queue to be emptied once a day

Unprioritized issues older than 7 days (181)

Resolution: Add a priority/ or triage/ label

Average age: 191.4d, Avg wait: 69.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5238 no wait time between challenge requeues 9d 9d 9d
kind/bug
recv
5230 Timeouts on Every Controller Reconcile Loop
10d 10d
kind/bug
pr-merged
5229 Add option to select CADN from yaml file for Venafi TPP requests 11d 11d 11d
kind/feature
recv
5228 Fuzz test panic
12d 12d
kind/bug
kind/flake
pr-merged
5223 cert-manager reporting and alerting 15d 15d 15d
kind/feature
recv
5220 Investigate improving resource consumption and performance in clusters with large amount of resources 16d 16d 16d
kind/feature
assigned
assignee-updated
collaborator-last
commented
5218 Install SSL certificate on CertManager container image 17d 17d 17d
recv
similar
5215 Add relabeling in cert-manager serviceMonitor 17d 16d 17d
kind/feature
author-last
commented
recv
recv-q
5211 Question about tolerations 19d 19d 19d
recv
5210 Use instrumentedclient when performing credential verifications for Venafi client
19d 19d 19d
kind/bug
pr-closed
recv
5201 Periodically perform readiness checks for issuers
3wk 12d 12d
kind/bug
collaborator-last
commented
pr-closed
pr-merged
send
5198 Integration test flake: various timeouts 3wk 3wk
kind/flake
5197 cert-manager-webhook to provide logs when handling a k8s api-server request
2
 3wk 3wk 3wk
good first issue
help wanted
kind/feature
assigned
assignee-updated
collaborator-last
commented
send
5193 Stuck on "propagation check failed"
3wk 3wk 3wk
kind/bug
area/acme
collaborator-last
commented
pr-merged
send
similar
5182 e2e flake: etcd request slowness 3wk 3wk
kind/flake
5180 e2e flake: webhook context deadline exceeded 3wk 3wk 3wk
kind/flake
collaborator-last
commented
similar
5179 e2e flake: Message: "admission webhook \"webhook.cert-manager.io\" denied the request: the server could not find the requested resource" 3wk 3wk 3wk
kind/flake
collaborator-last
commented
5178 e2e flake: mv: cannot stat 'bin/downloaded/tools/crane': No such file or directory 3wk 3wk
kind/flake
5177 e2e flake: /bin/bash: bin/tools/ytt: Permission denied 3wk 3wk
kind/flake
5171 TPP Allowed Domains can cause valid certificate to error 4wk 3wk 4wk
kind/bug
area/venafi
recv
5160 Support loading controller configuration from a versioned file
5wk 3wk 3wk
help wanted
kind/feature
assigned
assignee-updated
collaborator-last
commented
5156 Issued certificate having more validity period than root certificates. 5wk 5wk 5wk
recv
5150 cert-manager-cainjector not work 5wk 5wk 5wk
kind/bug
collaborator-last
commented
send
similar
5149 topologySpreadConstraints support in helm chart
5wk 5wk 5wk
kind/feature
recv
5134 Letsencrypt acme cert challenges no longer working on AKS (nginx-ingress + cert-manager + clusterissuer + letsencrypt)
6wk 6wk 6wk
kind/bug
recv
5132 HTTP01 - Did not get expected response when querying endpoint, expected X, but got X 6wk 6wk 6wk
kind/bug
recv
5131 ingressShim doesn't supply x.509 subject fields required by our providers (TPP) policies 7wk 7wk 7wk
kind/feature
recv
5128 helm chart: add annotations and labels globally 7wk 7wk 7wk
kind/feature
recv
5120 Too many pending authorizations - On Certificate Orders 7wk 6wk 7wk
kind/bug
author-last
commented
recv
5114 Intermediate certificate is not updated in child certificate 7wk 7wk 7wk
kind/bug
recv
5106 Makefile flake when checking shasums 1mo 3d 3d
kind/bug
kind/flake
collaborator-last
commented
5098 Requested Certificates stuck in Pending 1mo 1mo 1mo
kind/bug
author-last
recv
recv-q
similar
5088 ACME Issuer should support option to write intermediate and root CAs to Ingress TLS secret 2mo 2mo 2mo
kind/feature
recv
5086 Issuing certificate as Secret does not exist 2mo 2mo 2mo
contributor-last
recv
similar
5078 Venafi unit-test are flakey when run via make 2mo 2mo
5075 Create generic middleware/wrapper for instrumenting calls to external services 2mo 2mo
5073 Allow injecting CABundle to arbitrary Custom Resources 2mo 3wk 4wk
