generic All open PR's and Issues that should be considered for repository stats (hidden)

Open PRs (136)

Resolution:

Average age: 327.8d, Avg wait: 101.1d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
7718		Switch to makefile modules completely (part 1)			6wk	6h	6h		release-note-none area/api kind/cleanup size/XXL area/acme dco-signoff: yes area/testing area/deploy	commented member-last new-commits
7804		fix: refactor the challenge controller to no longer use a blocking call to WaitAuthorization.			16h	6h	6h		release-note size/XL area/api kind/bug area/acme dco-signoff: yes area/testing area/deploy	commented member-last reviewed-with-comment send
7642		fixes #7506: enable configurable max key/cert sizes, defaulting to original safe values introduced in #7401			2mo	1d	2mo		release-note size/XL area/api kind/bug kind/feature needs-ok-to-test dco-signoff: yes area/testing area/deploy	recv recv-q unreviewed
7289		Design proposal for delayed certificate activation			8mo	2d	4mo		size/L release-note-none kind/design needs-ok-to-test dco-signoff: yes	commented contributor-last open-milestone recv recv-q reviewed-with-comment
7736		feat(metrics): adding `certmanager_certificate_challenge_status` metric		2	5wk	3d	5wk		size/L release-note kind/feature area/acme dco-signoff: yes area/testing ok-to-test area/monitoring	contributor-last new-commits recv recv-q
4835		Making sure per fixture only 1 setup is active at the same time			3y	3d	10mo		release-note-none needs-rebase kind/bug size/M lifecycle/rotten dco-signoff: yes area/testing	assigned assignee-updated commented contributor-last recv-q reviewed-with-comment
5447		Allow extra DNS-01 propagation time to be configured			2y	3d	10mo		release-note needs-rebase size/S kind/feature area/acme lifecycle/rotten dco-signoff: yes ok-to-test area/acme/dns01	commented contributor-last open-milestone recv recv-q unreviewed
5743		Add MaxPathLen and add EncodeBasicConstraintsInRequest option to Certificate and CertificateRequest resources			2y	3d	2mo		size/L release-note needs-rebase area/api kind/cleanup dco-signoff: yes area/testing ok-to-test area/deploy	commented contributor-last open-milestone recv-q reviewed-with-comment
6902		Specify resources for acme pods per issuer			1y	3d	4mo		release-note size/XL needs-rebase area/api kind/feature area/acme lifecycle/rotten dco-signoff: yes ok-to-test area/acme/http01 area/deploy	commented contributor-last recv-q reviewed-with-comment send
7236		Route53: Allow STS token to be refreshed by the AWS client if necessary			10mo	3d	2mo		release-note size/XL needs-rebase area/api kind/bug kind/feature area/acme dco-signoff: yes area/acme/dns01 area/deploy	commented contributor-last recv-q reviewed-with-comment send
7286		Only remove the cleanup finalizer if the cleanup succeeds			8mo	3d	8mo		size/L release-note-none needs-rebase do-not-merge/hold lifecycle/frozen kind/cleanup area/acme dco-signoff: yes area/acme/dns01 area/acme/http01	commented contributor-last recv-q reviewed-with-comment
7382		Implement a single package for controlling cert-manager RNG		3	7mo	3d	2mo		size/L release-note needs-rebase do-not-merge/hold kind/feature area/acme dco-signoff: yes area/testing	commented contributor-last recv-q send unreviewed
7437		fix: annotate account private key secrets			6mo	3d	4mo		release-note needs-rebase size/S area/api kind/feature area/acme dco-signoff: yes ok-to-test	commented contributor-last open-milestone recv recv-q unreviewed
7795		feat(acme): Add default feature gate for ACME HTTP01 Ingress pathType Exact		3	3d	2h	20h		size/L release-note kind/feature area/acme dco-signoff: yes ok-to-test area/acme/http01	commented contributor-last recv unreviewed
7449		WIP: reconcile issuers using issuer-lib			6mo	3d	17d		release-note-none needs-rebase area/api do-not-merge/work-in-progress kind/cleanup size/XXL area/acme area/ca area/vault dco-signoff: yes area/testing area/deploy	commented contributor-last recv-q unreviewed
7646		Support custom ACME account key type.			2mo	3d	10d		size/L release-note needs-rebase area/api area/acme dco-signoff: yes ok-to-test area/deploy needs-kind	commented contributor-last new-commits recv recv-q
7521		ClusterIssuer read caBundle from Secret			4mo	4d	4mo		size/L release-note needs-rebase area/api kind/feature needs-ok-to-test area/acme dco-signoff: yes area/deploy	contributor-last recv recv-q unreviewed
7662		Fix the issue of webhook routes generating duplicate operation IDs			2mo	6d	2mo		do-not-merge/release-note-label-needed needs-rebase needs-ok-to-test size/M area/acme dco-signoff: yes needs-kind	contributor-last recv recv-q unreviewed
7614		Lower the minimum certificate duration from 1 hour to 5 minutes			3mo	8d	3mo		release-note size/S area/api kind/feature needs-ok-to-test lifecycle/stale dco-signoff: yes	contributor-last recv recv-q unreviewed
7733		fixes #5864: cert-manager CA to issue certs after verify with CA Certs Validity			5wk	8d	9d		size/L release-note kind/bug kind/feature dco-signoff: yes ok-to-test	author-last commented new-commits recv recv-q
7702		Add option to only render CRDs from helm			7wk	8d	7wk		size/L release-note kind/feature needs-ok-to-test dco-signoff: yes area/deploy	contributor-last recv recv-q unreviewed
7608		WIP: certificate based on HTTPRoute design document			3mo	10d	3mo		size/L release-note-none do-not-merge/work-in-progress kind/design needs-ok-to-test lifecycle/stale dco-signoff: yes	contributor-last draft recv recv-q unreviewed
7689		Add Vertical Pod Autoscaler		2	1mo	10d	6wk		size/L release-note approved kind/feature dco-signoff: yes ok-to-test area/deploy	author-last commented new-commits recv recv-q
7775		WIP: Speed up E2E tests by Configuring Pebble to run at full speed			10d	10d	10d		size/XS release-note-none do-not-merge/work-in-progress dco-signoff: yes needs-kind	commented draft member-last unreviewed
7399		Add renew window to restrict when certificate renewal can happen			7mo	11d	7mo		size/L release-note needs-rebase area/api kind/feature needs-ok-to-test dco-signoff: no area/testing area/deploy	contributor-last recv recv-q unreviewed
7652		Helm chart: add ability to add appprotocol to port in service		3	2mo	15d	1mo		size/XS release-note kind/bug dco-signoff: yes ok-to-test area/deploy	commented recv-q reviewed-with-comment send
6516		First draft of e2e test to try to reproduce same domain multiple orders race condition			2y	17d	5mo		release-note-none size/M lifecycle/rotten dco-signoff: yes area/testing ok-to-test needs-kind	commented contributor-last new-commits recv-q send
7327		add more detailed logging when service certificate is generated			8mo	17d	8mo		release-note-none lgtm size/S lifecycle/rotten dco-signoff: yes ok-to-test needs-kind	approved contributor-last recv recv-q
7439		helm: add checksum/config annotations			6mo	3wk	6mo		release-note-none size/S kind/feature needs-ok-to-test dco-signoff: yes area/deploy	author-last recv recv-q unreviewed
7583		Support for ACME servers that don't finalize within the ACME client finalizer retry window			3mo	3wk	3mo		release-note kind/bug needs-ok-to-test size/M area/acme dco-signoff: yes	author-last recv recv-q unreviewed
7383		feat(chart): add `global.logFormat`			7mo	3wk	7mo		release-note-none size/S kind/feature needs-ok-to-test lifecycle/rotten dco-signoff: yes area/deploy	contributor-last recv recv-q unreviewed
7764		Doc: Add leaderElection.namespace recommendation			3wk	3wk	3wk		size/XS release-note-none needs-ok-to-test dco-signoff: yes area/deploy needs-kind	contributor-last recv recv-q unreviewed
7761		Helm: Fix naming format of tokenrequest RBAC resources			3wk	3wk	3wk		size/XS release-note-none kind/cleanup needs-ok-to-test dco-signoff: yes area/deploy	contributor-last recv recv-q unreviewed
7558		feat: add (helm) global.imageRepository			4mo	4wk	4wk		size/L release-note do-not-merge/hold kind/feature dco-signoff: yes area/deploy	commented member-last reviewed-with-comment send
7654		Implement fallback for git_version creation in forked environments			2mo	4wk	2mo		release-note-none size/S kind/cleanup needs-ok-to-test dco-signoff: yes	contributor-last recv recv-q reviewed-with-comment
7748		Design: "Image Configuration in Helm Chart"		2	4wk	4wk	4wk		size/L release-note-none kind/design dco-signoff: yes	commented contributor-last new-commits recv-q
7664		feat: Add ClusterIssuer and Issuer metrics			2mo	5wk	2mo		size/L release-note kind/feature dco-signoff: yes ok-to-test area/monitoring	contributor-last recv recv-q unreviewed
6977		Set `GOMAXPROCS` and `GOMEMLIMIT` environment variables		4	1y	5wk	11mo		release-note do-not-merge/hold kind/feature size/M dco-signoff: yes ok-to-test area/deploy	commented contributor-last new-commits recv recv-q
7726		[helm] Add IPv6 rules to the default network policy			6wk	5wk	6wk		release-note size/S kind/feature dco-signoff: yes ok-to-test area/deploy	contributor-last recv recv-q unreviewed
7537		feat: Added support for unhealthyPodEvictionPolicy to PDBs Similar: #7728: Add unhealthyPodEvictionPolicy to supported PDB options (open)			4mo	6wk	4mo		release-note kind/feature size/M dco-signoff: yes ok-to-test area/deploy	contributor-last recv recv-q reviewed-with-comment similar
7728		Add unhealthyPodEvictionPolicy to supported PDB options Similar: #7537: feat: Added support for unhealthyPodEvictionPolicy to PDBs (open)			6wk	6wk	6wk		release-note kind/feature needs-ok-to-test size/M dco-signoff: yes area/deploy	contributor-last recv recv-q similar unreviewed
7263		fix: CAA validation with CNAME record			9mo	6wk	9mo		release-note needs-rebase size/S kind/bug needs-ok-to-test area/acme dco-signoff: yes area/acme/dns01	contributor-last recv recv-q unreviewed
