generic Quarterly Scrub :: Triage Party

Once every quarter, look for stale issues, reprioritize, and de-duplicate.

Issues nearing expiration (15)

Resolution: Close or label as frozen

Average age: 264.6d, Avg wait: 128.8d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
7749		Http and PROXY protocol		5	6mo	2d	6mo		lifecycle/stale	contributor-last recv
7717		After uninstalling cert-manager, ingress resources can still only be accessed via https			6mo	17d	6mo		lifecycle/stale	contributor-last recv
7660		cert-manager produces invalid (per RFC5280) certificates when `cert sign` usage is set along with another usage			7mo	3d	7mo		kind/bug lifecycle/stale	contributor-last recv recv-q
7659		Challenge and resolver pod/ingress killed too soon		2	7mo	17d	7mo		lifecycle/stale	contributor-last recv
7625		Clean install fails to create Issuer		4	8mo	2wk	8mo		kind/bug lifecycle/stale	contributor-last recv recv-q
7594		Cloudflare delegated domains returns Found no Zones for domain _acme-challenge.mydomain.com			8mo	19d	8mo		kind/bug lifecycle/stale	contributor-last recv
7536		Digicert ACME order is failing due to invalid validity_years			9mo	17d	9mo		lifecycle/stale	contributor-last recv
7288		Missing UID in webhook challenge request			1y	3d	1y		kind/bug priority/backlog lifecycle/stale	contributor-last recv
7741		Certmanager attempts infinite renewals if the Issuer Certificate read from Vault has expired		3	6mo	2d	6mo		kind/bug lifecycle/stale	commented contributor-last recv
7520		ClusterIssuer read caBundle from Secret PR#7521: ClusterIssuer read caBundle from Secret unreviewed		4	9mo	3wk	6mo		kind/feature lifecycle/stale	commented contributor-last pr-unreviewed send
7275		Allow adding new fields such as unhealthyPodEvictionPolicy to the PDB PR#7728: Add unhealthyPodEvictionPolicy to supported PDB options commented		5	1y	17d	6mo		kind/feature priority/awaiting-more-evidence lifecycle/stale	commented contributor-last pr-closed pr-reviewed-with-comment send
7654		Implement fallback for git_version creation in forked environments			7mo	5d	7mo		release-note-none size/S kind/cleanup needs-ok-to-test lifecycle/stale dco-signoff: yes	commented contributor-last reviewed-with-comment send
7728		Add unhealthyPodEvictionPolicy to supported PDB options			6mo	7d	7d		release-note approved lgtm do-not-merge/hold kind/feature size/M lifecycle/stale dco-signoff: yes ok-to-test area/deploy	commented contributor-last recv-q reviewed-with-comment send
7725		chore: allow additional properties in Helm setup #7668		2	6mo	15d	6mo		size/XS release-note-none needs-ok-to-test lifecycle/stale dco-signoff: no area/deploy needs-kind	commented contributor-last send unreviewed
465		Installing trust-manager just after installing cert-manager makes it FAIL forever			1y	6wk	7wk		lifecycle/stale	author-last commented recv

Features that deserve a follow-up comment (14)

Resolution: Comment or close the issue

Average age: 450.8d, Avg wait: 180.0d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
7914		Output tls.crt in CA cert to another secret			3mo	3mo	3mo		kind/feature	recv
7645		Support cross-signed intermediate CAs issued with Vault		2	7mo	4mo	7mo		kind/feature	author-last recv
7510		Key Size for Acme Account Key PR#7646: Support custom ACME account key type. new-commits			10mo	5mo	10mo		kind/feature	pr-new-commits recv
7311		helm schema validation should validate `featureGates`			1y	4mo	5mo		kind/feature priority/backlog	commented contributor-last recv
7684		Add support for namespaced deployment Similar: #2525: Better support multi-namespace & single-namespace deployments (open)			7mo	4mo	7mo		kind/feature	contributor-last pr-merged recv recv-q similar
7184		Helm chart: add ability to add appprotocol to port in service PR#7652: Helm chart: add ability to add appprotocol to port in service commented		3	1y	5mo	1y		good first issue kind/feature priority/backlog	author-last commented pr-reviewed-with-comment recv recv-q
6754		Schedule certificate renewal outside business hours PR#7399: Add renew window to restrict when certificate renewal can happen unreviewed PR#8139: feat(design): adding initial design for certificate renewal commented		12	2y	5mo	2y		kind/feature priority/important-longterm	pr-closed pr-reviewed-with-comment pr-unreviewed recv recv-q
6472		Create TLSA records automatically		14	2y	3mo	2y		kind/feature priority/backlog	author-last recv
6662		support overriding of ttl in cloudflare		2	2y	5mo	1y		kind/feature priority/backlog	author-last commented recv
5540		Changelog annotations to chart			3y	3mo	3y		kind/feature priority/backlog	author-last recv
7766		Certificate: Let me specify the concatenation order for CombinedPEM output format			5mo	5mo	5mo		kind/feature	author-last recv recv-q
7834		Provide race condition mitigation support			4mo	4mo	4mo		kind/feature	recv
7772		Reviewing the use of https://github.com/SSLMate/go-pkcs12			5mo	5mo	5mo		kind/feature	contributor-last recv recv-q
6010		Support the ACME Renewal Information (ARI) extension		7	2y	5mo	5mo		kind/feature	author-last commented recv recv-q

