cert-manager + website + release Daily Triage

queue to be emptied once a day

Unprioritized issues older than 7 days (165)

Resolution: Add a priority/ or triage/ label

Average age: 143.2d, Avg wait: 60.1d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
4621		Allow Certificate secretTemplate to specify the cert-manager.io/allow-direct-injection annotation PR#4622: Allow Certificate secretTemplates to set the cert-manager.io/allow-d… unreviewed Similar: #3586: inspect secret in cert-manager certificate definition (closed)			7d	2d	5d		kind/feature	author-last commented pr-unreviewed recv similar
4613		CRDs should be installed independent of the helm release			8d	1d	8d		kind/feature	recv recv-q
4612		cert-manager hits Let's Encrypt too aggressively (regression)		3	8d	8d	8d			collaborator-last commented pr-merged send
4610		cert-manager tls-secret for internal service-dns			11d	9d	9d		kind/feature	collaborator-last commented send
4606		Webhook is not resolvable in startupapicheck pod			12d	12d	12d		kind/bug	recv
4605		cert-manager not provisioning certificates with digital signature and key enchipherment key usages			12d	12d	12d		kind/bug	recv
4603		Change namespace of cert-manager installation Similar: #4102: Default leader election namespace to installation namespace (open)			13d	13d	13d		kind/feature	recv similar
4602		General functionality question - deleting order and certificate resources			13d	13d	13d			recv
4599		Squash all Cert Manager images into one			15d	13d	14d		kind/feature area/deploy	author-last commented recv
4595		has docs.cert-manager.io been removed			2wk	14d	14d		kind/documentation	collaborator-last commented send
4594		TLS handshake error: EOF			3wk	2d	3wk		kind/bug	recv recv-q
4585		Improve speed of e2e tests			4wk	14d	14d		kind/feature	collaborator-last commented
4580		Failed calling webhook - "open /etc/ssl/certs: permission denied"			4wk	15d	4wk			recv recv-q
4576		Add '"helm.sh/resource-policy": keep' to CRDs by default			4wk	4wk	4wk		kind/feature	recv
4573		JKS keystore not being created			4wk	3wk	4wk		kind/bug	author-last recv recv-q
4561		Ability to specify secret ownerReference as part of the Certificate request			5wk	5wk	5wk		kind/feature	recv
4560		clock_time_seconds metric should be a gauge			5wk	13d	14d		area/monitoring	commented contributor-last open-milestone recv
4558		Error in the challenge to generate the certificate Similar: #3378: Generate certificate challenge error (closed)			5wk	5wk	5wk			recv similar
4557		kubectl install cert-manager: Readiness probe failed: HTTP probe failed with statuscode: 500 Similar: #3653: install cert-manager: Readiness probe failed: HTTP probe failed with statuscode: 500 (closed)			5wk	4wk	5wk			author-last recv similar
4552		Check user-agent versions for cert-manager binaries			5wk	6d	6d		kind/bug	assigned assignee-updated commented member-last send
4539		Allow immediate renewal of certs if requested.			6wk	14d	14d		kind/feature	author-last commented recv recv-q
4538		Enable new Auth methods for Vault			6wk	6wk	6wk			recv
4537		HTTP-01 challenges fail with Istio and cert-manager 1.5 (kubernetes.io/ingress.class not set anymore)			6wk	4wk	5wk		kind/bug area/acme/http01	commented member-last
4536		ZeroSSL ClusterIssuer Order Fails on Finalization			6wk	5wk	5wk		area/acme area/acme/http01	collaborator-last commented send
4535		Kubernetes: x509 certificate signed by unknown authority, possibly because of ECDSA verification failure			6wk	19d	6wk			commented send
4533		Sectigo and cert-manager(v1.5.4) - error creating new order: 500 urn:ietf:params:acme:error:serverInternal			6wk	6wk	6wk			author-last commented recv recv-q
4518		operator version 0.15.3 fails to install in openshift			7wk	6wk	6wk			author-last commented recv
4505		Select preferred alternate certificate chain by CN of the rootmost certificate only			7wk	7wk			kind/bug
4504		Reasoning behind updating route53 records instead of creating new ones			7wk	7wk	7wk		kind/feature	author-last recv
4503		Latest version of kubectl cert-manager not executing on mac M1 Similar: #3668: Secure Istio Gateway in Kubernetes using cert-manager. (closed)			7wk	7wk	7wk		kind/bug	collaborator-last commented send similar
4500		./hack/update-codegen.sh downloads 1.2GiB of Go dependencies on each run			7wk	7wk			kind/bug