7725		chore: allow additional properties in Helm setup #7668		2	6wk	6wk	6wk		size/XS release-note-none needs-ok-to-test dco-signoff: no area/deploy needs-kind	contributor-last recv recv-q unreviewed
7694		add ability to set metadata of created service			1mo	1mo	1mo		size/L release-note-none area/api do-not-merge/work-in-progress needs-ok-to-test area/acme dco-signoff: no area/acme/http01 area/deploy needs-kind	contributor-last draft recv recv-q unreviewed
7467		fix: ❗dns-01 route53 query change status retry timeout		2	6mo	1mo	1mo		release-note size/S kind/bug area/acme dco-signoff: yes ok-to-test area/acme/dns01	approved commented member-last send
7414		WIP: feat: API defaults for IssuerRef			7mo	2mo	7mo		release-note-none area/api do-not-merge/work-in-progress size/M dco-signoff: yes area/deploy needs-kind	contributor-last draft pushed-after-approval recv recv-q
7658		7196 order reason not set			2mo	2mo	2mo		release-note size/S kind/bug kind/design area/acme dco-signoff: yes ok-to-test	commented contributor-last recv-q send unreviewed
7450		Make ACME Authorization Timeout Configurable			6mo	2mo	6mo		size/L release-note needs-rebase area/api needs-ok-to-test area/acme dco-signoff: yes area/deploy needs-kind	commented contributor-last new-commits recv recv-q
7665		Add cookie jar to Acme client			2mo	2mo	2mo		size/XS do-not-merge/release-note-label-needed kind/feature needs-ok-to-test area/acme dco-signoff: yes ok-to-test	contributor-last recv recv-q unreviewed
7064		Adds certificate name key annotation validation in secret as part of post issuance policy chain		2	1y	2mo	2mo		size/L release-note-none approved lgtm kind/bug dco-signoff: yes ok-to-test	commented contributor-last open-milestone recv-q reviewed-with-comment send
1696		Create redirects for cert-manager annotations		4	4wk	1d	2d		dco-signoff: yes size/XL	commented contributor-last new-commits recv
1589		Apply change proposed in issue 899			8mo	18d			size/XS dco-signoff: yes	approved contributor-last recv-q
1694		enhance restore cert-manager resources			4wk	4wk	4wk		dco-signoff: yes size/S	recv recv-q unreviewed
1686		docs: harmonize `<p>` formatting by dropping internal spaces			5wk	5wk	5wk		size/XS dco-signoff: yes	assigned changes-requested contributor-last recv recv-q
1569		wip: update cert-manager logo svg			8mo	2mo	2mo		dco-signoff: yes size/L do-not-merge/work-in-progress	commented member-last send unreviewed
1640		Update issuer.md			4mo	2mo	2mo		size/XS dco-signoff: yes	commented member-last send unreviewed
1364		WIP: Patch release checklist			2y	4mo			dco-signoff: yes needs-rebase do-not-merge/work-in-progress size/M	contributor-last recv-q unreviewed
1672		WIP: docs: Add an wrap-up announcement page			1mo	7wk			dco-signoff: yes do-not-merge/work-in-progress size/M	contributor-last draft new-commits recv-q
1607		Document Log Level settings. Document DNS01 delegation using multiple providers.			6mo	6mo	6mo		dco-signoff: yes size/M	recv recv-q unreviewed
1602		acme troubleshooting: how to fix errored challenges			6mo	6mo	6mo		size/XS dco-signoff: yes	recv recv-q unreviewed
1587		Custom Certificate Support for cert-manager Webhook Endpoint			8mo	8mo	8mo		dco-signoff: yes size/S	recv recv-q unreviewed
1197		doc about new option default-cleanup-policy			2y	11mo	2y		approved dco-signoff: yes needs-rebase size/M	commented contributor-last new-commits send
1202		Add section about client cert authentication for vault			2y	11mo	2y		dco-signoff: yes do-not-merge/work-in-progress size/M	commented contributor-last draft new-commits send
1419		fix: TLSConfig secretName description			1y	1y	1y		dco-signoff: yes needs-rebase size/S	changes-requested commented contributor-last recv-q send
1611		Update webhook troubleshooting documentation to including necessary curl command.			6mo	6mo	6mo		dco-signoff: yes size/S	changes-requested contributor-last recv recv-q
1450		Docker testing and validation			1y	1y	1y		dco-signoff: yes needs-rebase size/M	contributor-last new-commits recv recv-q
1447		Explain how to install cert-manager using ArgoCD			1y	1y	1y		dco-signoff: yes size/L	commented member-last reviewed-with-comment send
1213		Draft of tutorial for Google's Public CA			2y	1y	2y		dco-signoff: yes size/L needs-rebase ok-to-test	commented contributor-last reviewed-with-comment send
790		Update route53.md			3y	2y	2y		dco-signoff: no size/XS needs-rebase needs-ok-to-test	changes-requested commented member-last send
1075		Move Issuer / ClusterIssuer and Certificate resource content to a sub-folder of configuration/			2y	2y	2y		approved dco-signoff: yes size/L needs-rebase	changes-requested commented member-last send
1259		Fixed Azure Workload identity doc			2y	2y	2y		dco-signoff: yes size/S	recv unreviewed
948		add note to ingress class definition			3y	2y	2y		dco-signoff: no size/XS needs-rebase needs-ok-to-test	assigned commented contributor-last send unreviewed
859		Move the meetings and slack information to a separate page			3y	3y	3y		approved dco-signoff: yes needs-rebase size/M	changes-requested commented member-last send
528		Update "Setting Nameservers for DNS01 Self Check" example			4y	3y	4y		size/XS dco-signoff: yes needs-rebase needs-ok-to-test	contributor-last recv unreviewed
200		Bump the all group across 1 directory with 12 updates			3mo	3mo	3mo		dco-signoff: yes needs-ok-to-test size/L dependencies go	contributor-last recv recv-q unreviewed
17		Add image validation for Docker architecture			5y	3y	4y		dco-signoff: yes lgtm size/L needs-rebase	assigned assignee-updated commented contributor-last new-commits send
43		No more requirement "be in the release folder" to run cmrel, remove the flag --cloudbuild			3y	3y			dco-signoff: yes approved size/M needs-rebase	contributor-last unreviewed
201		Add publish stage for pushing OCI helm chart			3mo	3mo	3mo		dco-signoff: yes size/XL do-not-merge/work-in-progress	commented draft member-last unreviewed
36		Add the "cmrel update-release-branch" command			4y	3y	4y		dco-signoff: yes approved size/M needs-rebase do-not-merge/work-in-progress	commented contributor-last draft unreviewed
559		Bump the all group across 1 directory with 10 updates			3d	15h	3d		dco-signoff: yes size/L needs-ok-to-test dependencies go	contributor-last recv recv-q unreviewed
537		fix: make handling of additionalAnnotations more robust		2	7wk	18d	7wk		dco-signoff: yes size/XS needs-ok-to-test	author-last recv recv-q unreviewed
517		Add `PodDisruptionBudget` to helm chart			3mo	3mo	3mo		dco-signoff: yes size/M needs-ok-to-test	contributor-last recv recv-q unreviewed
469		Add app.server.certificateDuration			5mo	5mo	5mo		dco-signoff: yes size/M needs-ok-to-test	contributor-last recv recv-q reviewed-with-comment
619		Specify custom commonname for webhook dynamic authority			7wk	3d			dco-signoff: yes size/S needs-rebase	contributor-last recv-q reviewed-with-comment
628		Grant cert-manager RBAC to use all policies by default			6wk	6wk	6wk		dco-signoff: yes size/M	commented contributor-last recv recv-q unreviewed
468		WIP: POC of dynamic authority			7mo	1d	7mo		dco-signoff: yes size/L do-not-merge/hold do-not-merge/work-in-progress needs-rebase lifecycle/rotten	contributor-last recv recv-q unreviewed
607		Migrate test from JKS to PKCS#12			7wk	15d	15d		dco-signoff: yes size/L	commented member-last reviewed-with-comment send
503		feat: add option to disable cluster rbac installation			6mo	16d	6mo		dco-signoff: yes size/M needs-ok-to-test needs-rebase lifecycle/rotten	contributor-last recv recv-q unreviewed
578		feat: add toplevel enable value to helmchart		2	2mo	6wk	2mo		ok-to-test size/S needs-rebase dco-signoff: no	commented contributor-last recv recv-q unreviewed
558		feat(helm-chart): add ability to set pod level security context			4mo	7wk	4mo		dco-signoff: yes ok-to-test size/S	contributor-last recv recv-q unreviewed
442		WIP: refactor: dedicated struct for building source data			8mo	7wk	4mo		dco-signoff: yes size/L do-not-merge/work-in-progress needs-rebase	commented contributor-last draft new-commits recv recv-q
475		Replace webhook validations with CEL validation			7mo	7wk	6mo		dco-signoff: yes size/XL	commented contributor-last new-commits recv recv-q
395		WIP: feat: inject bundle data into configmap			11mo	2mo	11mo		dco-signoff: yes size/L do-not-merge/work-in-progress	contributor-last recv recv-q unreviewed
304		Add support for PodMonitor			1y	5mo	5mo		dco-signoff: yes size/L needs-ok-to-test lifecycle/frozen	commented contributor-last recv-q send unreviewed
265		Bump the all group across 1 directory with 4 updates			3d	1d	3d		dependencies go dco-signoff: yes size/M needs-ok-to-test	contributor-last recv recv-q unreviewed
262		Use RequeueAfter instead of Requeue=True			10d	10d			dco-signoff: yes size/L	contributor-last recv-q unreviewed
188		Remove SetCertificateRequestConditionError			6mo	17d			dco-signoff: yes size/XL	contributor-last recv-q unreviewed
186		Remove GetIssuerTypeIdentifier from Issuer API			6mo	17d			dco-signoff: yes size/L	contributor-last recv-q unreviewed
189		Make CertificateRequestObject interface more intuitive			6mo	17d			dco-signoff: yes size/L	contributor-last recv-q unreviewed
187		Use `metav1.Condition` instead of `cmapi.IssuerCondition` in Issuer API			6mo	17d			dco-signoff: yes size/XL	contributor-last new-commits recv-q
24		Add conformance tests			2y	2y	2y		dco-signoff: yes size/XXL approved needs-rebase	assigned commented contributor-last reviewed-with-comment
415		Bump the all group across 1 directory with 10 updates			4d	1d	4d		dco-signoff: yes size/M needs-ok-to-test dependencies go	contributor-last recv recv-q unreviewed
251		PoC: Generate SPIFFE identities in csi-driver			1y	1y	1y		dco-signoff: yes size/S do-not-merge/work-in-progress needs-rebase	commented contributor-last draft recv-q unreviewed