Features that have not been commented on within 90 days (31)

Resolution: Comment or close the issue

Average age: 940.5d, Avg wait: 81.2d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
7829		Support to auto delete Certificaterequest Similar: #8121: Support for Creating CertificateRequest from Kubernetes Secret (open) Similar: #7821: Request to support AWS ACM Exportable certificates (open) Similar: #7688: Feature Request: Vertical Pod Autoscaler Support for cert-manager (open)			4mo	4mo	4mo		kind/feature	commented contributor-last send similar
7514		Replace some of the webhook functionality with `ValidatingAdmissionPolicy` & CEL			10mo	3mo	3mo		kind/feature priority/important-longterm	commented member-last send
6470		ingress-shim: allow to impersonate ingress-creator instead of using cert-manager serviceaccount			2y	1y	1y		lifecycle/frozen kind/feature priority/backlog	commented contributor-last send
6210		Flag to write/sync secrets to a namespace other than the namespace where the Certificate object is created		5	2y	4mo	2y		kind/feature priority/backlog	commented send
6051		Detecting Gateway hostnames based on attached HTTPRoutes PR#7839: Design: support Gateway API's new XListenerSet resource commented		5 26	2y	3mo	4mo		lifecycle/frozen kind/feature priority/important-longterm	commented pr-merged pr-reviewed-with-comment send
5904		Support Azure Private DNS Zones for DNS Challenge		4 6 19	2y	4mo	4mo		kind/feature	commented contributor-last recv-q send
3381		Setup separate package for cert-manager API		5	5y	10mo	10mo		lifecycle/frozen kind/feature priority/important-soon	assigned assignee-updated commented member-last send
3103		Adding probes to the cert-manager pods		9	5y	4mo	2y		good first issue help wanted kind/feature priority/important-longterm area/deploy	commented contributor-last recv-q send
2930		Mirror to gcr.io or dockerhub		2 29	5y	8mo	11mo		lifecycle/frozen kind/feature priority/important-soon area/deploy	assigned assignee-updated commented contributor-last send
2538		cert-manager does not use ingress.class from Ingress annotated with cert-manager.io/cluster-issuer Similar: #6184: Conflicting ingressClassName http01 issuer spec and acme.cert-manager.io/http01-ingress-class annotation (open)		75	5y	1y	2y		area/api help wanted lifecycle/frozen kind/feature priority/backlog	commented send similar
2178		Handling 'unregistering' certificates from Venafi TPP		22	6y	1y	1y		lifecycle/frozen kind/feature priority/important-longterm area/venafi	commented member-last send
2525		Better support multi-namespace & single-namespace deployments Similar: #7684: Add support for namespaced deployment (open)		26	5y	6mo	2y		lifecycle/frozen kind/feature priority/important-longterm area/deploy	commented contributor-last open-milestone pr-closed send similar
2239		Create a CertificatePreset resource type to allow configurable defaulting		2 3 99	6y	5mo	5mo		area/api kind/feature priority/backlog priority/important-soon	commented member-last pr-closed pr-unreviewed send
155		Add 'unreleased version' & 'old version' warning banner to non-latest versions of docs			5y	5y	5y		kind/feature priority/backlog	commented contributor-last
588		Add ability to monitor validity period for CAs in bundle		5	7mo	3mo	3mo		kind/feature help wanted	commented member-last send
4		Feature: By default, require only self-signed certificates in a bundle			4y	4mo	4mo		kind/feature help wanted good first issue	commented member-last send
154		Publish SBOMs			1y	1y	1y		kind/feature good first issue	commented member-last send
14 previously listed items omitted: #7914 #7834 #7772 #7766 #7684 #7645 #7510 #7311 #7184 #6754 #6662 #6472 #6010 #5540