kind/feature
author-last
commented
recv
5072 Cert-Manager auto rollout in gcloudAnthos 2mo 2mo 2mo
collaborator-last
commented
send
5069 Error presenting challenge: the server could not find the requested resource even though resource exists 2mo 6wk 2mo
kind/bug
recv
5068 cert-manager v1.9 tracking issue 2mo 2mo
5066 Threat model for cert-manager
2mo 2mo 2mo
kind/feature
collaborator-last
commented
5062 Cert-manager stops processing order request in "processing" status after several attempts 2mo 2mo 2mo
kind/bug
area/acme
author-last
commented
recv
recv-q
5042 propagation check failed: DNS record for xxx not yet propagated
2
 2mo 3wk 2mo
kind/bug
recv
recv-q
similar
5041 Failed to obtain venafi certificate: vcert error: your data contains problems: request doesn't match certificate: unmatched key modulus 2mo 5wk 2mo
kind/bug
contributor-last
recv
recv-q
5031 ValidateCAA test function is flaky 2mo 2mo 2mo
kind/bug
recv
5028 Wrong nameserver for vault clusterissuer 2mo 2mo 2mo
author-last
commented
recv
recv-q
5021 Post-release steps for 1.8 2mo 2mo
kind/cleanup
5020 `cmctl` as downloaded for 1.8.0 shows `canary` as its version
2mo 2mo 2mo
kind/bug
commented
member-last
pr-unreviewed
send
5014 Allow monitoring externally managed certificates 3mo 3d 3mo
kind/feature
lifecycle/stale
collaborator-last
recv
5005 Investigate why Contour fails with "Gateway not found in cache" in some end-to-end Prow jobs
3mo 17h 3mo
lifecycle/stale
kind/flake
collaborator-last
commented
pr-closed
5004 After installing cert-manager using kubectl, "cmctl check api" fails with "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": context deadline exceeded
4
 3mo 3wk 3wk
commented
member-last
send
similar
5000 externalName: <service-name><namespace>.svc.cluster.local 3mo 5d 3mo
kind/feature
lifecycle/stale
collaborator-last
recv
4999 Verification on 1.7.2 fails (Kubectl apply) 3mo 4d 3mo
kind/bug
lifecycle/stale
author-last
recv
4982 Cert manager issues - pod is in constant restart 3mo 11d 3mo
lifecycle/stale
collaborator-last
commented
send
4980 Waiting for DNS-01 challenge propagation: dial tcp 173.245.59.41:53: connect: connection refused 3mo 6wk 3mo
kind/bug
commented
recv-q
send
similar
4979 Overhaul the DNS01 solver
5
 3mo 9d
kind/feature
pr-closed
4959 Support AWS Auth Method for Vault 3mo 6wk 3mo
kind/feature
recv
4956 cert-manager created multiple CertificateRequest objects with the same certificate-revision
3
 3mo 3wk 3mo
kind/bug
commented
pr-merged
recv
4950 General flakiness of our end-to-end suite
2
 3mo 13h 3mo
lifecycle/stale
kind/flake
commented
pr-closed
pr-merged
4947 Custom labels/annotations in ACME solver services created by Issuer/ClusterIssuer
5
 3mo 2mo 3mo
kind/feature
recv
4945 Is there a hosts limit in the tls section of an ingress? 3mo 2wk 3mo
lifecycle/stale
collaborator-last
recv
4944 Improve testing by exporting fake.scheme 3mo 2wk 3mo
kind/feature
lifecycle/stale
collaborator-last
recv
4941 Failed to perform self check GET request 3mo 7wk 3mo
kind/bug
recv
recv-q
similar
4940 Migrate to Ginkgo 2 to get JUnit XML reports on Prow timeouts
3mo 2mo 2mo
kind/cleanup
collaborator-last
commented
open-milestone
pr-merged
send
4931 Enable Testing on ARM64 3mo 1mo 3mo
kind/feature
author-last
commented
recv
recv-q
4927 Show cert issue date and expiration date in kubectl get certificates 3mo 3wk 3mo
kind/feature
lifecycle/stale
collaborator-last
commented
send
4912 logging format json 4mo 2mo 4mo
kind/feature
contributor-last
recv
4902 Hi getting error Not ready: Internal error occurred: failed calling webhook "webhook.cert-manager.io": Post "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": Address is not allowed 4mo 6d 4mo
lifecycle/rotten
collaborator-last
commented
send
similar