129		Add attribute support for certificate subject			2y	1y	2y		dco-signoff: yes size/L needs-rebase ok-to-test	commented contributor-last reviewed-with-comment send
135		Added options to all containers			2y	1y	2y		dco-signoff: yes size/L needs-rebase ok-to-test	commented contributor-last send unreviewed
404		Add support for ECDSA and Ed25519 algorithms, make key size configurable			6wk	6wk	6wk		dco-signoff: yes size/L needs-ok-to-test	contributor-last recv recv-q unreviewed
299		Bump the all group across 1 directory with 8 updates			3d	16h	3d		dco-signoff: yes size/M needs-ok-to-test dependencies go	contributor-last recv recv-q unreviewed
193		Add option for DNS SAN based on SA name			8mo	8mo			size/L dco-signoff: no	contributor-last recv-q unreviewed
107		Remove csi-driver-spiffe approver			1y	1y			size/XXL dco-signoff: no do-not-merge/work-in-progress needs-rebase	contributor-last draft unreviewed
199		Bump the all group across 1 directory with 8 updates			3d	15h	2d		dco-signoff: yes size/M dependencies go ok-to-test	commented contributor-last recv-q send unreviewed
178		Bump golang.org/x/net from 0.36.0 to 0.38.0 in the go_modules group			1mo	2d	2d		dco-signoff: yes size/M approved dependencies go ok-to-test	commented contributor-last recv-q send unreviewed
148		limit-namespaces for namespace-scope deployments			4mo	4mo	4mo		dco-signoff: no size/S needs-ok-to-test	author-last recv recv-q unreviewed
117		fill spec.tls.caCertificate in route with intermediate ca certificate…			7mo	4mo	6mo		dco-signoff: yes size/M needs-rebase ok-to-test	commented contributor-last new-commits recv-q send
73		Support prometheus metrics			6mo	4d	5d		size/XXL dco-signoff: yes ok-to-test	commented contributor-last recv reviewed-with-comment
71		Refactor filesystem.go and adapt tests to use a real file system			6mo	10d	10d		dco-signoff: yes size/L	commented member-last reviewed-with-comment
58		Upgrade golangci-lint to the latest version			6wk	5wk	6wk		dco-signoff: yes size/M	contributor-last recv recv-q reviewed-with-comment
59		Update dependencies and the Go version			6wk	5wk	6wk		dco-signoff: yes size/L	contributor-last new-commits recv recv-q
239		Bump the all group across 1 directory with 15 updates			3d	15h	3d		dco-signoff: yes size/L needs-ok-to-test dependencies go	contributor-last recv recv-q unreviewed
1088		Update k8s-infra-prow images, cert-manager-infra-images images as needed			2mo	1d	2mo		dco-signoff: yes size/M	contributor-last recv recv-q unreviewed
293		Add Helm chart image baking Similar: #104: Add Chart image baking (open)			4wk	4wk			dco-signoff: yes size/S	contributor-last recv-q similar unreviewed
55		feat: add test module			1y	1y	1y		dco-signoff: yes size/M	commented contributor-last recv reviewed-with-comment
298		WIP: Kind 0.29.0			4d	4d			dco-signoff: yes size/M do-not-merge/work-in-progress	contributor-last recv-q unreviewed
104		Add Chart image baking Similar: #293: Add Helm chart image baking (open)			4wk	4wk			dco-signoff: yes size/L	contributor-last recv-q similar unreviewed
11		Governance: folks meaningfully contributing to the biweekly can become GitHub Members			2y	2y			do-not-merge/work-in-progress dco-signoff: yes size/S	contributor-last draft unreviewed
79		Bump github.com/cert-manager/cert-manager from 1.15.1 to 1.15.4 in the go_modules group across 1 directory			6mo	6mo	6mo		size/XS dco-signoff: yes needs-ok-to-test dependencies	contributor-last recv recv-q unreviewed
64		Add imagePullSecrets to template			1y	1y	1y		size/XS dco-signoff: yes needs-ok-to-test	contributor-last recv unreviewed
59		cleanup: remove unused NOTES.txt file			2y	2y	2y		size/XS dco-signoff: yes needs-ok-to-test	contributor-last recv unreviewed
5		Improve test case			6y	5y	6y		dco-signoff: no size/L needs-rebase	assigned assignee-updated commented contributor-last recv recv-q reviewed-with-comment
1		Manage the cert-manager GitHub organisation from this repo			1y	10mo	1y		dco-signoff: yes size/XXL	commented member-last unreviewed
4		Add support for custom license templates			2y	2y			dco-signoff: yes size/S	contributor-last unreviewed
143		feat: allow creating or reusing an existing sa			1y	3wk	1y		ok-to-test	recv recv-q unreviewed
159		Split certificate chain			1y	4mo	4mo			commented member-last reviewed-with-comment send
141		re-adding required clusterrole permission			1y	4mo	1y		size/XS	author-last recv unreviewed
115		🔒 Add support for securityContext			2y	9mo	2y		needs-rebase	approved commented contributor-last recv-q send
137		[Helm Chart] Add env, configmap, secret and volumes support			1y	9mo	1y		needs-rebase	contributor-last recv recv-q unreviewed
78		Update API versions to v1		3	2y	2y	2y		size/L needs-rebase do-not-merge/hold	assigned assignee-updated contributor-last recv recv-q unreviewed

Open Issues (428)

Resolution:

Average age: 781.1d, Avg wait: 402.4d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
7797		Refactor metrics into a collector format			1d	1d	1d		kind/feature	assigned assignee-updated contributor-last recv
7788		Be able to default `acme.cert-manager.io/http01-edit-in-place: "true"` behavior in deployment/chart values			4d	3d	4d		kind/feature	assigned assignee-updated author-last recv recv-q
7772		Reviewing the use of https://github.com/SSLMate/go-pkcs12			12d	8d	12d		kind/feature	contributor-last recv recv-q
7766		Certificate: Let me specify the concatenation order for CombinedPEM output format			3wk	3wk	3wk		kind/feature	author-last recv recv-q
7779		RevisionHistoryLimit should follow Kubernetes definition Similar: #6418: `revisionHistoryLimit` default of `nil` should be changed to ... (closed)			10d	10d	10d			recv similar
7760		Is the zone responsible for a domain changes, cert-manager will not pick it up			3wk	3wk	3wk		kind/bug	author-last recv
7755		cert-manager-challenges Error presenting challenge: expected array of Record			4wk	3wk	4wk			recv recv-q
7751		Custom key usage extensions			4wk	4wk	4wk		kind/feature	recv
7749		Http and PROXY protocol			4wk	4wk	4wk			recv
7747		[suggestion] Add Kustomize install documentation			4wk	4wk	4wk		kind/feature	author-last recv recv-q
7741		Certmanager attempts infinite renewals if the Issuer Certificate read from Vault has expired		3	5wk	4wk	4wk		kind/bug	commented recv
7717		After uninstalling cert-manager, ingress resources can still only be accessed via https			6wk	6wk	6wk			recv
7716		Don't have CRD for `ControllerConfiguration`.			6wk	6wk	6wk			commented member-last send
7700		Expose metrics regarding challenge status PR#7736: feat(metrics): adding `certmanager_certificate_challenge_status` metric new-commits			7wk	3wk	7wk		kind/feature	assigned assignee-updated contributor-last pr-new-commits recv recv-q
7699		Adding Helm Unittest to all certmanager projects			7wk	7wk	7wk			assigned assignee-updated contributor-last recv
7691		Why is the value of the certificate expiration time captured in blackbox different from the value of the certificate expiration time exposed by certmanager			1mo	1mo	1mo			contributor-last recv recv-q
7765		Propagation tests fails when using IPv6 recursive DNS nameservers			3wk	3wk	3wk		kind/bug	recv
7685		ACME GCP CA - Error waiting for authorization			2mo	2mo	2mo		kind/bug	recv
7688		Feature Request: Vertical Pod Autoscaler Support for cert-manager PR#7689: Add Vertical Pod Autoscaler new-commits		3	2mo	1mo	2mo		kind/feature	contributor-last pr-new-commits recv recv-q
7673		Support for acmesolver.tolerations/affinity/nodeSelector			2mo	2mo	2mo		kind/feature	author-last recv recv-q
7668		Allow custom values in Helm chart schema by relaxing additionalProperties: false		2	2mo	2mo	2mo			recv
7660		cert-manager produces invalid (per RFC5280) certificates when `cert sign` usage is set along with another usage			2mo	4wk	2mo		kind/bug	contributor-last recv recv-q
7659		Challenge and resolver pod/ingress killed too soon			2mo	6wk	2mo			author-last recv
7656		Add multiple DNS provider resolvers to an single webhook not working PR#7662: Fix the issue of webhook routes generating duplicate operation IDs unreviewed			2mo	2mo	2mo			pr-unreviewed recv
7649		[GKE][Cert-Manager]Document Might Need Implementation Details Update to GSA/KSA Integration			2mo	3d	2mo		kind/bug	author-last recv recv-q
7648		Solver selector issue			2mo	2mo	2mo		kind/bug	author-last recv
7647		Support GatewayAPI's XGateway			2mo	2mo			kind/feature
7645		Support cross-signed intermediate CAs issued with Vault		2	2mo	2mo	2mo		kind/feature	recv
7643		jkspassword.txt file in secret is having default password			2mo	2mo	2mo		kind/bug triage/needs-information	commented contributor-last recv recv-q
7636		cermanager order in pending state			2mo	2mo	2mo			recv
7635		Mirroring bind9 image for e2e tests			2mo	2mo
7630		certmanager_http_acme_client_request_count is missed from the metrics?		2	2mo	2mo	2mo		kind/bug	recv
7629		http01-override-ingress-class is not updated when Ingress annotation is updated			2mo	2mo	2mo		kind/bug	recv
7625		Clean install fails to create Issuer		4	3mo	6wk	3mo		kind/bug	recv recv-q
7617		cert-manager-webhook fails to renew it's own certificate		11	3mo	3wk	3mo		kind/bug	contributor-last recv recv-q
7610		Expose MaxFailures as a helm paramater for FileCertificateSource			3mo	8d	3mo		kind/feature lifecycle/stale	contributor-last recv
7594		Cloudflare delegated domains returns Found no Zones for domain _acme-challenge.mydomain.com			3mo	6wk	3mo		kind/bug	recv
7590		Allow issuer fallback			3mo	18d	3mo		lifecycle/stale	contributor-last recv
7588		Allow setting secret type to value other than default kubernetes.io/tls			3mo	2mo	3mo		kind/feature	commented recv
7587		Spaceship support			3mo	2wk	3mo		lifecycle/stale	contributor-last recv recv-q
7586		BookMyName support			3mo	2wk	3mo		lifecycle/stale	contributor-last recv recv-q
