queue to be emptied once a day

Unprioritized issues older than 7 days (189)

Resolution: Add a priority/ or triage/ label

Average age: 226.8d, Avg wait: 93.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5467 External Key Generator 8d 8d 8d
kind/feature
recv
5455 Support assuming role for route53 in AWS China (and other partitions) 13d 13d 13d
kind/feature
recv
5454 make setup-integration-tests fail
13d 4d 13d
kind/bug
recv
5453 `cmctl convert` not working for converting certmanager.k8s.io/v1alpha1 to cert-manager.io/v1 13d 9d 13d
kind/bug
recv
5449 Gateway API exist, still getting error "the Gateway API CRDs do not seem to be present" 14d 14d 14d
recv
5448 how to disabled serverSideApply 15d 7d 15d
help wanted
recv
5440 Enable OpenSSF Scorecard Github Action and Badge 18d 18d 18d
kind/feature
pr-unreviewed
recv
5439 setting certificate attributes in certificate resources 18d 6d 6d
kind/feature
collaborator-last
commented
send
similar
5437 Issuer/ClusterIssuer support to specify vault token on local filesystem 19d 19d 19d
pr-unreviewed
recv
5435 Issuer/ClusterIssuer vault with mounted JWT token 19d 19d 19d
recv
5434 v1.7.3 still having "expired challenges" issue 19d 19d 19d
kind/bug
author-last
recv
5433 Support certs that live for < 1h
2wk 2wk 2wk
kind/feature
recv
5432 Certificate renewed but not the linked secret 3wk 3wk 3wk
kind/bug
recv
similar
5431 After generating a new Let's Encrypt certificate, it still uses the default cluster certificate. 3wk 3wk 3wk
recv
5430 Improving DNS-01 challenge performance 3wk 3wk 3wk
kind/feature
pr-reviewed-with-comment
pr-unreviewed
recv
5428 [Helm chart] Cert-manager's metrics can't be added to grafana data soource 3wk 3wk 3wk
kind/bug
recv
5423 Security compliance check for cert-manager as per CIS Benchmark 4wk 4wk 4wk
kind/bug
commented
member-last
send
5421 [Helm chart] Cert-manager's metrics are not collected by default 4wk 4wk 4wk
kind/bug
recv
5419 Config option to allow vault issuer to skip TLS verification when connecting to Vault
4wk 7d 7d
kind/feature
commented
member-last
pr-closed
send
5415 DNS record for xxx not yet propagated. can we use cloudflare for acme challenge and custom ns for propagation check? 4wk 4wk 4wk
kind/bug
recv
similar
5412 Allow to configure Azure DNS solver managed identity using a secret for GitOps environment
5wk 4wk 4wk
kind/feature
commented
member-last
send
5406 url property in index.yaml at charts.jetstack.io not standard 5wk 5wk 5wk
kind/bug
commented
member-last
send
5397 Certificate not re-issued after keystore format change 6wk 6wk 6wk
kind/bug
recv
similar
5396 Passing empty IP Address in the certificate spec, fails certificate creation 6wk 6wk 6wk
kind/bug
recv
5394 Cert Manager showing "error"="Operation cannot be fulfilled on certificates.cert-manager.io"
6wk 6wk 6wk
recv
similar
5392 cert-manager-webhook emit TLS handshake error from 10.240.1.63:53386: EOF 6wk 6wk 6wk
recv
5391 Regex validation on acme/solvers is too strict
6wk 6wk 6wk
recv
5388 InvalidChangeBatch: cannot be created because a non multivalue answer rrset exists with the same name and type
7wk 7wk 7wk
kind/bug
recv
5359 Packaging cert-manager with Carvel
4
2mo 19d 19d
kind/feature
commented
member-last
send
5357 Support ECDSA keys for ACME accounts 2mo 2mo 2mo
kind/feature
pr-unreviewed
recv
5348 Question: usage of an own acmedns api without /update endpoint 2mo 2mo 2mo
recv
5347 Got error:0A00010B:SSL routines::wrong version number 2mo 2mo 2mo
kind/bug
author-last
recv
5344 metrics for failed calls to cloudflare 2mo 2mo 2mo
kind/feature
recv
5326 Add ability to configure podTemplate securityContext fields in http solver 2mo 2mo 2mo
kind/feature
recv
5316 Cert-manager shuts down without warning due to secret timeout 2mo 2mo 2mo
kind/bug
author-last
recv
recv-q
5310 Install cert-manager: error bounded in resource existing 2mo 2mo 2mo
recv
5298 Complete the Migration Away From Jetstack Names 2mo 2mo
kind/cleanup
5297 Failed to update endpoint cert-manager/cert-manager-webhook 2mo 2mo 2mo
recv
5296 Make caching 2mo 2mo
kind/bug
5284 Challenge remain pending and does't rerun after I delegate dns zone 2mo 2mo 2mo