4494		Prometheus metrics for Orders			1mo	1mo	1mo		kind/feature	recv
4492		Documentation need to be more specific			1mo	1mo	1mo			collaborator-last recv
4490		Subject Ingress Annotations PR#4502: support subject and email annotations for ingress/gateway commented			1mo	1mo	1mo		kind/feature	pr-reviewed-with-comment recv
4489		Externalize controller argument config			1mo	6wk	1mo		kind/feature	assigned recv
4487		Add ability to specify ClusterIssuer to helm chart values			2mo	2mo	2mo		kind/feature	pr-closed recv
4483		Split cainjector out of core cert-manager		2	2mo	6d	6d		kind/feature	collaborator-last commented
4480		Azure DNS ACME Solver Issue			2mo	2mo	2mo		kind/bug	recv
4473		Add signing for cert-manager artifacts			2mo	8d	8d		kind/feature	collaborator-last commented
4471		Istio sidecar is disabled by the hard coded annotation in ACME HTTP01 solver Pod			2mo	2mo	2mo		kind/feature	recv
4468		"NoCredentialProviders" error from route53 solver			2mo	2mo	2mo		kind/bug	recv
4457		Fix golint errors			2mo	4wk	4wk		good first issue kind/cleanup	assigned assignee-updated collaborator-last commented pr-merged
4454		Add certificate issuer / issuer type in prometheus metrics		3	2mo	2mo	2mo		kind/feature	recv
4452		Error initializing issuer: context deadline exceeded			2mo	6wk	2mo		kind/bug	recv recv-q
4445		The deprecated Helm value `securityContext.enabled` should be removed PR#4209: Auto generate README.md, Chart.yaml, values.schema.json and values.yaml using tem & helm-jsonschema-gen new-commits			2mo	5wk			good first issue kind/cleanup	assigned assignee-updated contributor-last pr-new-commits recv-q
4440		cert-manager check api: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)		5	2mo	2mo	2mo		kind/bug	author-last recv recv-q
4438		Multiple solver types with matchLabels cluster-issuer not working			2mo	2mo	2mo			recv
4437		CM continues requeuing inexisting items		2	2mo	1mo	2mo		kind/bug	recv recv-q
4434		Operator projects using the removed APIs in k8s 1.22 requires changes.		3	2mo	2mo	2mo			commented member-last send
4427		Unable to request wildcard certificate with ACME client			3mo	7h	3mo		kind/bug lifecycle/stale	collaborator-last recv
4425		WebHook error			3mo	2mo	2mo		kind/bug	commented member-last send
4424		Add support for setting multiple DC fields to Certificate, to allow for LDAP client authentication			3mo	2mo	2mo		kind/feature	commented member-last send
4423		Cert renewal loop		2	3mo	7wk	7wk		kind/bug	commented member-last send
4422		DNS01 challenge with Route 53 fails: 'Endpoint' configuration is required for this service			3mo	2d	3mo		kind/bug lifecycle/stale	collaborator-last recv
4420		ACME DNS solver error "account credentials not found for domain"			3mo	2d	3mo		kind/bug lifecycle/stale	collaborator-last recv
4417		to support Venafi TPP CADN parameter			3mo	5d	3mo		kind/feature lifecycle/stale	collaborator-last recv
4411		Private key reuse errors with Venafi TPP			3mo	2mo	3mo		kind/bug area/venafi	recv recv-q
4410		Support configuration via operator subscription		3	3mo	4wk	3mo		kind/feature	recv
4375		cert-manager ignores existing controller OwnerReferences on secrets			3mo	15d	3mo		kind/bug	author-last recv
4374		version checker tests failing			3mo	16d			lifecycle/stale kind/flake	collaborator-last
4368		Memory leak in cainjector			3mo	16d	3mo		lifecycle/stale	collaborator-last pr-merged recv
4360		Allow default Certificate settings to be defined within your Issuer configuration Similar: #2239: Create a CertificatePreset resource type to allow configurable defaulting (open)			3mo	2wk	3mo		kind/feature lifecycle/stale	collaborator-last recv similar
4357		Flaky test: //test/integration/ctl TestCtlCreateCRBeforeCRIsCreated			3mo	2wk			kind/bug lifecycle/stale kind/flake	collaborator-last pr-merged
4351		Flaky test: TestValidateCertificate/invalid_with_disallowed_'CertificateSecretTemplate'_annotations			3mo	2mo			kind/bug kind/flake	contributor-last pr-merged recv-q
4349		allowing greater configuration for the cloud provider tests			3mo	2wk	3mo		kind/feature lifecycle/stale	collaborator-last recv