7585		Continuous access token requests when using Venafi TPP password/username authentication			3mo	3wk	3mo		kind/bug lifecycle/stale	contributor-last recv
7581		Cert-manager is no longer triggered when multiple tls.hosts exists without secretName.			3mo	3wk	3mo		kind/bug lifecycle/stale	contributor-last recv
7580		CNameStrategy Follow not working with Cloudflare			3mo	2wk	3mo		lifecycle/stale	contributor-last recv
7578		cert-manager should not use domains it doesn't control			3mo	3wk	3mo		lifecycle/stale	contributor-last pr-unreviewed recv
7572		Certificate Issuance takes long time up to 50 minutes when attempting to create 40+ certificates		2	4mo	2mo	4mo			recv
7561		Feature Request RFC: Push notifications from cert-manager to <other service> when certificates are issued			4mo	4wk	4mo		kind/feature	author-last recv
7556		clockHealth check failed: livez			4mo	19d	4mo			author-last recv recv-q
7551		Unhelpful log messages			4mo	9d				contributor-last
7544		Self test of domain without acme ingress ready			4mo	12d	4mo		lifecycle/rotten	contributor-last recv
7536		Digicert ACME order is failing due to invalid validity_years			4mo	6wk	4mo			author-last recv
7531		punycode issue			4mo	6wk	4mo			author-last recv
7522		Non standard "cert-manager.io" used in event "Reason"			4mo	7wk	4mo		kind/bug	contributor-last recv
7520		ClusterIssuer read caBundle from Secret PR#7521: ClusterIssuer read caBundle from Secret unreviewed		2	4mo	7wk	4mo		kind/feature	contributor-last pr-unreviewed recv
7514		Replace some of the webhook functionality with `ValidatingAdmissionPolicy` & CEL			4mo	1mo	4mo		kind/feature	author-last recv
7511		Issuing certificate as Secret does not exist Similar: #7769: Issuing certificate as Secret contains a private key that does not match the certificate (closed)		3	4mo	4wk	4mo		lifecycle/rotten	contributor-last recv similar
7510		Key Size for Acme Account Key PR#7646: Support custom ACME account key type. new-commits			4mo	6d	4mo		kind/feature	pr-new-commits recv
7506		Issues with new PEM maximum sizes PR#7642: fixes #7506: enable configurable max key/cert sizes, defaulting to original safe values introduced in #7401 unreviewed		6	5mo	2mo	5mo		kind/bug	pr-unreviewed recv recv-q
7502		Failed to call webhook with HTTPS			5mo	3wk	5mo		kind/bug lifecycle/rotten	contributor-last recv
7493		400 Bad response error prevents order finalization			5mo	3wk	5mo		kind/bug lifecycle/rotten	contributor-last recv recv-q
7492		`UseCertificateRequestBasicConstraints` should probably add `Critical` for `isCA`			5mo	5wk	5mo			contributor-last recv
7486		`"Unhandled Error" err="ingress '...' in work queue no longer exists"` should be handled (clean up dangling `Certificate`)		5	5mo	5wk	5mo		kind/bug	contributor-last recv recv-q
7482		Cert-manager-startupapicheck job failed after migration from 1.15.x --> 1.16.x			5mo	3d	5mo		kind/bug lifecycle/rotten	contributor-last recv recv-q
7476		[Helm Chart] - Wrong handling of image registry and repository		2	5mo	7wk	5mo		kind/bug	author-last recv recv-q
7473		Create certificate based on HTTPRoute configuration PR#7608: WIP: certificate based on HTTPRoute design document unreviewed		14 33	5mo	1mo	2mo		kind/feature	commented pr-unreviewed send
7463		Set "ownerReference" for generated Secret via Go-SDK			6mo	16d	6mo		lifecycle/stale	contributor-last recv recv-q
7444		non-acme api error: Context deadline exeeced PR#7450: Make ACME Authorization Timeout Configurable new-commits		6	6mo	2wk	6mo		kind/bug	author-last pr-new-commits recv
7438		certificate not updated after enabling SSA			6mo	2wk	6mo		kind/bug	author-last recv
7422		Please provide standalone helm chart for CRDs		7	6mo	4wk	6mo		kind/feature	recv
7416		Shorter retry period for failed issuance		3	7mo	4d	7mo		kind/feature lifecycle/rotten	contributor-last recv
7388		Kid missing in the new order request			7mo	19d	7mo		kind/bug	recv recv-q
7385		Failed calling webhook "webhook.cert-manager.io": Forbidden			7mo	4d	7mo		kind/bug lifecycle/stale	contributor-last recv recv-q
7344		Support temporary certificates with annotated gateways Similar: #560: Support rotated certificate sources (open)			8mo	7wk	8mo		good first issue kind/feature priority/backlog area/acme/http01 area/gateway-shim	commented recv-q send similar
7684		Add support for namespaced deployment Similar: #2525: Better support multi-namespace & single-namespace deployments (open)			2mo	7wk	2mo		kind/feature	contributor-last pr-merged recv similar
7311		helm schema validation should validate `featureGates`			8mo	1d	8mo		kind/feature priority/backlog lifecycle/stale	contributor-last recv recv-q
7301		Metrics for updated / patched certificates should be cleaned			8mo	4d	8mo		kind/bug priority/awaiting-more-evidence lifecycle/stale	contributor-last recv recv-q
7288		Missing UID in webhook challenge request			8mo	4wk	8mo		kind/bug priority/backlog	author-last recv
7267		`error finalizing order` message is light on details		2	9mo	2mo	9mo		priority/important-soon	contributor-last recv
7275		Allow adding new fields such as unhealthyPodEvictionPolicy to the PDB PR#7537: feat: Added support for unhealthyPodEvictionPolicy to PDBs commented		5	9mo	6wk	8mo		kind/feature priority/awaiting-more-evidence	commented contributor-last pr-reviewed-with-comment recv recv-q
7218		cert-manager set don't fragment (DF) bit			10mo	2mo	10mo		kind/bug priority/important-longterm	assigned assignee-updated author-last recv recv-q
7337		Using 1.16.0, the ACME issuer using HTTP-01 solver with Gateway API is broken		39	8mo	2d	8mo		kind/bug priority/awaiting-more-evidence	commented open-milestone pr-merged recv recv-q
7156		Consider exposing previous certificates/keys in the kubernetes secret so that workloads can implement a grace period when a certificate rotates		8	11mo	3wk	11mo		kind/feature priority/backlog lifecycle/stale	contributor-last recv
7234		Stale/Stuck Challenges should be deleted after a given timeout PR#7286: Only remove the cleanup finalizer if the cleanup succeeds commented			10mo	6wk	8mo		kind/bug priority/important-soon	author-last commented open-milestone pr-closed pr-reviewed-with-comment recv
7088		Job label in Helm chart of cert-manager shouldn't be templated from chart name			1y	21h	21h		kind/feature priority/backlog area/deploy	commented contributor-last recv-q send
7066		When using a keystore.p12, we need to be able to specify the name for the alias		2	1y	3wk	11mo		area/api kind/feature priority/backlog lifecycle/rotten	commented contributor-last recv-q send
7012		Feature Request: Add support to set future date as notBefore when requesting for certificate PR#7289: Design proposal for delayed certificate activation commented			1y	3d	9mo		kind/feature priority/backlog lifecycle/stale	commented contributor-last pr-reviewed-with-comment recv
7002		Confusing messaging when certificate secret name already exist			1y	6h	3mo		good first issue help wanted kind/bug priority/backlog lifecycle/stale	assigned assignee-updated commented contributor-last recv-q send
6969		Should upgrade status managed fields from CSA to SSA when ServerSideApply feature gate enabled			1y	8mo	1y		lifecycle/frozen kind/bug priority/important-longterm	commented contributor-last send
6820		Ongoing dependency evaluation			1y	11mo	1y		lifecycle/frozen priority/important-longterm	contributor-last recv
6799		ACME challenges stopped working after 1.13/1.14 update			1y	12d	1y		priority/critical-urgent	commented recv recv-q
6741		ACME account private key and URI are not updated if the path of the ACME server is changed		5	1y	9mo	1y		lifecycle/frozen kind/bug priority/important-soon	contributor-last recv
6754		Schedule certificate renewal outside business hours PR#7399: Add renew window to restrict when certificate renewal can happen unreviewed		11	1y	3wk	1y		kind/feature priority/important-longterm	pr-unreviewed recv recv-q
7687		Webhook refusing connection even when Ready			2mo	2mo	2mo		kind/bug	recv
6662		support overriding of ttl in cloudflare		2	1y	13d	9mo		kind/feature priority/backlog	author-last commented recv
6709		1.14 Release Review		3	1y	9mo	1y		lifecycle/frozen priority/important-soon	commented contributor-last send
6472		Create TLSA records automatically		10	2y	6wk	2y		kind/feature priority/backlog	author-last recv
6470		ingress-shim: allow to impersonate ingress-creator instead of using cert-manager serviceaccount			2y	8mo	11mo		lifecycle/frozen kind/feature priority/backlog	commented contributor-last send
6331		CSR not signed by referenced private key		10	2y	5d	1y		kind/bug priority/important-soon	commented recv-q send
7138		Failed to generate serving certificate PR#7327: add more detailed logging when service certificate is generated approved		64	11mo	3wk	11mo		kind/bug priority/important-soon	assigned assignee-updated pr-approved pr-merged recv recv-q
6230		cert-manager DDoSes DNS-01 solver - infinite rate limiting		4	2y	4mo	8mo		lifecycle/frozen kind/bug priority/critical-urgent area/acme/dns01	commented open-milestone send
6312		Report issuer/clusterissuer status as a metric PR#7664: feat: Add ClusterIssuer and Issuer metrics unreviewed		14	2y	5wk	2mo		kind/feature	commented pr-unreviewed send
6229		Race condition when two identical certificate requests are made from different clusters		7	2y	2wk	2y		help wanted kind/bug priority/important-longterm lifecycle/stale area/acme/dns01	contributor-last pr-merged recv recv-q
6210		Flag to write/sync secrets to a namespace other than the namespace where the Certificate object is created		5	2y	2mo	1y		kind/feature priority/backlog	commented send
6184		Conflicting ingressClassName http01 issuer spec and acme.cert-manager.io/http01-ingress-class annotation Similar: #2538: cert-manager does not use ingress.class from Ingress annotated with cert-manager.io/cluster-issuer (open)		13	2y	2mo	2y		kind/bug	recv recv-q similar