kind/bug
recv
5283 DNS Challenges Not Added to Specified Ingress Despite Specifying in ACME ClusterIssuer Manifest 2mo 2mo 2mo
kind/bug
recv
5279 cainjector is watching secrets in all the cluster even after setting --namespace flag
2mo 19d 19d
kind/bug
commented
member-last
send
5278 Add Support for Contour HttpProxy (proof of concept included) 2mo 2mo 2mo
kind/feature
collaborator-last
commented
send
5274 Provide the ability to recover a Certificate request from an Error state
2
3mo 14h 3mo
kind/feature
lifecycle/stale
collaborator-last
recv
5268 error decoding private key 3mo 1d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
5267 cm-acme-http-solver triggers no.scale.down.node.pod.not.backed.by.controller due to lack of PodDisruptionBudget
5
3mo 2mo 3mo
kind/bug
recv
5265 Failed to determine a valid solver configuration for the set of domains on the Order 3mo 2d 3mo
lifecycle/stale
collaborator-last
recv
5263 Test setup flake: go not found 3mo 2mo
kind/flake
flake/test-setup
5262 Test setup flake: untaring go fails 3mo 2mo
kind/flake
flake/test-setup
5260 In Gateway API mode, with 5+ challenge-solvers in one certificate, provisioning fails 3mo 3d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
5255 Error installing on ipv6 cluster 3mo 5d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
5254 AKS high severity : on disabling automounting API credentials for service account installation of cert manager timesout
3mo 2mo 3mo
kind/bug
author-last
recv
5253 Webhook FailedDiscoveryCheck failing or missing response from https://<ip>:10251/apis/webhook.cert-manager.io/v1alpha1: bad status 3mo 6d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
5246 Secrets are not updated when key stores added/removed 3mo 8d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
5238 no wait time between challenge requeues 3mo 13d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
5230 Timeouts on Every Controller Reconcile Loop
3mo 13d
kind/bug
lifecycle/stale
collaborator-last
pr-merged
5223 cert-manager reporting and alerting 3mo 18d 3mo
kind/feature
lifecycle/stale
collaborator-last
recv
5220 Investigate improving resource consumption and performance in clusters with large amount of resources
6
3mo 7d 3mo
kind/feature
lifecycle/stale
assigned
assignee-updated
commented
5218 Install SSL certificate on CertManager container image 3mo 2wk 3mo
lifecycle/stale
collaborator-last
recv
similar
5215 Add relabeling in cert-manager serviceMonitor 3mo 4wk 3mo
kind/feature
author-last
commented
recv
recv-q
5211 Question about tolerations 3mo 18d 3mo
author-last
recv
5210 Use instrumentedclient when performing credential verifications for Venafi client
3mo 3wk 3mo
kind/bug
lifecycle/stale
collaborator-last
pr-closed
recv
5201 Periodically perform readiness checks for issuers
3mo 15d 3mo
kind/bug
lifecycle/stale
collaborator-last
commented
pr-closed
pr-merged
send
5198 Integration test flake: various timeouts 3mo 2mo
kind/flake
flake/test-logic
5197 cert-manager-webhook to provide logs when handling a k8s api-server request
2
3mo 3d 3mo
good first issue
help wanted
kind/feature
lifecycle/stale
assigned
assignee-updated
commented
send
5193 Stuck on "propagation check failed"
3mo 5wk 3mo
kind/bug
area/acme
author-last
commented
pr-merged
recv
similar
5182 e2e flake: etcd request slowness 4mo 2mo
kind/flake
flake/test-logic
5180 e2e flake: webhook context deadline exceeded 4mo 2mo 3mo
kind/flake
flake/test-logic
collaborator-last
commented
5179 e2e flake: Message: "admission webhook \"webhook.cert-manager.io\" denied the request: the server could not find the requested resource" 4mo 2mo 4mo
kind/flake
flake/test-logic
collaborator-last
commented
5178 e2e flake: mv: cannot stat 'bin/downloaded/tools/crane': No such file or directory 4mo 2mo 2mo
kind/flake
flake/test-setup
commented
member-last
send
5177 e2e flake: /bin/bash: bin/tools/ytt: Permission denied 4mo 2mo
kind/flake
flake/test-setup
5171 TPP Allowed Domains can cause valid certificate to error 4mo 3wk 4mo
kind/bug
area/venafi
contributor-last
recv
