in a loop with `multiple challenge solver pods found for challenge` 16d 16d 16d
kind/bug
recv
1692 Restoring from backup removes essential uid in ownerReferences, breaking Ingress-Certificate relationship 4wk 4wk 4wk
author-last
recv
1643 Let's Encrypt Ending Support for Notification Emails 4mo 4mo 4mo
recv
1625 Configuration issue potentially leading to a memory leak 4mo 4mo 4mo
recv
1695 Create redirects for cert-manager annotations 4wk 4wk 4wk
pr-new-commits
recv
similar
1620 Cert Manager allows the creation of Illegal wilcard SANs 5mo 5mo 5mo
recv
1623 Claim about v1beta1/v1alpha2 support for gateway api is misleading 4mo 4mo 4mo
recv
1609 Azure DNS Documentation Update
6mo 5mo 6mo
author-last
recv
recv-q
similar
1608 Renaming Securing NGINX-ingress to ingress-nginx 6mo 6mo 6mo
recv
similar
1596 Wrong key for cloudflare secret ref in DNS Validation tutorial page 7mo 7mo 7mo
recv
1585 Broken install instructions due wrong cert_manager_latest_version - v1.16.1 8mo 8mo 8mo
recv
1552 Broken inbound link from IBM 9mo 9mo 9mo
recv
1546 Self upgrade PRs don't run checks
9mo 9mo 9mo
commented
member-last
1490 GKE tutorial falsely claims it's possible to create LE certificate without domain (only IP) 1y 8mo 1y
author-last
recv
1388 Create a section for sane `Certificate` defaults
1y 1y
similar
1261 Switch to Docusaurus? 2y 2y
1241 Remove Bitnami kubeprod as installation method 2y 2y 2y
recv
1168 Rendering issues for generated API docs
2y 2y 2y
commented
member-last
pr-merged
1062 Document process for offboarding maintainers 2y 2y 2y
recv
similar
1061 Document onboarding process for new maintainers 2y 2y 2y
recv
similar
1054 Run spell checker in a pre-commit hook 2y 2y 2y
good first issue
kind/cleanup
recv
998 Documentation venafi configuration references venafi documentation page which returns 403 3y 2y 3y
contributor-last
recv
1125 Describe cert-manager feature policy 2y 2y 2y
contributor-last
recv
recv-q
993 Document which resources do/do not get garbage collected 3y 3y 3y
good first issue
contributor-last
recv
944 Document how to install cert-manager in a different namespace
3
 3y 1y 3y
good first issue
recv
recv-q
866 Securing NGINX-ingress 3y 3y 3y
recv
similar
868 Document RBAC 3y 3y 3y
contributor-last
recv
similar
847 missing documentation/information olm based installation metric prometheus 3y 3y 3y
contributor-last
recv
841 remove dependency on golang from cmctl and kubectl-plugin installation documentation
3y 3y 3y
contributor-last
pr-merged
recv
recv-q
836 Syncing Secrets Across Namespaces
3y 3y 3y
recv
776 Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret 3y 3y 3y
commented
member-last
send
758 API reference docs: enum values not documented with typedef 3y 3y 3y
recv
706 Default key usages 3y 3y 3y
recv
697 [IRSA] Needs `runAsUser: 1001`
3y 8mo 8mo
commented
member-last
pr-merged
send
693 Azure DNS pod identity incorrectly documents principal_id 3y 2y 3y
author-last
commented
recv
recv-q
672 List required Google CloudDNS permissions exhaustively 3y 3y 3y
recv
662 Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"
3y 3y 3y
recv
642 Move/ link to Webhook debugging docs 3y 3y
844 Document feature gates 3y 3y 3y
recv
similar
604 Make it so that it is easier to find the doc for fixing webhook issues 4y 3y 4y
contributor-last
recv
583 cert-manager with ZeroSSL
45
 4y 2y 2y
commented
send
561 Certificate Resources 4y 4y 4y
recv
similar
554 HTTP Validation, privateKeySecretRef
4y 4y 4y
contributor-last
recv
568 Add a diagram for LetsEncrypt cert issuance flow to the docs
4
 4y 4y 4y
recv
549 Effort towards a more user-friendly website 4y 4y
542 Document the Istio VirtualService HTTP01 configuration options 4y 4y
543 Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates
4
 4y 4y 4y
commented
member-last
send
532 Rework of the landing page (cert-manager.io)
3
 4y 3y 4y
help wanted
good first issue
commented
member-last
send
466 installation/compatiblity 4y 4y 4y
recv
469 DNS01: Delegated Domains for DNS01 example yaml solvers list items 4y 4y 4y
recv
386 Uninstalling on Kubernetes - How to delete all those user created resources?
4y 4y 4y
contributor-last
recv
326 Securing Ingresses with Venafi 4y 4y 4y
contributor-last
recv
similar
295 Route53 4y 4y 4y
kind/documentation
commented
member-last
send
425 Document ocspServers 4y 4y 4y
kind/documentation
commented
member-last
1257 ErrRegisterACMEAccount 2y 2y 2y
recv
457 cainjector docs are missing the option to inject certs in apiservice resources
4y 4y 4y
recv
1586 Now that cert-manager 1.16 has been released, `--set config.enableGatewayAPI=true` is now the recommended approach for projects that show instructions on how to enable cert-manager's gateway API support, especially on visible projects like Cilium:
8mo 8mo
pr-merged
42 Publish latest release number as part of creating a final release
3y 3y 3y
commented
member-last
send
79 Design for partial automation of release process 3y 3y 3y
commented
member-last
send
19 Incorrect command line help: should include a --branch argument 4y 4y 4y
kind/cleanup
commented
contributor-last
31 Move the manual steps of our release process to cmrel commands
4y 3y 3y
commented
member-last
pr-closed
501 Error logs not very helpful 3mo 3mo 3mo
recv
431 istio-csr pod healthz check fails for long time in v0.11.0 and v0.12.0 7mo 6mo 7mo
recv
recv-q
413 Panic: runtime error on new installation 8mo 7mo 8mo
author-last
recv
recv-q
287 Getting Readiness probe failed when using cert-manager-istio-csr 1y 1y 1y
author-last
recv
recv-q
similar
283 Document / improve that sometimes the issuer needs to set `ca.crt`
1y 1y
244 Populate Subject Fields in Certificate
1y 8mo 1y
contributor-last
recv
224 ClusterRole & ClusterRoleBindings for istio-csr 2y 2y 2y
recv
223 False positive warnings from trivy and dependabot
7
 2y 1y
213 charts.jetstack.io beding cluster presents a challenge and breaks deployment 2y 2y 2y
recv
211 Add custom annotations to deployment
2y 1y 2y
pr-closed
pr-merged
recv
197 add the compatibility matrix for Kubernetes versions to README 2y 2y 2y
recv
176 certificateDuration is not used for the Istio CSR generated certificate requests 2y 6mo 2y
pr-closed
pr-reviewed-with-comment
recv
recv-q
similar
161 updating ConfigMap data doesn't stop
3y 3y 3y
contributor-last
recv
recv-q
155 Invalid certificate chain when using Vault with Intermediate CA 3y 2y 3y
recv
recv-q
153 It is possible to have several CAs within the same cluster.
3
 3y 7mo 2y
commented
send
145 Not able to use Istio-CSR in istio(1.13.*)
3y 3y 3y
author-last
pr-closed
recv
