cert-manager + website + release Daily Triage

queue to be emptied once a day

Unprioritized issues older than 7 days (189)

Resolution: Add a priority/ or triage/ label

Average age: 226.8d, Avg wait: 93.2d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5467		External Key Generator			8d	8d	8d		kind/feature	recv
5455		Support assuming role for route53 in AWS China (and other partitions)			13d	13d	13d		kind/feature	recv
5454		make setup-integration-tests fail			13d	4d	13d		kind/bug	recv
5453		`cmctl convert` not working for converting certmanager.k8s.io/v1alpha1 to cert-manager.io/v1			13d	9d	13d		kind/bug	recv
5449		Gateway API exist, still getting error "the Gateway API CRDs do not seem to be present"			14d	14d	14d			recv
5448		how to disabled serverSideApply			15d	7d	15d		help wanted	recv
5440		Enable OpenSSF Scorecard Github Action and Badge PR#5441: Enable OpenSSF Scorecard Github Action and Badge unreviewed			18d	18d	18d		kind/feature	pr-unreviewed recv
5439		setting certificate attributes in certificate resources Similar: #561: Certificate Resources (open) Similar: #5416: get a certificate without an ingress resource (closed)			18d	6d	6d		kind/feature	collaborator-last commented send similar
5437		Issuer/ClusterIssuer support to specify vault token on local filesystem PR#5438: Add option tokenPath to Vault (cluster)issuer unreviewed			19d	19d	19d			pr-unreviewed recv
5435		Issuer/ClusterIssuer vault with mounted JWT token			19d	19d	19d			recv
5434		v1.7.3 still having "expired challenges" issue			19d	19d	19d		kind/bug	author-last recv
5433		Support certs that live for < 1h			2wk	2wk	2wk		kind/feature	recv
5432		Certificate renewed but not the linked secret Similar: #5086: Issuing certificate as Secret does not exist (open)			3wk	3wk	3wk		kind/bug	recv similar
5431		After generating a new Let's Encrypt certificate, it still uses the default cluster certificate.			3wk	3wk	3wk			recv
5430		Improving DNS-01 challenge performance PR#5446: Allow concurrent same-FQDN DNS-01 challenges when using route53 commented PR#5447: Allow extra DNS-01 propagation time to be configured unreviewed			3wk	3wk	3wk		kind/feature	pr-reviewed-with-comment pr-unreviewed recv
5428		[Helm chart] Cert-manager's metrics can't be added to grafana data soource			3wk	3wk	3wk		kind/bug	recv
5423		Security compliance check for cert-manager as per CIS Benchmark			4wk	4wk	4wk		kind/bug	commented member-last send
5421		[Helm chart] Cert-manager's metrics are not collected by default			4wk	4wk	4wk		kind/bug	recv
5419		Config option to allow vault issuer to skip TLS verification when connecting to Vault			4wk	7d	7d		kind/feature	commented member-last pr-closed send
5415		DNS record for xxx not yet propagated. can we use cloudflare for acme challenge and custom ns for propagation check? Similar: #5042: propagation check failed: DNS record for xxx not yet propagated (open)			4wk	4wk	4wk		kind/bug	recv similar
5412		Allow to configure Azure DNS solver managed identity using a secret for GitOps environment			5wk	4wk	4wk		kind/feature	commented member-last send
5406		url property in index.yaml at charts.jetstack.io not standard			5wk	5wk	5wk		kind/bug	commented member-last send
5397		Certificate not re-issued after keystore format change Similar: #5146: New certificate is not issued when duration is changed for existing secret (open)			6wk	6wk	6wk		kind/bug	recv similar
5396		Passing empty IP Address in the certificate spec, fails certificate creation			6wk	6wk	6wk		kind/bug	recv
5394		Cert Manager showing "error"="Operation cannot be fulfilled on certificates.cert-manager.io" Similar: #3501: Operation cannot be fulfilled on certificates.cert-manager.io the object has been modified (closed)			6wk	6wk	6wk			recv similar
5392		cert-manager-webhook emit TLS handshake error from 10.240.1.63:53386: EOF			6wk	6wk	6wk			recv
5391		Regex validation on acme/solvers is too strict			6wk	6wk	6wk			recv
5388		InvalidChangeBatch: cannot be created because a non multivalue answer rrset exists with the same name and type			7wk	7wk	7wk		kind/bug	recv
5359		Packaging cert-manager with Carvel		4	2mo	19d	19d		kind/feature	commented member-last send
5357		Support ECDSA keys for ACME accounts PR#5356: Allow ECDSA for ACME client keys unreviewed			2mo	2mo	2mo		kind/feature	pr-unreviewed recv
5348		Question: usage of an own acmedns api without /update endpoint			2mo	2mo	2mo			recv
5347		Got error:0A00010B:SSL routines::wrong version number			2mo	2mo	2mo		kind/bug	author-last recv
5344		metrics for failed calls to cloudflare			2mo	2mo	2mo		kind/feature	recv
5326		Add ability to configure podTemplate securityContext fields in http solver			2mo	2mo	2mo		kind/feature	recv
5316		Cert-manager shuts down without warning due to secret timeout			2mo	2mo	2mo		kind/bug	author-last recv recv-q
5310		Install cert-manager: error bounded in resource existing			2mo	2mo	2mo			recv
5298		Complete the Migration Away From Jetstack Names			2mo	2mo			kind/cleanup