5160 Support loading controller configuration from a versioned file
4mo 3wk 3mo
help wanted
kind/feature
lifecycle/stale
assigned
assignee-updated
collaborator-last
commented
5156 Issued certificate having more validity period than root certificates. 4mo 12d 4mo
lifecycle/rotten
collaborator-last
recv
5134 Letsencrypt acme cert challenges no longer working on AKS (nginx-ingress + cert-manager + clusterissuer + letsencrypt)
4
4mo 3wk 4mo
kind/bug
lifecycle/rotten
collaborator-last
recv
5132 HTTP01 - Did not get expected response when querying endpoint, expected X, but got X
4mo 3wk 4mo
kind/bug
lifecycle/rotten
collaborator-last
recv
5131 ingressShim doesn't supply x.509 subject fields required by our providers (TPP) policies 4mo 12d 4mo
kind/feature
lifecycle/rotten
contributor-last
recv
recv-q
5128 helm chart: add annotations and labels globally 4mo 3wk 4mo
kind/feature
lifecycle/rotten
collaborator-last
recv
5120 Too many pending authorizations - On Certificate Orders 4mo 3wk 4mo
kind/bug
lifecycle/rotten
collaborator-last
commented
recv
5114 Intermediate certificate is not updated in child certificate 4mo 3wk 4mo
kind/bug
lifecycle/rotten
collaborator-last
recv
5106 Makefile flake when checking shasums 4mo 2mo 2mo
kind/bug
kind/flake
flake/test-setup
commented
member-last
send
5086 Issuing certificate as Secret does not exist 5mo 9d 5mo
lifecycle/rotten
collaborator-last
recv
similar
5073 Allow injecting CABundle to arbitrary Custom Resources 5mo 4wk 4mo
kind/feature
lifecycle/stale
collaborator-last
commented
recv
5069 Error presenting challenge: the server could not find the requested resource even though resource exists 5mo 2mo 5mo
kind/bug
recv
5066 Threat model for cert-manager
5mo 6wk 5mo
kind/feature
commented
5042 propagation check failed: DNS record for xxx not yet propagated
3
5mo 3wk 5mo
kind/bug
lifecycle/stale
collaborator-last
recv
recv-q
similar
5041 Failed to obtain venafi certificate: vcert error: your data contains problems: request doesn't match certificate: unmatched key modulus 5mo 2mo 5mo
kind/bug
contributor-last
recv
recv-q
5031 ValidateCAA test function is flaky 5mo 2mo 2mo
kind/bug
kind/flake
flake/test-logic
commented
member-last
send
5005 Investigate why Contour fails with "Gateway not found in cache" in some end-to-end Prow jobs
6mo 2mo 2mo
kind/flake
flake/test-logic
commented
member-last
pr-closed
send
5004 After installing cert-manager using kubectl, "cmctl check api" fails with "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": context deadline exceeded
5
6mo 2mo 2mo
commented
member-last
send
similar
4980 Waiting for DNS-01 challenge propagation: dial tcp 173.245.59.41:53: connect: connection refused
2
6mo 4d 6mo
kind/bug
lifecycle/rotten
collaborator-last
commented
recv-q
send
similar
4979 Overhaul the DNS01 solver
5
6mo 12d
kind/feature
pr-closed
4959 Support AWS Auth Method for Vault 6mo 15d 6mo
kind/feature
author-last
recv
4956 cert-manager created multiple CertificateRequest objects with the same certificate-revision
2
2
3
6mo 15h 6mo
kind/bug
commented
pr-merged
recv
recv-q
4950 General flakiness of our end-to-end suite
3
6mo 2mo 2mo
lifecycle/frozen
kind/flake
commented
member-last
pr-closed
pr-merged
send
4947 Custom labels/annotations in ACME solver services created by Issuer/ClusterIssuer
7
6mo 3wk 6mo
kind/feature
author-last
recv
4941 Failed to perform self check GET request 6mo 2mo 6mo
kind/bug
recv
recv-q
similar
4931 Enable Testing on ARM64 6mo 2mo 6mo
kind/feature
author-last
commented
recv
recv-q
4899 Certificate.Spec.RenewEvery instead of RenewBefore 7mo 2mo 2mo
kind/feature
collaborator-last
commented
4892 Set up a permanent cert-manager installation to catch issues that only appear in long running deployments
7mo 12d 3mo
kind/feature
lifecycle/stale
commented
4884 Add a similar secretTemplate to the secret that is created by ACME Issuer
7mo 13d 7mo
kind/feature
lifecycle/rotten
collaborator-last
commented
recv
4877 HTTP01 solver fails self-check/propagation check on 1.7.1 when used with client-certificate auth on nginx Ingress 1.1.1
7mo 2mo 7mo
kind/bug
recv
recv-q
4824 Repo Migration Followup Task List