4901 Error from server (InternalError): error when creating "STDIN": Internal error occurred: failed calling webhook "defaulting.webhook.provisioners.karpenter.sh": Post "https://karpenter.karpenter-fargate.svc:443/default-resource?timeout=10s": x509: certificate is valid for karpenter-webhook, karpenter-webhook.karpenter-fargate, karpenter-webhook.karpenter-fargate.svc, karpenter-webhook.karpenter-fargate.svc.cluster.local, not karpenter.karpenter-fargate.svc 4mo 2d 4mo
kind/bug
lifecycle/rotten
collaborator-last
recv
recv-q
similar
4899 Certificate.Spec.RenewEvery instead of RenewBefore 4mo 9d
kind/feature
lifecycle/rotten
collaborator-last
4896 Unable to generate self-signed pkcs12 Certificate
3
 4mo 2mo 4mo
contributor-last
recv
4895 cert manager webook certificate 4mo 10d 4mo
lifecycle/rotten
collaborator-last
recv
similar
4894 Can't create prod cert, but staging can 4mo 9d 4mo
lifecycle/rotten
collaborator-last
recv
recv-q
4893 Venafi ClusterIssuer fails to become Ready when authorize is slow
3
 4mo 2mo 2mo
kind/bug
area/venafi
commented
send
4892 Set up a permanent cert-manager installation to catch issues that only appear in long running deployments 4mo 10d 10d
kind/feature
collaborator-last
commented
4891 cert-manager cannot authenticate to vault after upgrading kubernetes to 1.21 4mo 10d 4mo
lifecycle/rotten
collaborator-last
recv
4889 error unmarshaling order: json: cannot unmarshal object into Go struct field Error.error.Err of type error 4mo 4d 4mo
kind/bug
area/acme
lifecycle/rotten
collaborator-last
commented
recv
recv-q
4884 Add a similar secretTemplate to the secret that is created by ACME Issuer
4mo 5wk 4mo
kind/feature
author-last
commented
recv
4877 HTTP01 solver fails self-check/propagation check on 1.7.1 when used with client-certificate auth on nginx Ingress 1.1.1
4mo 2mo 4mo
kind/bug
recv
recv-q
4871 LetsEncrypt Staging vs Production 4mo 9d 4mo
kind/bug
lifecycle/rotten
collaborator-last
commented
recv
4862 Cert-manager v1.7.1 suddenly stopped to work
4mo 2d 4mo
lifecycle/rotten
collaborator-last
commented
recv
recv-q
4859 Ignore ingressclass with no http01-ingress-class or provide a way to set the defaults
4mo 3wk 4mo
kind/feature
lifecycle/stale
recv
4856 Think about how we test our vendored version of Go's time.afterFunc
4mo 18d
kind/cleanup
lifecycle/rotten
collaborator-last
pr-merged
4852 error: unable to retrieve the complete list of server APIs: webhook.cert-manager.io/v1beta1: the server is currently unable to handle the request (AKS) 4mo 3wk 4mo
kind/bug
lifecycle/stale
collaborator-last
commented
send
4829 Root CA missing in tls.crt since migration from 1.2 to 1.6.1 4mo 10d 4mo
kind/bug
lifecycle/rotten
collaborator-last
commented
send
4824 Repo Migration Followup Task List
5mo 3wk
lifecycle/rotten
assigned
assignee-updated
collaborator-last
pr-merged
4821 Allow `ingressClassName` to be set for HTTP01 solver ingresses.
54
 5mo 7wk 2mo
kind/feature
area/ingress-shim
commented
pr-unreviewed
send
4797 Automatically renew certificates if OCSP indicates that it was revoked
4
 5mo 7wk 4mo
kind/feature
area/acme
author-last
commented
recv
4786 Investigate whether it would be valuable to decrease the initial backoff period for certificate issuance retries
7
 5mo 6wk 6wk
collaborator-last
commented
pr-merged
send
4774 Using the Vault Issuer with a client certificate along with Kubernetes auth
5mo 3wk
kind/feature
lifecycle/rotten
collaborator-last
pr-unreviewed
recv-q
similar
4771 Internal error for webhook server certificate has expired or is not yet valid
5mo 11d 5mo
lifecycle/stale
collaborator-last
commented
recv
recv-q
4747 Revoke Certificates
2
5
 5mo 4d 5mo
kind/feature
recv
similar
4712 Bazel -> Make Migration Tracker
4
 5mo 2d 3d
commented
member-last
pr-closed
pr-merged
4693 Pods should have seccompProfile RuntimeDefault
3
 6mo 2d 6mo
kind/bug
pr-unreviewed
recv
4685 Unexpected EOF during watch stream event decoding: unexpected EOF
6mo 2mo 6mo
lifecycle/frozen
kind/bug
contributor-last
recv
recv-q
4654 Certificates issued by vault with isCa: true are missing CA:TRUE in certificate
6mo 11d 7wk
kind/bug
commented
send
similar
4630 This issue was incorrectly autoclosed, please reopen 7mo 3d 7mo
lifecycle/rotten
collaborator-last
recv