Bugs that deserve a follow-up comment (13)

Resolution: Comment or close the issue

Average age: 556.5d, Avg wait: 306.0d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
7864		failed to call webhook: certificate has expired or is not yet valid		2	4mo	3mo	4mo		kind/bug	recv recv-q
7768		Stuck in a loop with `multiple challenge solver pods found for challenge`			5mo	5mo	5mo		kind/bug	recv
7765		Propagation tests fails when using IPv6 recursive DNS nameservers			5mo	5mo	5mo		kind/bug	recv
7760		Is the zone responsible for a domain changes, cert-manager will not pick it up			6mo	6mo	6mo		kind/bug	author-last recv
7649		[GKE][Cert-Manager]Document Might Need Implementation Details Update to GSA/KSA Integration			7mo	5mo	7mo		kind/bug	author-last recv recv-q
7476		[Helm Chart] - Wrong handling of image registry and repository		4	11mo	3mo	11mo		kind/bug	recv recv-q
7438		certificate not updated after enabling SSA			11mo	5mo	11mo		kind/bug	author-last recv
7002		Confusing messaging when certificate secret name already exist			2y	4mo	5mo		good first issue help wanted kind/bug priority/backlog	assigned assignee-updated author-last commented recv
7234		Stale/Stuck Challenges should be deleted after a given timeout PR#7286: Only remove the cleanup finalizer if the cleanup succeeds commented PR#7897: wip: add retry mechanism for challenge solver whenever we detect unauthorized error new-commits		4	1y	3mo	1y		kind/bug priority/important-soon	assigned assignee-updated commented contributor-last open-milestone pr-closed pr-new-commits pr-reviewed-with-comment recv recv-q
6741		ACME account private key and URI are not updated if the path of the ACME server is changed		5	2y	1y	2y		lifecycle/frozen kind/bug priority/important-soon	contributor-last recv
5048		certificate not renewed for ingress with multiple hosts and http01-edit-in-place		4	3y	5mo	3y		kind/bug priority/backlog	author-last commented recv recv-q
5917		Waiting for DNS-01 challenge propagation: DNS record for mydomain.com not yet propagated		39	2y	2mo	2y		kind/bug priority/important-longterm	assigned assignee-updated recv recv-q
3640		Challenge Records Not Always Cleaned Up PR#7286: Only remove the cleanup finalizer if the cleanup succeeds commented		4	4y	2mo	3y		kind/bug priority/important-longterm area/acme	commented open-milestone pr-merged pr-reviewed-with-comment pr-unreviewed recv recv-q

Bugs that have not been commented on within 60 days (19)

Resolution: Comment or close the issue

Average age: 593.9d, Avg wait: 209.4d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
7959		Failed to generate serving certificate, retrying..." err="no tls.Certificate available yet, try again later" Similar: #7138: Failed to generate serving certificate (open)			3mo	2mo	2mo		kind/bug	commented send similar
6969		Should upgrade status managed fields from CSA to SSA when ServerSideApply feature gate enabled			2y	1y	2y		lifecycle/frozen kind/bug priority/important-longterm	commented contributor-last send
6622		`make update-licenses` is non-deterministic.			2y	5mo	5mo		kind/bug	commented member-last pr-merged pr-unreviewed
6331		CSR not signed by referenced private key		10	2y	5mo	2y		kind/bug priority/important-soon	commented recv-q send
5959		`ImagePullBackoff` on `cm-acme-http-solver` pod, if using private registries		22	2y	1y	2y		lifecycle/frozen kind/bug priority/important-longterm	commented contributor-last recv-q send
5867		Controller can't handle hitting request rate limits of zerossl ACME API		7 12 31	2y	7mo	1y		lifecycle/frozen kind/bug priority/important-soon	commented pr-closed pr-merged recv-q send
13 previously listed items omitted: #7864 #7768 #7765 #7760 #7649 #7476 #7438 #7234 #7002 #6741 #5917 #5048 #3640