4340		cert-manager - No client certificate CA names sent Similar: #4631: Cert-manager not valid certificates (open) Similar: #3896: Cert Manager failing to renew certificate (open) Similar: #3312: Why does cert-manager issue fake certificates? (closed) Similar: #3170: Why does cert-manager issue fake certificates? (closed)			3mo	3wk	3mo		lifecycle/stale	collaborator-last recv similar
4334		Using service-account directly for Vault authentication? Similar: #2345: Service Account authentication to Vault (closed)			3mo	3wk	3mo		kind/feature lifecycle/stale	collaborator-last recv similar
4331		Add Uninstall & Upgrade commands to `kubectl cert-manager` Similar: #4179: Universal cert-manager installing, uninstalling, debugging and upgrading (closed)			3mo	3wk	3mo		kind/feature lifecycle/stale	collaborator-last pr-closed recv similar
4316		Recursive nameservers for multiple domain			3mo	3wk	3mo		kind/bug lifecycle/stale	collaborator-last recv
4303		Allow azuredns serviceprincipal configuration from secret			3mo	3d	3mo		kind/feature lifecycle/stale	author-last recv
4296		Kubectl plugin - error when getting Certificate		2	4mo	5h	4mo		lifecycle/rotten	collaborator-last recv
4292		Annotations and Labels must be removed from the Secret when removed from secretTemplate PR#4638: Adds SecretTemplate Certificates Controller. SecretManager Apply unreviewed			4mo	1d	1d		kind/feature	assigned assignee-updated commented member-last open-milestone pr-merged pr-unreviewed send
4289		Changing a Certificate keystores specification should update certificate Secret			4mo	4wk	4mo		kind/bug	contributor-last recv
4288		Support for custom Ingress crds for http01 resolution			4mo	1d	4mo		kind/feature lifecycle/rotten	collaborator-last commented send
4286		support custom dns server for acme http challenges PR#4287: Acme http challenge custom dns unreviewed		2	4mo	4wk	4mo		kind/feature	author-last pr-unreviewed recv
4281		Can't deploy Issuer			4mo	2mo	4mo		kind/bug	author-last commented recv recv-q
4273		DNS01 Validation Failing: No OpenIDConnect provider found in your account			4mo	13d	4mo		lifecycle/stale	recv
4266		The automountServiceAccountToken configuration option in the Helm chart is probably unusable / unnecessary			4mo	6d	4mo		kind/bug lifecycle/rotten	collaborator-last commented pr-merged
4263		Issuer Fallback			4mo	7d	4mo		kind/feature lifecycle/rotten	contributor-last recv
4248		Run cert-manager e2e tests with the race flag			4mo	11d			kind/cleanup lifecycle/rotten area/testing	collaborator-last pr-merged
4246		ACME DNS Challenge and Propagation Delay (NXDOMAIN)		3	4mo	1d	4mo		kind/bug	recv
4245		Ingress Shim Certificate Incorrectly Renewed Due To Usages Change			4mo	2mo	2mo		kind/bug	commented member-last send
4235		Reconsider error condition on empty secretnames in TLS hosts. PR#4604: ignore empty secretNames in the ingress spec unreviewed			4mo	13d	4mo		kind/feature lifecycle/rotten	collaborator-last pr-unreviewed recv
4220		Reuse existing identical certificates Similar: #2929: Notify a service inside k8s cluster on certificate renewal (closed)		2	4mo	15d	4mo		kind/feature lifecycle/rotten	collaborator-last recv similar
4216		Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large			4mo	4mo	4mo			recv
4215		Include example manifests in this repo for reference			4mo	18d	4mo		lifecycle/rotten	collaborator-last recv
4212		Ingress-shim to remove certificates if owned ingress lacks autoCertificateAnnotations			4mo	13d	4mo		kind/feature lifecycle/rotten	collaborator-last commented send
4211		support for importing multiple CA in jks certificates Similar: #3957: Support JKS trust store for ACME certificates (open)			4mo	2wk	4mo		kind/feature lifecycle/rotten	collaborator-last recv similar
4210		Syncing secret across namespaces gives error "unable to fetch certificate that owns the secret"			4mo	2wk	4mo		kind/bug	recv recv-q
4203		Add a make target for building static manifests with specific image			4mo	3wk			kind/feature lifecycle/rotten area/deploy	collaborator-last
4196		Enhance CA issuer with HSM support		2	4mo	10d	4mo		help wanted kind/feature lifecycle/stale area/ca	collaborator-last commented recv
4191		Setting default values for Pod's "resources"?		2	4mo	3wk	4mo		lifecycle/rotten	collaborator-last commented send
4189		Support setting a different password for the private key in a Java keystore			4mo	2mo	2mo		area/api good first issue help wanted kind/feature	collaborator-last commented pr-closed pr-merged
