queue to be emptied once a day

Unprioritized issues older than 7 days (260)

Resolution: Add a priority/ or triage/ label

Average age: 491.5d, Avg wait: 240.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8847 Certificate Stuck In Failed Renewal State 10d 10d 10d
kind/bug
recv
similar
8853 Gateway-derived Certificate includes hostnames already covered by wildcard listener, causing ACME Order failure 8d 8d 8d
kind/bug
recv
8835 Make signatureAlgorithm configurable 16d 16d 16d
kind/feature
recv
8776 When performing DNS challenges, the Describe Domains interface is subject to rate limiting 5wk 14d 5wk
kind/bug
recv
recv-q
8767 Add support for CRLDistributionPoints on Certificate resources
5wk 5wk 5wk
kind/feature
commented
member-last
pr-closed
send
similar
8763 Minimize cert-manager and trust-manager Controller Privileges 6wk 6wk 6wk
kind/feature
recv
8756 cert-manager: SSRF via `Issuer.spec.vault.server` 6wk 6wk 6wk
recv
8754 Test Flake: TestDynamicAuthorityMulti: authority_test.go:175: Timeout waiting for rotation 6wk 6wk 6wk
kind/flake
recv
8785 Server-Side Apply paths drop several fields that non-SSA Update paths correctly persist
4wk 3wk 3wk
kind/bug
assigned
assignee-updated
commented
member-last
pr-new-commits
8745 helm verify fails due to filename containing a 'v' prefix on the version in the provenance file 7wk 6wk 7wk
kind/bug
author-last
recv
8729 Feature Request: allow to configure max retry backoff duration for failed CertificateRequest
1mo 19d 4wk
kind/feature
assigned
assignee-updated
commented
send
8716 Feature Request: Add a CMPv2 issuer for certificate enrollment and renewal (RFC 4210) 2mo 3d 1mo
kind/feature
author-last
commented
recv
recv-q
8702 202 Accepted Response - Certificate Request failed - Unexpected status code on TPP Certificate Request. 2mo 2mo 2mo
recv
8688 Your MCP server earned an A security grade on Loaditout 2mo 2mo 2mo
recv
8679 Allow managing SSH-CA 2mo 2mo 2mo
kind/feature
recv
8733 Updates or removal of solver ingress class annotations on ingresses are not propagated to existing certificates
1mo 4wk 4wk
kind/bug
commented
member-last
pr-new-commits
send
8659 v1.20.1 release progress tracking 2mo 2mo
8672 Allow specifying the secret namespace for CA issuer spec 2mo 2mo 2mo
commented
member-last
pr-unreviewed
send
8656 v1.20.0 release progress tracking 2mo 2mo
8641 ContribFest KubeCon EU 2026 - Amsterdam (March 24, 2026) 2mo 2mo 2mo
kind/documentation
commented
member-last
8848 CertificateOwnsSecret panics with index out of range [0] when Certificate is deleted during namespace teardown 10d 10d 10d
recv
8586 Misconfiguration caused hammering of DigitalOcean API 3mo 3mo 3mo
kind/bug
pr-unreviewed
recv
8572 Solver ingressTemplate annotations are not applied to existing Ingress resources when acme.cert-manager.io/http01-edit-in-place: 'true' is set
3mo 3mo 3mo
kind/bug
author-last
pr-closed
pr-unreviewed
recv
similar
8530 Allow usage of the new DNS-PERSIST-01 challange for ACME
19
 3mo 3mo 3mo
kind/feature
recv
similar
8522 Support pulling additional fields from secret when using external account binding
2
 3mo 3mo 3mo
kind/feature
recv
recv-q
8512 ArtifactHub install command causes Helm fallback warning due to missing v prefix 3mo 4wk 3mo
recv
8499 Add custom labels to be exposed in prometheus metrics 4mo 3d 3d
kind/feature
area/monitoring
assigned
assignee-updated
commented
member-last
pr-closed
pr-reviewed-with-comment
send
8493 cloudflare DNS01 - Client.Timeout exceeded while awaiting headers
4
11
 4mo 2mo 3mo
good first issue
help wanted
kind/bug
assigned
assignee-updated
commented
pr-unreviewed
recv-q
send
8481 FYI: cert-manager-webhook-libdns
4mo 4mo 4mo
recv
8479 Subject Key Identifier (SKI) missing on issued certificates by self-signed CA 4mo 4mo 4mo
kind/feature
pr-new-commits
recv
8458 Vault approle configuration
4mo 4mo 4mo
kind/feature
recv
8450 Introducing DelayedInformers for CRD check 4mo 4mo 4mo
kind/feature
assigned
assignee-updated
commented
contributor-last
send
8416 Make Venafi client timeout configurable for slower servers 4mo 4mo 4mo
kind/feature
commented
member-last
send
8378 Support `PodCertificateRequest`
2
 5mo 6wk 5mo
kind/feature
commented
send
similar
8364 Replace Hetzner DNS01 Webhook 5mo 5mo 5mo
collaborator-last
commented
send
8340 Top-level: CA Issuer rotation problem 6mo 3d
lifecycle/stale
cybr
contributor-last
8373 DNS-PERSIST-01 challenge support (planned for late Q1 2026)
4
3
3
159
 5mo 6wk 5mo
kind/feature
recv
recv-q
similar
8280 Unblocking SSA: Document changes in SSA-by-default 6mo 19d
lifecycle/stale
cybr
contributor-last
8319 Improve cert-manager's event handler to allow us to selectively skip some reconciliations 6mo 6mo
cybr
8277 Unblocking Server Side Apply (SSA) by Default 6mo 4mo 4mo
cybr
commented
member-last
8643 ACME challenge scheduler: allow parallel challenges with different HTTP01 ingress classes or DNS01 providers
2mo 3wk 4wk
kind/bug
assigned
assignee-updated
commented
contributor-last
pr-reviewed-with-comment
pr-unreviewed
send
8235 Cert-manager support for Issuer-managed keys 7mo 13d 7mo
kind/feature
lifecycle/stale
commented
recv
8251 Top-level ticket: ListenerSet
8
 7mo 7wk 3mo
cybr
commented
pr-merged
recv-q
send
8218 Include Vault hostname as default JWT audiences
7mo 4mo 4mo
kind/feature
assigned
assignee-updated
commented
member-last
pr-merged
send
8209 Add revocation at certificate deletion
3
 7mo 13d 7mo
kind/feature
author-last
recv
similar
8194 Update e2e Documentation - for the make e2e-setup command 7mo 7wk 7mo
kind/feature
lifecycle/stale
commented
contributor-last
send
8234 Vault Issuer: certmanager spams thousands of CertificateRequest resources if Issuer is configured to use the Vault issue endpoint rather than the sign endpoint
7mo 5wk 7mo
kind/bug
lifecycle/stale
commented
contributor-last
pr-unreviewed
send
8183 Add helm diff output to cert-manager PRs 8mo 17d 7mo
lifecycle/stale
assigned
assignee-updated
commented
contributor-last
send
8095 DNS-01 Delegated zone is not following CNAME and creating wrong records
5
 8mo 6wk 8mo
kind/bug
lifecycle/stale
commented
contributor-last
recv
recv-q
8094 HTTP-01 challenge returns 502 with App Gateway (works with NGINX ingress controller) 8mo 4mo 8mo
recv
recv-q
8086 ACME ClusterIssuer not recovering after Vault restart 9mo 2mo 9mo
kind/bug
lifecycle/stale
contributor-last
recv
8082 EOF during self check with Pomerium 9mo 2mo 9mo
lifecycle/stale
contributor-last
recv
8023 ACME issuer fails when CA includes Name Constraints with x509: unhandled critical extension 9mo 13d 9mo