4621 Allow Certificate secretTemplate to specify the cert-manager.io/allow-direct-injection annotation
7mo 2mo 2mo
kind/feature
commented
member-last
open-milestone
pr-closed
send
similar
4594 TLS handshake error: EOF
4
 7mo 4d 3wk
kind/bug
commented
send
4561 Ability to specify secret ownerReference as part of the Certificate request
3
 8mo 6wk 8mo
kind/feature
recv
4535 Kubernetes: x509 certificate signed by unknown authority, possibly because of ECDSA verification failure
8mo 5wk 8mo
commented
recv-q
send
4490 Subject Ingress Annotations
2
 9mo 2mo 9mo
kind/feature
author-last
pr-new-commits
recv
4454 Add certificate issuer / issuer type in prometheus metrics
8
 9mo 2mo 2mo
good first issue
help wanted
kind/feature
commented
open-milestone
pr-new-commits
recv-q
send
4423 Cert renewal loop
2
 10mo 2mo 8mo
kind/bug
author-last
commented
recv
recv-q
4410 Support configuration via operator subscription
4
 10mo 6wk 6wk
kind/feature
commented
member-last
send
4349 allowing greater configuration for the cloud provider tests
10mo 2mo 2mo
lifecycle/frozen
kind/feature
collaborator-last
commented
send
4331 Add Uninstall & Upgrade commands to `kubectl cert-manager`
10mo 2mo 2mo
kind/feature
commented
member-last
pr-closed
4246 ACME DNS Challenge and Propagation Delay (NXDOMAIN)
7
 11mo 12d 11mo
kind/bug
recv
4216 Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large 11mo 11mo 11mo
recv
4191 Setting default values for Pod's "resources"?
3
 1y 16d 4mo
lifecycle/rotten
collaborator-last
commented
send
4114 Endless Sync Loop when installing Helm Chart via ArgoCD
5
 1y 1d 7mo
kind/bug
lifecycle/rotten
collaborator-last
commented
pr-closed
send
4071 Add a default value to RevisionHistoryLimit if none is provided in the Certificate
14
 1y 2d 1y
kind/feature
lifecycle/rotten
collaborator-last
pr-new-commits
recv
recv-q
similar
3958 Sane defaults for Certificate revision history limit
9
 1y 3wk 1y
kind/feature
recv
recv-q
similar
3896 Cert Manager failing to renew certificate
17
 1y 6wk 9mo
kind/bug
commented
recv-q
send
similar
3747 Certificate issuerRef should be optional
1y 12d 1y
kind/feature
lifecycle/stale
collaborator-last
recv
3719 DNS-01 broken scenario (GCP Cloud DNS) 1y 19d 1y
kind/bug
author-last
recv
3592 Ability to not create ca.crt
2
 1y 4wk 1y
author-last
commented
recv
3565 requestmanager_controller got stuck in a loop and stopped generating new certificates afterward
12
 1y 3wk 8mo
kind/bug
commented
recv-q
send
2380 Helm chart version is not SemVer-compatible
4
 2y 6d 1y
kind/bug
author-last
commented
recv
recv-q
1006 Use descriptive text instead of alt for `feature icon` 2wk 2wk 2wk
recv
1001 Document a policy for required CI health before we can release 3wk 3wk 3wk
recv
998 Documentation venafi configuration references venafi documentation page which returns 403 3wk 3wk 3wk
recv
993 Document which resources do/do not get garbage collected 3wk 3wk 3wk
good first issue
contributor-last
recv
988 Document how feature gated fields can be added to API 5wk 5wk 5wk
recv
981 The `kubectl operator install` instructions are broken (after upgrading kubectl operator v0.3.0 -> v0.4.0) 7wk 7wk 7wk
commented
member-last
975 Some pages do not make it clear what the user should read next 1mo 1mo
974 Investigate styled 404 page 1mo 1mo
955 Document when the vault pki role required setting `require_cn=false` 2mo 2mo
944 Document how to install cert-manager in a different namespace
2
 2mo 19d 2mo
good first issue
assigned
assignee-updated
contributor-last
recv
recv-q
similar
936 Review public envvars for site 2mo 1mo 1mo
commented
member-last
931 Improve upgrade instructions using helm
2mo 2mo 2mo
recv
923 GSoD2022: Improve the navigation and structure of the cert-manager website 2mo 1mo 2mo
assigned
contributor-last
recv
similar
922 GSoD2022: Dashamir Hoxha 2mo 2mo 2mo
assigned
assignee-updated
commented
member-last
send
921 GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak 2mo 2mo 2mo
assigned
assignee-updated
commented
member-last
send
similar