4187		Upgrade to cert-manager v1.3.1 causes outage on EKS			4mo	1mo	4mo		kind/bug	recv recv-q
4180		Add tests to #4138			4mo	4wk	4mo		kind/feature lifecycle/rotten	assigned assignee-updated collaborator-last pr-merged recv
4173		Enable domains for no_proxy			5mo	2mo	5mo		kind/feature	author-last recv recv-q
4166		cert-manager should allow to store certificate in vault Similar: #4631: Cert-manager not valid certificates (open)			5mo	2wk	5mo		kind/feature lifecycle/rotten	recv similar
4153		Support DoT (DNS over TLS) for Recursive Nameservers			5mo	5wk	5mo		kind/feature area/acme/dns01	author-last recv
4146		Provide cert store format choice for PEM combined			5mo	2mo	2mo		good first issue help wanted kind/feature	collaborator-last commented send
4139		Old Helm charts should be deprecated			5mo	3wk	3mo		kind/bug lifecycle/stale	collaborator-last commented pr-merged
4102		Default leader election namespace to installation namespace Similar: #4603: Change namespace of cert-manager installation (open)			5mo	12d	12d		kind/feature	collaborator-last commented pr-merged send similar
4071		Add a default value to RevisionHistoryLimit if none is provided in the Certificate PR#4570: `RevisionHistoryLimit` has a default value of 25 commented Similar: #3958: Sane defaults for Certificate revision history limit (open)		4	6mo	2d	6mo		kind/feature	author-last pr-reviewed-with-comment recv similar
4053		Error setup role to manage Route53 dns01			6mo	4wk	6mo		kind/bug lifecycle/stale	collaborator-last recv recv-q
4033		Automated updates of base images			6mo	2mo	2mo		kind/feature	collaborator-last commented pr-merged
4032		Consider ArtifactHub vulnerability scanning			6mo	2mo	2mo		kind/feature	collaborator-last commented
3992		Add non-CRD yaml file			6mo	7wk	4mo		area/deploy	author-last commented recv
3968		acme http01: 504 Gateway Time-out		4	7mo	15d	7mo		kind/bug area/acme/http01	recv recv-q
3958		Sane defaults for Certificate revision history limit Similar: #4071: Add a default value to RevisionHistoryLimit if none is provided in the Certificate (open)		3	7mo	2mo	7mo		kind/feature	recv similar
3957		Support JKS trust store for ACME certificates Similar: #4211: support for importing multiple CA in jks certificates (open) Similar: #3404: Add support for custom Certificate Extensions (open)			7mo	3wk	6mo		kind/feature lifecycle/rotten	collaborator-last commented recv-q send similar
3949		Option to store selfsigned cert/key pair into two secrets.		6	7mo	7d	7d		kind/feature lifecycle/rotten	commented send
3896		Cert Manager failing to renew certificate Similar: #4340: cert-manager - No client certificate CA names sent (open) Similar: #4627: Certificates not being renewed (open) Similar: #4631: Cert-manager not valid certificates (open) Similar: #3312: Why does cert-manager issue fake certificates? (closed) Similar: #3170: Why does cert-manager issue fake certificates? (closed)		17	7mo	2mo	2mo		kind/bug	commented member-last send similar
3747		Certificate issuerRef should be optional			9mo	8d	9mo		kind/feature	recv
3743		Excessive DNS caching for DNS verification			9mo	2mo	9mo		kind/bug	author-last recv
3719		DNS-01 broken scenario (GCP Cloud DNS)			9mo	2mo	9mo		kind/bug	author-last recv
3716		Health check failed as CertificateSource is unhealthy"		3	9mo	4wk	9mo		kind/bug lifecycle/rotten	collaborator-last recv recv-q
3681		When using a keystore.jks in secret, how can I specify a name for the alias			9mo	19d	19d		kind/feature lifecycle/stale	collaborator-last commented send
3637		BadRequest error when configuring external Vault with Kubernetes authentication		6	9mo	4wk	9mo		kind/bug lifecycle/rotten	collaborator-last recv recv-q
3617		Manage etcd, apiserver, controller-manager, scheduler, proxy, kubelet certificates			10mo	2mo	10mo		kind/feature	author-last recv
3592		Ability to not create ca.crt			10mo	2mo	10mo			author-last commented recv
3565		requestmanager_controller got stuck in a loop and stopped generating new certificates afterward		10	10mo	12d	7wk		kind/bug	commented send
3481		cert-manager stops reconciling certificate expiries		2 4	1y	5wk	5wk		kind/bug	commented member-last send
3404		Add support for custom Certificate Extensions Similar: #3957: Support JKS trust store for ACME certificates (open)		4	1y	1mo	1mo			collaborator-last commented pr-closed send similar