6160		Helm Chart global repository PR#7558: feat: add (helm) global.imageRepository commented		2	2y	4mo	4mo		lifecycle/frozen	commented member-last pr-reviewed-with-comment send
6132		Checklist: CNCF Graduation			2y	8mo	8mo		lifecycle/frozen priority/important-soon	commented member-last pr-unreviewed
6051		Detecting Gateway hostnames based on attached HTTPRoutes		3 24	2y	2d	2y		kind/feature priority/important-longterm lifecycle/stale	pr-merged recv recv-q
6010		Support the ACME Renewal Information (ARI) extension			2y	9d	10d		kind/feature	author-last commented recv recv-q
5959		`ImagePullBackoff` on `cm-acme-http-solver` pod, if using private registries		20	2y	8mo	2y		lifecycle/frozen kind/bug priority/important-longterm	commented contributor-last recv-q send
5917		Waiting for DNS-01 challenge propagation: DNS record for mydomain.com not yet propagated		36	2y	4d	2y		kind/bug priority/important-longterm	assigned assignee-updated recv recv-q
5904		Support Azure Private DNS Zones for DNS Challenge		4 4 16	2y	5d	5wk		kind/feature lifecycle/rotten	commented contributor-last recv-q send
6622		`make update-licenses` is non-deterministic.			1y	7d	7d		kind/bug	commented member-last pr-merged pr-unreviewed
5864		Certmgr allows creating certificates expiring after ca expiration. PR#7733: fixes #5864: cert-manager CA to issue certs after verify with CA Certs Validity new-commits		4 22	2y	4wk	5mo		kind/bug	commented contributor-last pr-new-commits send
5783		*Add k8s.io/client-go/applyconfigurations style ApplyConfigurations for the included CRDs**			2y	2mo	2y		kind/feature priority/backlog	assigned assignee-updated contributor-last pr-closed recv
5751		Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together			2y	9mo	2y		lifecycle/frozen kind/bug priority/important-soon	recv recv-q
5566		upload Helm charts to OCI registry and sign them with cosign		4 43	2y	1d	7wk		kind/feature	commented pr-merged recv-q send
5540		Changelog annotations to chart			2y	2mo	2y		kind/feature priority/backlog	author-last recv
5298		Complete the Migration Away From Jetstack Names			2y	9mo	1y		lifecycle/frozen kind/cleanup priority/important-soon	commented member-last send
5048		certificate not renewed for ingress with multiple hosts and http01-edit-in-place		4	3y	3wk	3y		kind/bug priority/backlog	author-last commented recv recv-q
6179		CRDs shouldn't be templated in Helm		5 28	2y	3wk	2y		priority/backlog lifecycle/stale	commented contributor-last recv recv-q
4749		rfc2136 seems to not work with deep subdomains			3y	2mo	3y		kind/bug area/acme/dns01	recv recv-q
4685		Unexpected EOF during watch stream event decoding: unexpected EOF -- possibly due to api server upgrades / restarts		11	3y	11mo	1y		lifecycle/frozen kind/bug priority/important-longterm	commented member-last send
4349		allowing greater configuration for the cloud provider tests			3y	3y	3y		lifecycle/frozen kind/feature	commented contributor-last send
4191		Setting default values for Pod's "resources"?		7	3y	8mo	8mo		lifecycle/frozen priority/important-longterm	commented contributor-last recv-q send
3992		Add non-CRD yaml file		4	4y	4wk	10mo		priority/important-soon area/deploy	author-last commented recv
3640		Challenge Records Not Always Cleaned Up PR#7286: Only remove the cleanup finalizer if the cleanup succeeds commented		3	4y	6wk	3y		kind/bug priority/important-longterm area/acme	commented open-milestone pr-merged pr-reviewed-with-comment pr-unreviewed recv recv-q
3521		Integration with ExternalDNS		4 48	4y	4wk	6mo		help wanted lifecycle/frozen kind/feature priority/important-longterm	commented recv-q
3381		Setup separate package for cert-manager API		5	4y	5mo	9mo		lifecycle/frozen kind/feature priority/important-soon	assigned assignee-updated commented contributor-last send
3298		Let's encrypt certificate caching to mitigate rate limits problems		3 5 21	4y	6wk	1y		help wanted kind/feature priority/backlog	commented send
3103		Adding probes to the cert-manager pods		9	4y	2mo	2y		good first issue help wanted kind/feature priority/important-longterm area/deploy	commented recv-q send
2930		Mirror to gcr.io or dockerhub		2 28	5y	3mo	1y		lifecycle/frozen kind/feature priority/important-soon area/deploy	assigned assignee-updated commented contributor-last send
2722		Inject CA certificate into Secrets with cainjector		26	5y	19d	3y		kind/feature priority/awaiting-more-evidence lifecycle/stale	commented contributor-last recv-q send
5867		Controller can't handle hitting request rate limits of zerossl ACME API		7 12 31	2y	2mo	11mo		lifecycle/frozen kind/bug priority/important-soon	commented pr-closed pr-merged recv-q send
2525		Better support multi-namespace & single-namespace deployments Similar: #7684: Add support for namespaced deployment (open)		26	5y	6wk	1y		lifecycle/frozen kind/feature priority/important-longterm area/deploy	commented contributor-last open-milestone pr-closed send similar
2538		cert-manager does not use ingress.class from Ingress annotated with cert-manager.io/cluster-issuer Similar: #6184: Conflicting ingressClassName http01 issuer spec and acme.cert-manager.io/http01-ingress-class annotation (open) Similar: #66: ClusterIssuer not responding to ingress annotations (open)		75	5y	10mo	2y		area/api help wanted lifecycle/frozen kind/feature priority/backlog	commented send similar
4950		General flakiness of our end-to-end suite		3	3y	11mo	2y		lifecycle/frozen priority/important-longterm kind/flake	commented member-last pr-closed pr-merged send
2334		Add network policy allowance into documentation		24	5y	4wk	2y		good first issue help wanted kind/documentation priority/backlog area/deploy	commented pr-merged send
2178		Handling 'unregistering' certificates from Venafi TPP		22	5y	1y	1y		lifecycle/frozen kind/feature priority/important-longterm area/venafi	commented member-last send
1292		Allowing skipping HTTP01 and DNS01 self-check on a per-solver basis		17 4 222	6y	4wk	3y		area/api help wanted kind/feature priority/important-longterm area/acme	commented pr-closed recv-q send
2478		Allow CA issuer secret rotation		2 68	5y	3wk	5y		kind/feature priority/important-longterm area/ca	commented recv recv-q
1168		docs: Add info about client side certificate rotation best practices.		27	6y	5y	5y		help wanted lifecycle/frozen kind/documentation priority/backlog	commented contributor-last pr-closed send
7184		Helm chart: add ability to add appprotocol to port in service PR#7652: Helm chart: add ability to add appprotocol to port in service commented		3	11mo	15d	9mo		good first issue kind/feature priority/backlog	author-last commented pr-reviewed-with-comment recv recv-q
7768		Stuck in a loop with `multiple challenge solver pods found for challenge`			16d	16d	16d		kind/bug	recv
6716		leader election namespace should default to `.Release.Namespace`, not `kube-system` PR#7764: Doc: Add leaderElection.namespace recommendation unreviewed		3 28	1y	18d	11mo		lifecycle/frozen kind/bug triage/not-reproducible	commented pr-closed pr-unreviewed recv-q send
2239		Create a CertificatePreset resource type to allow configurable defaulting		2 96	5y	2mo	9mo		area/api kind/feature priority/backlog priority/important-soon	commented pr-closed pr-unreviewed send
1715		The ingress annotation `cert-manager.io/secret-template` is not documented			2d	2d				contributor-last
1695		Create redirects for cert-manager annotations PR#1696: Create redirects for cert-manager annotations new-commits Similar: #125: Is it too late to align cert-manager annotations? (open) Similar: #38: Route with cert-manager annotations is not created (open)			4wk	4wk	4wk			pr-new-commits recv similar
1692		Restoring from backup removes essential uid in ownerReferences, breaking Ingress-Certificate relationship			4wk	4wk	4wk			author-last recv
1643		Let's Encrypt Ending Support for Notification Emails			4mo	4mo	4mo			recv
1625		Configuration issue potentially leading to a memory leak			4mo	4mo	4mo			recv
1623		Claim about v1beta1/v1alpha2 support for gateway api is misleading			4mo	4mo	4mo			recv
1620		Cert Manager allows the creation of Illegal wilcard SANs			5mo	5mo	5mo			recv
1609		Azure DNS Documentation Update Similar: #1101: Feature request for updating documentation. (open)			6mo	5mo	6mo			author-last recv recv-q similar
1608		Renaming Securing NGINX-ingress to ingress-nginx Similar: #866: Securing NGINX-ingress (open) Similar: #326: Securing Ingresses with Venafi (open)			6mo	6mo	6mo			recv similar
1596		Wrong key for cloudflare secret ref in DNS Validation tutorial page			7mo	7mo	7mo			recv
1585		Broken install instructions due wrong cert_manager_latest_version - v1.16.1			8mo	8mo	8mo			recv
1552		Broken inbound link from IBM			9mo	9mo	9mo			recv
1549		Brand guideline page			9mo	9mo	9mo		priority/backlog	contributor-last recv
1546		Self upgrade PRs don't run checks			9mo	9mo	9mo			commented member-last
1490		GKE tutorial falsely claims it's possible to create LE certificate without domain (only IP)			1y	8mo	1y			author-last recv
1473		Add ArtifactHub packages to website			1y	9mo	1y		priority/backlog	recv
1425		The `issuer.vault.spec.caBundleSecretRef` docs are missing			1y	11mo			priority/important-soon
1388		Create a section for sane `Certificate` defaults Similar: #3958: Sane defaults for Certificate revision history limit (closed)			1y	1y				similar
1262		v1.9 to v1.10 upgrade instructions does not mention container name change			2y	3mo	11mo		priority/backlog	assigned assignee-updated commented member-last send
1261		Switch to Docusaurus?			2y	2y
1194		Confusing paragraph - cert-manager integration.			2y	9mo	2y		documentation priority/important-longterm	commented member-last send