899 Upgrading from v1.7 to v1.8 check command should exclude null.
2
 2mo 2mo 2mo
recv
recv-q
891 Website refresh post-merge task list
3mo 2mo
assigned
assignee-updated
pr-merged
868 Document RBAC 3mo 3mo 3mo
contributor-last
recv
similar
866 Securing NGINX-ingress 3mo 3mo 3mo
recv
similar
851 create Cilium ingress tls example
3
 4mo 11d 4mo
assigned
assignee-updated
recv
847 missing documentation/information olm based installation metric prometheus 4mo 4mo 4mo
contributor-last
recv
844 Document feature gates 4mo 4mo
similar
841 remove dependency on golang from cmctl and kubectl-plugin installation documentation
4mo 4mo 4mo
contributor-last
pr-merged
recv
recv-q
836 Syncing Secrets Across Namespaces
4mo 3mo 4mo
recv
802 Spelling errors are unclear in pull request CI results and spell checker is unmaintained
5mo 5mo
kind/bug
contributor-last
pr-merged
776 Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret 6mo 6mo 6mo
commented
member-last
send
758 API reference docs: enum values not documented with typedef 7mo 7mo 7mo
recv
746 Enable Dark mode in the docs website 8mo 8mo 8mo
recv
706 Default key usages 9mo 9mo 9mo
recv
697 [IRSA] Needs `runAsUser: 1001` 9mo 9mo 9mo
recv
693 Azure DNS pod identity incorrectly documents principal_id 10mo 10mo 10mo
commented
member-last
send
672 List required Google CloudDNS permissions exhaustively 11mo 11mo 11mo
recv
662 Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"
11mo 10mo 11mo
recv
645 Investigate & add an FAQ/warning about images rolled back after GitOps upgrade 11mo 4mo 11mo
recv
recv-q
642 Move/ link to Webhook debugging docs 11mo 11mo
similar
604 Make it so that it is easier to find the doc for fixing webhook issues 1y 2mo 1y
contributor-last
recv
583 cert-manager with ZeroSSL
38
 1y 10d 10d
commented
member-last
send
568 Add a diagram for LetsEncrypt cert issuance flow to the docs
4
 1y 1y 1y
recv
561 Certificate Resources 1y 1y 1y
recv
similar
554 HTTP Validation, privateKeySecretRef 1y 1y 1y
contributor-last
recv
549 Effort towards a more user-friendly website 1y 1y
543 Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates
4
 1y 1y 1y
commented
member-last
send
542 Document the Istio VirtualService HTTP01 configuration options 1y 1y
532 Rework of the landing page (cert-manager.io)
3
 1y 7mo 1y
help wanted
good first issue
commented
member-last
send
486 OpenShift - broken link
1y 11mo 11mo
commented
member-last
send
469 DNS01: Delegated Domains for DNS01 example yaml solvers list items 1y 1y 1y
recv
466 installation/compatiblity 1y 1y 1y
recv
457 cainjector docs are missing the option to inject certs in apiservice resources
1y 1y 1y
recv
454 Cluster Resource Namespace 1y 1y 1y
recv
426 Create a sequence diagram that shows how a certificate gets issued with let's encrypt
2
 1y 1y 1y
commented
member-last
pr-merged
425 Document ocspServers 1y 1y 1y
kind/documentation
commented
member-last
422 Page last modified date incorrect 1y 1y 1y
kind/bug
collaborator-last
commented
send
386 Uninstalling on Kubernetes - How to delete all those user created resources? 2y 2y 2y
collaborator-last
commented
send
330 Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1) 2y 2y 2y
collaborator-last
commented
send
326 Securing Ingresses with Venafi 2y 2y 2y
collaborator-last
commented
send
similar
295 Route53 2y 1y 1y
kind/documentation
commented
member-last
send
79 Design for partial automation of release process 18d 18d 18d
commented
member-last
send
50 Move cert-manager-release infrastructure to CNCF's GCP account
9mo 5mo 5mo
commented
member-last
42 Publish latest release number as part of creating a final release
10mo 10mo 10mo
commented
member-last
send
31 Move the manual steps of our release process to cmrel commands
1y 10mo 10mo
commented
member-last
pr-closed
27 Create cert-manager specific testing infrastructure
1y 9mo 9mo
assigned
assignee-updated
commented
member-last
pr-merged
send
19 Incorrect command line help: should include a --branch argument 2y 1y 1y
kind/cleanup
commented
contributor-last