141 Istio-csr pods were hung unable to handle request causes entire cluster downtime for new pods/expired pods. 3y 2y 3y
recv
recv-q
138 istio-csr doesn't retry upon failed certificate requests
3y 2y 3y
contributor-last
recv
137 Documentation on rotating the root certificate
3y 6wk 3y
recv
recv-q
136 Document available metrics 3y 3y 3y
recv
similar
133 latest supported cert-manager version with cert-manager-istio-csr? 3y 3y 3y
contributor-last
recv
131 metrics to check certificate expiry for istio workloads ? 3y 3y 3y
contributor-last
recv
recv-q
130 Document best-practices for minimal vault role configuration for istio-csr 3y 1y 3y
recv
recv-q
118 E2E tests running against the wrong k8s version
3y 3y
117 public ca.crt aka caBundle is not being updated/propagated until the cert-manager and istiod components are restarted 3y 3y 3y
recv
113 Integrating with istio helm chart installs
15
 3y 8mo 3y
recv
recv-q
108 [doc] confusion with `ca.pem` and Readiness probe failed on ingress and egress gateways 3y 3y 3y
author-last
recv
recv-q
106 Helm chart is failing with "certificate.spec.revisionHistoryLimit" issue 3y 3y 3y
contributor-last
recv
similar
94 Can't get aws pca to work 3y 3y 3y
recv
87 Failing to integrate with GCP CAS
3y 3y 3y
contributor-last
recv
recv-q
84 csr readiness probe failed, istio ingress pod also failed
2
 3y 1y 3y
support
recv
recv-q
similar
83 commonName required for AWS PCA 3y 3y 3y
recv
recv-q
64 Is there way to hot restart envoy proxy using istio-csr? I'm trying to renew root certificate by changing the istio-ca secret manually. The workload does not pick the new root certificate unless I delete the workload pods 4y 4y 4y
recv
recv-q
53 Generate workload certificates with DNS in the SAN 4y 4y 4y
recv
recv-q
534 helm value app.certmanager.additionalAnnotations interprets "JSON like" string as json and cannot render mainfests 7wk 7wk 7wk
author-last
pr-unreviewed
recv
516 Add PodDisruptionBudget to helm chart 3mo 3mo 3mo
pr-unreviewed
recv
638 Approver cannot find applicable policy 3wk 3wk 3wk
recv
559 Flakey Tests in pull-cert-manager-approver-policy-test 5mo 5mo 5mo
recv
similar
505 Parameterize the name used in the managed-by label of the webhook CA Secret to distinguish it from the CA Secret created by cert-manager 8mo 8mo
pr-reviewed-with-comment
466 Document How to Configure Common Scenarios 11mo 11mo 11mo
recv
452 CRDs in the Release files
3
 1y 1y 1y
recv
394 Limit number of SANs by policy
1y 1y 1y
contributor-last
recv
449 Rotation Policy Constraint 1y 6mo 1y
contributor-last
recv
recv-q
288 Feature: Take control of approval for the whole cluster
2
 2y 1y 1y
commented
member-last
271 Include binary artifacts your releases. 2y 2y 2y
recv
203 Improve CRD fields for specifying key requirements
3
 2y 6mo
contributor-last
recv-q
169 Webhook Custom CA 2y 6wk 2y
help wanted
contributor-last
recv
recv-q
216 Simplify configuration by creating RBAC by default
2
 2y 2mo
help wanted
contributor-last
pr-merged
pr-unreviewed
recv-q
61 Flakey Tests in pull-cert-manager-approver-policy-verify
3y 3y
kind/bug
pr-merged
similar
632 High cpu and ram load on apiserver 3wk 3wk 3wk
recv
592 Feature: ClusterTrustBundle as Sources 2mo 6wk
contributor-last
similar
588 Add ability to monitor validity period for CAs in bundle
4
 2mo 5wk 2mo
kind/feature
help wanted
contributor-last
recv
recv-q
574 Add a top level variable called `enabled` to the Helm chart schema 2mo 2mo 2mo
help wanted
good first issue
contributor-last
pr-unreviewed
recv
recv-q
560 Support rotated certificate sources
18
 3mo 19h 3mo
recv
recv-q
similar
465 Installing trust-manager just after installing cert-manager makes it FAIL forever 7mo 2mo 2mo
commented
contributor-last
send
301 Add support for kubectl installation 1y 5mo 1y
lifecycle/frozen
author-last
commented
open-milestone
recv
recv-q
similar
245 Split Bundle controller into multiple controllers
2y 5mo 5mo
lifecycle/frozen
commented
member-last
send
591 Feature: ClusterTrustBundle as Target
2
 2mo 6wk
contributor-last
pr-merged
similar
242 New version of Bundle API
2
4
 2y 2mo 1y
lifecycle/frozen
commented
contributor-last
pr-merged
pr-new-commits
recv
222 [Feature] - Ability to inject a CA cert into a cert-manager managed secret resource
15
 2y 7d 2y
lifecycle/rotten
commented
contributor-last
pr-merged
recv-q
send
205 Allow to select multiple "trust" namespaces
26
 2y 2d 2y
recv
recv-q
142 expose bundles CRD as release artifact
9
 2y 2mo 2y
author-last
recv
recv-q
243 More flexible and better organized target specification in API
3
 2y 5wk 2y
lifecycle/frozen
commented
contributor-last
pr-merged
recv
recv-q
629 The crds is not installed automatically when trust-manager is a sub-chart 5wk 5wk 5wk
recv
99 Allow removing Bundles whilst keeping the synced CA certs
4
 2y 5wk 2y
lifecycle/frozen
contributor-last
pr-unreviewed
4 Feature: By default, require only self-signed certificates in a bundle
3y 2mo 2mo
kind/feature
help wanted
good first issue
commented
member-last
39 Don't sync targets to all namespaces by default
7
 2y 5wk 7mo
lifecycle/frozen
commented
contributor-last
open-milestone
pr-merged
send
131 Feature: per namespace trust bundle
4
 2y 9d 2y
lifecycle/stale
contributor-last
recv
recv-q
60 overriding trusted namespace
8
14
 2y 1mo 11mo
commented
contributor-last
recv-q
send
63 nit: Rename "Bundle" to "ClusterBundle"
15
 2y 3wk 2y
lifecycle/stale
commented
contributor-last
open-milestone
pr-merged
send
231 ### Question about Configuring Retries in cert-manager 2mo 2mo 2mo
recv
204 clarify SetCAOnCertificateRequest deprecation status 5mo 5mo 5mo
recv
385 Helm Install of cert-manager-csi-driver Fails on Minikube with /dev/bus/usb Errors 2mo 2mo 2mo
author-last
recv
383 [Feature Request] Adding attributes that available in Certificate CRD to CSI Driver
2mo 2mo 2mo
recv
371 Specify private key algorithm/size
4mo 6wk 4mo
pr-unreviewed
recv
353 mismatch between the key and the certificate signature algorithm
5mo 5mo 5mo
recv
267 Does cert-manager-csi-driver support AWS EKS with AWS Fargate nodes? 1y 11mo 1y
recv
264 Certificate renewal doesn't change file 'modified date'
1y 1y 1y
recv
256 Broken comma-separated splitting logic 1y 1y
241 Missing cert-manager.io/revision-history-limit volume attributes for CSI-Driver
5
 1y 1y 1y
recv
171 E2E Test Cleanup 1y 1y 1y
good first issue
commented
member-last
136 SubPath support is broken or missing 2y 2y 2y
recv
134 Volume empty
4
 2y 2y 2y
recv
130 JKS support
5
 2y 1y 2y
recv
recv-q
125 Is it too late to align cert-manager annotations?
2y 2y 2y
recv
similar