5297		Failed to update endpoint cert-manager/cert-manager-webhook			2mo	2mo	2mo			recv
5296		Make caching			2mo	2mo			kind/bug
5284		Challenge remain pending and does't rerun after I delegate dns zone			2mo	2mo	2mo		kind/bug	recv
5283		DNS Challenges Not Added to Specified Ingress Despite Specifying in ACME ClusterIssuer Manifest			2mo	2mo	2mo		kind/bug	recv
5279		cainjector is watching secrets in all the cluster even after setting --namespace flag			2mo	19d	19d		kind/bug	commented member-last send
5278		Add Support for Contour HttpProxy (proof of concept included)			2mo	2mo	2mo		kind/feature	collaborator-last commented send
5274		Provide the ability to recover a Certificate request from an Error state		2	3mo	14h	3mo		kind/feature lifecycle/stale	collaborator-last recv
5268		error decoding private key			3mo	1d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5267		cm-acme-http-solver triggers no.scale.down.node.pod.not.backed.by.controller due to lack of PodDisruptionBudget		5	3mo	2mo	3mo		kind/bug	recv
5265		Failed to determine a valid solver configuration for the set of domains on the Order			3mo	2d	3mo		lifecycle/stale	collaborator-last recv
5263		Test setup flake: go not found			3mo	2mo			kind/flake flake/test-setup
5262		Test setup flake: untaring go fails			3mo	2mo			kind/flake flake/test-setup
5260		In Gateway API mode, with 5+ challenge-solvers in one certificate, provisioning fails			3mo	3d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5255		Error installing on ipv6 cluster			3mo	5d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5254		AKS high severity : on disabling automounting API credentials for service account installation of cert manager timesout			3mo	2mo	3mo		kind/bug	author-last recv
5253		Webhook FailedDiscoveryCheck failing or missing response from https://<ip>:10251/apis/webhook.cert-manager.io/v1alpha1: bad status			3mo	6d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5246		Secrets are not updated when key stores added/removed			3mo	8d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5238		no wait time between challenge requeues			3mo	13d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5230		Timeouts on Every Controller Reconcile Loop			3mo	13d			kind/bug lifecycle/stale	collaborator-last pr-merged
5223		cert-manager reporting and alerting			3mo	18d	3mo		kind/feature lifecycle/stale	collaborator-last recv
5220		Investigate improving resource consumption and performance in clusters with large amount of resources		6	3mo	7d	3mo		kind/feature lifecycle/stale	assigned assignee-updated commented
5218		Install SSL certificate on CertManager container image Similar: #3896: Cert Manager failing to renew certificate (open) Similar: #5429: [v1.9.1] Can't install cert-manager (closed)			3mo	2wk	3mo		lifecycle/stale	collaborator-last recv similar
5215		Add relabeling in cert-manager serviceMonitor			3mo	4wk	3mo		kind/feature	author-last commented recv recv-q
5211		Question about tolerations			3mo	18d	3mo			author-last recv
5210		Use instrumentedclient when performing credential verifications for Venafi client			3mo	3wk	3mo		kind/bug lifecycle/stale	collaborator-last pr-closed recv
5201		Periodically perform readiness checks for issuers			3mo	15d	3mo		kind/bug lifecycle/stale	collaborator-last commented pr-closed pr-merged send
5198		Integration test flake: various timeouts			3mo	2mo			kind/flake flake/test-logic
5197		cert-manager-webhook to provide logs when handling a k8s api-server request		2	3mo	3d	3mo		good first issue help wanted kind/feature lifecycle/stale	assigned assignee-updated commented send
5193		Stuck on "propagation check failed" Similar: #5042: propagation check failed: DNS record for xxx not yet propagated (open)			3mo	5wk	3mo		kind/bug area/acme	author-last commented pr-merged recv similar
5182		e2e flake: etcd request slowness			4mo	2mo			kind/flake flake/test-logic
5180		e2e flake: webhook context deadline exceeded			4mo	2mo	3mo		kind/flake flake/test-logic	collaborator-last commented
5179		e2e flake: Message: "admission webhook \"webhook.cert-manager.io\" denied the request: the server could not find the requested resource"			4mo	2mo	4mo		kind/flake flake/test-logic	collaborator-last commented
5178		e2e flake: mv: cannot stat 'bin/downloaded/tools/crane': No such file or directory			4mo	2mo	2mo		kind/flake flake/test-setup	commented member-last send
5177		e2e flake: /bin/bash: bin/tools/ytt: Permission denied			4mo	2mo			kind/flake flake/test-setup
5171		TPP Allowed Domains can cause valid certificate to error			4mo	3wk	4mo		kind/bug area/venafi	contributor-last recv
5160		Support loading controller configuration from a versioned file			4mo	3wk	3mo		help wanted kind/feature lifecycle/stale	assigned assignee-updated collaborator-last commented
5156		Issued certificate having more validity period than root certificates.			4mo	12d	4mo		lifecycle/rotten	collaborator-last recv