lifecycle/rotten
commented
contributor-last
recv
recv-q
7914 Output tls.crt in CA cert to another secret 10mo 4wk 10mo
kind/feature
lifecycle/rotten
contributor-last
recv
7868 Metrics for webhook certificate
3
 10mo 6wk 10mo
kind/feature
lifecycle/stale
contributor-last
recv
7862 Requesting a certificate from ZeroSSL sometimes takes more than 10 minutes to complete
7
 11mo 2mo 11mo
kind/bug
lifecycle/stale
contributor-last
recv
7834 Provide race condition mitigation support 11mo 5mo 11mo
kind/feature
author-last
recv
7829 Support to auto delete Certificaterequest
11mo 2mo 11mo
kind/feature
lifecycle/rotten
commented
contributor-last
send
similar
7864 failed to call webhook: certificate has expired or is not yet valid
2
 11mo 5mo 11mo
kind/bug
assigned
assignee-updated
contributor-last
recv
recv-q
similar
7828 Cert-manager created multiple CertificateRequests (over 30k) for a valid certificate
11mo 5wk 10mo
kind/bug
lifecycle/stale
commented
contributor-last
send
7821 Request to support AWS ACM Exportable certificates
56
 1y 6mo 8mo
kind/feature
commented
send
similar
7788 Be able to default `acme.cert-manager.io/http01-edit-in-place: "true"` behavior in deployment/chart values
5
 1y 16d 6mo
kind/feature
author-last
commented
recv
7779 RevisionHistoryLimit should follow Kubernetes definition 1y 12d 12d
commented
contributor-last
recv-q
send
7768 Stuck in a loop with `multiple challenge solver pods found for challenge` 1y 5d 1y
kind/bug
lifecycle/stale
contributor-last
recv
7766 Certificate: Let me specify the concatenation order for CombinedPEM output format
1y 3mo 1y
kind/feature
author-last
recv
recv-q
7751 Custom key usage extensions 1y 3mo 4mo
kind/feature
commented
recv
recv-q
7747 [suggestion] Add Kustomize install documentation
5
6
 1y 2d 1y
kind/feature
lifecycle/rotten
commented
contributor-last
recv
recv-q
7684 Add support for namespaced deployment
1y 2mo 1y
kind/feature
lifecycle/rotten
contributor-last
pr-merged
recv
recv-q
similar
7822 Tracking: Kubernetes Gateway API follow up tasks
5
 1y 2wk 6mo
lifecycle/frozen
commented
contributor-last
pr-merged
send
7645 Support cross-signed intermediate CAs issued with Vault
5
 1y 2mo 4mo
kind/feature
commented
pr-unreviewed
send
7551 Unhelpful log messages 1y 6mo
lifecycle/frozen
contributor-last
7531 punycode issue 1y 6wk 1y
author-last
recv
7522 Non standard "cert-manager.io" used in event "Reason" 1y 7mo 1y
lifecycle/frozen
kind/bug
commented
contributor-last
recv
7561 Feature Request RFC: Push notifications from cert-manager to <other service> when certificates are issued 1y 5wk 7mo
kind/feature
author-last
commented
recv
recv-q
7492 `UseCertificateRequestBasicConstraints` should probably add `Critical` for `isCA` 1y 7mo 1y
lifecycle/frozen
commented
contributor-last
recv
7520 ClusterIssuer read caBundle from Secret
7
 1y 11d 1y
kind/feature
lifecycle/stale
commented
contributor-last
pr-closed
send
7486 `"Unhandled Error" err="ingress '...' in work queue no longer exists"` should be handled (clean up dangling `Certificate`)
6
 1y 7mo 1y
lifecycle/frozen
kind/bug
contributor-last
recv
recv-q
7476 [Helm Chart] - Wrong handling of image registry and repository
4
 2y 3mo 6mo
kind/bug
commented
pr-closed
send
7438 certificate not updated after enabling SSA 2y 4wk 4wk
kind/bug
assigned
assignee-updated
commented
member-last
pr-new-commits
send
7422 Please provide standalone helm chart for CRDs
20
 2y 9d 2y
kind/feature
lifecycle/rotten
contributor-last
recv
7388 Kid missing in the new order request
2
 2y 4wk 2y
kind/bug
lifecycle/stale
contributor-last
pr-unreviewed
recv
recv-q
7473 Create certificate based on HTTPRoute configuration
63
7
99
 2y 2mo 2mo
kind/feature
assigned
assignee-updated
commented
pr-closed
pr-merged
send
6010 Support the ACME Renewal Information (ARI) extension
2
20
 3y 2mo 1y
kind/feature
commented
pr-reviewed-with-comment
recv
recv-q
6224 Option to store certificate history in individual secrets
2
 2y 2d 9mo
kind/feature
lifecycle/rotten
commented
contributor-last
recv-q
send
4749 rfc2136 seems to not work with deep subdomains
4y 6wk 4y
kind/bug
lifecycle/stale
area/acme/dns01
contributor-last
recv
recv-q
8611 Move from LetsEncrypt staging endpoint to production endpoint causes loop of the same error
3
2
 3mo 2mo 2mo
kind/bug
commented
member-last
pr-closed
send
8309 Dependency Dashboard 6mo 2h 6mo
recv
8279 Unblocking SSA: Fix unit tests 6mo 19d
lifecycle/stale
cybr
contributor-last
8372 HTTP-01 challenge: support stateless http-01 challenge 5mo 5mo 5mo
kind/feature
recv
5864 Certmgr allows creating certificates expiring after ca expiration.
4
33
 3y 8mo 1y
lifecycle/frozen
kind/bug
cybr
commented
pr-closed
recv-q
send
2105 Confusing reference to latest release in previous release notes 3wk 3wk 3wk
recv
2061 Tutorial: `cert-manager` on Google Kubernetes Engine - Remove Google Domains 2mo 2mo 2mo
author-last
pr-unreviewed
recv
2019 Add ENISA NIS2 reference to best practice intro 2mo 2mo 2mo
recv
1935 add third party cert-manager-webhook-infomaniak 4mo 4mo 4mo
recv
2009 The flag description "Enable client cert authenticate of apiserver to webhooks." is ungrammatical/unclear 3mo 3mo
1874 Dependency Dashboard 6mo 2h 6mo
recv
1926 Change the Cert Manager Webhook DNS01 of Hetzner Cloud
4mo 4mo 4mo
author-last
pr-closed
recv
1806 Tutorial depends on no longer available image of kuard
4
 8mo 8mo 8mo
recv
1643 Let's Encrypt Ending Support for Notification Emails 1y 10mo 1y
recv
1715 The ingress annotation `cert-manager.io/secret-template` is not documented
2
 1y 1y
contributor-last
similar
1623 Claim about v1beta1/v1alpha2 support for gateway api is misleading 1y 1y 1y
recv
1585 Broken install instructions due wrong cert_manager_latest_version - v1.16.1 2y 2y 2y
recv
1596 Wrong key for cloudflare secret ref in DNS Validation tutorial page 2y 2y 2y
recv
1546 Self upgrade PRs don't run checks
2y 8mo 2y
cybr
commented
member-last
1490 GKE tutorial falsely claims it's possible to create LE certificate without domain (only IP) 2y 2y 2y
author-last
recv
944 Document how to install cert-manager in a different namespace
4
 4y 2y 4y
good first issue
recv
recv-q
1625 Configuration issue potentially leading to a memory leak 1y 1y 1y
recv
1620 Cert Manager allows the creation of Illegal wilcard SANs 1y 1y 1y
recv
1608 Renaming Securing NGINX-ingress to ingress-nginx 2y 2y 2y
recv
697 [IRSA] Needs `runAsUser: 1001`
4y 2y 2y
commented
member-last
pr-merged
send