Items that deserve a follow-up comment (87)

Resolution: Comment or close the issue

Average age: 780.6d, Avg wait: 746.7d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
8082		EOF during self check with Pomerium			2mo	2mo	2mo			recv
8023		ACME issuer fails when CA includes Name Constraints with x509: unhandled critical extension			2mo	2mo	2mo			author-last commented recv recv-q
7822		Tracking: Kubernetes Gateway API follow up tasks		5	4mo	4mo	4mo			recv
7779		RevisionHistoryLimit should follow Kubernetes definition			5mo	5mo	5mo			recv
7755		cert-manager-challenges Error presenting challenge: expected array of Record			6mo	6mo	6mo			recv recv-q
6820		Ongoing dependency evaluation			2y	1y	2y		lifecycle/frozen priority/important-longterm	contributor-last recv
6799		ACME challenges stopped working after 1.13/1.14 update			2y	5mo	2y		priority/critical-urgent	commented recv recv-q
1643		Let's Encrypt Ending Support for Notification Emails			9mo	3mo	9mo			recv
1625		Configuration issue potentially leading to a memory leak			9mo	9mo	9mo			recv
1623		Claim about v1beta1/v1alpha2 support for gateway api is misleading			9mo	9mo	9mo			recv
1620		Cert Manager allows the creation of Illegal wilcard SANs			10mo	10mo	10mo			recv
1609		Azure DNS Documentation Update Similar: #1101: Feature request for updating documentation. (open)			11mo	10mo	10mo			author-last commented recv similar
1608		Renaming Securing NGINX-ingress to ingress-nginx			11mo	11mo	11mo			recv
1473		Add ArtifactHub packages to website			2y	1y	2y		priority/backlog	recv
1063		"Securing Ingresses with Venafi" tutorial contains link to missing manifest			3y	1y	3y		priority/important-longterm	author-last pr-merged recv
944		Document how to install cert-manager in a different namespace		3	3y	2y	3y		good first issue	recv recv-q
850		Document available cert-manager Prometheus metrics			3y	2y	3y		documentation good first issue priority/important-longterm	recv recv-q
484		Please add anchor tags to your subheadings			4y	4y	4y		priority/backlog kind/documentation	commented contributor-last pr-merged recv
1596		Wrong key for cloudflare secret ref in DNS Validation tutorial page			1y	1y	1y			recv
354		DigitalOcean access-token should not be base64-encoded			5y	4y	5y		priority/awaiting-more-evidence	author-last recv recv-q
237		docs for ACMEChallengeSolverHTTP01Ingress doesn't specify what `class` values are available			5y	5y	5y		priority/backlog kind/documentation	contributor-last pr-closed recv
232		Document keystored in usage/certificate			5y	5y	5y		priority/backlog kind/documentation	contributor-last recv
228		Documentation needs correction for external-account-bindings			5y	7mo	5y		good first issue priority/backlog kind/documentation	contributor-last pr-merged recv
197		Document ACME account mismatch			5y	9mo	5y		good first issue priority/backlog kind/documentation	recv recv-q
130		FAQ: How does cert-manager handle ingresses with valid TLS secrets?			5y	5y	5y		help wanted priority/backlog kind/documentation	contributor-last recv
76		Upgrading from v0.10 to v0.11 - missing cainjector annotation			5y	5y	5y		priority/backlog kind/documentation	contributor-last recv
1585		Broken install instructions due wrong cert_manager_latest_version - v1.16.1			1y	1y	1y			recv
1549		Brand guideline page			1y	1y	1y		priority/backlog	author-last recv
1490		GKE tutorial falsely claims it's possible to create LE certificate without domain (only IP)			1y	1y	1y			author-last recv
501		Error logs not very helpful			9mo	8mo	9mo			recv
431		istio-csr pod healthz check fails for long time in v0.11.0 and v0.12.0			1y	11mo	1y			recv recv-q
413		Panic: runtime error on new installation			1y	1y	1y			author-last recv recv-q
287		Getting Readiness probe failed when using cert-manager-istio-csr Similar: #84: csr readiness probe failed, istio ingress pod also failed (open)			2y	1y	2y			author-last recv recv-q similar
244		Populate Subject Fields in Certificate			2y	1y	2y			recv
176		certificateDuration is not used for the Istio CSR generated certificate requests			3y	2mo	3y			pr-closed recv recv-q
137		Documentation on rotating the root certificate			3y	6mo	3y			recv recv-q
130		Document best-practices for minimal vault role configuration for istio-csr			3y	2y	3y			recv recv-q
113		Integrating with istio helm chart installs		15	4y	1y	4y			recv recv-q
84		csr readiness probe failed, istio ingress pod also failed Similar: #287: Getting Readiness probe failed when using cert-manager-istio-csr (open)		2	4y	2y	4y		support	recv recv-q similar
667		Cannot create secret cert-manager-approver-policy-tls Similar: #559: Flakey Tests in pull-cert-manager-approver-policy-test (open)			3mo	2mo	3mo			commented contributor-last recv similar