119 Certificate is re-requested when container restarts 2y 2y 2y
recv
similar
116 Does csi-driver support Wìndows nodes? 2y 2y 2y
contributor-last
recv
74 Investigate and change the default mounted host path for driver 3y 3y 3y
recv
33 New key being used with old certificate 4y 4y 4y
recv
29 Deleting a pod with a cert-manager-csi volume mounted results in the pod termination hanging. 4y 4y 4y
recv
26 Cannot `chmod` a read only filesystem
14
 4y 3y 4y
pr-closed
recv
recv-q
21 MountVolume.SetUp failed: cannot set blockOwnerDeletion: cannot find RESTMapping for APIVersion core/v1 Kind Pod 5y 5y 5y
recv
17 ability to specify pod IP in volume attributes
7
 5y 6mo 5y
commented
recv
recv-q
128 Incorrect logger initialisation 1y 1y
42 Intermittent csi-driver-spiffe failure: Unable to mount cert 2y 2y 2y
commented
member-last
send
39 csi-driver-spiffe vs csi-driver
5
 2y 2y 2y
commented
member-last
send
38 Add Envoy Secret discovery service (SDS) support 2y 2y 2y
recv
19 Add support for certificate expiry configuration
6
 2y 2y 2y
recv
41 The default `csiDataDir` value might collide with csi-driver 2y 2y
58 certificate cannot be renewed, error message: "key does not match certificate"
4
 1y 1y 1y
recv
recv-q
174 Standby Replicas without lease use lots of CPU 2mo 2mo 2mo
recv
56 Support for destinationCaCertificate / Reencrypt Routes 1y 1y 1y
recv
46 Ability to configure CertificateRequest revision history limit
2
 2y 2y 2y
recv
similar
38 Route with cert-manager annotations is not created
4
 2y 15d 2y
commented
send
similar
14 Annotation generates CertificatesRequests repeatedly until blocked by letsencrypt 2y 2y 2y
commented
member-last
send
similar
54 Same certificate in path based Routes
2
 1y 3mo 1y
pr-closed
recv
12 Does this plugin support DNS validation? 2y 2y 2y
recv
26 Missing CONTRIBUTING.md
2y 2y 2y
recv
13 Can the plugin be configured to use a wildcard certificate?
2
 2y 2y 2y
pr-closed
recv
recv-q
116 Release static manifests (no helm) for v0.6.0-alpha.0+
7mo 7mo 7mo
recv
70 OLM deployment with ArgoCD is OutOfSync
3y 2y 2y
commented
send
17 Operator prevents passing extraArgs helm value
7
 4y 2y 4y
recv
recv-q
46 Cert-manager operator fails to issue certificates 3y 3y 3y
recv
22 Customize the deployment of cert-manager installed via OLM
5
6
 4y 8mo 3y
commented
recv
recv-q
74 Consistency issues due to the use of mount binds 6mo 6mo 6mo
author-last
commented
recv
recv-q
40 Optional auto rotating/renewing certificates 2y 1y 2y
contributor-last
recv
recv-q
8 Drivers can create CertificateRequests for pods that don't exist in very rare edge cases 4y 4y
contributor-last
56 Struggling to get controller running in local KIND cluster
3mo 6wk 6wk
commented
member-last
send
63 Is it possible to only create Issuer and remove the CluserIssuer 9d 9d 9d
recv
62 Limit the controller-manager to access secrets only from specific namespace 9d 9d 9d
recv
122 asdf cmctl installer issues
2
 8mo 8mo 8mo
author-last
commented
recv
128 cmctl always reports v0.0.0 in the user-agent header 8mo 3mo
691 Document how to test ProwJobs locally 3y 3y 3y
recv
593 Document how updates to job config files make it to the Prow cluster 3y 3y 3y
recv
700 Ensure optional periodics get run if relevant files change 3y 3y 3y
recv
499 RBAC Rules for trusted prowjobs
2
 4y 3y 4y
contributor-last
recv
492 Onboard with CertManager prow cluster for running CI tests for jniebuhr/aws-pca-issuer
2
 4y 4y 4y
kind/feature
recv
656 Try out rootless containers for running jobs
3y 3y
pr-closed
653 Allow adding newly required presubmits that aren't run against older branches
3y 3y 3y
recv
626 Misconfiguration causing many errors in the hook logs 3y 3y
602 Image build jobs always appear to error 3y 3y 3y
recv
520 Document how infra images are built
4y 4y 4y
pr-merged
recv
similar
202 Makefile Modules, Go Versions and Vendoring
8mo 8mo 8mo
commented
contributor-last
154 Publish SBOMs 1y 10mo 10mo
kind/feature
good first issue
commented
member-last
send
295 `make generate-golangci-lint-config` clobbers local exclusions added to the local config. 10d 10d
26 helm-tool inject adds trailing white space to the generated markdown 1y 1y
kind/bug
25 helm-tool inject sometimes omits the context (prefix) of commented out values in the generated markdown 1y 1y
kind/bug
contributor-last
51 reviewer confusion 2mo 2mo 2mo
commented
member-last
43 Allow non-Venafi employee maintainers full release capabilities
2
 6mo 4mo 4mo
assigned
assignee-updated
commented
contributor-last
recv
35 Post-Graduation Suggestion Tracker
9mo 9mo 9mo
commented
member-last
pr-merged
81 How to enable leader election in the webhook? 4mo 4mo 4mo
recv
72 readyz and healthz api 11mo 11mo 11mo
recv
49 cannot create resource "godaddy" in API group 2y 2y 2y
recv
recv-q
46 Code reference a pull request to be merged, but the pull request was closed by a robot 2y 2y 2y
recv
37 Add logging example
3y 11mo 3y
pr-closed
recv
10 How to add api key secret during testing
2
 5y 4y 5y
pr-closed
recv
26 Guidance on how to deploy webhook solver into a kubernetes cluster
5
 4y 2y 4y
pr-closed
pr-unreviewed
recv
recv-q
6 security description 6y 6y 6y
commented
member-last
send
2 Set up basic e2e test that deploys the webhook and ensures we can POST a challenge 6y 6y
8 Question: namespace to install the resources
5y 5y 5y
pr-closed
pr-unreviewed
recv
similar
80 How to deal with K8s timelimit in 30s ? 6mo 6mo 6mo
recv
74 Why cert-manager looks for a CNAME record instead of a TXT record? 10mo 10mo 10mo
recv
8 Find solution for automatically disabled GitHub Actions 10mo 10mo
18 Feature: Git bundles? 2mo 2mo
1 Feature request: output a boilerplate file 2y 2y
197 Kubectl One-line Installation Support 9mo 7mo 7mo
commented
member-last
send
similar
162 Issue: Broken config when using commonLabels 1y 1y 1y
recv
148 Certificate chain is not split correctly
5
 1y 1y 1y
author-last
pr-reviewed-with-comment
recv
recv-q
133 Allow to use a custom Service Account
5
 1y 10mo 1y
pr-unreviewed
recv
102 certificate renewal does not work in due to auth issue to privatecaapi end point 2y 7mo 2y
recv
94 admission webhook denied GoogleCASIssuer must be one of Issuer or ClusterIssuer
2y 2y 2y
recv
85 can't get cas issuer to work doesn't matter which way I go with number of issues
2
 2y 2y 2y
recv
66 ClusterIssuer not responding to ingress annotations
3y 2y 3y
recv
recv-q
similar
65 Set revisionHistoryLimit to 1 to reduce load on the issuer 3y 7mo 7mo
author-last
commented
recv
57 README is slightly incomplete 3y 3y 3y
recv
49 Should surface certificateAuthorityId more clearly in docs 3y 3y 3y
documentation
recv