1586 Now that cert-manager 1.16 has been released, `--set config.enableGatewayAPI=true` is now the recommended approach for projects that show instructions on how to enable cert-manager's gateway API support, especially on visible projects like Cilium:
2y 2y
pr-merged
209 Dependency Dashboard
6mo 2d 6mo
pr-merged
recv
501 Error logs not very helpful
2
 1y 1y 1y
recv
431 istio-csr pod healthz check fails for long time in v0.11.0 and v0.12.0 2y 2y 2y
recv
recv-q
287 Getting Readiness probe failed when using cert-manager-istio-csr 2y 2y 2y
author-last
recv
recv-q
similar
283 Document / improve that sometimes the issuer needs to set `ca.crt`
2y 2y
244 Populate Subject Fields in Certificate
2y 2y 2y
recv
223 False positive warnings from trivy and dependabot
7
 2y 2y
786 Apply cluster API server TLS security profile to TLS servers (incl. curves / key exchange preferences) 7wk 3wk 7wk
pr-reviewed-with-comment
recv
153 It is possible to have several CAs within the same cluster.
3
 4y 2y 2y
commented
send
176 certificateDuration is not used for the Istio CSR generated certificate requests
3y 10mo 3y
pr-closed
recv
recv-q
137 Documentation on rotating the root certificate
3
 4y 1y 4y
recv
recv-q
130 Document best-practices for minimal vault role configuration for istio-csr 4y 2y 4y
recv
recv-q
84 csr readiness probe failed, istio ingress pod also failed
2
 4y 2y 4y
support
recv
recv-q
similar
113 Integrating with istio helm chart installs
15
 4y 2y 4y
recv
recv-q
687 Dependency Dashboard 6mo 2h 6mo
recv
803 Request to build images for main
4mo 2mo 2mo
commented
member-last
send
782 Ensuring approver-policy is ready to accept CRDs after install 5mo 5mo
good first issue
similar
869 [Feature Request] Support Annotations in Approval Policies 2mo 2mo 2mo
author-last
commented
pr-reviewed-with-comment
recv
recv-q
761 Dependency Dashboard 6mo 2h 6mo
recv
667 Cannot create secret cert-manager-approver-policy-tls 10mo 12d 6wk
commented
send
466 Document How to Configure Common Scenarios 2y 2y 2y
recv
394 Limit number of SANs by policy
2y 2y 2y
commented
member-last
send
452 CRDs in the Release files
3
 2y 2y 2y
recv
288 Feature: Take control of approval for the whole cluster
2
 2y 2y 2y
commented
member-last
203 Improve CRD fields for specifying key requirements
3
 3y 2y 2y
commented
member-last
send
169 Webhook Custom CA 3y 1y 1y
help wanted
commented
contributor-last
recv-q
send
216 Simplify configuration by creating RBAC by default
2
 3y 1y 1y
help wanted
commented
contributor-last
pr-merged
pr-unreviewed
recv-q
send
983 Is it possible to read content from the binaryData field of configmaps to generate Bundles? 18d 18d 18d
recv
962 Non-deterministic JKS/PKCS#12 bundle generation causes continuous Secret updates and restart loops with Reloader 5wk 5wk 5wk
commented
member-last
send
971 Sync continiously re-writes ConfigMap
4wk 4d 4wk
commented
pr-merged
send
913 Feature Request: Allow files as a source. 2mo 2mo 2mo
recv
886 Allow creating `ClusterRole` aggregations 4mo 4mo 4mo
kind/feature
recv
881 Helm install fails when extraObjects contains Bundles 4mo 4mo 4mo
recv
848 Request for cryptographic mechanisms used in cert-manager-trust-manager 4mo 4mo 4mo
recv
841 Does trust-manager require cluster level permissions to read secrets?
5mo 2mo 2mo
commented
member-last
send
837 Ensuring trust-manager is ready to accept CRDs after install 5mo 5mo
good first issue
pr-unreviewed
similar
835 Helm Chart cannot set securityContext 5mo 5mo 5mo
recv
805 Dependency Dashboard 6mo 2h 6mo
recv
800 When creating a trust bundle with additionalFormats/pkcs12, no pkcs12 is produced
6mo 3mo 3mo
commented
send
778 Add option to use a specific issuer in the helm chart 7mo 7wk 7mo
lifecycle/stale
contributor-last
recv
761 Feat: Add a namespaced trust bundle CRD alongside the cluster-scoped Bundle 8mo 11d 11d
commented
member-last
send
750 Feat: Emit Events on the controller Pod instead of cluster-scoped Bundle 9mo 2mo 8mo
lifecycle/stale
commented
contributor-last
recv
742 Add option to disable webhook in Helm chart 9mo 10d 9mo
kind/feature
author-last
commented
recv
741 Using an Image Volume to deploy certifiats
9mo 2mo 9mo
lifecycle/stale
commented
contributor-last
send
650 Pod goes out of readiness 11mo 2mo 11mo
lifecycle/rotten
contributor-last
recv
592 Feature: ClusterTrustBundle as Sources
1y 7wk 7mo
lifecycle/stale
commented
contributor-last
send
similar
908 v0.22.0: image template does not work when installing trust-manager and cert-manager from one umbrella chart
4
 3mo 7wk 7wk
commented
member-last
pr-closed
pr-merged
send
591 Feature: ClusterTrustBundle as Target
13
 1y 7wk 7mo
lifecycle/stale
commented
contributor-last
pr-merged
send
similar
301 Add support for kubectl installation
2y 1y 2y
lifecycle/frozen
author-last
commented
open-milestone
recv
recv-q
similar
245 Split Bundle controller into multiple controllers
2y 1y 1y
lifecycle/frozen
commented
member-last
pr-merged
send
560 Support rotated certificate sources
39
 1y 5mo 1y
commented
pr-reviewed-with-comment
recv
recv-q
similar
588 Add ability to monitor validity period for CAs in bundle
5
 1y 3mo 4mo
kind/feature
help wanted
assigned
assignee-updated
commented
pr-reviewed-with-comment
send
243 More flexible and better organized target specification in API
5
 2y 5mo 7mo
lifecycle/frozen
commented
pr-merged
222 [Feature] - Ability to inject a CA cert into a cert-manager managed secret resource
16
 2y 11d 9mo
lifecycle/rotten
commented
contributor-last
pr-merged
send
99 Allow removing Bundles whilst keeping the synced CA certs
5
 3y 1y 1y
lifecycle/frozen
commented
member-last
pr-unreviewed
63 nit: Rename "Bundle" to "ClusterBundle"
19
 3y 11mo 11mo
lifecycle/frozen
commented
member-last
open-milestone
pr-merged
send
60 overriding trusted namespace
10
18
 3y 3mo 1y
commented
recv-q
send
242 New version of Bundle API
2
4
 2y 1y 2y
lifecycle/frozen
commented
pr-closed
pr-merged
4 Feature: By default, require only self-signed certificates in a bundle
4y 2mo 11mo
kind/feature
help wanted
good first issue
lifecycle/rotten
commented
contributor-last
send
39 Don't sync targets to all namespaces by default
8
 3y 1y 1y
lifecycle/frozen
commented
member-last
open-milestone
pr-merged
send
142 expose bundles CRD as release artifact
2
12
 3y 2mo 10mo
help wanted
lifecycle/stale
author-last
commented
pr-unreviewed
recv
recv-q
988 bug: ServiceMonitor is matching both services 13d 13d 13d
recv
131 Feature: per namespace trust bundle
9
 3y 8mo 11mo
lifecycle/frozen
commented
send
205 Allow to select multiple "trust" namespaces