3194		Ability to specify utilizing Ambient Credentials for Vault Auth Block		2	1y	6wk	1y		kind/feature	recv
758		API reference docs: enum values not documented with typedef			18d	18d	18d			recv
753		Route53 - AWS IAM Account Setup is confusing			3wk	3wk	3wk			recv
752		Issuer - Clarification needed			3wk	3wk	3wk			recv
746		Enable Dark mode in the docs website			4wk	4wk	4wk			recv
706		Default key usages			2mo	2mo	2mo			recv
697		[IRSA] Needs `runAsUser: 1001`			2mo	2mo	2mo			recv
693		Azure DNS pod identity incorrectly documents principal_id			3mo	2mo	2mo			commented member-last send
672		List required Google CloudDNS permissions exhaustively			3mo	3mo	3mo			recv
662		Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"			4mo	3mo	4mo			recv
659		Document component flags			4mo	4mo	4mo			assigned assignee-updated contributor-last recv
645		Investigate & add an FAQ/warning about images rolled back after GitOps upgrade			4mo	4mo	4mo			recv
642		Move/ link to Webhook debugging docs Similar: #144: Improve webhook debugging info (open)			4mo	4mo				similar
604		Make it so that it is easier to find the doc for fixing webhook issues			5mo	5mo	5mo			recv
600		Remove Helm v2 from Ingress Nginx tutorial			5mo	5mo	5mo			recv
583		cert-manager with ZeroSSL Similar: #4609: Cert-Manager CRDs errors (closed)		4	6mo	1d	6mo			recv recv-q similar
568		Add a diagram for LetsEncrypt cert issuance flow to the docs		3	6mo	6mo	6mo			recv
561		Certificate Resources Similar: #3455: updated certificate resource is not processed by cert-manager (closed)			6mo	6mo	6mo			recv similar
559		Update uninstall process doc			6mo	6mo	6mo			recv
554		HTTP Validation, privateKeySecretRef Similar: #1751: Making ACME Issuer privateKeySecretRef optional (closed)			6mo	5mo	6mo			contributor-last recv similar
549		Effort towards a more user-friendly website			7mo	6mo
543		Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates		3	7mo	5mo	5mo			commented member-last send
542		Document the Istio VirtualService HTTP01 configuration options			7mo	7mo
532		Rework of the landing page (cert-manager.io)		3	7mo	14d	5mo		help wanted good first issue	commented member-last send
486		OpenShift - broken link			8mo	4mo	4mo			commented member-last send
469		DNS01: Delegated Domains for DNS01 example yaml solvers list items			8mo	8mo	8mo			recv
466		installation/compatiblity			8mo	8mo	8mo			recv
457		cainjector docs are missing the option to inject certs in apiservice resources			9mo	9mo	9mo			recv
454		Cluster Resource Namespace			9mo	9mo	9mo			recv
426		Create a sequence diagram that shows how a certificate gets issued with let's encrypt		2	9mo	6mo	6mo			commented member-last pr-merged
425		Document ocspServers			9mo	9mo	9mo		kind/documentation	commented member-last
422		Page last modified date incorrect			10mo	10mo	10mo		kind/bug	collaborator-last commented send
403		Add to documentation: change default port of webhook when using hostNetwork and default Kubelet port setting			10mo	6mo	10mo		documentation good first issue kind/documentation	commented recv-q send
386		Uninstalling on Kubernetes - How to delete all those user created resources?			11mo	11mo	11mo			collaborator-last commented send
330		Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1)			1y	1y	1y			collaborator-last commented send
326		Securing Ingresses with Venafi			1y	1y	1y			collaborator-last commented send
295		Route53			1y	10mo	10mo		kind/documentation	commented member-last send
283		Document upgrade path for legacy users of v1.0			1y	6mo	10mo		kind/documentation	commented contributor-last send
50		Move cert-manager-release infrastructure to CNCF's GCP account			2mo	8d	8d			commented member-last
42		Publish latest release number as part of creating a final release			3mo	2mo	2mo			commented member-last send
31		Move the manual steps of our release process to cmrel commands			6mo	3mo	3mo			commented member-last pr-closed
27		Create cert-manager specific testing infrastructure Similar: #3670: Create testing infrastructure for the cert-manager org (closed)			7mo	2mo	2mo			assigned assignee-updated commented member-last pr-merged send similar
19		Incorrect command line help: should include a --branch argument			1y	10mo	10mo		kind/cleanup	commented contributor-last