Uncommented older than 7 days (257)

Resolution: Add a priority/ or triage/ label

Average age: 676.4d, Avg wait: 637.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7267 `error finalizing order` message is light on details
2
 9mo 2mo 9mo
priority/important-soon
contributor-last
recv
7311 helm schema validation should validate `featureGates`
8mo 1d 8mo
kind/feature
priority/backlog
lifecycle/stale
contributor-last
recv
recv-q
7218 cert-manager set don't fragment (DF) bit 10mo 2mo 10mo
kind/bug
priority/important-longterm
assigned
assignee-updated
author-last
recv
recv-q
7156 Consider exposing previous certificates/keys in the kubernetes secret so that workloads can implement a grace period when a certificate rotates
8
 11mo 3wk 11mo
kind/feature
priority/backlog
lifecycle/stale
contributor-last
recv
7138 Failed to generate serving certificate
64
 11mo 3wk 11mo
kind/bug
priority/important-soon
assigned
assignee-updated
pr-approved
pr-merged
recv
recv-q
6820 Ongoing dependency evaluation
1y 11mo 1y
lifecycle/frozen
priority/important-longterm
contributor-last
recv
7301 Metrics for updated / patched certificates should be cleaned
8mo 4d 8mo
kind/bug
priority/awaiting-more-evidence
lifecycle/stale
contributor-last
recv
recv-q
6741 ACME account private key and URI are not updated if the path of the ACME server is changed
5
 1y 9mo 1y
lifecycle/frozen
kind/bug
priority/important-soon
contributor-last
recv
6472 Create TLSA records automatically
10
 2y 6wk 2y
kind/feature
priority/backlog
author-last
recv
6229 Race condition when two identical certificate requests are made from different clusters
7
 2y 2wk 2y
help wanted
kind/bug
priority/important-longterm
lifecycle/stale
area/acme/dns01
contributor-last
pr-merged
recv
recv-q
6051 Detecting Gateway hostnames based on attached HTTPRoutes
3
24
 2y 2d 2y
kind/feature
priority/important-longterm
lifecycle/stale
pr-merged
recv
recv-q
7288 Missing UID in webhook challenge request 8mo 4wk 8mo
kind/bug
priority/backlog
author-last
recv
6754 Schedule certificate renewal outside business hours
11
 1y 3wk 1y
kind/feature
priority/important-longterm
pr-unreviewed
recv
recv-q
5783 Add k8s.io/client-go/applyconfigurations style *ApplyConfigurations for the included CRDs
2y 2mo 2y
kind/feature
priority/backlog
assigned
assignee-updated
contributor-last
pr-closed
recv
5751 Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together
2y 9mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
recv
recv-q
5540 Changelog annotations to chart 2y 2mo 2y
kind/feature
priority/backlog
author-last
recv
5917 Waiting for DNS-01 challenge propagation: DNS record for mydomain.com not yet propagated
36
 2y 4d 2y
kind/bug
priority/important-longterm
assigned
assignee-updated
recv
recv-q
1549 Brand guideline page 9mo 9mo 9mo
priority/backlog
contributor-last
recv
1473 Add ArtifactHub packages to website 1y 9mo 1y
priority/backlog
recv
850 Document available cert-manager Prometheus metrics
3y 2y 3y
documentation
good first issue
priority/important-longterm
recv
recv-q
similar
1063 "Securing Ingresses with Venafi" tutorial contains link to missing manifest
2y 8mo 2y
priority/important-longterm
author-last
pr-merged
recv
354 DigitalOcean access-token should not be base64-encoded 4y 4y 4y
priority/awaiting-more-evidence
author-last
recv
recv-q
237 docs for ACMEChallengeSolverHTTP01Ingress doesn't specify what `class` values are available
5y 4y 5y
priority/backlog
kind/documentation
contributor-last
pr-closed
recv
232 Document keystored in usage/certificate 5y 4y 5y
priority/backlog
kind/documentation
contributor-last
recv
228 Documentation needs correction for external-account-bindings
5y 2mo 5y
good first issue
priority/backlog
kind/documentation
contributor-last
pr-merged
recv
197 Document ACME account mismatch 5y 3mo 5y
good first issue
priority/backlog
kind/documentation
recv
recv-q
130 FAQ: How does cert-manager handle ingresses with valid TLS secrets? 5y 4y 5y
help wanted
priority/backlog
kind/documentation
contributor-last
recv
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 5y 4y 5y
priority/backlog
kind/documentation
contributor-last
recv
297 Allow all resources to be namespaced
4
 1y 7d 1y
lifecycle/rotten
priority/backlog
contributor-last
recv
recv-q
similar
58 Support injection pem into an existing configmap
8
 2y 5wk 2y
priority/important-longterm
lifecycle/frozen
assigned
assignee-updated
contributor-last
pr-merged
pr-new-commits
pr-unreviewed
recv
33 Support CRDs as target
5
 3y 2mo 3y
priority/backlog
contributor-last
recv
recv-q
3 Restrict operator RBAC permissions
5y 9mo 5y
priority/backlog
pr-merged
recv
33 Create e2e test to validate CertificateRequest garbage collection 2y 11mo 2y
priority/backlog
assigned
recv
83 As cmctl user, I want to use different kubectl context on command line ( --context='kubectl-context-abc' )
1y 11mo 1y
priority/important-longterm
recv
693 Set up periodics against 'previous previous' branch 3y 9mo 3y
priority/backlog
recv
594 Document infra image bumps and versioning 3y 9mo 3y
priority/backlog
recv
similar
690 Clean up Presets
3y 9mo 3y
priority/backlog
pr-merged
recv
63 make test prints the apiKey 1y 9mo 1y
priority/important-soon
recv
38 Set repository to be a GitHub template repository
3y 9mo 3y
priority/important-longterm
recv
218 previously listed items omitted

Important soon, but no updates in 90 days (16)

Resolution: Downgrade to important-longterm

Average age: 1037.1d, Avg wait: 108.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6709 1.14 Release Review
3
 1y 9mo 1y
lifecycle/frozen
priority/important-soon
commented
contributor-last
send
5298 Complete the Migration Away From Jetstack Names 2y 9mo 1y
lifecycle/frozen
kind/cleanup
priority/important-soon
commented
member-last
send
6132 Checklist: CNCF Graduation
2y 8mo 8mo
lifecycle/frozen
priority/important-soon
commented
member-last
pr-unreviewed
2930 Mirror to gcr.io or dockerhub
2
28
 5y 3mo 1y
lifecycle/frozen
kind/feature
priority/important-soon
area/deploy
assigned
assignee-updated
commented
contributor-last
send
3381 Setup separate package for cert-manager API
5
 4y 5mo 9mo
lifecycle/frozen
kind/feature
priority/important-soon
assigned
assignee-updated
commented
contributor-last
send
1425 The `issuer.vault.spec.caBundleSecretRef` docs are missing 1y 11mo
priority/important-soon
1174 Document the docker images and how to find them
2y 2y 2y
good first issue
priority/important-soon
kind/documentation
commented
member-last
send
955 Document when the vault pki role required setting `require_cn=false`
3y 8mo
priority/important-soon
899 Upgrading from v1.7 to v1.8 check command should exclude null.
2
 3y 8mo 8mo
priority/important-soon
commented
member-last
pr-approved
send
802 Spelling errors are unclear in pull request CI results and spell checker is unmaintained
3y 9mo
kind/bug
priority/important-soon
contributor-last
pr-merged
195 Document keystores 5y 2y 4y
priority/important-soon
kind/documentation
commented
contributor-last
send
174 Add documentation for CRD conversion webhook ca injection 5y 4y 4y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
127 cmctl version reports only the old CRD version if I upgrade cert-manager without including the CRDs 8mo 8mo
priority/important-soon
3 previously listed items omitted: #6741 #5751 #63