1186		Document that/why we don't use Helm's CRD installation mechanism			2y	11mo	11mo		good first issue priority/important-longterm kind/documentation	assigned assignee-updated commented member-last send
1174		Document the docker images and how to find them			2y	2y	2y		good first issue priority/important-soon kind/documentation	commented member-last send
1168		Rendering issues for generated API docs			2y	2y	2y			commented member-last pr-merged
1125		Describe cert-manager feature policy			2y	2y	2y			contributor-last recv recv-q
1063		"Securing Ingresses with Venafi" tutorial contains link to missing manifest			2y	8mo	2y		priority/important-longterm	author-last pr-merged recv
1062		Document process for offboarding maintainers Similar: #1061: Document onboarding process for new maintainers (open)			2y	2y	2y			recv similar
1061		Document onboarding process for new maintainers Similar: #1062: Document process for offboarding maintainers (open)			2y	2y	2y			recv similar
1054		Run spell checker in a pre-commit hook			2y	2y	2y		good first issue kind/cleanup	recv
998		Documentation venafi configuration references venafi documentation page which returns 403			3y	2y	3y			contributor-last recv
993		Document which resources do/do not get garbage collected			3y	3y	3y		good first issue	contributor-last recv
975		Some pages do not make it clear what the user should read next			3y	8mo			priority/important-longterm
955		Document when the vault pki role required setting `require_cn=false`			3y	8mo			priority/important-soon
944		Document how to install cert-manager in a different namespace		3	3y	1y	3y		good first issue	recv recv-q
899		Upgrading from v1.7 to v1.8 check command should exclude null. PR#1589: Apply change proposed in issue 899 approved		2	3y	8mo	8mo		priority/important-soon	commented member-last pr-approved send
1101		Feature request for updating documentation. Similar: #1609: Azure DNS Documentation Update (open)			2y	9mo	9mo		priority/backlog	commented member-last send similar
868		Document RBAC Similar: #844: Document feature gates (open)			3y	3y	3y			contributor-last recv similar
866		Securing NGINX-ingress Similar: #1608: Renaming Securing NGINX-ingress to ingress-nginx (open) Similar: #326: Securing Ingresses with Venafi (open)			3y	3y	3y			recv similar
850		Document available cert-manager Prometheus metrics Similar: #136: Document available metrics (open)			3y	2y	3y		documentation good first issue priority/important-longterm	recv recv-q similar
844		Document feature gates Similar: #868: Document RBAC (open)			3y	3y	3y			recv similar
841		remove dependency on golang from cmctl and kubectl-plugin installation documentation			3y	3y	3y			contributor-last pr-merged recv recv-q
836		Syncing Secrets Across Namespaces			3y	3y	3y			recv
847		missing documentation/information olm based installation metric prometheus			3y	3y	3y			contributor-last recv
802		Spelling errors are unclear in pull request CI results and spell checker is unmaintained			3y	9mo			kind/bug priority/important-soon	contributor-last pr-merged
758		API reference docs: enum values not documented with typedef			3y	3y	3y			recv
706		Default key usages			3y	3y	3y			recv
697		[IRSA] Needs `runAsUser: 1001`			3y	8mo	8mo			commented member-last pr-merged send
693		Azure DNS pod identity incorrectly documents principal_id			3y	2y	3y			author-last commented recv recv-q
672		List required Google CloudDNS permissions exhaustively			3y	3y	3y			recv
642		Move/ link to Webhook debugging docs			3y	3y
662		Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"			3y	3y	3y			recv
604		Make it so that it is easier to find the doc for fixing webhook issues			4y	3y	4y			contributor-last recv
568		Add a diagram for LetsEncrypt cert issuance flow to the docs		4	4y	4y	4y			recv
561		Certificate Resources Similar: #560: Support rotated certificate sources (open)			4y	4y	4y			recv similar
554		HTTP Validation, privateKeySecretRef			4y	4y	4y			contributor-last recv
583		cert-manager with ZeroSSL		45	4y	2y	2y			commented send
549		Effort towards a more user-friendly website			4y	4y
542		Document the Istio VirtualService HTTP01 configuration options			4y	4y
543		Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates		4	4y	4y	4y			commented member-last send
484		Please add anchor tags to your subheadings			4y	4y	4y		priority/backlog kind/documentation	commented contributor-last pr-merged recv
469		DNS01: Delegated Domains for DNS01 example yaml solvers list items			4y	4y	4y			recv
466		installation/compatiblity			4y	4y	4y			recv
776		Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret			3y	3y	3y			commented member-last send
457		cainjector docs are missing the option to inject certs in apiservice resources			4y	4y	4y			recv
425		Document ocspServers			4y	4y	4y		kind/documentation	commented member-last
401		Bring tutorials up to date			4y	2y	2y		priority/important-longterm	commented member-last send
386		Uninstalling on Kubernetes - How to delete all those user created resources?			4y	4y	4y			contributor-last recv
354		DigitalOcean access-token should not be base64-encoded			4y	4y	4y		priority/awaiting-more-evidence	author-last recv recv-q
326		Securing Ingresses with Venafi Similar: #1608: Renaming Securing NGINX-ingress to ingress-nginx (open) Similar: #866: Securing NGINX-ingress (open)			4y	4y	4y			contributor-last recv similar
414		Explain cert-manager repo structure		2	4y	4y	4y		priority/backlog kind/documentation	assigned assignee-updated commented member-last pr-closed pr-merged send
295		Route53			4y	4y	4y		kind/documentation	commented member-last send
237		docs for ACMEChallengeSolverHTTP01Ingress doesn't specify what `class` values are available			5y	4y	5y		priority/backlog kind/documentation	contributor-last pr-closed recv
320		Document how to install cert-manager using gitops and known issues with particular gitops implementations		5	4y	2y	4y		documentation help wanted priority/backlog	commented pr-merged recv-q
232		Document keystored in usage/certificate			5y	4y	5y		priority/backlog kind/documentation	contributor-last recv
228		Documentation needs correction for external-account-bindings			5y	2mo	5y		good first issue priority/backlog kind/documentation	contributor-last pr-merged recv
223		Document wildcard certificate tutorial			5y	4y	5y		priority/important-longterm kind/documentation	commented contributor-last send
197		Document ACME account mismatch			5y	3mo	5y		good first issue priority/backlog kind/documentation	recv recv-q
195		Document keystores			5y	2y	4y		priority/important-soon kind/documentation	commented contributor-last send
174		Add documentation for CRD conversion webhook ca injection			5y	4y	4y		help wanted priority/important-soon kind/documentation	commented member-last send
155		Add 'unreleased version' & 'old version' warning banner to non-latest versions of docs			5y	4y	5y		kind/feature priority/backlog	commented contributor-last
130		FAQ: How does cert-manager handle ingresses with valid TLS secrets?			5y	4y	5y		help wanted priority/backlog kind/documentation	contributor-last recv
76		Upgrading from v0.10 to v0.11 - missing cainjector annotation			5y	4y	5y		priority/backlog kind/documentation	contributor-last recv
1257		ErrRegisterACMEAccount			2y	2y	2y			recv
1586		Now that cert-manager 1.16 has been released, `--set config.enableGatewayAPI=true` is now the recommended approach for projects that show instructions on how to enable cert-manager's gateway API support, especially on visible projects like Cilium:			8mo	8mo				pr-merged
1241		Remove Bitnami kubeprod as installation method			2y	2y	2y			recv
532		Rework of the landing page (cert-manager.io)		3	4y	3y	4y		help wanted good first issue	commented member-last send
234		Backup and Restore Resources		3	5y	4y	4y		priority/backlog kind/documentation	commented member-last pr-merged send
79		Design for partial automation of release process			3y	3y	3y			commented member-last send
42		Publish latest release number as part of creating a final release			3y	3y	3y			commented member-last send
19		Incorrect command line help: should include a --branch argument			4y	4y	4y		kind/cleanup	commented contributor-last
2		Set up periodic job to publish an experimental release build			5y	4y			priority/backlog	assigned contributor-last
31		Move the manual steps of our release process to cmrel commands			4y	3y	3y			commented member-last pr-closed
534		helm value app.certmanager.additionalAnnotations interprets "JSON like" string as json and cannot render mainfests PR#537: fix: make handling of additionalAnnotations more robust unreviewed			7wk	7wk	7wk			author-last pr-unreviewed recv
501		Error logs not very helpful			3mo	3mo	3mo			recv
516		Add PodDisruptionBudget to helm chart PR#517: Add `PodDisruptionBudget` to helm chart unreviewed			3mo	3mo	3mo			pr-unreviewed recv
413		Panic: runtime error on new installation			8mo	7mo	8mo			author-last recv recv-q
287		Getting Readiness probe failed when using cert-manager-istio-csr Similar: #84: csr readiness probe failed, istio ingress pod also failed (open)			1y	1y	1y			author-last recv recv-q similar
283		Document / improve that sometimes the issuer needs to set `ca.crt`			1y	1y
244		Populate Subject Fields in Certificate			1y	8mo	1y			contributor-last recv
224		ClusterRole & ClusterRoleBindings for istio-csr			2y	2y	2y			recv
223		False positive warnings from trivy and dependabot		7	2y	1y
213		charts.jetstack.io beding cluster presents a challenge and breaks deployment			2y	2y	2y			recv
211		Add custom annotations to deployment			2y	1y	2y			pr-closed pr-merged recv
197		add the compatibility matrix for Kubernetes versions to README			2y	2y	2y			recv