Uncommented older than 7 days (99)

Resolution: Add a priority/ or triage/ label

Average age: 142.2d, Avg wait: 119.0d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
3898		Allow setting PodDisruptionBudget policies via helm chart PR#3931: Added PodDisruptionBudgets to helm chart new-commits			7mo	2mo	7mo		kind/feature priority/important-longterm area/deploy	author-last pr-new-commits recv
3711		Export issued cert into AWS ACM		9	9mo	2mo	9mo		kind/feature priority/backlog	collaborator-last recv
3655		Specify Name Constraints in CA Certificate		4	9mo	4wk	9mo		kind/feature priority/backlog	author-last recv
709		Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1			2mo	5wk	2mo		good first issue priority/important-soon	recv
551		Documentation on how to handle large-scale certificate management & best practices		2	7mo	5d	7mo		help wanted priority/important-longterm kind/documentation	contributor-last recv
480		Secret gets UID added to end of name			8mo	7mo	8mo		triage/support	contributor-last recv recv-q
76		Upgrading from v0.10 to v0.11 - missing cainjector annotation			2y	1y	2y		priority/backlog kind/documentation	contributor-last recv
56		Route53: document use of "region" field			2y	7mo	2y		documentation priority/important-longterm	contributor-last recv recv-q
91 previously listed items omitted

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 555.4d, Avg wait: 33.5d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
459		cert manager is no longer on the OpenShift operator list			9mo	7mo	9mo		priority/important-soon	assigned assignee-updated commented member-last send
320		Document how to install cert-manager using gitops and known issues with particular gitops implementations			1y	6mo	1y		documentation priority/important-soon	commented contributor-last
262		[DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift			1y	11mo	1y		kind/feature priority/important-soon	author-last commented recv recv-q
229		Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error			2y	1y			priority/important-soon kind/documentation	contributor-last
198		Document release process			2y	1y	1y		priority/important-soon kind/documentation	assigned commented member-last send
195		Document keystores			2y	6mo	1y		priority/important-soon kind/documentation	commented member-last send
174		Add documentation for CRD conversion webhook ca injection			2y	1y	1y		help wanted priority/important-soon kind/documentation	commented member-last send
144		Improve webhook debugging info Similar: #642: Move/ link to Webhook debugging docs (open)			2y	6mo	1y		priority/important-soon kind/documentation	commented member-last pr-merged send similar
90		Document Certificate Subject Changes Similar: #3651: Document how to set Issuer and Subject for self-signed certificates (closed) Similar: #2906: Add Subject Key Identifier to Certificate CRD (closed)			2y	10mo	10mo		help wanted good first issue priority/important-soon	collaborator-last commented similar
69		SelfSignedIssuer configuration - API reference docs			2y	1y	1y		help wanted good first issue priority/important-soon kind/documentation	commented member-last send

Important longterm, but no updates in 180 days (7)

Resolution: Downgrade to backlog

Average age: 577.1d, Avg wait: 103.0d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
2178		Handling 'unregistering' certificates from Venafi TPP		3	2y	11mo	11mo		lifecycle/frozen kind/feature priority/important-longterm area/venafi	collaborator-last commented send
401		Bring tutorials up to date			10mo	10mo			priority/important-longterm
344		Add docs to explain webhooks			1y	7mo			help wanted good first issue priority/important-longterm	contributor-last
223		Document wildcard certificate tutorial			2y	1y	2y		priority/important-longterm kind/documentation	commented contributor-last send
178		Order of versions of cert-manager in menu			2y	1y	2y		priority/important-longterm kind/documentation	commented contributor-last send
154		Documenting repo management process			2y	1y	2y		priority/important-longterm kind/documentation	commented contributor-last send
56		Route53: document use of "region" field			2y	7mo	2y		documentation priority/important-longterm	contributor-last recv recv-q