8mo 2mo 2mo
assigned
assignee-updated
commented
member-last
pr-merged
4821 Allow `ingressClassName` to be set for HTTP01 solver ingresses.
3
78
8mo 4d 5mo
kind/feature
area/ingress-shim
commented
pr-unreviewed
send
4797 Automatically renew certificates if OCSP indicates that it was revoked
6
8mo 1mo 8mo
kind/feature
area/acme
author-last
commented
recv
4786 Investigate whether it would be valuable to decrease the initial backoff period for certificate issuance retries
9
8mo 3wk 3wk
lifecycle/rotten
collaborator-last
commented
pr-merged
4747 Revoke Certificates
4
11
8mo 5wk 8mo
kind/feature
recv
similar
4685 Unexpected EOF during watch stream event decoding: unexpected EOF
2
9mo 6wk 9mo
lifecycle/frozen
kind/bug
recv
recv-q
4654 Certificates issued by vault with isCa: true are missing CA:TRUE in certificate
2
3
4
9mo 2mo 2mo
kind/bug
commented
member-last
send
similar
4594 TLS handshake error: EOF
8
10mo 4wk 3mo
kind/bug
commented
recv-q
send
4561 Ability to specify secret ownerReference as part of the Certificate request
3
11mo 17d 11mo
kind/feature
lifecycle/rotten
collaborator-last
recv
4535 Kubernetes: x509 certificate signed by unknown authority, possibly because of ECDSA verification failure
11mo 8d 11mo
lifecycle/rotten
collaborator-last
commented
recv-q
send
similar
4490 Subject Ingress Annotations
3
1y 7wk 1y
kind/feature
pr-new-commits
recv
4423 Cert renewal loop
2
1y 2mo 1y
kind/bug
author-last
commented
recv
recv-q
4410 Support configuration via operator subscription
4
1y 18d 4mo
kind/feature
lifecycle/rotten
collaborator-last
commented
send
4349 allowing greater configuration for the cloud provider tests
1y 5mo 5mo
lifecycle/frozen
kind/feature
collaborator-last
commented
send
4246 ACME DNS Challenge and Propagation Delay (NXDOMAIN)
8
1y 2mo 1y
kind/bug
recv
4216 Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large 1y 1y 1y
recv
3958 Sane defaults for Certificate revision history limit
10
1y 4wk 1y
kind/feature
recv
recv-q
similar
3896 Cert Manager failing to renew certificate
17
1y 7wk 1y
kind/bug
commented
recv-q
send
similar
3719 DNS-01 broken scenario (GCP Cloud DNS) 2y 3wk 2y
kind/bug
lifecycle/stale
collaborator-last
recv
3592 Ability to not create ca.crt
2
2y 1d 2y
lifecycle/rotten
collaborator-last
commented
recv
3565 requestmanager_controller got stuck in a loop and stopped generating new certificates afterward
12
2y 11d 1y
kind/bug
commented
recv-q
send
2380 Helm chart version is not SemVer-compatible
4
2y 7wk 1y
kind/bug
commented
recv
recv-q
1063 "Securing Ingresses with Venafi" tutorial contains link to missing manifest 5wk 4wk 5wk
author-last
recv
1062 Document process for offboarding maintainers 5wk 5wk 5wk
recv
similar
1061 Document onboarding process for new maintainers 5wk 5wk 5wk
recv
similar
1054 Run spell checker in a pre-commit hook 1mo 1mo 1mo
good first issue
kind/cleanup
recv
1006 Use descriptive text instead of alt for `feature icon` 3mo 3mo 3mo
recv
1001 Document a policy for required CI health before we can release 3mo 3mo 3mo
recv
998 Documentation venafi configuration references venafi documentation page which returns 403 3mo 5wk 3mo
contributor-last
recv
993 Document which resources do/do not get garbage collected 4mo 4mo 4mo
good first issue
contributor-last
recv
988 Document how feature gated fields can be added to API 4mo 4mo 4mo
recv
981 The `kubectl operator install` instructions are broken (after upgrading kubectl operator v0.3.0 -> v0.4.0) 4mo 4mo 4mo
commented
member-last
975 Some pages do not make it clear what the user should read next 5mo 5mo
974 Investigate styled 404 page 5mo 5mo
955 Document when the vault pki role required setting `require_cn=false` 5mo 5mo
944 Document how to install cert-manager in a different namespace
2
5mo 3mo 5mo
good first issue
assigned
assignee-updated
contributor-last
recv
recv-q
similar
936 Review public envvars for site 5mo 5mo 5mo
commented
member-last
931 Improve upgrade instructions using helm
5mo 5mo 5mo
recv
923 GSoD2022: Improve the navigation and structure of the cert-manager website 5mo 5mo 5mo
assigned
contributor-last
recv