50
 2y 4wk 11mo
commented
send
279 Persisting identifiers for retry calls to Sign() 10mo 4mo 4mo
commented
member-last
send
231 ### Question about Configuring Retries in cert-manager 1y 4mo 4mo
commented
member-last
send
204 clarify SetCAOnCertificateRequest deprecation status 1y 1y 1y
commented
member-last
send
362 Dependency Dashboard 6mo 2h 6mo
recv
583 Security Posture improvements 3mo 5wk 3mo
recv
recv-q
636 Cert fails to issue, but main container starts anyway 6wk 6wk 6wk
recv
385 Helm Install of cert-manager-csi-driver Fails on Minikube with /dev/bus/usb Errors 1y 1y 1y
author-last
recv
267 Does cert-manager-csi-driver support AWS EKS with AWS Fargate nodes? 2y 2y 2y
recv
530 Dependency Dashboard 6mo 2h 6mo
recv
264 Certificate renewal doesn't change file 'modified date'
2y 2y 2y
recv
241 Missing cert-manager.io/revision-history-limit volume attributes for CSI-Driver
6
 2y 2y 2y
recv
171 E2E Test Cleanup 2y 14d 2y
good first issue
commented
recv-q
130 JKS support
6
 3y 2y 3y
recv
recv-q
17 ability to specify pod IP in volume attributes
8
 6y 2y 6y
commented
recv
recv-q
256 Broken comma-separated splitting logic 2y 2y
521 RFC: Cert-Manager CSI Driver as Secret Store Provider
6mo 6mo 6mo
recv
613 Support POD_HOSTNAME as a variable 2mo 2mo 2mo
recv
383 [Feature Request] Adding attributes that available in Certificate CRD to CSI Driver
6
 1y 1y 1y
recv
353 mismatch between the key and the certificate signature algorithm
1y 1y 1y
recv
411 Dependency Dashboard 6mo 2h 6mo
recv
41 The default `csiDataDir` value might collide with csi-driver
3y 8mo
contributor-last
pr-merged
recv-q
295 Dependency Dashboard 6mo 2h 6mo
recv
204 Support for creating certificate for wildcard route
11mo 6mo 11mo
recv
similar
306 [FEATURE]Enable setting private key encoding via annotation 6mo 6mo 6mo
kind/feature
author-last
pr-reviewed-with-comment
recv
174 Standby Replicas without lease use lots of CPU 1y 1y 1y
recv
58 certificate cannot be renewed, error message: "key does not match certificate"
4
 2y 2y 2y
recv
recv-q
116 Release static manifests (no helm) for v0.6.0-alpha.0+
2
 2y 2y 2y
recv
56 Support for destinationCaCertificate / Reencrypt Routes
2
 2y 2y 2y
recv
similar
38 Route with cert-manager annotations is not created
4
 2y 1y 2y
commented
send
54 Same certificate in path based Routes
4
 2y 1y 2y
pr-closed
recv
70 OLM deployment with ArgoCD is OutOfSync
4y 3y 3y
commented
send
46 Cert-manager operator fails to issue certificates 4y 4y 4y
recv
22 Customize the deployment of cert-manager installed via OLM
5
6
 5y 2y 4y
commented
recv
recv-q
17 Operator prevents passing extraArgs helm value
7
 5y 3y 5y
recv
recv-q
74 Consistency issues due to the use of mount binds 2y 5wk 2y
commented
recv
recv-q
144 Dependency Dashboard 6mo 2h 6mo
recv
40 Optional auto rotating/renewing certificates 3y 2y 3y
contributor-last
recv
recv-q
similar
100 Dependency Dashboard 6mo 14h 6mo
recv
56 Struggling to get controller running in local KIND cluster
1y 1y 1y
commented
member-last
send
63 Is it possible to only create Issuer and remove the CluserIssuer 1y 1y 1y
recv
62 Limit the controller-manager to access secrets only from specific namespace 1y 1y 1y
recv
122 asdf cmctl installer issues
2
 2y 2y 2y
author-last
commented
recv
361 Dependency Dashboard 6mo 2h 6mo
recv
65 Dependency Dashboard 6mo 7h 6mo
recv
59 Process regarding worrying emails sent to the maintainers mailing list
9mo 9mo 9mo
commented
member-last
1125 Dependency Dashboard 6mo 2d 6mo
recv
1181 PR history may show revived ProwJob attempts as duplicate build IDs
3wk 3wk
pr-merged
481 Embed go version in `go install` binaries in cache 6mo 6mo
451 Re-enable testing with specific kubernetes versions in subprojects 8mo 8mo 8mo
cybr
commented
member-last
send
295 `make generate-golangci-lint-config` clobbers local exclusions added to the local config. 1y 1y
202 Makefile Modules, Go Versions and Vendoring
2y 2y 2y
commented
contributor-last
154 Publish SBOMs 2y 2y 2y
kind/feature
good first issue
commented
member-last
send
487 Dependency Dashboard 6mo 11min 6mo
recv
202 Dependency Dashboard 6mo 28min 6mo
recv
26 helm-tool inject adds trailing white space to the generated markdown 2y 2y
kind/bug
25 helm-tool inject sometimes omits the context (prefix) of commented out values in the generated markdown 2y 2y
kind/bug
contributor-last
263 helm-tool help should be more helpful 4wk 4wk 4wk
recv
64 Open Standup: Updating an event didn't send new invitations to already registered people
6mo 6mo 6mo
commented
member-last
send
63 CNCF-paid GitHub Actions runners 7mo 6mo 6mo
commented
member-last
60 Lazy vote: Zoom for standup meetings to be able to add the standups to the LFX calendar
7mo 7mo 7mo
commented
member-last
62 Lazy vote: Enhancing the triaging process 7mo 7mo
35 Post-Graduation Suggestion Tracker
2y 2y 2y
commented
member-last
pr-merged
92 Dependency Dashboard 6mo 19h 6mo
recv
80 How to deal with K8s timelimit in 30s ? 2y 2y 2y
recv
74 Why cert-manager looks for a CNAME record instead of a TXT record? 2y 2y 2y
recv
72 readyz and healthz api 2y 2y 2y
recv
81 How to enable leader election in the webhook? 1y 1y 1y
recv
46 Code reference a pull request to be merged, but the pull request was closed by a robot 3y 4mo 3y
recv
2 Set up basic e2e test that deploys the webhook and ensures we can POST a challenge
7y 8mo
contributor-last
pr-closed
recv-q
37 Add logging example
4y 2y 4y
pr-closed
recv
24 Dependency Dashboard 6mo 7h 6mo
recv
8 Find solution for automatically disabled GitHub Actions 2y 2y
22 Dependency Dashboard 6mo 2h 6mo
recv
18 Feature: Git bundles? 1y 1y
7 Dependency Dashboard 6mo 5wk 6mo
recv
500 Feature Request: Support for Failover / Secondary CA Pool in GoogleCASIssuer 5wk 5wk 5wk
recv
487 Helm chart `image` named template conflicts with cert-manager 1.20.x
2
 7wk 5wk 7wk
commented
pr-closed
recv-q
send
485 [Feature Request] Propagate Kubernetes Metadata to Google Cloud CAS Labels 1mo 1mo 1mo
pr-reviewed-with-comment
recv
375 Dependency Dashboard 6mo 2h 6mo
recv
197 Kubectl One-line Installation Support 2y 2y 2y
commented
member-last
send
similar
162 Issue: Broken config when using commonLabels 2y 2y 2y
recv
148 Certificate chain is not split correctly
5
 2y 2y 2y
author-last
pr-reviewed-with-comment
recv
recv-q
133 Allow to use a custom Service Account
5
 2y 2y 2y
pr-unreviewed
recv
361 [Helm] allow `enabled` as key in values schema 7mo 7mo 7mo
recv
102 certificate renewal does not work in due to auth issue to privatecaapi end point 3y 2y 3y
recv