5134		Letsencrypt acme cert challenges no longer working on AKS (nginx-ingress + cert-manager + clusterissuer + letsencrypt)		4	4mo	3wk	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5132		HTTP01 - Did not get expected response when querying endpoint, expected X, but got X			4mo	3wk	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5131		ingressShim doesn't supply x.509 subject fields required by our providers (TPP) policies			4mo	12d	4mo		kind/feature lifecycle/rotten	contributor-last recv recv-q
5128		helm chart: add annotations and labels globally			4mo	3wk	4mo		kind/feature lifecycle/rotten	collaborator-last recv
5120		Too many pending authorizations - On Certificate Orders			4mo	3wk	4mo		kind/bug lifecycle/rotten	collaborator-last commented recv
5114		Intermediate certificate is not updated in child certificate			4mo	3wk	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5106		Makefile flake when checking shasums			4mo	2mo	2mo		kind/bug kind/flake flake/test-setup	commented member-last send
5086		Issuing certificate as Secret does not exist Similar: #5432: Certificate renewed but not the linked secret (open) Similar: #5146: New certificate is not issued when duration is changed for existing secret (open)			5mo	9d	5mo		lifecycle/rotten	collaborator-last recv similar
5073		Allow injecting CABundle to arbitrary Custom Resources			5mo	4wk	4mo		kind/feature lifecycle/stale	collaborator-last commented recv
5069		Error presenting challenge: the server could not find the requested resource even though resource exists			5mo	2mo	5mo		kind/bug	recv
5066		Threat model for cert-manager			5mo	6wk	5mo		kind/feature	commented
5042		propagation check failed: DNS record for xxx not yet propagated Similar: #5415: DNS record for xxx not yet propagated. can we use cloudflare for acme challenge and custom ns for propagation check? (open) Similar: #5193: Stuck on "propagation check failed" (open)		3	5mo	3wk	5mo		kind/bug lifecycle/stale	collaborator-last recv recv-q similar
5041		Failed to obtain venafi certificate: vcert error: your data contains problems: request doesn't match certificate: unmatched key modulus			5mo	2mo	5mo		kind/bug	contributor-last recv recv-q
5031		ValidateCAA test function is flaky			5mo	2mo	2mo		kind/bug kind/flake flake/test-logic	commented member-last send
5005		Investigate why Contour fails with "Gateway not found in cache" in some end-to-end Prow jobs			6mo	2mo	2mo		kind/flake flake/test-logic	commented member-last pr-closed send
5004		After installing cert-manager using kubectl, "cmctl check api" fails with "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": context deadline exceeded Similar: #5189: Post "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": context deadline exceeded (open) Similar: #2602: Internal error occurred: failed calling webhook "webhook.cert-manager.io": Post https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=30s: net/http: TLS handshake timeout (closed)		5	6mo	2mo	2mo			commented member-last send similar
4980		Waiting for DNS-01 challenge propagation: dial tcp 173.245.59.41:53: connect: connection refused Similar: #4648: Kubernetes 1.22 Challenge stuck at pending : Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200' (closed)		2	6mo	4d	6mo		kind/bug lifecycle/rotten	collaborator-last commented recv-q send similar
4979		Overhaul the DNS01 solver		5	6mo	12d			kind/feature	pr-closed
4959		Support AWS Auth Method for Vault			6mo	15d	6mo		kind/feature	author-last recv
4956		cert-manager created multiple CertificateRequest objects with the same certificate-revision		2 2 3	6mo	15h	6mo		kind/bug	commented pr-merged recv recv-q
4950		General flakiness of our end-to-end suite		3	6mo	2mo	2mo		lifecycle/frozen kind/flake	commented member-last pr-closed pr-merged send
4947		Custom labels/annotations in ACME solver services created by Issuer/ClusterIssuer		7	6mo	3wk	6mo		kind/feature	author-last recv
4941		Failed to perform self check GET request Similar: #3238: Waiting for http-01 challenge propagation: failed to perform self check GET request (closed)			6mo	2mo	6mo		kind/bug	recv recv-q similar
4931		Enable Testing on ARM64			6mo	2mo	6mo		kind/feature	author-last commented recv recv-q
4899		Certificate.Spec.RenewEvery instead of RenewBefore			7mo	2mo	2mo		kind/feature	collaborator-last commented
4892		Set up a permanent cert-manager installation to catch issues that only appear in long running deployments			7mo	12d	3mo		kind/feature lifecycle/stale	commented
4884		Add a similar secretTemplate to the secret that is created by ACME Issuer			7mo	13d	7mo		kind/feature lifecycle/rotten	collaborator-last commented recv
4877		HTTP01 solver fails self-check/propagation check on 1.7.1 when used with client-certificate auth on nginx Ingress 1.1.1			7mo	2mo	7mo		kind/bug	recv recv-q
4824		Repo Migration Followup Task List			8mo	2mo	2mo			assigned assignee-updated commented member-last pr-merged