Uncommented older than 7 days (92)

Resolution: Add a priority/ or triage/ label

Average age: 201.7d, Avg wait: 171.9d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4846 More than one Certificate nominating same Secret induces runaway creation of many CertificateRequests and Orders
2
 4mo 16d 4mo
kind/bug
priority/important-soon
contributor-last
recv
recv-q
4722 High memory usage on cluster with many secrets
7
 5mo 2mo 5mo
kind/bug
priority/important-soon
collaborator-last
open-milestone
recv
4653 Venafi TPP Support for Oauth 6mo 2mo 6mo
kind/feature
priority/backlog
recv
recv-q
4648 Kubernetes 1.22 Challenge stuck at pending : Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200'
2
14
 6mo 2mo 6mo
kind/bug
priority/backlog
recv
recv-q
similar
3898 Allow setting PodDisruptionBudget policies via helm chart
2
 1y 2wk 1y
kind/feature
priority/important-longterm
area/deploy
author-last
pr-closed
pr-new-commits
recv
3711 Export issued cert into AWS ACM
18
 1y 19d 1y
kind/feature
priority/backlog
lifecycle/stale
collaborator-last
recv
850 Document available cert-manager Prometheus metrics 4mo 2mo 4mo
documentation
good first issue
priority/important-longterm
contributor-last
recv
770 Helm template fails with `--create-namespace` 7mo 6mo 7mo
triage/support
contributor-last
recv
recv-q
709 Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1
9mo 8mo 9mo
good first issue
priority/important-soon
recv
551 Documentation on how to handle large-scale certificate management & best practices
2
 1y 7mo 1y
help wanted
priority/important-longterm
kind/documentation
contributor-last
recv
480 Secret gets UID added to end of name 1y 1y 1y
triage/support
contributor-last
recv
recv-q
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 2y 2y 2y
priority/backlog
kind/documentation
contributor-last
recv
56 Route53: document use of "region" field 2y 1y 2y
documentation
priority/important-longterm
contributor-last
recv
recv-q
79 previously listed items omitted