Important longterm, but no updates in 180 days (19)

Resolution: Downgrade to backlog

Average age: 1094.3d, Avg wait: 198.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6969 Should upgrade status managed fields from CSA to SSA when ServerSideApply feature gate enabled 1y 8mo 1y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
contributor-last
send
5959 `ImagePullBackoff` on `cm-acme-http-solver` pod, if using private registries
20
 2y 8mo 2y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
contributor-last
recv-q
send
4950 General flakiness of our end-to-end suite
3
 3y 11mo 2y
lifecycle/frozen
priority/important-longterm
kind/flake
commented
member-last
pr-closed
pr-merged
send
4191 Setting default values for Pod's "resources"?
7
 3y 8mo 8mo
lifecycle/frozen
priority/important-longterm
commented
contributor-last
recv-q
send
2178 Handling 'unregistering' certificates from Venafi TPP
22
 5y 1y 1y
lifecycle/frozen
kind/feature
priority/important-longterm
area/venafi
commented
member-last
send
4685 Unexpected EOF during watch stream event decoding: unexpected EOF -- possibly due to api server upgrades / restarts
11
 3y 11mo 1y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
member-last
send
1194 Confusing paragraph - cert-manager integration. 2y 9mo 2y
documentation
priority/important-longterm
commented
member-last
send
1186 Document that/why we don't use Helm's CRD installation mechanism 2y 11mo 11mo
good first issue
priority/important-longterm
kind/documentation
assigned
assignee-updated
commented
member-last
send
223 Document wildcard certificate tutorial 5y 4y 5y
priority/important-longterm
kind/documentation
commented
contributor-last
send
975 Some pages do not make it clear what the user should read next 3y 8mo
priority/important-longterm
401 Bring tutorials up to date 4y 2y 2y
priority/important-longterm
commented
member-last
send
129 Increase e2e test timeouts 1y 9mo
priority/important-longterm
98 Document new release process for all repos 1y 11mo
priority/important-longterm
assigned
3 Make unit testing easier/make examples work
6y 9mo 3y
priority/important-longterm
commented
member-last
pr-closed
send
5 previously listed items omitted: #6820 #1063 #850 #83 #38