4821		Allow `ingressClassName` to be set for HTTP01 solver ingresses. PR#5225: Add flag to allow switching ingressClassName specification unreviewed		3 78	8mo	4d	5mo		kind/feature area/ingress-shim	commented pr-unreviewed send
4797		Automatically renew certificates if OCSP indicates that it was revoked		6	8mo	1mo	8mo		kind/feature area/acme	author-last commented recv
4786		Investigate whether it would be valuable to decrease the initial backoff period for certificate issuance retries		9	8mo	3wk	3wk		lifecycle/rotten	collaborator-last commented pr-merged
4747		Revoke Certificates Similar: #561: Certificate Resources (open)		4 11	8mo	5wk	8mo		kind/feature	recv similar
4685		Unexpected EOF during watch stream event decoding: unexpected EOF		2	9mo	6wk	9mo		lifecycle/frozen kind/bug	recv recv-q
4654		Certificates issued by vault with isCa: true are missing CA:TRUE in certificate Similar: #4620: Vault Issuer does not retry signing CertificateRequests if the status is pending (open)		2 3 4	9mo	2mo	2mo		kind/bug	commented member-last send similar
4594		TLS handshake error: EOF		8	10mo	4wk	3mo		kind/bug	commented recv-q send
4561		Ability to specify secret ownerReference as part of the Certificate request		3	11mo	17d	11mo		kind/feature lifecycle/rotten	collaborator-last recv
4535		Kubernetes: x509 certificate signed by unknown authority, possibly because of ECDSA verification failure Similar: #1731: Webhook failure: certificate signed by unknown authority (closed)			11mo	8d	11mo		lifecycle/rotten	collaborator-last commented recv-q send similar
4490		Subject Ingress Annotations PR#4502: support subject and email annotations for ingress/gateway new-commits		3	1y	7wk	1y		kind/feature	pr-new-commits recv
4423		Cert renewal loop		2	1y	2mo	1y		kind/bug	author-last commented recv recv-q
4410		Support configuration via operator subscription		4	1y	18d	4mo		kind/feature lifecycle/rotten	collaborator-last commented send
4349		allowing greater configuration for the cloud provider tests			1y	5mo	5mo		lifecycle/frozen kind/feature	collaborator-last commented send
4246		ACME DNS Challenge and Propagation Delay (NXDOMAIN)		8	1y	2mo	1y		kind/bug	recv
4216		Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large			1y	1y	1y			recv
3958		Sane defaults for Certificate revision history limit Similar: #4071: Add a default value to RevisionHistoryLimit if none is provided in the Certificate (closed)		10	1y	4wk	1y		kind/feature	recv recv-q similar
3896		Cert Manager failing to renew certificate Similar: #5218: Install SSL certificate on CertManager container image (open)		17	1y	7wk	1y		kind/bug	commented recv-q send similar
3719		DNS-01 broken scenario (GCP Cloud DNS)			2y	3wk	2y		kind/bug lifecycle/stale	collaborator-last recv
3592		Ability to not create ca.crt		2	2y	1d	2y		lifecycle/rotten	collaborator-last commented recv
3565		requestmanager_controller got stuck in a loop and stopped generating new certificates afterward		12	2y	11d	1y		kind/bug	commented recv-q send
2380		Helm chart version is not SemVer-compatible		4	2y	7wk	1y		kind/bug	commented recv recv-q
1063		"Securing Ingresses with Venafi" tutorial contains link to missing manifest			5wk	4wk	5wk			author-last recv
1062		Document process for offboarding maintainers Similar: #1061: Document onboarding process for new maintainers (open)			5wk	5wk	5wk			recv similar
1061		Document onboarding process for new maintainers Similar: #1062: Document process for offboarding maintainers (open)			5wk	5wk	5wk			recv similar
1054		Run spell checker in a pre-commit hook			1mo	1mo	1mo		good first issue kind/cleanup	recv
1006		Use descriptive text instead of alt for `feature icon`			3mo	3mo	3mo			recv
1001		Document a policy for required CI health before we can release			3mo	3mo	3mo			recv
998		Documentation venafi configuration references venafi documentation page which returns 403			3mo	5wk	3mo			contributor-last recv
993		Document which resources do/do not get garbage collected			4mo	4mo	4mo		good first issue	contributor-last recv
988		Document how feature gated fields can be added to API			4mo	4mo	4mo			recv
981		The `kubectl operator install` instructions are broken (after upgrading kubectl operator v0.3.0 -> v0.4.0)			4mo	4mo	4mo			commented member-last
975		Some pages do not make it clear what the user should read next			5mo	5mo
974		Investigate styled 404 page			5mo	5mo
955		Document when the vault pki role required setting `require_cn=false`			5mo	5mo
944		Document how to install cert-manager in a different namespace Similar: #5429: [v1.9.1] Can't install cert-manager (closed)		2	5mo	3mo	5mo		good first issue	assigned assignee-updated contributor-last recv recv-q similar
936		Review public envvars for site			5mo	5mo	5mo			commented member-last
931		Improve upgrade instructions using helm			5mo	5mo	5mo			recv
923		GSoD2022: Improve the navigation and structure of the cert-manager website Similar: #921: GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak (open)			5mo	5mo	5mo			assigned contributor-last recv similar