638		Approver cannot find applicable policy			5mo	4mo	5mo			author-last recv recv-q
466		Document How to Configure Common Scenarios			1y	1y	1y			recv
452		CRDs in the Release files		3	1y	1y	1y			recv
650		Pod goes out of readiness			4mo	4mo	4mo			recv
629		The crds is not installed automatically when trust-manager is a sub-chart			6mo	4mo	6mo			recv recv-q
560		Support rotated certificate sources		29	9mo	4mo	8mo			commented recv recv-q
301		Add support for kubectl installation Similar: #197: Kubectl One-line Installation Support (open)			2y	10mo	2y		lifecycle/frozen	author-last commented open-milestone recv recv-q similar
279		Persisting identifiers for retry calls to Sign()			3mo	3mo	3mo			author-last recv recv-q
231		### Question about Configuring Retries in cert-manager			7mo	7mo	7mo			recv
385		Helm Install of cert-manager-csi-driver Fails on Minikube with /dev/bus/usb Errors			7mo	7mo	7mo			author-last recv
383		[Feature Request] Adding attributes that available in Certificate CRD to CSI Driver			8mo	8mo	8mo			recv
353		mismatch between the key and the certificate signature algorithm			10mo	10mo	10mo			recv
267		Does cert-manager-csi-driver support AWS EKS with AWS Fargate nodes?			1y	1y	1y			recv
264		Certificate renewal doesn't change file 'modified date'			1y	1y	1y			recv
241		Missing cert-manager.io/revision-history-limit volume attributes for CSI-Driver		6	2y	2y	2y			recv
130		JKS support		6	2y	2y	2y			recv recv-q
17		ability to specify pod IP in volume attributes		7	5y	11mo	5y			commented recv recv-q
204		Support for creating certificate for wildcard route Similar: #8121: Support for Creating CertificateRequest from Kubernetes Secret (open) Similar: #56: Support for destinationCaCertificate / Reencrypt Routes (open)			4mo	4mo	4mo			recv similar
174		Standby Replicas without lease use lots of CPU			7mo	7mo	7mo			recv
116		Release static manifests (no helm) for v0.6.0-alpha.0+			1y	1y	1y			recv
58		certificate cannot be renewed, error message: "key does not match certificate"		4	2y	2y	2y			recv recv-q
56		Support for destinationCaCertificate / Reencrypt Routes Similar: #204: Support for creating certificate for wildcard route (open)		2	2y	2y	2y			recv similar
54		Same certificate in path based Routes		2	2y	8mo	2y			pr-closed recv
46		Cert-manager operator fails to issue certificates			4y	4y	4y			recv
22		Customize the deployment of cert-manager installed via OLM		5 6	4y	1y	3y			commented recv recv-q
17		Operator prevents passing extraArgs helm value		7	5y	2y	5y			recv recv-q
3		Restrict operator RBAC permissions			5y	1y	5y		priority/backlog	pr-merged recv
74		Consistency issues due to the use of mount binds			11mo	11mo	11mo			author-last commented recv recv-q
40		Optional auto rotating/renewing certificates Similar: #8085: Feature Request: Add annotation to disable automatic certificate renewal (open)			3y	2y	3y			contributor-last recv recv-q similar
63		Is it possible to only create Issuer and remove the CluserIssuer			5mo	5mo	5mo			recv
62		Limit the controller-manager to access secrets only from specific namespace			5mo	5mo	5mo			recv
122		asdf cmctl installer issues		2	1y	1y	1y			author-last commented recv
83		As cmctl user, I want to use different kubectl context on command line ( --context='kubectl-context-abc' )		2	1y	1y	1y		priority/important-longterm	recv
693		Set up periodics against 'previous previous' branch			3y	1y	3y		priority/backlog	recv
690		Clean up Presets			3y	1y	3y		priority/backlog	pr-merged recv
594		Document infra image bumps and versioning			4y	1y	4y		priority/backlog	recv
81		How to enable leader election in the webhook?			9mo	9mo	9mo			recv
80		How to deal with K8s timelimit in 30s ?			11mo	11mo	11mo			recv
74		Why cert-manager looks for a CNAME record instead of a TXT record?			1y	1y	1y			recv
72		readyz and healthz api			1y	1y	1y			recv
46		Code reference a pull request to be merged, but the pull request was closed by a robot			2y	2y	2y			recv
38		Set repository to be a GitHub template repository			3y	1y	3y		priority/important-longterm	recv
37		Add logging example			3y	1y	3y			pr-closed recv
162		Issue: Broken config when using commonLabels			2y	2y	2y			recv
148		Certificate chain is not split correctly PR#159: Split certificate chain commented Similar: #3848: Wildcard certificates not being resolved correctly. (open)		5	2y	2y	2y			author-last pr-reviewed-with-comment recv recv-q similar
133		Allow to use a custom Service Account PR#143: feat: allow creating or reusing an existing sa unreviewed		5	2y	1y	2y			pr-unreviewed recv
102		certificate renewal does not work in due to auth issue to privatecaapi end point			2y	1y	2y			recv