similar
922 GSoD2022: Dashamir Hoxha 5mo 5mo 5mo
assigned
assignee-updated
commented
member-last
send
921 GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak 5mo 5mo 5mo
assigned
assignee-updated
commented
member-last
send
similar
899 Upgrading from v1.7 to v1.8 check command should exclude null.
2
6mo 5mo 6mo
recv
recv-q
868 Document RBAC 6mo 6mo 6mo
contributor-last
recv
similar
866 Securing NGINX-ingress 6mo 6mo 6mo
recv
similar
851 create Cilium ingress tls example
3
7mo 3mo 7mo
assigned
assignee-updated
recv
847 missing documentation/information olm based installation metric prometheus 7mo 7mo 7mo
contributor-last
recv
844 Document feature gates 7mo 7mo
similar
841 remove dependency on golang from cmctl and kubectl-plugin installation documentation
8mo 8mo 8mo
contributor-last
pr-merged
recv
recv-q
836 Syncing Secrets Across Namespaces
8mo 6mo 8mo
recv
802 Spelling errors are unclear in pull request CI results and spell checker is unmaintained
8mo 8mo
kind/bug
contributor-last
pr-merged
776 Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret 9mo 9mo 9mo
commented
member-last
send
758 API reference docs: enum values not documented with typedef 10mo 10mo 10mo
recv
746 Enable Dark mode in the docs website 11mo 11mo 11mo
recv
706 Default key usages 1y 1y 1y
recv
697 [IRSA] Needs `runAsUser: 1001` 1y 1y 1y
recv
693 Azure DNS pod identity incorrectly documents principal_id 1y 1y 1y
commented
member-last
send
672 List required Google CloudDNS permissions exhaustively 1y 1y 1y
recv
662 Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"
1y 1y 1y
recv
645 Investigate & add an FAQ/warning about images rolled back after GitOps upgrade 1y 7mo 1y
recv
recv-q
642 Move/ link to Webhook debugging docs 1y 1y
similar
604 Make it so that it is easier to find the doc for fixing webhook issues 1y 5mo 1y
contributor-last
recv
583 cert-manager with ZeroSSL
44
1y 3mo 3mo
commented
send
568 Add a diagram for LetsEncrypt cert issuance flow to the docs
4
1y 1y 1y
recv
561 Certificate Resources 1y 1y 1y
recv
similar
554 HTTP Validation, privateKeySecretRef 1y 1y 1y
contributor-last
recv
549 Effort towards a more user-friendly website 1y 1y
543 Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates
4
1y 1y 1y
commented
member-last
send
542 Document the Istio VirtualService HTTP01 configuration options 1y 1y
532 Rework of the landing page (cert-manager.io)
3
1y 10mo 1y
help wanted
good first issue
commented
member-last
send
486 OpenShift - broken link
2y 1y 1y
commented
member-last
send
469 DNS01: Delegated Domains for DNS01 example yaml solvers list items 2y 2y 2y
recv
466 installation/compatiblity 2y 2y 2y
recv
457 cainjector docs are missing the option to inject certs in apiservice resources
2y 2y 2y
recv
454 Cluster Resource Namespace 2y 2y 2y
recv
426 Create a sequence diagram that shows how a certificate gets issued with let's encrypt
2
2y 1y 1y
commented
member-last
pr-merged
425 Document ocspServers 2y 2y 2y
kind/documentation
commented
member-last
422 Page last modified date incorrect 2y 2y 2y
kind/bug
collaborator-last
commented
send
386 Uninstalling on Kubernetes - How to delete all those user created resources?
2y 2y 2y
collaborator-last
commented
send
330 Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1) 2y 2y 2y
collaborator-last
commented
send
326 Securing Ingresses with Venafi 2y 2y 2y
collaborator-last
commented
send
similar
295 Route53 2y 2y 2y
kind/documentation
commented
member-last
send
79 Design for partial automation of release process 3mo 3mo 3mo
commented
member-last
send
50 Move cert-manager-release infrastructure to CNCF's GCP account
1y 8mo 8mo
commented
member-last
42 Publish latest release number as part of creating a final release
1y 1y 1y
commented
member-last
send
31 Move the manual steps of our release process to cmrel commands
1y 1y 1y
commented
member-last
pr-closed
27 Create cert-manager specific testing infrastructure
1y 1y 1y
assigned
assignee-updated
commented
member-last
pr-merged
send
19 Incorrect command line help: should include a --branch argument 2y 2y 2y
kind/cleanup
commented
contributor-last