Uncommented older than 7 days (157)

Resolution: Add a priority/ or triage/ label

Average age: 566.0d, Avg wait: 518.7d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8085 Feature Request: Add annotation to disable automatic certificate renewal
9mo 2mo 9mo
priority/important-longterm
lifecycle/stale
contributor-last
pr-closed
recv
similar
8058 Cert-manager fails to import ECDSA private keys generated by openssl 9mo 2mo 9mo
kind/bug
priority/important-longterm
lifecycle/stale
contributor-last
pr-changes-requested
recv
8121 Support for Creating CertificateRequest from Kubernetes Secret 8mo 6wk 8mo
kind/feature
lifecycle/stale
triage/needs-information
contributor-last
recv
recv-q
similar
6820 Ongoing dependency evaluation
2y 2y 2y
lifecycle/frozen
priority/important-longterm
contributor-last
recv
6741 ACME account private key and URI are not updated if the path of the ACME server is changed
7
 2y 6mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
pr-unreviewed
recv
6472 Create TLSA records automatically
15
 2y 4mo 2y
kind/feature
priority/backlog
contributor-last
recv
5917 Waiting for DNS-01 challenge propagation: DNS record for mydomain.com not yet propagated
43
 3y 2mo 3y
kind/bug
priority/important-longterm
assigned
assignee-updated
recv
recv-q
5540 Changelog annotations to chart
3y 4mo 3y
kind/feature
priority/backlog
author-last
recv
5751 Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together
2
 3y 7mo 3y
lifecycle/frozen
kind/bug
priority/important-soon
author-last
pr-closed
pr-unreviewed
recv
recv-q
1549 Brand guideline page 2y 2y 2y
priority/backlog
contributor-last
recv
1473 Add ArtifactHub packages to website 2y 2y 2y
priority/backlog
recv
1063 "Securing Ingresses with Venafi" tutorial contains link to missing manifest
3y 2y 3y
priority/important-longterm
author-last
pr-merged
recv
850 Document available cert-manager Prometheus metrics
4y 3y 4y
documentation
good first issue
priority/important-longterm
recv
recv-q
354 DigitalOcean access-token should not be base64-encoded 5y 5y 5y
priority/awaiting-more-evidence
author-last
recv
recv-q
237 docs for ACMEChallengeSolverHTTP01Ingress doesn't specify what `class` values are available
6y 5y 6y
priority/backlog
kind/documentation
contributor-last
pr-closed
recv
197 Document ACME account mismatch 6y 1y 6y
good first issue
priority/backlog
kind/documentation
pr-unreviewed
recv
recv-q
130 FAQ: How does cert-manager handle ingresses with valid TLS secrets? 6y 5y 6y
help wanted
priority/backlog
kind/documentation
contributor-last
recv
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 6y 5y 6y
priority/backlog
kind/documentation
contributor-last
recv
3 Restrict operator RBAC permissions
6y 2y 6y
priority/backlog
pr-merged
recv
83 As cmctl user, I want to use different kubectl context on command line ( --context='kubectl-context-abc' )
4
 2y 2y 2y
priority/important-longterm
recv
690 Clean up Presets
4y 2y 4y
priority/backlog
pr-merged
recv
594 Document infra image bumps and versioning 4y 2y 4y
priority/backlog
recv
38 Set repository to be a GitHub template repository
4y 2y 4y
priority/important-longterm
recv
134 previously listed items omitted

Important soon, but no updates in 90 days (13)

Resolution: Downgrade to important-longterm

Average age: 1364.2d, Avg wait: 75.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6709 1.14 Release Review
3
 2y 2y 2y
lifecycle/frozen
priority/important-soon
commented
contributor-last
send
6331 CSR not signed by referenced private key
10
 2y 6mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
commented
contributor-last
recv-q
send
5298 Complete the Migration Away From Jetstack Names 3y 2y 2y
lifecycle/frozen
kind/cleanup
priority/important-soon
commented
member-last
send
5867 Controller can't handle hitting request rate limits of zerossl ACME API
7
12
31
 3y 1y 2y
lifecycle/frozen
kind/bug
priority/important-soon
commented
pr-closed
pr-merged
recv-q
send
5751 Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together
2
 3y 7mo 3y
lifecycle/frozen
kind/bug
priority/important-soon
author-last
pr-closed
pr-unreviewed
recv
recv-q
6741 ACME account private key and URI are not updated if the path of the ACME server is changed
7
 2y 6mo 2y
lifecycle/frozen
kind/bug
priority/important-soon
pr-unreviewed
recv
3381 Setup separate package for cert-manager API
5
 5y 1y 1y
lifecycle/frozen
kind/feature
priority/important-soon
assigned
assignee-updated
commented
member-last
send
955 Document when the vault pki role required setting `require_cn=false`
2
 4y 2y
priority/important-soon
174 Add documentation for CRD conversion webhook ca injection 6y 5y 5y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
1425 The `issuer.vault.spec.caBundleSecretRef` docs are missing 2y 2y
priority/important-soon
195 Document keystores 6y 3y 5y
priority/important-soon
kind/documentation
commented
contributor-last
send
802 Spelling errors are unclear in pull request CI results and spell checker is unmaintained
4y 2y
kind/bug
priority/important-soon
contributor-last
pr-merged
127 cmctl version reports only the old CRD version if I upgrade cert-manager without including the CRDs 2y 2y
priority/important-soon