Pull Requests: Review Ready (64)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 156.2d, Avg wait: 92.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7718 Switch to makefile modules completely (part 1) 6wk 6h 6h
release-note-none
area/api
kind/cleanup
size/XXL
area/acme
dco-signoff: yes
area/testing
area/deploy
commented
member-last
new-commits
7795 feat(acme): Add default feature gate for ACME HTTP01 Ingress pathType Exact
3
 3d 2h 21h
size/L
release-note
kind/feature
area/acme
dco-signoff: yes
ok-to-test
area/acme/http01
commented
contributor-last
recv
unreviewed
7642 fixes #7506: enable configurable max key/cert sizes, defaulting to original safe values introduced in #7401 2mo 1d 2mo
release-note
size/XL
area/api
kind/bug
kind/feature
needs-ok-to-test
dco-signoff: yes
area/testing
area/deploy
recv
recv-q
unreviewed
7289 Design proposal for delayed certificate activation 8mo 2d 4mo
size/L
release-note-none
kind/design
needs-ok-to-test
dco-signoff: yes
commented
contributor-last
open-milestone
recv
recv-q
reviewed-with-comment
7736 feat(metrics): adding `certmanager_certificate_challenge_status` metric
2
 5wk 3d 5wk
size/L
release-note
kind/feature
area/acme
dco-signoff: yes
area/testing
ok-to-test
area/monitoring
contributor-last
new-commits
recv
recv-q
7614 Lower the minimum certificate duration from 1 hour to 5 minutes 3mo 8d 3mo
release-note
size/S
area/api
kind/feature
needs-ok-to-test
lifecycle/stale
dco-signoff: yes
contributor-last
recv
recv-q
unreviewed
7733 fixes #5864: cert-manager CA to issue certs after verify with CA Certs Validity
5wk 8d 9d
size/L
release-note
kind/bug
kind/feature
dco-signoff: yes
ok-to-test
author-last
commented
new-commits
recv
recv-q
7702 Add option to only render CRDs from helm 7wk 8d 7wk
size/L
release-note
kind/feature
needs-ok-to-test
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
unreviewed
7689 Add Vertical Pod Autoscaler
2
 2mo 10d 6wk
size/L
release-note
approved
kind/feature
dco-signoff: yes
ok-to-test
area/deploy
author-last
commented
new-commits
recv
recv-q
7439 helm: add checksum/config annotations 6mo 3wk 6mo
release-note-none
size/S
kind/feature
needs-ok-to-test
dco-signoff: yes
area/deploy
author-last
recv
recv-q
unreviewed
7327 add more detailed logging when service certificate is generated
8mo 17d 8mo
release-note-none
lgtm
size/S
lifecycle/rotten
dco-signoff: yes
ok-to-test
needs-kind
approved
contributor-last
recv
recv-q
7383 feat(chart): add `global.logFormat` 7mo 3wk 7mo
release-note-none
size/S
kind/feature
needs-ok-to-test
lifecycle/rotten
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
unreviewed
7583 Support for ACME servers that don't finalize within the ACME client finalizer retry window 3mo 3wk 3mo
release-note
kind/bug
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
author-last
recv
recv-q
unreviewed
7764 Doc: Add leaderElection.namespace recommendation 3wk 3wk 3wk
size/XS
release-note-none
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
contributor-last
recv
recv-q
unreviewed
7761 Helm: Fix naming format of tokenrequest RBAC resources 3wk 3wk 3wk
size/XS
release-note-none
kind/cleanup
needs-ok-to-test
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
unreviewed
7748 Design: "Image Configuration in Helm Chart"
2
 4wk 4wk 4wk
size/L
release-note-none
kind/design
dco-signoff: yes
commented
contributor-last
new-commits
recv-q
7654 Implement fallback for git_version creation in forked environments 2mo 4wk 2mo
release-note-none
size/S
kind/cleanup
needs-ok-to-test
dco-signoff: yes
contributor-last
recv
recv-q
reviewed-with-comment
7664 feat: Add ClusterIssuer and Issuer metrics 2mo 5wk 2mo
size/L
release-note
kind/feature
dco-signoff: yes
ok-to-test
area/monitoring
contributor-last
recv
recv-q
unreviewed
7726 [helm] Add IPv6 rules to the default network policy 6wk 5wk 6wk
release-note
size/S
kind/feature
dco-signoff: yes
ok-to-test
area/deploy
contributor-last
recv
recv-q
unreviewed
7537 feat: Added support for unhealthyPodEvictionPolicy to PDBs 4mo 6wk 4mo
release-note
kind/feature
size/M
dco-signoff: yes
ok-to-test
area/deploy
contributor-last
recv
recv-q
reviewed-with-comment
similar
7728 Add unhealthyPodEvictionPolicy to supported PDB options
6wk 6wk 6wk
release-note
kind/feature
needs-ok-to-test
size/M
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
similar
unreviewed
7725 chore: allow additional properties in Helm setup #7668
2
 6wk 6wk 6wk
size/XS
release-note-none
needs-ok-to-test
dco-signoff: no
area/deploy
needs-kind
contributor-last
recv
recv-q
unreviewed
1589 Apply change proposed in issue 899 8mo 18d
size/XS
dco-signoff: yes
approved
contributor-last
recv-q
1696 Create redirects for cert-manager annotations
4
 4wk 1d 2d
dco-signoff: yes
size/XL
commented
contributor-last
new-commits
recv
1694 enhance restore cert-manager resources 4wk 4wk 4wk
dco-signoff: yes
size/S
recv
recv-q
unreviewed
1607 Document Log Level settings. Document DNS01 delegation using multiple providers. 6mo 6mo 6mo
dco-signoff: yes
size/M
recv
recv-q
unreviewed