176		certificateDuration is not used for the Istio CSR generated certificate requests PR#469: Add app.server.certificateDuration commented Similar: #119: Certificate is re-requested when container restarts (open) Similar: #14: Annotation generates CertificatesRequests repeatedly until blocked by letsencrypt (open)			2y	6mo	2y			pr-closed pr-reviewed-with-comment recv recv-q similar
161		updating ConfigMap data doesn't stop			3y	3y	3y			contributor-last recv recv-q
155		Invalid certificate chain when using Vault with Intermediate CA			3y	2y	3y			recv recv-q
153		It is possible to have several CAs within the same cluster.		3	3y	7mo	2y			commented send
145		*Not able to use Istio-CSR in istio(1.13.)**			3y	3y	3y			author-last pr-closed recv
141		Istio-csr pods were hung unable to handle request causes entire cluster downtime for new pods/expired pods.			3y	2y	3y			recv recv-q
138		istio-csr doesn't retry upon failed certificate requests			3y	2y	3y			contributor-last recv
137		Documentation on rotating the root certificate			3y	6wk	3y			recv recv-q
431		istio-csr pod healthz check fails for long time in v0.11.0 and v0.12.0			7mo	6mo	7mo			recv recv-q
133		latest supported cert-manager version with cert-manager-istio-csr?			3y	3y	3y			contributor-last recv
131		metrics to check certificate expiry for istio workloads ?			3y	3y	3y			contributor-last recv recv-q
130		Document best-practices for minimal vault role configuration for istio-csr			3y	1y	3y			recv recv-q
108		[doc] confusion with `ca.pem` and Readiness probe failed on ingress and egress gateways			3y	3y	3y			author-last recv recv-q
106		Helm chart is failing with "certificate.spec.revisionHistoryLimit" issue Similar: #46: Ability to configure CertificateRequest revision history limit (open) Similar: #4071: Add a default value to RevisionHistoryLimit if none is provided in the Certificate (closed)			3y	3y	3y			contributor-last recv similar
87		Failing to integrate with GCP CAS			3y	3y	3y			contributor-last recv recv-q
84		csr readiness probe failed, istio ingress pod also failed Similar: #287: Getting Readiness probe failed when using cert-manager-istio-csr (open)		2	3y	1y	3y		support	recv recv-q similar
83		commonName required for AWS PCA			3y	3y	3y			recv recv-q
64		Is there way to hot restart envoy proxy using istio-csr? I'm trying to renew root certificate by changing the istio-ca secret manually. The workload does not pick the new root certificate unless I delete the workload pods			4y	4y	4y			recv recv-q
53		Generate workload certificates with DNS in the SAN			4y	4y	4y			recv recv-q
136		Document available metrics Similar: #850: Document available cert-manager Prometheus metrics (open)			3y	3y	3y			recv similar
118		E2E tests running against the wrong k8s version			3y	3y
117		public ca.crt aka caBundle is not being updated/propagated until the cert-manager and istiod components are restarted			3y	3y	3y			recv
113		Integrating with istio helm chart installs		15	3y	8mo	3y			recv recv-q
94		Can't get aws pca to work			3y	3y	3y			recv
449		Rotation Policy Constraint			1y	6mo	1y			contributor-last recv recv-q
394		Limit number of SANs by policy			1y	1y	1y			contributor-last recv
288		Feature: Take control of approval for the whole cluster		2	2y	1y	1y			commented member-last
638		Approver cannot find applicable policy			3wk	3wk	3wk			recv
216		Simplify configuration by creating RBAC by default PR#628: Grant cert-manager RBAC to use all policies by default unreviewed		2	2y	2mo			help wanted	contributor-last pr-merged pr-unreviewed recv-q
203		Improve CRD fields for specifying key requirements		3	2y	6mo				contributor-last recv-q
169		Webhook Custom CA			2y	6wk	2y		help wanted	contributor-last recv recv-q
466		Document How to Configure Common Scenarios			11mo	11mo	11mo			recv
271		Include binary artifacts your releases.			2y	2y	2y			recv
61		Flakey Tests in pull-cert-manager-approver-policy-verify Similar: #559: Flakey Tests in pull-cert-manager-approver-policy-test (open)			3y	3y			kind/bug	pr-merged similar
559		Flakey Tests in pull-cert-manager-approver-policy-test Similar: #61: Flakey Tests in pull-cert-manager-approver-policy-verify (open)			5mo	5mo	5mo			recv similar
505		Parameterize the name used in the managed-by label of the webhook CA Secret to distinguish it from the CA Secret created by cert-manager PR#619: Specify custom commonname for webhook dynamic authority commented			8mo	8mo				pr-reviewed-with-comment
452		CRDs in the Release files		3	1y	1y	1y			recv
632		High cpu and ram load on apiserver			3wk	3wk	3wk			recv
592		Feature: ClusterTrustBundle as Sources Similar: #591: Feature: ClusterTrustBundle as Target (open)			2mo	6wk				contributor-last similar
588		Add ability to monitor validity period for CAs in bundle		4	2mo	5wk	2mo		kind/feature help wanted	contributor-last recv recv-q
465		Installing trust-manager just after installing cert-manager makes it FAIL forever			7mo	2mo	2mo			commented contributor-last send
301		Add support for kubectl installation Similar: #197: Kubectl One-line Installation Support (open)			1y	5mo	1y		lifecycle/frozen	author-last commented open-milestone recv recv-q similar
245		Split Bundle controller into multiple controllers			2y	5mo	5mo		lifecycle/frozen	commented member-last send
629		The crds is not installed automatically when trust-manager is a sub-chart			5wk	5wk	5wk			recv
591		Feature: ClusterTrustBundle as Target Similar: #592: Feature: ClusterTrustBundle as Sources (open)		2	2mo	6wk				contributor-last pr-merged similar
222		[Feature] - Ability to inject a CA cert into a cert-manager managed secret resource		15	2y	7d	2y		lifecycle/rotten	commented contributor-last pr-merged recv-q send
205		Allow to select multiple "trust" namespaces		26	2y	2d	2y			recv recv-q
142		expose bundles CRD as release artifact		9	2y	2mo	2y			author-last recv recv-q
242		New version of Bundle API PR#475: Replace webhook validations with CEL validation new-commits		2 4	2y	2mo	1y		lifecycle/frozen	commented contributor-last pr-merged pr-new-commits recv
131		Feature: per namespace trust bundle		4	2y	9d	2y		lifecycle/stale	contributor-last recv recv-q
99		Allow removing Bundles whilst keeping the synced CA certs		4	2y	5wk	2y		lifecycle/frozen	contributor-last pr-unreviewed
60		overriding trusted namespace		8 14	2y	1mo	11mo			commented contributor-last recv-q send
63		nit: Rename "Bundle" to "ClusterBundle"		15	2y	3wk	2y		lifecycle/stale	commented contributor-last open-milestone pr-merged send
39		Don't sync targets to all namespaces by default		7	2y	5wk	7mo		lifecycle/frozen	commented contributor-last open-milestone pr-merged send
58		Support injection pem into an existing configmap PR#395: WIP: feat: inject bundle data into configmap unreviewed PR#442: WIP: refactor: dedicated struct for building source data new-commits		8	2y	5wk	2y		priority/important-longterm lifecycle/frozen	assigned assignee-updated contributor-last pr-merged pr-new-commits pr-unreviewed recv
33		Support CRDs as target		5	3y	2mo	3y		priority/backlog	contributor-last recv recv-q
4		Feature: By default, require only self-signed certificates in a bundle			3y	2mo	2mo		kind/feature help wanted good first issue	commented member-last
560		Support rotated certificate sources Similar: #561: Certificate Resources (open) Similar: #7344: Support temporary certificates with annotated gateways (open)		18	3mo	19h	3mo			recv recv-q similar
297		Allow all resources to be namespaced Similar: #8: Question: namespace to install the resources (open)		4	1y	7d	1y		lifecycle/rotten priority/backlog	contributor-last recv recv-q similar
574		Add a top level variable called `enabled` to the Helm chart schema PR#578: feat: add toplevel enable value to helmchart unreviewed			2mo	2mo	2mo		help wanted good first issue	contributor-last pr-unreviewed recv recv-q
243		More flexible and better organized target specification in API		3	2y	5wk	2y		lifecycle/frozen	commented contributor-last pr-merged recv recv-q
231		### Question about Configuring Retries in cert-manager			2mo	2mo	2mo			recv
204		clarify SetCAOnCertificateRequest deprecation status			5mo	5mo	5mo			recv
385		Helm Install of cert-manager-csi-driver Fails on Minikube with /dev/bus/usb Errors			2mo	2mo	2mo			author-last recv
383		[Feature Request] Adding attributes that available in Certificate CRD to CSI Driver			2mo	2mo	2mo			recv
353		mismatch between the key and the certificate signature algorithm			5mo	5mo	5mo			recv
267		Does cert-manager-csi-driver support AWS EKS with AWS Fargate nodes?			1y	11mo	1y			recv
264		Certificate renewal doesn't change file 'modified date'			1y	1y	1y			recv
256		Broken comma-separated splitting logic			1y	1y
241		Missing cert-manager.io/revision-history-limit volume attributes for CSI-Driver		5	1y	1y	1y			recv
171		E2E Test Cleanup			1y	1y	1y		good first issue	commented member-last
136		SubPath support is broken or missing			2y	2y	2y			recv
134		Volume empty		4	2y	2y	2y			recv
130		JKS support		5	2y	1y	2y			recv recv-q
125		Is it too late to align cert-manager annotations? Similar: #1695: Create redirects for cert-manager annotations (open) Similar: #38: Route with cert-manager annotations is not created (open)			2y	2y	2y			recv similar
119		Certificate is re-requested when container restarts Similar: #176: certificateDuration is not used for the Istio CSR generated certificate requests (open)			2y	2y	2y			recv similar
116		Does csi-driver support Wìndows nodes?			2y	2y	2y			contributor-last recv
74		Investigate and change the default mounted host path for driver			3y	3y	3y			recv
45		Unable to mount and read only file error		5	3y	9mo	9mo		priority/awaiting-more-evidence	commented send
33		New key being used with old certificate			4y	4y	4y			recv
29		Deleting a pod with a cert-manager-csi volume mounted results in the pod termination hanging.			4y	4y	4y			recv