922		GSoD2022: Dashamir Hoxha			5mo	5mo	5mo			assigned assignee-updated commented member-last send
921		GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak Similar: #923: GSoD2022: Improve the navigation and structure of the cert-manager website (open)			5mo	5mo	5mo			assigned assignee-updated commented member-last send similar
899		Upgrading from v1.7 to v1.8 check command should exclude null.		2	6mo	5mo	6mo			recv recv-q
868		Document RBAC Similar: #844: Document feature gates (open)			6mo	6mo	6mo			contributor-last recv similar
866		Securing NGINX-ingress Similar: #326: Securing Ingresses with Venafi (open)			6mo	6mo	6mo			recv similar
851		create Cilium ingress tls example		3	7mo	3mo	7mo			assigned assignee-updated recv
847		missing documentation/information olm based installation metric prometheus			7mo	7mo	7mo			contributor-last recv
844		Document feature gates Similar: #868: Document RBAC (open)			7mo	7mo				similar
841		remove dependency on golang from cmctl and kubectl-plugin installation documentation			8mo	8mo	8mo			contributor-last pr-merged recv recv-q
836		Syncing Secrets Across Namespaces			8mo	6mo	8mo			recv
802		Spelling errors are unclear in pull request CI results and spell checker is unmaintained			8mo	8mo			kind/bug	contributor-last pr-merged
776		Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret			9mo	9mo	9mo			commented member-last send
758		API reference docs: enum values not documented with typedef			10mo	10mo	10mo			recv
746		Enable Dark mode in the docs website			11mo	11mo	11mo			recv
706		Default key usages			1y	1y	1y			recv
697		[IRSA] Needs `runAsUser: 1001`			1y	1y	1y			recv
693		Azure DNS pod identity incorrectly documents principal_id			1y	1y	1y			commented member-last send
672		List required Google CloudDNS permissions exhaustively			1y	1y	1y			recv
662		Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"			1y	1y	1y			recv
645		Investigate & add an FAQ/warning about images rolled back after GitOps upgrade			1y	7mo	1y			recv recv-q
642		Move/ link to Webhook debugging docs Similar: #144: Improve webhook debugging info (open)			1y	1y				similar
604		Make it so that it is easier to find the doc for fixing webhook issues			1y	5mo	1y			contributor-last recv
583		cert-manager with ZeroSSL		44	1y	3mo	3mo			commented send
568		Add a diagram for LetsEncrypt cert issuance flow to the docs		4	1y	1y	1y			recv
561		Certificate Resources Similar: #4747: Revoke Certificates (open) Similar: #5439: setting certificate attributes in certificate resources (open) Similar: #5416: get a certificate without an ingress resource (closed)			1y	1y	1y			recv similar
554		HTTP Validation, privateKeySecretRef			1y	1y	1y			contributor-last recv
549		Effort towards a more user-friendly website			1y	1y
543		Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates		4	1y	1y	1y			commented member-last send
542		Document the Istio VirtualService HTTP01 configuration options			1y	1y
532		Rework of the landing page (cert-manager.io)		3	1y	10mo	1y		help wanted good first issue	commented member-last send
486		OpenShift - broken link			2y	1y	1y			commented member-last send
469		DNS01: Delegated Domains for DNS01 example yaml solvers list items			2y	2y	2y			recv
466		installation/compatiblity			2y	2y	2y			recv
457		cainjector docs are missing the option to inject certs in apiservice resources			2y	2y	2y			recv
454		Cluster Resource Namespace			2y	2y	2y			recv
426		Create a sequence diagram that shows how a certificate gets issued with let's encrypt		2	2y	1y	1y			commented member-last pr-merged
425		Document ocspServers			2y	2y	2y		kind/documentation	commented member-last
422		Page last modified date incorrect			2y	2y	2y		kind/bug	collaborator-last commented send
386		Uninstalling on Kubernetes - How to delete all those user created resources?			2y	2y	2y			collaborator-last commented send
330		Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1)			2y	2y	2y			collaborator-last commented send
326		Securing Ingresses with Venafi Similar: #866: Securing NGINX-ingress (open)			2y	2y	2y			collaborator-last commented send similar
295		Route53			2y	2y	2y		kind/documentation	commented member-last send
79		Design for partial automation of release process			3mo	3mo	3mo			commented member-last send
50		Move cert-manager-release infrastructure to CNCF's GCP account			1y	8mo	8mo			commented member-last
42		Publish latest release number as part of creating a final release			1y	1y	1y			commented member-last send
31		Move the manual steps of our release process to cmrel commands			1y	1y	1y			commented member-last pr-closed
27		Create cert-manager specific testing infrastructure			1y	1y	1y			assigned assignee-updated commented member-last pr-merged send
19		Incorrect command line help: should include a --branch argument			2y	2y	2y		kind/cleanup	commented contributor-last