1602 acme troubleshooting: how to fix errored challenges 6mo 6mo 6mo
size/XS
dco-signoff: yes
recv
recv-q
unreviewed
1587 Custom Certificate Support for cert-manager Webhook Endpoint 8mo 8mo 8mo
dco-signoff: yes
size/S
recv
recv-q
unreviewed
1259 Fixed Azure Workload identity doc 2y 2y 2y
dco-signoff: yes
size/S
recv
unreviewed
200 Bump the all group across 1 directory with 12 updates 3mo 3mo 3mo
dco-signoff: yes
needs-ok-to-test
size/L
dependencies
go
contributor-last
recv
recv-q
unreviewed
559 Bump the all group across 1 directory with 10 updates 3d 16h 3d
dco-signoff: yes
size/L
needs-ok-to-test
dependencies
go
contributor-last
recv
recv-q
unreviewed
537 fix: make handling of additionalAnnotations more robust
2
 7wk 18d 7wk
dco-signoff: yes
size/XS
needs-ok-to-test
author-last
recv
recv-q
unreviewed
517 Add `PodDisruptionBudget` to helm chart 3mo 3mo 3mo
dco-signoff: yes
size/M
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
469 Add app.server.certificateDuration 5mo 5mo 5mo
dco-signoff: yes
size/M
needs-ok-to-test
contributor-last
recv
recv-q
reviewed-with-comment
628 Grant cert-manager RBAC to use all policies by default 6wk 6wk 6wk
dco-signoff: yes
size/M
commented
contributor-last
recv
recv-q
unreviewed
558 feat(helm-chart): add ability to set pod level security context 4mo 7wk 4mo
dco-signoff: yes
ok-to-test
size/S
contributor-last
recv
recv-q
unreviewed
475 Replace webhook validations with CEL validation
7mo 7wk 6mo
dco-signoff: yes
size/XL
commented
contributor-last
new-commits
recv
recv-q
262 Use RequeueAfter instead of Requeue=True 10d 10d
dco-signoff: yes
size/L
contributor-last
recv-q
unreviewed
265 Bump the all group across 1 directory with 4 updates 3d 1d 3d
dependencies
go
dco-signoff: yes
size/M
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
188 Remove SetCertificateRequestConditionError 6mo 17d
dco-signoff: yes
size/XL
contributor-last
recv-q
unreviewed
186 Remove GetIssuerTypeIdentifier from Issuer API 6mo 17d
dco-signoff: yes
size/L
contributor-last
recv-q
unreviewed
189 Make CertificateRequestObject interface more intuitive 6mo 17d
dco-signoff: yes
size/L
contributor-last
recv-q
unreviewed
187 Use `metav1.Condition` instead of `cmapi.IssuerCondition` in Issuer API 6mo 17d
dco-signoff: yes
size/XL
contributor-last
new-commits
recv-q
404 Add support for ECDSA and Ed25519 algorithms, make key size configurable 6wk 6wk 6wk
dco-signoff: yes
size/L
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
415 Bump the all group across 1 directory with 10 updates 4d 1d 4d
dco-signoff: yes
size/M
needs-ok-to-test
dependencies
go
contributor-last
recv
recv-q
unreviewed
193 Add option for DNS SAN based on SA name 8mo 8mo
size/L
dco-signoff: no
contributor-last
recv-q
unreviewed
299 Bump the all group across 1 directory with 8 updates 3d 16h 3d
dco-signoff: yes
size/M
needs-ok-to-test
dependencies
go
contributor-last
recv
recv-q
unreviewed
148 limit-namespaces for namespace-scope deployments
4mo 4mo 4mo
dco-signoff: no
size/S
needs-ok-to-test
author-last
recv
recv-q
unreviewed
73 Support prometheus metrics 6mo 4d 5d
size/XXL
dco-signoff: yes
ok-to-test
commented
contributor-last
recv
reviewed-with-comment
71 Refactor filesystem.go and adapt tests to use a real file system 6mo 10d 10d
dco-signoff: yes
size/L
commented
member-last
reviewed-with-comment
58 Upgrade golangci-lint to the latest version 6wk 5wk 6wk
dco-signoff: yes
size/M
contributor-last
recv
recv-q
reviewed-with-comment
59 Update dependencies and the Go version 6wk 5wk 6wk
dco-signoff: yes
size/L
contributor-last
new-commits
recv
recv-q
239 Bump the all group across 1 directory with 15 updates 3d 16h 3d
dco-signoff: yes
size/L
needs-ok-to-test
dependencies
go
contributor-last
recv
recv-q
unreviewed
1088 Update k8s-infra-prow images, cert-manager-infra-images images as needed 2mo 1d 2mo
dco-signoff: yes
size/M
contributor-last
recv
recv-q
unreviewed
55 feat: add test module 1y 1y 1y
dco-signoff: yes
size/M
commented
contributor-last
recv
reviewed-with-comment
293 Add Helm chart image baking 4wk 4wk
dco-signoff: yes
size/S
contributor-last
recv-q
similar
unreviewed
104 Add Chart image baking 4wk 4wk
dco-signoff: yes
size/L
contributor-last
recv-q
similar
unreviewed
64 Add imagePullSecrets to template 1y 1y 1y
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
79 Bump github.com/cert-manager/cert-manager from 1.15.1 to 1.15.4 in the go_modules group across 1 directory 6mo 6mo 6mo
size/XS
dco-signoff: yes
needs-ok-to-test
dependencies
contributor-last
recv
recv-q
unreviewed
59 cleanup: remove unused NOTES.txt file 2y 2y 2y
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
1 Manage the cert-manager GitHub organisation from this repo 1y 10mo 1y
dco-signoff: yes
size/XXL
commented
member-last
unreviewed
4 Add support for custom license templates 2y 2y
dco-signoff: yes
size/S
contributor-last
unreviewed
143 feat: allow creating or reusing an existing sa 1y 3wk 1y
ok-to-test
recv
recv-q
unreviewed
141 re-adding required clusterrole permission 1y 4mo 1y
size/XS
author-last
recv
unreviewed