26		Cannot `chmod` a read only filesystem		14	4y	3y	4y			pr-closed recv recv-q
371		Specify private key algorithm/size PR#404: Add support for ECDSA and Ed25519 algorithms, make key size configurable unreviewed			4mo	6wk	4mo			pr-unreviewed recv
17		ability to specify pod IP in volume attributes		7	5y	6mo	5y			commented recv recv-q
21		MountVolume.SetUp failed: cannot set blockOwnerDeletion: cannot find RESTMapping for APIVersion core/v1 Kind Pod			5y	5y	5y			recv
132		Investigate test timeouts			1y	9mo			priority/backlog
129		Increase e2e test timeouts			1y	9mo			priority/important-longterm
128		Incorrect logger initialisation			1y	1y
42		Intermittent csi-driver-spiffe failure: Unable to mount cert			2y	2y	2y			commented member-last send
41		The default `csiDataDir` value might collide with csi-driver			2y	2y
38		Add Envoy Secret discovery service (SDS) support			2y	2y	2y			recv
19		Add support for certificate expiry configuration		6	2y	2y	2y			recv
39		csi-driver-spiffe vs csi-driver		5	2y	2y	2y			commented member-last send
174		Standby Replicas without lease use lots of CPU			2mo	2mo	2mo			recv
58		certificate cannot be renewed, error message: "key does not match certificate"		4	1y	1y	1y			recv recv-q
56		Support for destinationCaCertificate / Reencrypt Routes			1y	1y	1y			recv
38		Route with cert-manager annotations is not created Similar: #125: Is it too late to align cert-manager annotations? (open) Similar: #1695: Create redirects for cert-manager annotations (open)		4	2y	15d	2y			commented send similar
14		Annotation generates CertificatesRequests repeatedly until blocked by letsencrypt Similar: #176: certificateDuration is not used for the Istio CSR generated certificate requests (open)			2y	2y	2y			commented member-last send similar
46		Ability to configure CertificateRequest revision history limit Similar: #106: Helm chart is failing with "certificate.spec.revisionHistoryLimit" issue (open) Similar: #3958: Sane defaults for Certificate revision history limit (closed)		2	2y	2y	2y			recv similar
12		Does this plugin support DNS validation?			2y	2y	2y			recv
13		Can the plugin be configured to use a wildcard certificate?		2	2y	2y	2y			pr-closed recv recv-q
54		Same certificate in path based Routes		2	1y	3mo	1y			pr-closed recv
26		Missing CONTRIBUTING.md			2y	2y	2y			recv
116		Release static manifests (no helm) for v0.6.0-alpha.0+			7mo	7mo	7mo			recv
70		OLM deployment with ArgoCD is OutOfSync			3y	2y	2y			commented send
17		Operator prevents passing extraArgs helm value		7	4y	2y	4y			recv recv-q
46		Cert-manager operator fails to issue certificates			3y	3y	3y			recv
3		Restrict operator RBAC permissions			5y	9mo	5y		priority/backlog	pr-merged recv
22		Customize the deployment of cert-manager installed via OLM		5 6	4y	8mo	3y			commented recv recv-q
74		Consistency issues due to the use of mount binds			6mo	6mo	6mo			author-last commented recv recv-q
40		Optional auto rotating/renewing certificates			2y	1y	2y			contributor-last recv recv-q
33		Create e2e test to validate CertificateRequest garbage collection			2y	11mo	2y		priority/backlog	assigned recv
60		Support prometheus metrics PR#73: Support prometheus metrics commented			1y	7mo	7mo		priority/backlog	commented member-last pr-reviewed-with-comment send
8		Drivers can create CertificateRequests for pods that don't exist in very rare edge cases			4y	4y				contributor-last
15		Allow data-root to be an absolute path PR#71: Refactor filesystem.go and adapt tests to use a real file system commented			4y	2y			kind/bug triage/needs-information	contributor-last pr-reviewed-with-comment
56		Struggling to get controller running in local KIND cluster			3mo	6wk	6wk			commented member-last send
63		Is it possible to only create Issuer and remove the CluserIssuer			9d	9d	9d			recv
62		Limit the controller-manager to access secrets only from specific namespace			9d	9d	9d			recv
122		asdf cmctl installer issues		2	8mo	8mo	8mo			author-last commented recv
240		High risk vulnerability with oras-go version			19h	19h	19h			recv
128		cmctl always reports v0.0.0 in the user-agent header			8mo	3mo
127		cmctl version reports only the old CRD version if I upgrade cert-manager without including the CRDs			8mo	8mo			priority/important-soon
83		As cmctl user, I want to use different kubectl context on command line ( --context='kubectl-context-abc' )			1y	11mo	1y		priority/important-longterm	recv
700		Ensure optional periodics get run if relevant files change			3y	3y	3y			recv
626		Misconfiguration causing many errors in the hook logs			3y	3y
693		Set up periodics against 'previous previous' branch			3y	9mo	3y		priority/backlog	recv
690		Clean up Presets			3y	9mo	3y		priority/backlog	pr-merged recv
593		Document how updates to job config files make it to the Prow cluster			3y	3y	3y			recv
520		Document how infra images are built Similar: #594: Document infra image bumps and versioning (open)			4y	4y	4y			pr-merged recv similar
499		RBAC Rules for trusted prowjobs		2	4y	3y	4y			contributor-last recv
594		Document infra image bumps and versioning Similar: #520: Document how infra images are built (open)			3y	9mo	3y		priority/backlog	recv similar
81		Configuring Peribolos for Github org management			6y	9mo	9mo		priority/backlog	commented member-last send
656		Try out rootless containers for running jobs			3y	3y				pr-closed
492		Onboard with CertManager prow cluster for running CI tests for jniebuhr/aws-pca-issuer		2	4y	4y	4y		kind/feature	recv
653		Allow adding newly required presubmits that aren't run against older branches			3y	3y	3y			recv
691		Document how to test ProwJobs locally			3y	3y	3y			recv
602		Image build jobs always appear to error			3y	3y	3y			recv
202		Makefile Modules, Go Versions and Vendoring			8mo	8mo	8mo			commented contributor-last
154		Publish SBOMs			1y	10mo	10mo		kind/feature good first issue	commented member-last send
98		Document new release process for all repos			1y	11mo			priority/important-longterm	assigned
3		Migrating all cert-manager sub-projects to "Makefile modules"			2y	18d			priority/backlog
295		`make generate-golangci-lint-config` clobbers local exclusions added to the local config.			10d	10d
25		helm-tool inject sometimes omits the context (prefix) of commented out values in the generated markdown			1y	1y			kind/bug	contributor-last
26		helm-tool inject adds trailing white space to the generated markdown			1y	1y			kind/bug
43		Allow non-Venafi employee maintainers full release capabilities		2	6mo	4mo	4mo			assigned assignee-updated commented contributor-last recv
51		reviewer confusion			2mo	2mo	2mo			commented member-last
35		Post-Graduation Suggestion Tracker			9mo	9mo	9mo			commented member-last pr-merged
49		cannot create resource "godaddy" in API group			2y	2y	2y			recv recv-q
80		How to deal with K8s timelimit in 30s ?			6mo	6mo	6mo			recv
38		Set repository to be a GitHub template repository			3y	9mo	3y		priority/important-longterm	recv
81		How to enable leader election in the webhook?			4mo	4mo	4mo			recv
37		Add logging example			3y	11mo	3y			pr-closed recv
26		Guidance on how to deploy webhook solver into a kubernetes cluster		5	4y	2y	4y			pr-closed pr-unreviewed recv recv-q
10		How to add api key secret during testing		2	5y	4y	5y			pr-closed recv
8		Question: namespace to install the resources Similar: #297: Allow all resources to be namespaced (open)			5y	5y	5y			pr-closed pr-unreviewed recv similar
6		security description			6y	6y	6y			commented member-last send
63		make test prints the apiKey			1y	9mo	1y		priority/important-soon	recv
3		Make unit testing easier/make examples work			6y	9mo	3y		priority/important-longterm	commented member-last pr-closed send
27		failed with: OpenAPI spec does not exist		2 6	4y	9mo	2y		priority/critical-urgent	commented pr-closed pr-unreviewed send
72		readyz and healthz api			11mo	11mo	11mo			recv
74		Why cert-manager looks for a CNAME record instead of a TXT record?			10mo	10mo	10mo			recv
2		Set up basic e2e test that deploys the webhook and ensures we can POST a challenge			6y	6y
46		Code reference a pull request to be merged, but the pull request was closed by a robot			2y	2y	2y			recv
8		Find solution for automatically disabled GitHub Actions			10mo	10mo
18		Feature: Git bundles?			2mo	2mo
1		Feature request: output a boilerplate file			2y	2y
197		Kubectl One-line Installation Support Similar: #301: Add support for kubectl installation (open)			9mo	7mo	7mo			commented member-last send similar
94		admission webhook denied GoogleCASIssuer must be one of Issuer or ClusterIssuer			2y	2y	2y			recv
66		ClusterIssuer not responding to ingress annotations Similar: #2538: cert-manager does not use ingress.class from Ingress annotated with cert-manager.io/cluster-issuer (open)			3y	2y	3y			recv recv-q similar
162		Issue: Broken config when using commonLabels			1y	1y	1y			recv
57		README is slightly incomplete			3y	3y	3y			recv
53		Support crlDistributionPoints & ocspServers			3y	3y	3y		triage/support	commented send
49		Should surface certificateAuthorityId more clearly in docs			3y	3y	3y		documentation	recv
28		Certificate revocation from CAS Console			4y	4y	4y		triage/support	commented member-last send
65		Set revisionHistoryLimit to 1 to reduce load on the issuer			3y	7mo	7mo			author-last commented recv
148		Certificate chain is not split correctly PR#159: Split certificate chain commented		5	1y	1y	1y			author-last pr-reviewed-with-comment recv recv-q
133		Allow to use a custom Service Account PR#143: feat: allow creating or reusing an existing sa unreviewed		5	1y	10mo	1y			pr-unreviewed recv
102		certificate renewal does not work in due to auth issue to privatecaapi end point			2y	7mo	2y			recv
85		can't get cas issuer to work doesn't matter which way I go with number of issues		2	2y	2y	2y			recv