Important longterm, but no updates in 180 days (22)

Resolution: Downgrade to backlog

Average age: 1517.1d, Avg wait: 265.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6969 Should upgrade status managed fields from CSA to SSA when ServerSideApply feature gate enabled 2y 2y 2y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
contributor-last
send
5959 `ImagePullBackoff` on `cm-acme-http-solver` pod, if using private registries
23
 3y 6mo 2y
lifecycle/frozen
kind/bug
priority/important-longterm
commented
contributor-last
recv-q
send
6051 Detecting Gateway hostnames based on attached HTTPRoutes
7
35
 3y 10mo 11mo
lifecycle/frozen
kind/feature
priority/important-longterm
commented
pr-merged
send
4685 Unexpected EOF during watch stream event decoding: unexpected EOF -- possibly due to api server upgrades / restarts
12
 4y 8mo 8mo
lifecycle/frozen
kind/bug
priority/important-longterm
commented
contributor-last
recv
4191 Setting default values for Pod's "resources"?
7
 5y 2y 2y
lifecycle/frozen
priority/important-longterm
commented
contributor-last
recv-q
send
3521 Integration with ExternalDNS
4
54
 5y 9mo 2y
help wanted
lifecycle/frozen
kind/feature
priority/important-longterm
commented
recv-q
2178 Handling 'unregistering' certificates from Venafi TPP
22
 6y 2y 2y
lifecycle/frozen
kind/feature
priority/important-longterm
area/venafi
commented
member-last
send
4950 General flakiness of our end-to-end suite
3
 4y 2y 3y
lifecycle/frozen
priority/important-longterm
kind/flake
commented
member-last
pr-closed
pr-merged
send
2525 Better support multi-namespace & single-namespace deployments
29
 6y 1y 2y
lifecycle/frozen
kind/feature
priority/important-longterm
area/deploy
commented
contributor-last
pr-closed
send
similar
1186 Document that/why we don't use Helm's CRD installation mechanism 3y 2y 2y
good first issue
priority/important-longterm
kind/documentation
assigned
assignee-updated
commented
member-last
send
975 Some pages do not make it clear what the user should read next 4y 2y
priority/important-longterm
401 Bring tutorials up to date 5y 3y 3y
priority/important-longterm
commented
member-last
send
223 Document wildcard certificate tutorial 6y 5y 6y
priority/important-longterm
kind/documentation
commented
contributor-last
send
58 Support injection pem into an existing configmap
8
 3y 1y 1y
priority/important-longterm
lifecycle/frozen
assigned
assignee-updated
commented
member-last
pr-closed
pr-merged
pr-unreviewed
send
129 Increase e2e test timeouts 2y 2y
priority/important-longterm
98 Document new release process for all repos 2y 2y
priority/important-longterm
assigned
3 Make unit testing easier/make examples work
7y 2y 4y
priority/important-longterm
commented
member-last
pr-closed
send
5 previously listed items omitted: #6820 #1063 #850 #83 #38