Uncommented older than 7 days (116)

Resolution: Add a priority/ or triage/ label

Average age: 209.7d, Avg wait: 181.4d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
4846		More than one Certificate nominating same Secret induces runaway creation of many CertificateRequests and Orders PR#5303: Stop infinitely reissuing certs with shared Secret new-commits		2	7mo	19d	7mo		kind/bug priority/important-soon lifecycle/stale	collaborator-last pr-new-commits recv recv-q
4722		High memory usage on cluster with many secrets		8	8mo	2mo	8mo		kind/bug priority/important-soon	contributor-last open-milestone recv
4653		Venafi TPP Support for Oauth		3	9mo	19d	9mo		kind/feature priority/backlog	recv recv-q
3898		Allow setting PodDisruptionBudget policies via helm chart PR#3931: Added PodDisruptionBudgets to helm chart new-commits		3	1y	3wk	1y		kind/feature priority/important-longterm area/deploy	author-last pr-closed pr-new-commits recv
3655		Specify Name Constraints in CA Certificate		5	2y	1d	2y		kind/feature priority/backlog	recv
850		Document available cert-manager Prometheus metrics			7mo	5mo	7mo		documentation good first issue priority/important-longterm	contributor-last recv
770		Helm template fails with `--create-namespace`			10mo	9mo	10mo		triage/support	contributor-last recv recv-q
709		Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1			1y	11mo	1y		good first issue priority/important-soon	recv
551		Documentation on how to handle large-scale certificate management & best practices		2	1y	10mo	1y		help wanted priority/important-longterm kind/documentation	contributor-last recv
480		Secret gets UID added to end of name			2y	1y	2y		triage/support	contributor-last recv recv-q
76		Upgrading from v0.10 to v0.11 - missing cainjector annotation			2y	2y	2y		priority/backlog kind/documentation	contributor-last recv
56		Route53: document use of "region" field			2y	1y	2y		documentation priority/important-longterm	contributor-last recv recv-q
104 previously listed items omitted

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 841.8d, Avg wait: 101.2d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
709		Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1			1y	11mo	1y		good first issue priority/important-soon	recv
320		Document how to install cert-manager using gitops and known issues with particular gitops implementations		3	2y	1y	2y		documentation priority/important-soon	commented contributor-last
262		[DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift			2y	2y	2y		kind/feature priority/important-soon	author-last commented recv recv-q
229		Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error			2y	2y			priority/important-soon kind/documentation	contributor-last
198		Document release process			2y	2y	2y		priority/important-soon kind/documentation	assigned commented member-last send
195		Document keystores			2y	1y	2y		priority/important-soon kind/documentation	commented member-last send
174		Add documentation for CRD conversion webhook ca injection			2y	2y	2y		help wanted priority/important-soon kind/documentation	commented member-last send
144		Improve webhook debugging info Similar: #642: Move/ link to Webhook debugging docs (open)			2y	1y	2y		priority/important-soon kind/documentation	commented member-last pr-merged send similar
90		Document Certificate Subject Changes			2y	2y	2y		help wanted good first issue priority/important-soon	collaborator-last commented
69		SelfSignedIssuer configuration - API reference docs			2y	2y	2y		help wanted good first issue priority/important-soon kind/documentation	commented member-last send