Items that have not been commented on within 60 days (134)

Resolution: Comment or close the issue

Average age: 920.8d, Avg wait: 474.2d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
6709		1.14 Release Review		3	2y	1y	2y		lifecycle/frozen priority/important-soon	commented contributor-last send
6160		Helm Chart global repository PR#7558: feat: add (helm) global.imageRepository commented PR#8115: feat: implements `global.imageRegistry` and fixes #6160 commented		2	2y	9mo	9mo		lifecycle/frozen	commented member-last pr-reviewed-with-comment send
5298		Complete the Migration Away From Jetstack Names			3y	1y	2y		lifecycle/frozen kind/cleanup priority/important-soon	commented member-last send
4950		General flakiness of our end-to-end suite		3	3y	1y	3y		lifecycle/frozen priority/important-longterm kind/flake	commented member-last pr-closed pr-merged send
4191		Setting default values for Pod's "resources"?		7	4y	1y	1y		lifecycle/frozen priority/important-longterm	commented contributor-last recv-q send
1262		v1.9 to v1.10 upgrade instructions does not mention container name change			2y	8mo	1y		priority/backlog	assigned assignee-updated commented member-last send
1194		Confusing paragraph - cert-manager integration.			2y	1y	2y		documentation priority/important-longterm	commented member-last send
1186		Document that/why we don't use Helm's CRD installation mechanism			2y	1y	1y		good first issue priority/important-longterm kind/documentation	assigned assignee-updated commented member-last send
1101		Feature request for updating documentation. Similar: #1609: Azure DNS Documentation Update (open)			3y	1y	1y		priority/backlog	commented member-last send similar
697		[IRSA] Needs `runAsUser: 1001`			4y	1y	1y			commented member-last pr-merged send
414		Explain cert-manager repo structure		2	4y	4y	4y		priority/backlog kind/documentation	assigned assignee-updated commented member-last pr-closed pr-merged send
401		Bring tutorials up to date			4y	2y	2y		priority/important-longterm	commented member-last send
320		Document how to install cert-manager using gitops and known issues with particular gitops implementations		5	5y	2y	5y		documentation help wanted priority/backlog	commented pr-merged recv-q
234		Backup and Restore Resources		3	5y	4y	4y		priority/backlog kind/documentation	commented member-last pr-merged send
223		Document wildcard certificate tutorial			5y	5y	5y		priority/important-longterm kind/documentation	commented contributor-last send
195		Document keystores			5y	2y	5y		priority/important-soon kind/documentation	commented contributor-last send
174		Add documentation for CRD conversion webhook ca injection			5y	5y	5y		help wanted priority/important-soon kind/documentation	commented member-last send
1174		Document the docker images and how to find them			2y	2y	2y		good first issue priority/important-soon kind/documentation	commented member-last send
153		It is possible to have several CAs within the same cluster.		3	3y	1y	2y			commented send
394		Limit number of SANs by policy			2y	2y	2y			commented member-last send
288		Feature: Take control of approval for the whole cluster		2	2y	2y	2y			commented member-last
216		Simplify configuration by creating RBAC by default PR#628: Grant cert-manager RBAC to use all policies by default unreviewed		2	2y	7mo	7mo		help wanted	commented contributor-last pr-merged pr-unreviewed recv-q send