Pull Requests: Review Ready (81)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 166.8d, Avg wait: 98.8d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8878 Try fixing Renovate for release branches 15h 56min 1h
release-note-none
approved
lgtm
size/S
kind/cleanup
dco-signoff: yes
commented
member-last
reviewed-with-comment
8880 chore(deps): update makefile modules to 111b464 (master) 2h 4min 2h
size/L
release-note-none
kind/cleanup
dco-signoff: yes
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
8879 fix(deps): update github.com/onsi deps (master) 14h 2h 14h
release-note-none
size/S
kind/cleanup
dco-signoff: yes
area/testing
ok-to-test
dependencies
skip-review
contributor-last
recv
recv-q
similar
unreviewed
8464 improve dynamic source serving certificate renewal logic 4mo 6h 3d
release-note
kind/bug
size/M
dco-signoff: yes
ok-to-test
commented
contributor-last
recv
reviewed-with-comment
8793 fix: ServerSideApply field loss in certificate-shim and issuing controller
4wk 3d 3d
release-note
size/S
kind/bug
dco-signoff: yes
commented
member-last
new-commits
8846 fix(selector/dns): normalize dns name before comparing 10d 3d 10d
release-note-none
size/S
kind/bug
needs-ok-to-test
area/acme
dco-signoff: yes
contributor-last
recv
recv-q
unreviewed
8798 feat(acme): adding implementation of ari 4wk 3d 3d
release-note
area/api
kind/feature
size/XXL
area/acme
dco-signoff: yes
area/testing
area/deploy
collaborator-last
commented
new-commits
8809 scheduler: allow ACME challenges in parallel by ingress class/provider 3wk 10d 3wk
size/L
release-note
kind/feature
needs-ok-to-test
area/acme
dco-signoff: yes
author-last
recv
recv-q
reviewed-with-comment
similar
8838 Add support for GN and SN in LiteralSubject 12d 12d 12d
release-note
size/S
kind/feature
needs-ok-to-test
dco-signoff: yes
contributor-last
recv
recv-q
unreviewed
8574 feat(design): proposed ari design 3mo 4wk 2mo
size/L
release-note-none
kind/design
dco-signoff: yes
commented
reviewed-with-comment
8781 Document the conservative ACME challenge scheduler key 4wk 4wk 4wk
release-note-none
size/M
area/acme
dco-signoff: yes
needs-kind
commented
member-last
reviewed-with-comment
8687 Normalize challenge reason in certmanager_certificate_challenge_status metric
2mo 6wk 2mo
size/L
release-note-none
needs-ok-to-test
dco-signoff: yes
needs-kind
author-last
recv
recv-q
reviewed-with-comment
8766 feat: add per-solver DNS01 nameserver configuration 5wk 5wk 5wk
release-note
size/XL
area/api
kind/feature
area/acme
dco-signoff: yes
area/acme/dns01
area/deploy
commented
contributor-last
recv
reviewed-with-comment
8534 feat: add --dns01-timeout flag to make DNS01 provider API timeout configurable 3mo 7wk 3mo
release-note
area/api
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
area/acme/dns01
needs-kind
contributor-last
recv
recv-q
unreviewed
8736 scheduler: allow parallel challenges with different HTTP01 ingress classes or DNS01 providers 1mo 1mo 1mo
size/L
release-note
kind/bug
needs-ok-to-test
area/acme
dco-signoff: yes
area/testing
contributor-last
recv
recv-q
similar
unreviewed
8648 fix: for ACME challenge scheduler, allow parallel challenges with dif… 2mo 2mo 2mo
release-note
kind/bug
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
assigned
assignee-updated
contributor-last
recv
recv-q
similar
unreviewed
8594 Fix typo "commonname" in PreferredChain field comment 3mo 3mo 3mo
release-note-none
size/S
area/api
kind/cleanup
needs-ok-to-test
dco-signoff: yes
area/deploy
contributor-last
recv
recv-q
unreviewed
5743 Add MaxPathLen and add EncodeBasicConstraintsInRequest option to Certificate and CertificateRequest resources 3y 2mo 2mo
size/L
release-note
area/api
kind/cleanup
dco-signoff: yes
area/testing
ok-to-test
area/deploy
commented
member-last
reviewed-with-comment
8395 Clarify code around DNS01 Self Check 5mo 3mo 3mo
release-note-none
kind/cleanup
size/M
area/acme
dco-signoff: yes
ok-to-test
area/acme/dns01
author-last
commented
recv
recv-q
reviewed-with-comment
8480 Add Subject Key Identifier (SKI) to issued certificates
3
 4mo 3mo 4mo
size/L
release-note
kind/feature
dco-signoff: yes
area/testing
ok-to-test
author-last
commented
new-commits
recv
8367 feat(helm) add startupProbe and readinessProbe to cert-manager-controller 5mo 5mo 5mo
release-note-none
kind/feature
needs-ok-to-test
size/M
dco-signoff: yes
area/deploy
commented
contributor-last
recv
recv-q
unreviewed
8262 Bugfix #7388 kid missing issue with Infisical ACME server or any other ACME that requires EAB
6mo 5mo 6mo
size/L
release-note
needs-ok-to-test
area/acme
dco-signoff: yes
needs-kind
author-last
commented
recv
unreviewed
2152 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
ok-to-test
dependencies
recv
recv-q
similar
unreviewed
2149 chore(deps): update misc npm packages to v5.8.19 1d 7h 1d
dco-signoff: yes
size/L
ok-to-test
dependencies
recv
recv-q
similar
unreviewed
2150 chore(deps): lock file maintenance 10h 10h 10h
dco-signoff: yes
size/L
ok-to-test
dependencies
recv
recv-q
unreviewed
2151 docs: add NetworkPolicy examples for HTTP01 challenges to best-practice page 8h 8h 8h
dco-signoff: yes
size/M
recv
recv-q
similar
unreviewed
2128 Add troubleshooting guide for certificate re-issuance loops 9d 9d 9d
dco-signoff: yes
size/L
commented
member-last
new-commits
2120 docs: add bunny.net dns01 webhook 15d 15d 15d
size/XS
dco-signoff: yes
recv
recv-q
unreviewed
2118 docs: add certforge-issuer to external issuers listUpdate issuers.md 16d 16d 16d
size/XS
dco-signoff: yes
recv
recv-q
unreviewed
2097 Clarify ACME challenge scheduling behaviour 4wk 4wk 4wk
dco-signoff: yes
size/M
commented
member-last
new-commits
2092 docs: add infomaniak third party provider 5wk 5wk 5wk
size/XS
dco-signoff: yes
recv
recv-q
unreviewed
2041 docs: link HTTP01 guide to network policy requirements 2mo 2mo 2mo
dco-signoff: yes
size/M
recv
recv-q
unreviewed
2020 docs: add ENISA NIS2 reference to best practice intro 2mo 2mo 2mo
dco-signoff: yes
size/M
recv
recv-q
unreviewed
2023 Adds troubleshooting guide for host missmatch error 2mo 2mo 2mo
size/XS
dco-signoff: yes
recv
recv-q
unreviewed
1909 docs: add ACK RRSA supported AliDNS webhook 5mo 3mo 4mo
size/XS
dco-signoff: yes
author-last
commented
new-commits
recv
1587 Custom Certificate Support for cert-manager Webhook Endpoint 2y 3mo 2y
dco-signoff: yes
size/S
recv
recv-q
unreviewed
1602 acme troubleshooting: how to fix errored challenges 2y 3mo 2y
size/XS
dco-signoff: yes
contributor-last
recv
recv-q
reviewed-with-comment
831 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
830 fix(deps): update github.com/onsi deps 14h 14h 14h
dco-signoff: yes
size/S
ok-to-test
dependencies
skip-review
contributor-last
recv
recv-q
similar
unreviewed
637 Fix/chartadditional annotations for cli args 8mo 17d 8mo
dco-signoff: yes
size/XS
ok-to-test
commented
contributor-last
recv
recv-q
reviewed-with-comment
787 Apply APIServer TLS security profile to cert-manager deployments 7wk 2wk 7wk
dco-signoff: yes
size/L
recv
recv-q
reviewed-with-comment
768 Add unit tests for pkg/tls Provider 2mo 6wk 2mo
dco-signoff: yes
size/L
needs-ok-to-test
author-last
recv
recv-q
unreviewed
769 Fix HasIssuerConfig to use RLock instead of Lock 2mo 6wk 2mo
dco-signoff: yes
size/XS
needs-ok-to-test
author-last
recv
recv-q
unreviewed
875 Fix Store() to detect duplicate approver names within a single call 2mo 12d 6wk
dco-signoff: yes
size/S
ok-to-test
commented
contributor-last
new-commits
recv
868 feat(annotations): Add annotation-based policy enforcement 2mo 2mo 2mo
dco-signoff: yes
size/L
author-last
recv
recv-q
reviewed-with-comment
931 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
1005 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
946 feat: add keepCertHistory for automatic CA cert retention on rotation 7wk 14d 7wk
dco-signoff: yes
needs-ok-to-test
size/XXL
recv
recv-q
reviewed-with-comment
918 add bundle metrics
2
 2mo 12d 4wk
size/XL
ok-to-test
dco-signoff: no
author-last
commented
recv
recv-q
reviewed-with-comment
683 feat: Add a very basic pre-commit configuration 10mo 3wk 10mo
dco-signoff: yes
size/XS
lifecycle/rotten
commented
contributor-last
new-commits
900 chart: add startupapicheck to ensure trust-manager is ready after install 3mo 3mo 3mo
dco-signoff: yes
needs-ok-to-test
size/XL
contributor-last
recv
recv-q
unreviewed
466 chore(deps): update makefile modules to 111b464 2h 2h 2h
dependencies
dco-signoff: yes
size/L
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
188 Remove SetCertificateRequestConditionError
3
 2y 3mo 3mo
dco-signoff: yes
size/XXL
commented
member-last
new-commits
669 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
535 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
534 fix(deps): update github.com/onsi deps 14h 2h 14h
dco-signoff: yes
size/S
ok-to-test
dependencies
skip-review
contributor-last
recv
recv-q
similar
unreviewed
148 limit-namespaces for namespace-scope deployments
1y 2mo 1y
dco-signoff: no
size/S
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
392 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
dependencies
size/L
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
303 feat: add support for setting private key encoding 6mo 5mo 6mo
dco-signoff: yes
size/L
needs-ok-to-test
recv
recv-q
reviewed-with-comment
similar
237 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
ok-to-test
dependencies
contributor-last
recv
recv-q
similar
unreviewed
223 NodePublishSecretRef 3wk 3wk 3wk
dco-signoff: no
size/L
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
211 Fix: concurrent NodePublishVolume calls could mount volume without certificates 6wk 6wk 6wk
dco-signoff: yes
size/L
needs-ok-to-test
contributor-last
recv
recv-q
unreviewed
71 Refactor filesystem.go and adapt tests to use a real file system 2y 11mo 11mo
dco-signoff: yes
size/L
commented
member-last
reviewed-with-comment
501 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
1196 fix(deps): update module gopkg.in/yaml.v2 to v3 19d 17d 19d
dco-signoff: yes
size/S
ok-to-test
dependencies
contributor-last
recv
recv-q
unreviewed
1207 Update k8s-infra-prow images, cert-manager-infra-images images as needed 13d 2d 13d
dco-signoff: yes
size/M
contributor-last
recv
recv-q
unreviewed
549 Split (helm) generate-crds target 3mo 3mo 3mo
dco-signoff: yes
size/M
commented
member-last
reviewed-with-comment
470 feat(helm): adding `helm-diff` target
7mo 6mo 6mo
dco-signoff: yes
size/S
cybr
ok-to-test
commented
contributor-last
new-commits
recv
recv-q
55 feat: add test module 2y 2y 2y
dco-signoff: yes
size/M
commented
contributor-last
recv
reviewed-with-comment
272 chore(deps): update makefile modules to 5b0e470 - abandoned 12d 1h 12d
dco-signoff: yes
size/M
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
69 Add auditing tool for confirming who has access to the cert-manager org 2mo 2mo
dco-signoff: yes
size/XL
contributor-last
recv-q
unreviewed
59 cleanup: remove unused NOTES.txt file 2y 2y 2y
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
64 Add imagePullSecrets to template 2y 2y 2y
size/XS
dco-signoff: yes
needs-ok-to-test
contributor-last
recv
unreviewed
1 Manage the cert-manager GitHub organisation from this repo 2y 2y 2y
dco-signoff: yes
size/XXL
commented
member-last
unreviewed
59 chore(deps): update misc github actions to v1.0.32 7h 7h 7h
dco-signoff: yes
size/XS
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
107 chore(deps): update makefile modules to 111b464 2h 2h 2h
dco-signoff: yes
size/L
dependencies
ok-to-test
contributor-last
recv
recv-q
similar
unreviewed
13 Various QA fixes 4mo 4mo 4mo
dco-signoff: yes
size/L
needs-ok-to-test
author-last
commented
new-commits
recv
4 Add support for custom license templates 2y 10mo
dco-signoff: yes
size/S
contributor-last
recv-q
unreviewed
525 chore(deps): update makefile modules to 111b464 2h 2h 2h
size/L
ok-to-test
dependencies
dco-signoff: yes
contributor-last
recv
recv-q
similar
unreviewed
345 chore: add existing securityContext settings to values 8mo 8mo 8mo
size/M
dco-signoff: yes
contributor-last
recv
recv-q
similar
unreviewed
141 re-adding required clusterrole permission 2y 1y 2y
size/XS
author-last
recv
unreviewed