Unkinded Issues (288)

Resolution: Add a kind/ or triage/support label

Average age: 791.9d, Avg wait: 506.9d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6799 ACME challenges stopped working after 1.13/1.14 update
1y 12d 1y
priority/critical-urgent
commented
recv
recv-q
3992 Add non-CRD yaml file
4
 4y 4wk 10mo
priority/important-soon
area/deploy
author-last
commented
recv
6179 CRDs shouldn't be templated in Helm
5
28
 2y 3wk 2y
priority/backlog
lifecycle/stale
commented
contributor-last
recv
recv-q
1715 The ingress annotation `cert-manager.io/secret-template` is not documented
2d 2d
contributor-last
1262 v1.9 to v1.10 upgrade instructions does not mention container name change
2y 3mo 11mo
priority/backlog
assigned
assignee-updated
commented
member-last
send
1101 Feature request for updating documentation. 2y 9mo 9mo
priority/backlog
commented
member-last
send
similar
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
5
 4y 2y 4y
documentation
help wanted
priority/backlog
commented
pr-merged
recv-q
2 Set up periodic job to publish an experimental release build
5y 4y
priority/backlog
assigned
contributor-last
45 Unable to mount and read only file error
5
 3y 9mo 9mo
priority/awaiting-more-evidence
commented
send
132 Investigate test timeouts 1y 9mo
priority/backlog
60 Support prometheus metrics
1y 7mo 7mo
priority/backlog
commented
member-last
pr-reviewed-with-comment
send
240 High risk vulnerability with oras-go version 19h 19h 19h
recv
81 Configuring Peribolos for Github org management 6y 9mo 9mo
priority/backlog
commented
member-last
send
3 Migrating all cert-manager sub-projects to "Makefile modules" 2y 18d
priority/backlog
27 failed with: OpenAPI spec does not exist
2
6
 4y 9mo 2y
priority/critical-urgent
commented
pr-closed
pr-unreviewed
send
273 previously listed items omitted

Unprioritized Recent Issues (312)

Resolution: Add a priority/ or triage/ label

Average age: 669.5d, Avg wait: 442.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7788 Be able to default `acme.cert-manager.io/http01-edit-in-place: "true"` behavior in deployment/chart values 4d 3d 4d
kind/feature
assigned
assignee-updated
author-last
recv
recv-q
7797 Refactor metrics into a collector format 1d 1d 1d
kind/feature
assigned
assignee-updated
contributor-last
recv
310 previously listed items omitted

Uncommented Recent Issues (3)

Resolution: Add a comment

Average age: 2.3d, Avg wait: 1.9d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
3 previously listed items omitted: #7797 #7788 #240
New, has multiple reactions, but not important-soon: No matching items
New, has multiple commenters, but not important-soon: No matching items

needs information, has update (1)

Resolution: Comment and remove triage/needs-information tag

Average age: 78.4d, Avg wait: 74.7d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
7643 jkspassword.txt file in secret is having default password 2mo 2mo 2mo
kind/bug
triage/needs-information
commented
contributor-last
recv
recv-q

Recently updated issue has a question (4)

Resolution: Add an answer

Average age: 380.3d, Avg wait: 200.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6331 CSR not signed by referenced private key
10
 2y 5d 1y
kind/bug
priority/important-soon
commented
recv-q
send
3 previously listed items omitted: #7788 #7649 #5917
Triage Party v1.4.0