Uncommented older than 7 days (116)

Resolution: Add a priority/ or triage/ label

Average age: 209.7d, Avg wait: 181.4d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4846 More than one Certificate nominating same Secret induces runaway creation of many CertificateRequests and Orders
2
7mo 19d 7mo
kind/bug
priority/important-soon
lifecycle/stale
collaborator-last
pr-new-commits
recv
recv-q
4722 High memory usage on cluster with many secrets
8
8mo 2mo 8mo
kind/bug
priority/important-soon
contributor-last
open-milestone
recv
4653 Venafi TPP Support for Oauth
3
9mo 19d 9mo
kind/feature
priority/backlog
recv
recv-q
3898 Allow setting PodDisruptionBudget policies via helm chart
3
1y 3wk 1y
kind/feature
priority/important-longterm
area/deploy
author-last
pr-closed
pr-new-commits
recv
3655 Specify Name Constraints in CA Certificate
5
2y 1d 2y
kind/feature
priority/backlog
recv
850 Document available cert-manager Prometheus metrics 7mo 5mo 7mo
documentation
good first issue
priority/important-longterm
contributor-last
recv
770 Helm template fails with `--create-namespace` 10mo 9mo 10mo
triage/support
contributor-last
recv
recv-q
709 Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1
1y 11mo 1y
good first issue
priority/important-soon
recv
551 Documentation on how to handle large-scale certificate management & best practices
2
1y 10mo 1y
help wanted
priority/important-longterm
kind/documentation
contributor-last
recv
480 Secret gets UID added to end of name 2y 1y 2y
triage/support
contributor-last
recv
recv-q
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 2y 2y 2y
priority/backlog
kind/documentation
contributor-last
recv
56 Route53: document use of "region" field 2y 1y 2y
documentation
priority/important-longterm
contributor-last
recv
recv-q
104 previously listed items omitted

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 841.8d, Avg wait: 101.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
709 Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1
1y 11mo 1y
good first issue
priority/important-soon
recv
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
3
2y 1y 2y
documentation
priority/important-soon
commented
contributor-last
262 [DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift
2y 2y 2y
kind/feature
priority/important-soon
author-last
commented
recv
recv-q
229 Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error 2y 2y
priority/important-soon
kind/documentation
contributor-last
198 Document release process 2y 2y 2y
priority/important-soon
kind/documentation
assigned
commented
member-last
send
195 Document keystores 2y 1y 2y
priority/important-soon
kind/documentation
commented
member-last
send
174 Add documentation for CRD conversion webhook ca injection 2y 2y 2y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
144 Improve webhook debugging info
2y 1y 2y
priority/important-soon
kind/documentation
commented
member-last
pr-merged
send
similar
90 Document Certificate Subject Changes 2y 2y 2y
help wanted
good first issue
priority/important-soon
collaborator-last
commented
69 SelfSignedIssuer configuration - API reference docs 2y 2y 2y
help wanted
good first issue
priority/important-soon
kind/documentation
commented
member-last
send

Important longterm, but no updates in 180 days (8)