Pull Requests: Review Ready (23)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 66.1d, Avg wait: 54.7d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
4636		Remove conversion webhook			1d	4h	4h		release-note size/XL approved dco-signoff: yes area/testing area/deploy needs-kind	collaborator-last commented unreviewed
4604		ignore empty secretNames in the ingress spec			13d	1d	5d		release-note size/S needs-ok-to-test dco-signoff: no needs-kind	author-last commented recv recv-q unreviewed
4628		Sync cleanup Similar: #4188: Helm cleanup (open)		3	5d	2d	2d		size/L release-note-none approved kind/cleanup area/acme dco-signoff: yes	collaborator-last commented reviewed-with-comment similar
4608		allow to honor the labels of cert-manager on conflicts			12d	5d	5d		size/XS release-note needs-ok-to-test dco-signoff: yes area/deploy needs-kind	author-last commented recv unreviewed
4209		Auto generate README.md, Chart.yaml, values.schema.json and values.yaml using tem & helm-jsonschema-gen		3	4mo	11d	2mo		release-note approved kind/feature size/XXL dco-signoff: yes ok-to-test area/deploy	collaborator-last commented new-commits recv
4570		`RevisionHistoryLimit` has a default value of 25			4wk	2wk	3wk		release-note area/api needs-ok-to-test size/M dco-signoff: yes needs-kind	author-last commented recv reviewed-with-comment
4329		[Helm Chart] Add optional service annotations			3mo	3wk	3mo		release-note size/S needs-ok-to-test lifecycle/stale dco-signoff: yes area/deploy needs-kind	assigned collaborator-last recv reviewed-with-comment
4566		namespaceSelector matchExpressions to be configured on ValidatingWebHookConfiguration			4wk	4wk	4wk		size/XS release-note needs-ok-to-test dco-signoff: yes area/deploy needs-kind	assigned author-last recv unreviewed
4330		Add client certificate auth method for Vault issuer			3mo	5wk	3mo		release-note size/XL area/api needs-ok-to-test area/vault dco-signoff: yes area/deploy needs-kind	author-last recv unreviewed
4287		Acme http challenge custom dns			4mo	6wk	4mo		size/L release-note area/api needs-ok-to-test area/acme dco-signoff: yes area/testing area/acme/dns01 area/acme/http01 area/deploy needs-kind	collaborator-last recv unreviewed
765		Document that DNS-01 ClusterIssuer use kube-system secret			1d	1d	1d		size/XS dco-signoff: yes needs-ok-to-test	assigned author-last recv unreviewed
764		Pomerium Ingress Tutorial			7d	7d	7d		dco-signoff: yes size/L needs-ok-to-test	recv unreviewed
761		Add kubectl plugin Windows installation instructions			13d	13d	13d		size/XS dco-signoff: yes needs-ok-to-test	assigned author-last recv unreviewed
757		fix broken links			18d	18d	18d		size/XS dco-signoff: yes needs-ok-to-test	assigned author-last recv unreviewed
710		Added ZeroSSL tutorial			2mo	3wk	2mo		dco-signoff: yes size/XL ok-to-test	assigned author-last recv recv-q unreviewed
751		Added kubectl config for recursive nameservers			3wk	3wk	3wk		dco-signoff: no size/XS needs-ok-to-test	contributor-last recv unreviewed
744		Don't show removed API reference docs			4wk	3wk	4wk		approved dco-signoff: yes size/M	contributor-last recv unreviewed
740		Update digitalocean.md			4wk	4wk	4wk		size/XS dco-signoff: yes needs-ok-to-test	contributor-last recv unreviewed
722		Change links in usage certificate to kubectl plugin #renew to be relative			5wk	5wk	5wk		approved size/XS dco-signoff: yes cherry-pick-approved lgtm	assigned assignee-updated commented contributor-last unreviewed
701		Issuer with IRSA needs ambient credentials flag			2mo	2mo	2mo		dco-signoff: no size/XS needs-ok-to-test	assigned author-last recv recv-q unreviewed
669		kubectl --export is deprecated			3mo	3mo	3mo		dco-signoff: yes size/S ok-to-test	assigned commented contributor-last recv recv-q reviewed-with-comment
451		update to ingress.			9mo	5mo	9mo		dco-signoff: no size/XS needs-ok-to-test	contributor-last recv unreviewed
528		Update "Setting Nameservers for DNS01 Self Check" example			7mo	7mo	7mo		size/XS dco-signoff: yes needs-ok-to-test	contributor-last recv unreviewed