Unkinded Issues (233)

Resolution: Add a kind/ or triage/support label

Average age: 678.8d, Avg wait: 300.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8863 Your project is now listed on CodeGuilds 6d 6d 6d
recv
7895 if certificate is already expired, it shown like a True
2
 10mo 7wk 7wk
help wanted
priority/important-soon
collaborator-last
commented
pr-closed
pr-new-commits
pr-unreviewed
send
7699 Adding Helm Unittest to all certmanager projects 1y 5wk 5wk
priority/backlog
assigned
assignee-updated
commented
member-last
send
3992 Add non-CRD yaml file
5
 5y 4wk 2y
priority/important-soon
area/deploy
author-last
commented
recv
6179 CRDs shouldn't be templated in Helm
5
2
31
 3y 3mo 9mo
priority/backlog
lifecycle/stale
commented
recv-q
send
5861 cert manager API showing error - "x509: certificate has expired or is not yet valid"
3
 3y 5mo 6mo
good first issue
lifecycle/frozen
priority/important-longterm
assigned
assignee-updated
commented
contributor-last
pr-reviewed-with-comment
send
similar
1194 Confusing paragraph - cert-manager integration.
3y 2mo 2y
documentation
priority/important-longterm
commented
contributor-last
pr-merged
send
1101 Feature request for updating documentation. 3y 2y 2y
priority/backlog
commented
member-last
send
1262 v1.9 to v1.10 upgrade instructions does not mention container name change
2y 1y 2y
priority/backlog
assigned
assignee-updated
commented
member-last
send
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
5
 5y 2y 5y
documentation
help wanted
priority/backlog
commented
pr-merged
recv-q
2 Set up periodic job to publish an experimental release build
6y 5y
priority/backlog
assigned
contributor-last
826 feat: add more logs to readiness healthchecks 5d 5d 5d
recv
297 Allow all resources to be namespaced
7
 2y 2mo 9mo
priority/backlog
lifecycle/stale
commented
contributor-last
send
33 Support CRDs as target
5
 4y 2mo 11mo
lifecycle/rotten
priority/backlog
commented
contributor-last
send
45 Unable to mount and read only file error
5
 4y 2y 2y
priority/awaiting-more-evidence
commented
send
132 Investigate test timeouts 2y 2y
priority/backlog
234 Proposal: distinguish gate-pending from issuance-error in the renewal backoff loop 6d 4d 4d
commented
member-last
pr-unreviewed
send
33 Create e2e test to validate CertificateRequest garbage collection 3y 2y 2y
priority/backlog
assigned
commented
member-last
send
81 Configuring Peribolos for Github org management 7y 2y 2y
priority/backlog
commented
member-last
send
3 Migrating all cert-manager projects to "Makefile modules" 2y 6mo 11mo
priority/backlog
commented
member-last
43 Allow non-Venafi employee maintainers full release capabilities
3
 2y 6mo 6mo
priority/backlog
assigned
assignee-updated
commented
member-last
27 failed with: OpenAPI spec does not exist
2
6
 5y 2y 2y
priority/critical-urgent
commented
pr-closed
pr-unreviewed
send
211 previously listed items omitted

Unprioritized Recent Issues (265)

Resolution: Add a priority/ or triage/ label

Average age: 482.3d, Avg wait: 236.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8876 cert-manage - random high cpu usage 1d 1d 1d
kind/bug
author-last
recv
8865 Support annotation cert-manager.io/alt-names for Gateway/ListenerSet 6d 5d 6d
kind/feature
recv
263 previously listed items omitted

Uncommented Recent Issues (4)

Resolution: Add a comment

Average age: 4.8d, Avg wait: 4.4d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4 previously listed items omitted: #8876 #8865 #8863 #826
New, has multiple reactions, but not important-soon: No matching items
New, has multiple commenters, but not important-soon: No matching items

needs information, has update (1)

Resolution: Comment and remove triage/needs-information tag

Average age: 258.9d, Avg wait: 254.7d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8121 Support for Creating CertificateRequest from Kubernetes Secret 8mo 6wk 8mo
kind/feature
lifecycle/stale
triage/needs-information
contributor-last
recv
recv-q
similar

Recently updated issue has a question (1)

Resolution: Add an answer

Average age: 60.8d, Avg wait: 3.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8716 Feature Request: Add a CMPv2 issuer for certificate enrollment and renewal (RFC 4210) 2mo 3d 1mo
kind/feature
author-last
commented
recv
recv-q
Triage Party v1.4.0