Important longterm, but no updates in 180 days (8)

Resolution: Downgrade to backlog

Average age: 838.7d, Avg wait: 193.3d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
2178		Handling 'unregistering' certificates from Venafi TPP		11	3y	8mo	2y		lifecycle/frozen kind/feature priority/important-longterm area/venafi	commented recv-q send
551		Documentation on how to handle large-scale certificate management & best practices		2	1y	10mo	1y		help wanted priority/important-longterm kind/documentation	contributor-last recv
401		Bring tutorials up to date			2y	2y			priority/important-longterm
344		Add docs to explain webhooks			2y	1y			help wanted good first issue priority/important-longterm	contributor-last
223		Document wildcard certificate tutorial			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
178		Order of versions of cert-manager in menu			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
154		Documenting repo management process			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
56		Route53: document use of "region" field			2y	1y	2y		documentation priority/important-longterm	contributor-last recv recv-q

Pull Requests: Review Ready (22)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 116.3d, Avg wait: 34.4d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5469		Increasing unit test coverage for pkg/issuer/acme/setup.go			5d	21h	21h		size/L release-note-none area/acme dco-signoff: yes ok-to-test needs-kind	author-last commented new-commits recv
5478		Migrate Vault helm chart in e2e tests from ad-hoc version to official chart from hashicorp			3d	22h	23h		release-note-none needs-ok-to-test size/M dco-signoff: yes area/testing needs-kind	commented contributor-last recv recv-q unreviewed
3931		Added PodDisruptionBudgets to helm chart		2 13	1y	1d	5mo		size/L release-note approved kind/feature dco-signoff: yes ok-to-test area/deploy	assigned assignee-updated commented contributor-last new-commits recv recv-q
5356		Allow ECDSA for ACME client keys			2mo	1d	2mo		size/L release-note area/api kind/feature area/acme dco-signoff: yes area/testing ok-to-test area/deploy	author-last commented recv recv-q unreviewed
5447		Allow extra DNS-01 propagation time to be configured			15d	3d	12d		release-note size/S area/acme dco-signoff: yes ok-to-test area/acme/dns01 needs-kind	author-last commented recv unreviewed
5427		Added support for disableChallengePresentation for issuers and clusterissuers			4wk	6d	12d		release-note area/api needs-ok-to-test size/M area/acme dco-signoff: yes area/deploy needs-kind	author-last commented recv unreviewed
4969		add acmeHttp01SolverImage			6mo	10d	6mo		size/XS release-note needs-ok-to-test dco-signoff: yes area/deploy needs-kind	author-last commented recv recv-q unreviewed
5093		Add relabeling and metricRelabelings settings for ServiceMonitor.			5mo	11d	5mo		release-note size/S needs-ok-to-test dco-signoff: yes area/deploy needs-kind	recv recv-q unreviewed
4330		Add client certificate auth method for Vault issuer			1y	12d	5mo		release-note size/XL area/api kind/feature area/acme area/vault dco-signoff: yes area/testing ok-to-test area/deploy	collaborator-last commented recv recv-q unreviewed
4835		Making sure per fixture only 1 setup is active at the same time			7mo	12d	3mo		release-note-none kind/bug size/M lifecycle/stale dco-signoff: yes area/testing	assigned assignee-updated collaborator-last commented reviewed-with-comment
5324		Create 20220720-per-certificate-owner-ref.md Similar: #5158: Added certificate owner ref field (open)		4	2mo	12d	3wk		size/L release-note-none approved kind/design dco-signoff: yes	collaborator-last commented new-commits similar
5373		Allow config of http01 solver pod security context		2	1mo	12d	1mo		size/L release-note area/api kind/feature area/acme dco-signoff: yes ok-to-test area/acme/http01 area/deploy	collaborator-last commented open-milestone recv recv-q unreviewed
1085		content/projects/csi-driver: Fix PKCS12 attribute keys to correct strings			16h	15h			approved dco-signoff: yes size/M	unreviewed
1084		fix: navigation menu hiding search results			3d	3d	3d		size/XS dco-signoff: yes needs-ok-to-test	assigned author-last recv unreviewed
984		Fix zerossl tutorial path			4mo	10d	4mo		dco-signoff: yes size/L ok-to-test	assigned contributor-last recv recv-q unreviewed
1080		Bump marked and marked			15d	15d	15d		dco-signoff: yes needs-ok-to-test size/S dependencies	recv unreviewed
1079		Bump markdown-link-extractor and markdown-link-check			15d	15d	15d		dco-signoff: yes size/L needs-ok-to-test dependencies	recv unreviewed
1071		Improved the summary on the docs homepage		2	3wk	3wk	3wk		approved dco-signoff: yes size/S	commented contributor-last new-commits recv-q
1005		Route53 accessKeyIDSecretRef docs			3mo	3mo	3mo		size/XS dco-signoff: yes needs-ok-to-test	recv unreviewed
992		Initial feature gate documentation		2	4mo	4mo	4mo		approved dco-signoff: yes size/M	commented contributor-last recv recv-q reviewed-with-comment
930		update ibmcloud cis webhook link			5mo	4mo	5mo		size/XS dco-signoff: yes needs-ok-to-test	assigned assignee-updated author-last commented recv unreviewed
948		add note to ingress class definition			5mo	5mo	5mo		dco-signoff: no size/XS needs-ok-to-test	assigned author-last recv unreviewed