Resolution: Downgrade to backlog

Average age: 838.7d, Avg wait: 193.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
2178 Handling 'unregistering' certificates from Venafi TPP
11
3y 8mo 2y
lifecycle/frozen
kind/feature
priority/important-longterm
area/venafi
commented
recv-q
send
551 Documentation on how to handle large-scale certificate management & best practices
2
1y 10mo 1y
help wanted
priority/important-longterm
kind/documentation
contributor-last
recv
401 Bring tutorials up to date 2y 2y
priority/important-longterm
344 Add docs to explain webhooks 2y 1y
help wanted
good first issue
priority/important-longterm
contributor-last
223 Document wildcard certificate tutorial 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
178 Order of versions of cert-manager in menu 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
154 Documenting repo management process 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
56 Route53: document use of "region" field 2y 1y 2y
documentation
priority/important-longterm
contributor-last
recv
recv-q

Pull Requests: Review Ready (22)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 116.3d, Avg wait: 34.4d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5469 Increasing unit test coverage for pkg/issuer/acme/setup.go
5d 21h 21h
size/L
release-note-none
area/acme
dco-signoff: yes
ok-to-test
needs-kind
author-last
commented
new-commits
recv
5478 Migrate Vault helm chart in e2e tests from ad-hoc version to official chart from hashicorp 3d 22h 23h
release-note-none
needs-ok-to-test
size/M
dco-signoff: yes
area/testing
needs-kind
commented
contributor-last
recv
recv-q
unreviewed
3931 Added PodDisruptionBudgets to helm chart
2
13
1y 1d 5mo
size/L
release-note
approved
kind/feature
dco-signoff: yes
ok-to-test
area/deploy
assigned
assignee-updated
commented
contributor-last
new-commits
recv
recv-q
5356 Allow ECDSA for ACME client keys 2mo 1d 2mo
size/L
release-note
area/api
kind/feature
area/acme
dco-signoff: yes
area/testing
ok-to-test
area/deploy
author-last
commented
recv
recv-q
unreviewed
5447 Allow extra DNS-01 propagation time to be configured
15d 3d 12d
release-note
size/S
area/acme
dco-signoff: yes
ok-to-test
area/acme/dns01
needs-kind
author-last
commented
recv
unreviewed
5427 Added support for disableChallengePresentation for issuers and clusterissuers
4wk 6d 12d
release-note
area/api
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
area/deploy
needs-kind
author-last
commented
recv
unreviewed
4969 add acmeHttp01SolverImage 6mo 10d 6mo
size/XS
release-note
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
author-last
commented
recv
recv-q
unreviewed
5093 Add relabeling and metricRelabelings settings for ServiceMonitor. 5mo 11d 5mo
release-note
size/S
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
recv
recv-q
unreviewed
4330 Add client certificate auth method for Vault issuer 1y 12d 5mo
release-note
size/XL
area/api
kind/feature
area/acme
area/vault
dco-signoff: yes
area/testing
ok-to-test
area/deploy
collaborator-last
commented
recv
recv-q
unreviewed
4835 Making sure per fixture only 1 setup is active at the same time 7mo 12d 3mo
release-note-none
kind/bug
size/M
lifecycle/stale
dco-signoff: yes
area/testing
assigned
assignee-updated
collaborator-last
commented
reviewed-with-comment
5324 Create 20220720-per-certificate-owner-ref.md
4
2mo 12d 3wk
size/L
release-note-none
approved
kind/design
dco-signoff: yes
collaborator-last
commented
new-commits
similar
5373 Allow config of http01 solver pod security context
2
1mo 12d 1mo
size/L
release-note
area/api
kind/feature
area/acme
dco-signoff: yes
ok-to-test
area/acme/http01
area/deploy
collaborator-last
commented
open-milestone
recv
recv-q
unreviewed
1085 content/projects/csi-driver: Fix PKCS12 attribute keys to correct strings 16h 15h
approved
dco-signoff: yes
size/M
unreviewed
1084 fix: navigation menu hiding search results 3d 3d 3d
size/XS
dco-signoff: yes
needs-ok-to-test
assigned
author-last
recv
unreviewed
984 Fix zerossl tutorial path 4mo 10d 4mo
dco-signoff: yes
size/L
ok-to-test
assigned
contributor-last
recv
recv-q
unreviewed
1080 Bump marked and marked 15d 15d 15d
dco-signoff: yes
needs-ok-to-test
size/S
dependencies
recv
unreviewed
1079 Bump markdown-link-extractor and markdown-link-check 15d 15d 15d
dco-signoff: yes
size/L
needs-ok-to-test
dependencies
recv
unreviewed
1071 Improved the summary on the docs homepage
2
3wk 3wk 3wk
approved
dco-signoff: yes
size/S
commented
contributor-last
new-commits
recv-q
1005 Route53 accessKeyIDSecretRef docs 3mo 3mo 3mo
size/XS
dco-signoff: yes
needs-ok-to-test
recv
unreviewed
992 Initial feature gate documentation
2
4mo 4mo 4mo
approved
dco-signoff: yes
size/M
commented
contributor-last
recv
recv-q
reviewed-with-comment
930 update ibmcloud cis webhook link 5mo 4mo 5mo
size/XS
dco-signoff: yes
needs-ok-to-test
assigned
assignee-updated
author-last
commented
recv
unreviewed
948 add note to ingress class definition 5mo 5mo 5mo
dco-signoff: no
size/XS
needs-ok-to-test
assigned
author-last
recv
unreviewed