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 748.6d, Avg wait: 82.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
709 Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1
9mo 8mo 9mo
good first issue
priority/important-soon
recv
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
3
 2y 1y 2y
documentation
priority/important-soon
commented
contributor-last
262 [DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift
2y 2y 2y
kind/feature
priority/important-soon
author-last
commented
recv
recv-q
229 Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error 2y 2y
priority/important-soon
kind/documentation
contributor-last
198 Document release process 2y 2y 2y
priority/important-soon
kind/documentation
assigned
commented
member-last
send
195 Document keystores 2y 1y 2y
priority/important-soon
kind/documentation
commented
member-last
send
174 Add documentation for CRD conversion webhook ca injection 2y 2y 2y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
144 Improve webhook debugging info
2y 1y 2y
priority/important-soon
kind/documentation
commented
member-last
pr-merged
send
similar
90 Document Certificate Subject Changes 2y 1y 1y
help wanted
good first issue
priority/important-soon
collaborator-last
commented
69 SelfSignedIssuer configuration - API reference docs 2y 2y 2y
help wanted
good first issue
priority/important-soon
kind/documentation
commented
member-last
send

Important longterm, but no updates in 180 days (7)

Resolution: Downgrade to backlog

Average age: 709.2d, Avg wait: 194.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
551 Documentation on how to handle large-scale certificate management & best practices
2
 1y 7mo 1y
help wanted
priority/important-longterm
kind/documentation
contributor-last
recv
401 Bring tutorials up to date 2y 1y
priority/important-longterm
344 Add docs to explain webhooks 2y 1y
help wanted
good first issue
priority/important-longterm
contributor-last
223 Document wildcard certificate tutorial 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
178 Order of versions of cert-manager in menu 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
154 Documenting repo management process 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
56 Route53: document use of "region" field 2y 1y 2y
documentation
priority/important-longterm
contributor-last
recv
recv-q

Pull Requests: Review Ready (16)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 73.9d, Avg wait: 27.9d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4744 Trigger controller: test the trigger cases 5mo 5d 3mo
size/XL
release-note-none
approved
kind/cleanup
lifecycle/stale
dco-signoff: yes
area/testing
collaborator-last
commented
new-commits
5208 Add: Kubernetes recommanded labels 2wk 11d 12d
size/XS
release-note
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
author-last
commented
recv
unreviewed
5158 Added certificate owner ref field 5wk 12d 3wk
size/L
release-note
area/api
needs-ok-to-test
dco-signoff: yes
area/testing
area/deploy
needs-kind
author-last
commented
recv
unreviewed
4835 Making sure per fixture only 1 setup is active at the same time 4mo 18d 18d
release-note-none
kind/bug
size/M
dco-signoff: yes
area/testing
assigned
assignee-updated
commented
member-last
reviewed-with-comment
5163 Webhook dynamic serving dns names 4wk 19d 4wk
size/XS
release-note
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
contributor-last
recv
unreviewed
5054 fix webhook can not run with args of kubeconfig
2mo 3wk 2mo
size/XS
release-note-none
kind/bug
needs-ok-to-test
area/acme
dco-signoff: yes
collaborator-last
recv
unreviewed
4570 `RevisionHistoryLimit` has a default value of 25
8mo 4wk 3mo
release-note
area/api
size/M
dco-signoff: yes
ok-to-test
area/deploy
needs-kind
assigned
collaborator-last
commented
new-commits
recv
recv-q
4969 add acmeHttp01SolverImage 3mo 4wk 3mo
size/XS
release-note
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
author-last
commented
recv
recv-q
unreviewed
5093 Add relabeling and metricRelabelings settings for ServiceMonitor. 2mo 2mo 2mo
release-note
size/S
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
collaborator-last
recv
unreviewed
984 Fix zerossl tutorial path 6wk 10d 6wk
dco-signoff: yes
size/L
ok-to-test
assigned
contributor-last
recv
recv-q
unreviewed
1005 Route53 accessKeyIDSecretRef docs 3wk 3wk 3wk
size/XS
dco-signoff: yes
needs-ok-to-test
recv
similar
unreviewed
1002 Validation webhook troubleshooting: add a step by step guide 3wk 3wk
approved
dco-signoff: yes
size/XXL
unreviewed
992 Initial feature gate documentation
2
 4wk 3wk 4wk
approved
dco-signoff: yes
size/M
commented
contributor-last
recv
recv-q
reviewed-with-comment
930 update ibmcloud cis webhook link 2mo 5wk 2mo
size/XS
dco-signoff: yes
needs-ok-to-test
assigned
assignee-updated
author-last
commented
recv
unreviewed
948 add note to ingress class definition 2mo 2mo 2mo
dco-signoff: no
size/XS
needs-ok-to-test
assigned
author-last
recv
unreviewed
77 Adds .vscode to .gitignore 19d 19d 19d
dco-signoff: yes
approved
size/XS
contributor-last
recv
unreviewed