Unkinded Issues (100)

Resolution: Add a kind/ or triage/support label

Average age: 321.5d, Avg wait: 138.9d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5479		Could not determine authoritative nameservers for \"_acme-challenge.XXX.com.			2d	2d	2d			author-last recv recv-q
5470		Waiting on certificate issuance from order default/nginx-app-tls-z9xlj-2268860154: "pending" Issuing certificate as Secret does not exist			5d	5d	5d			author-last recv recv-q
5159		ACME account private key rotation support			4mo	3wk	3mo		lifecycle/stale triage/needs-information	collaborator-last commented send
4918		Leader election timeout (?) causes exit			7mo	5wk	5mo		priority/important-longterm	commented recv recv-q
4910		CNCF incubation tracking issue			7mo	19d	6mo		priority/important-soon lifecycle/stale	assigned assignee-updated collaborator-last commented recv
4250		Support parallel DNS validation for same host		6	1y	4wk	10mo		priority/important-soon lifecycle/rotten area/acme/dns01	collaborator-last commented open-milestone recv recv-q
3992		Add non-CRD yaml file		2	1y	2mo	1y		priority/important-soon area/deploy	commented open-milestone recv
1082		Navigation menu hiding search results on mobile devices			4d	4d	4d			recv
753		Route53 - AWS IAM Account Setup is confusing			10mo	5mo	5mo		priority/backlog	commented member-last send
459		cert manager is no longer on the OpenShift operator list			2y	5mo	2y		priority/awaiting-more-evidence	assigned assignee-updated commented contributor-last recv-q send
354		DigitalOcean access-token should not be base64-encoded			2y	2y	2y		priority/awaiting-more-evidence	author-last commented recv
2		Set up periodic job to publish an experimental release build			2y	1y			priority/backlog	assigned contributor-last
88 previously listed items omitted

Unprioritized Recent Issues (197)

Resolution: Add a priority/ or triage/ label

Average age: 217.8d, Avg wait: 89.5d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5481		Need metrics for DNS01 Challenges			1d	1d	1d		kind/feature	recv
5480		Route53 solver's STS certificate chain is not being trusted by the cert-manager pod			2d	1d	2d		kind/bug	recv
5473		Documentation not clear on certmanager install.sh dependency resulting in failure			4d	4d	4d		kind/bug	recv
5472		Ability to check Venafi API parameter in log			4d	4d	4d		kind/feature	recv
5471		Mismatch between RBAC and --leader-election-namespace in static manifests			4d	4d	4d		kind/bug	recv
192 previously listed items omitted

Uncommented Recent Issues (8)

Resolution: Add a comment

Average age: 3.7d, Avg wait: 3.5d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
8 previously listed items omitted: #5481 #5480 #5479 #5473 #5472 #5471 #5470 #1082

New, has multiple reactions, but not important-soon: No matching items

New, has multiple commenters, but not important-soon: No matching items

needs information, has update: No matching items

Unprioritized issues older than 7 days (189)

Resolution: Add a priority/ or triage/ label

Average age: 226.8d, Avg wait: 93.2d

Uncommented older than 7 days (116)

Resolution: Add a priority/ or triage/ label

Average age: 209.7d, Avg wait: 181.4d

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 841.8d, Avg wait: 101.2d

Important longterm, but no updates in 180 days (8)

Resolution: Downgrade to backlog

Average age: 838.7d, Avg wait: 193.3d

Pull Requests: Review Ready (22)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 116.3d, Avg wait: 34.4d

Unkinded Issues (100)

Resolution: Add a kind/ or triage/support label

Average age: 321.5d, Avg wait: 138.9d

Unprioritized Recent Issues (197)

Resolution: Add a priority/ or triage/ label

Average age: 217.8d, Avg wait: 89.5d

Uncommented Recent Issues (8)

Resolution: Add a comment

Average age: 3.7d, Avg wait: 3.5d

Recently updated issue has a question (3)

Resolution: Add an answer

Average age: 317.1d, Avg wait: 34.7d