Unkinded Issues (100)

Resolution: Add a kind/ or triage/support label

Average age: 321.5d, Avg wait: 138.9d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5479 Could not determine authoritative nameservers for \"_acme-challenge.XXX.com. 2d 2d 2d
author-last
recv
recv-q
5470 Waiting on certificate issuance from order default/nginx-app-tls-z9xlj-2268860154: "pending" Issuing certificate as Secret does not exist 5d 5d 5d
author-last
recv
recv-q
5159 ACME account private key rotation support 4mo 3wk 3mo
lifecycle/stale
triage/needs-information
collaborator-last
commented
send
4918 Leader election timeout (?) causes exit
7mo 5wk 5mo
priority/important-longterm
commented
recv
recv-q
4910 CNCF incubation tracking issue 7mo 19d 6mo
priority/important-soon
lifecycle/stale
assigned
assignee-updated
collaborator-last
commented
recv
4250 Support parallel DNS validation for same host
6
1y 4wk 10mo
priority/important-soon
lifecycle/rotten
area/acme/dns01
collaborator-last
commented
open-milestone
recv
recv-q
3992 Add non-CRD yaml file
2
1y 2mo 1y
priority/important-soon
area/deploy
commented
open-milestone
recv
1082 Navigation menu hiding search results on mobile devices 4d 4d 4d
recv
753 Route53 - AWS IAM Account Setup is confusing
10mo 5mo 5mo
priority/backlog
commented
member-last
send
459 cert manager is no longer on the OpenShift operator list 2y 5mo 2y
priority/awaiting-more-evidence
assigned
assignee-updated
commented
contributor-last
recv-q
send
354 DigitalOcean access-token should not be base64-encoded 2y 2y 2y
priority/awaiting-more-evidence
author-last
commented
recv
2 Set up periodic job to publish an experimental release build
2y 1y
priority/backlog
assigned
contributor-last
88 previously listed items omitted

Unprioritized Recent Issues (197)

Resolution: Add a priority/ or triage/ label

Average age: 217.8d, Avg wait: 89.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5481 Need metrics for DNS01 Challenges 1d 1d 1d
kind/feature
recv
5480 Route53 solver's STS certificate chain is not being trusted by the cert-manager pod 2d 1d 2d
kind/bug
recv
5473 Documentation not clear on certmanager install.sh dependency resulting in failure 4d 4d 4d
kind/bug
recv
5472 Ability to check Venafi API parameter in log
4d 4d 4d
kind/feature
recv
5471 Mismatch between RBAC and --leader-election-namespace in static manifests 4d 4d 4d
kind/bug
recv
192 previously listed items omitted

Uncommented Recent Issues (8)

Resolution: Add a comment

Average age: 3.7d, Avg wait: 3.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
8 previously listed items omitted: #5481 #5480 #5479 #5473 #5472 #5471 #5470 #1082
New, has multiple reactions, but not important-soon: No matching items
New, has multiple commenters, but not important-soon: No matching items
needs information, has update: No matching items

Recently updated issue has a question (3)

Resolution: Add an answer

Average age: 317.1d, Avg wait: 34.7d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5470 Waiting on certificate issuance from order default/nginx-app-tls-z9xlj-2268860154: "pending" Issuing certificate as Secret does not exist 5d 5d 5d
author-last
recv
recv-q
4980