Unkinded Issues (103)

Resolution: Add a kind/ or triage/support label

Average age: 258.8d, Avg wait: 101.7d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5159 ACME account private key rotation support 5wk 3wk 3wk
triage/needs-information
collaborator-last
commented
send
4963 How do i get the root cert expiry metrics if manual issuer? 3mo 2mo 2mo
priority/awaiting-more-evidence
priority/backlog
commented
member-last
send
4948 Apply changes to test objects by patching instead of updating
3mo 2mo
priority/important-soon
area/testing
open-milestone
pr-merged
pr-unreviewed
4918 Leader election timeout (?) causes exit
4mo 5wk 2mo
priority/important-longterm
commented
recv
recv-q
4910 CNCF incubation tracking issue 4mo 16d 3mo
priority/important-soon
assigned
assignee-updated
commented
contributor-last
recv
4538 Enable new Auth methods for Vault
3
 8mo 2mo 2mo
priority/important-longterm
commented
member-last
send
4250 Support parallel DNS validation for same host
5
 11mo 1mo 7mo
priority/important-soon
area/acme/dns01
commented
open-milestone
recv
recv-q
3992 Add non-CRD yaml file
2
 1y 2mo 11mo
priority/important-soon
area/deploy
commented
open-milestone
recv
753 Route53 - AWS IAM Account Setup is confusing
7mo 2mo 2mo
priority/backlog
commented
member-last
send
459 cert manager is no longer on the OpenShift operator list 1y 2mo 1y
priority/awaiting-more-evidence
assigned
assignee-updated
commented
contributor-last
recv-q
send
354 DigitalOcean access-token should not be base64-encoded 2y 1y 2y
priority/awaiting-more-evidence
author-last
commented
recv
2 Set up periodic job to publish an experimental release build
2y 1y
priority/backlog
assigned
contributor-last
91 previously listed items omitted

Unprioritized Recent Issues (187)

Resolution: Add a priority/ or triage/ label

Average age: 185.3d, Avg wait: 67.3d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5260 In Gateway API mode, with 5+ challenge-solvers in one certificate, provisioning fails 14h 13h 14h
kind/bug
recv
5258 Update kyverno version and policies 2d 2d 2d
kind/bug
pr-unreviewed
recv
5255 Error installing on ipv6 cluster 2d 2d 2d
kind/bug
recv
5254 AKS high severity : on disabling automounting API credentials for service account installation of cert manager timesout 2d 2d 2d
kind/bug
recv
5253 Webhook FailedDiscoveryCheck failing or missing response from https://<ip>:10251/apis/webhook.cert-manager.io/v1alpha1: bad status 3d 3d 3d
kind/bug
recv
5246 Secrets are not updated when key stores added/removed 4d 4d 4d
kind/bug
recv
181 previously listed items omitted

Uncommented Recent Issues (6)

Resolution: Add a comment

Average age: 2.8d, Avg wait: 2.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
6 previously listed items omitted: #5260 #5258 #5255 #5254 #5253 #5246
New, has multiple reactions, but not important-soon: No matching items
New, has multiple commenters, but not important-soon: No matching items
needs information, has update: No matching items

Recently updated issue has a question (3)

Resolution: Add an answer

Average age: 446.5d, Avg wait: 43.2d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4889 error unmarshaling order: json: cannot unmarshal object into Go struct field Error.error.Err of type error 4mo 4d 4mo
kind/bug
area/acme
lifecycle/rotten
collaborator-last
commented
recv
recv-q
4562 GET requests for `/.well-known/acme-challenge/...` are sent to the wrong pod on cluster using K3s and Traefik
7
2
3
 8mo 4d 8mo
kind/documentation
triage/support
lifecycle/stale
assigned
assignee-updated
collaborator-last
commented
recv-q
send
2380 Helm chart version is not SemVer-compatible
4
 2y 6d 1y
kind/bug
author-last
commented
recv
recv-q
Triage Party v1.3.0