Unkinded Issues (75)

Resolution: Add a kind/ or triage/support label

Average age: 190.2d, Avg wait: 74.4d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
4631		Cert-manager not valid certificates Similar: #4340: cert-manager - No client certificate CA names sent (open) Similar: #4166: cert-manager should allow to store certificate in vault (open) Similar: #3896: Cert Manager failing to renew certificate (open) Similar: #3455: updated certificate resource is not processed by cert-manager (closed) Similar: #3312: Why does cert-manager issue fake certificates? (closed) Similar: #3170: Why does cert-manager issue fake certificates? (closed)			3d	1d	2d			commented recv recv-q similar
4630		This issue was incorrectly autoclosed, please reopen			4d	4d	4d			recv
4250		Support parallel DNS validation for same host		4	4mo	8d	8d		priority/important-soon area/acme/dns01	author-last commented open-milestone recv recv-q
3808		Supporting traefik IngressRoute objects?		6	8mo	2mo	7mo		priority/important-longterm area/ingress-shim	commented send
3451		Move repo to cert-manager/cert-manager			1y	3wk	3mo		priority/important-soon lifecycle/stale Epic	assigned assignee-updated collaborator-last commented send
3325		Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200' Similar: #3238: Waiting for http-01 challenge propagation: failed to perform self check GET request (open) Similar: #3318: Waiting for http-01 challenge propagation: failed to perform self check GET request (closed) Similar: #4577: Waiting for HTTP-01 challenge propagation: wrong status code '403', expected '200' On Baremetal (closed) Similar: #3000: Waiting for http-01 challenge propagation: dial tcp 127.0.0.1:80: connect: connection refused (closed) Similar: #2967: Waiting for http-01 challenge propagation: read: connection reset by peer (closed) Similar: #2517: http-01 challenge propagation: wrong status code '404', expected '200' (closed)		10	1y	6d	6mo		priority/backlog lifecycle/rotten	commented send similar
354		DigitalOcean access-token should not be base64-encoded			1y	10mo	1y		priority/awaiting-more-evidence	author-last commented recv
2		Set up periodic job to publish an experimental release build			2y	7mo			priority/backlog	assigned contributor-last
67 previously listed items omitted

Unprioritized Recent Issues (171)

Resolution: Add a priority/ or triage/ label

Average age: 138.3d, Avg wait: 58.1d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
4627		Certificates not being renewed Similar: #3896: Cert Manager failing to renew certificate (open) Similar: #4075: Renew certificate keeps in pending state (closed)			5d	1d	2d		kind/bug	commented recv similar
4626		No way to uninstall cert-manager using cmctl			5d	2d	5d		kind/feature	recv
4625		[cmctl] windows tar exe missing .exe			5d	5d	5d		kind/bug	recv
4624		Propagation check failed when using DNS-01			6d	6d	6d		kind/bug	recv
167 previously listed items omitted

Uncommented Recent Issues (4)

Resolution: Add a comment

Average age: 5.4d, Avg wait: 4.7d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
4 previously listed items omitted: #4630 #4626 #4625 #4624

New, has multiple reactions, but not important-soon: No matching items

New, has multiple commenters, but not important-soon: No matching items

needs information, has update: No matching items

Unprioritized issues older than 7 days (165)

Resolution: Add a priority/ or triage/ label

Average age: 143.2d, Avg wait: 60.1d

Uncommented older than 7 days (99)

Resolution: Add a priority/ or triage/ label

Average age: 142.2d, Avg wait: 119.0d

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 555.4d, Avg wait: 33.5d

Important longterm, but no updates in 180 days (7)

Resolution: Downgrade to backlog

Average age: 577.1d, Avg wait: 103.0d

Pull Requests: Review Ready (23)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 66.1d, Avg wait: 54.7d

Unkinded Issues (75)

Resolution: Add a kind/ or triage/support label

Average age: 190.2d, Avg wait: 74.4d

Unprioritized Recent Issues (171)

Resolution: Add a priority/ or triage/ label

Average age: 138.3d, Avg wait: 58.1d

Uncommented Recent Issues (4)

Resolution: Add a comment

Average age: 5.4d, Avg wait: 4.7d

Recently updated issue has a question (1)

Resolution: Add an answer

Average age: 684.5d, Avg wait: 0.0d