203		Improve CRD fields for specifying key requirements		3	2y	11mo	11mo			commented member-last send
169		Webhook Custom CA			2y	6mo	6mo		help wanted	commented contributor-last recv-q send
645		Unable to pass helm lint due to certificate yaml stripping too much whitespace			4mo	4mo	4mo			commented member-last send
245		Split Bundle controller into multiple controllers			2y	10mo	10mo		lifecycle/frozen	commented member-last pr-merged send
242		New version of Bundle API		2 4	2y	7mo	1y		lifecycle/frozen	commented pr-closed pr-merged
142		expose bundles CRD as release artifact		10	2y	3mo	3mo		help wanted	commented contributor-last recv-q send
99		Allow removing Bundles whilst keeping the synced CA certs		5	2y	6mo	6mo		lifecycle/frozen	commented member-last pr-unreviewed
205		Allow to select multiple "trust" namespaces		46	2y	3mo	4mo			commented send
63		nit: Rename "Bundle" to "ClusterBundle"		18	3y	4mo	4mo		lifecycle/frozen	commented member-last open-milestone pr-merged send
39		Don't sync targets to all namespaces by default		8	3y	6mo	6mo		lifecycle/frozen	commented member-last open-milestone pr-merged send
33		Support CRDs as target		5	3y	4mo	4mo		priority/backlog	commented member-last send
60		overriding trusted namespace		10 17	3y	3mo	7mo			commented recv-q send
58		Support injection pem into an existing configmap PR#395: WIP: feat: inject bundle data into configmap unreviewed		8	3y	6mo	6mo		priority/important-longterm lifecycle/frozen	assigned assignee-updated commented member-last pr-closed pr-merged pr-unreviewed send
204		clarify SetCAOnCertificateRequest deprecation status			10mo	5mo	5mo			commented member-last send
171		E2E Test Cleanup			2y	2y	2y		good first issue	commented member-last
45		Unable to mount and read only file error		5	4y	1y	1y		priority/awaiting-more-evidence	commented send
38		Route with cert-manager annotations is not created		4	2y	5mo	2y			commented send
70		OLM deployment with ArgoCD is OutOfSync			3y	3y	3y			commented send
60		Support prometheus metrics PR#73: Support prometheus metrics commented			2y	1y	1y		priority/backlog	commented member-last pr-reviewed-with-comment send
33		Create e2e test to validate CertificateRequest garbage collection			3y	1y	1y		priority/backlog	assigned commented member-last send
56		Struggling to get controller running in local KIND cluster			8mo	6mo	6mo			commented member-last send
264		commands should provide help when called w/o arguments if they require inputs			3mo	3mo	3mo			commented member-last send
81		Configuring Peribolos for Github org management			7y	1y	1y		priority/backlog	commented member-last send
202		Makefile Modules, Go Versions and Vendoring			1y	1y	1y			commented contributor-last
3		Migrating all cert-manager sub-projects to "Makefile modules"			2y	4mo	4mo		priority/backlog	commented member-last
35		Post-Graduation Suggestion Tracker			1y	1y	1y			commented member-last pr-merged
3		Make unit testing easier/make examples work			6y	1y	3y		priority/important-longterm	commented member-last pr-closed send
27		failed with: OpenAPI spec does not exist		2 6	4y	1y	2y		priority/critical-urgent	commented pr-closed pr-unreviewed send
197		Kubectl One-line Installation Support Similar: #301: Add support for kubectl installation (open)			1y	1y	1y			commented member-last send similar
83 previously listed items omitted