cert-manager + website + release Daily Triage

queue to be emptied once a day

Unprioritized issues older than 7 days (188)

Resolution: Add a priority/ or triage/ label

Average age: 277.2d, Avg wait: 121.2d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5756		Challenge is stuck at "Waiting for DNS-01 challenge propagation" Similar: #5752: Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200' (open) Similar: #5586: "propagation check failed" for DNS-01 ACME challenge on internal EKS-cluster (closed) Similar: #5193: Stuck on "propagation check failed" (closed) Similar: #4624: Propagation check failed when using DNS-01 (closed) Similar: #4246: ACME DNS Challenge and Propagation Delay (NXDOMAIN) (closed) Similar: #3238: Waiting for http-01 challenge propagation: failed to perform self check GET request (closed)			7d	2d	2d		kind/bug	author-last commented recv similar
5755		JKS truststore.jks not found in resulting secret in v1.11.0			7d	3d	7d		kind/bug	author-last recv
5752		Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200' Similar: #5756: Challenge is stuck at "Waiting for DNS-01 challenge propagation" (open) Similar: #3238: Waiting for http-01 challenge propagation: failed to perform self check GET request (closed) Similar: #2517: http-01 challenge propagation: wrong status code '404', expected '200' (closed)			8d	8d	8d		kind/bug	recv similar
5751		Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together			8d	1d	8d		kind/bug	recv recv-q
5750		Tag associated with Fix for pavlo-v-chernykh/keystore-go library version			8d	3d	3d		kind/feature	commented member-last pr-merged send
5741		Log which alpha/beta feature gates are enabled on controller and webhook startup			13d	11d	11d		good first issue kind/feature	assigned assignee-updated collaborator-last commented
5740		Consider splitting cmctl into a separate project and make it usable as a CLI for other cert-manager related projects			14d	14d
5717		clarification on semantic versioning			3wk	3wk	3wk			commented member-last send
5716		Certificate renewal fails during DNS challenge with Route53 Similar: #3896: Cert Manager failing to renew certificate (open)			3wk	10d	3wk		kind/bug	recv similar
5708		Cert Manager working with only example.com not with svc.cluster.local			3wk	3wk	3wk		kind/bug	collaborator-last recv
5700		Support for issuing public certs using AWS ACM and DNS verification			3wk	3wk	3wk		kind/feature	author-last recv
5699		Customize Cloudflare base url			3wk	3wk	3wk		kind/feature	contributor-last recv
5697		Support PodSecurityAdmission			3wk	3wk	3wk		kind/feature	recv
5673		Error presenting challenge: init sdk: get token: extract secret: resource name may not be empty			4wk	2wk	4wk			author-last recv
5665		Allow defining keystore password as litteral instead of SecretRef			5wk	5wk	5wk		kind/feature	recv
5664		Error: INSTALLATION FAILED: failed post-install: timed out waiting for the condition			6wk	2d	6wk		kind/bug	author-last recv recv-q
5650		provider rfc2136 send updates to top level zone Similar: #5630: provider rfc2136: updates are sent to wrong dns zone (open)			6wk	6wk	6wk		kind/bug	recv similar
5643		AdditionalOutputFormat is still in alpha			7wk	6wk	6wk		kind/feature	collaborator-last commented send
5630		provider rfc2136: updates are sent to wrong dns zone Similar: #5650: provider rfc2136 send updates to top level zone (open)			7wk	7wk	7wk			recv similar
5626		Helm: Allow configuration of readiness, liveness and startup probes for all created Pods PR#5670: feat(chart): support probes for cert-manager and cainjector changes-requested			1mo	3wk	4wk		kind/feature	author-last commented pr-changes-requested recv
5616		Allow Gateway API feature to be enabled in clusters that don't have GWAPI CRDs installed			1mo	7wk	7wk		kind/feature	collaborator-last commented pr-closed
5615		Integrate cert-manager with DigitalOcean LBs			1mo	1mo	1mo		kind/feature	recv
5611		ACME HTTP challenge pods blocked by OpenShift			2mo	4wk	2mo		kind/bug	recv
5608		Unable to inject linkerd sidecar proxy to Cert-Manager pods			2mo	2mo	2mo			author-last recv recv-q
5596		Current PSP is not sufficient to work with CSI volume			2mo	2mo	2mo		kind/bug	recv
5594		Graduate ExperimentalGatewayAPISupport feature to beta			2mo	1mo			kind/feature
5590		Configure cluster resource namespace in ClusterIssuer spec Similar: #454: Cluster Resource Namespace (open)			2mo	2mo	2mo			recv similar
5588		--must-staple attribute for OCSP Stapling			2mo	1d	2mo		good first issue kind/feature	commented recv-q send
5585		ClusterIssuer cannot read the ServiceAccount token secret			2mo	2mo	2mo		kind/bug	recv
5581		Best way to migrate a Nginx ingress to cert-manager without downtime			2mo	1mo	1mo			collaborator-last commented send
5580		Mounting emptyDir to /tmp directory (webhook)			2mo	2mo	2mo		kind/feature	author-last recv
5575		Can cert manager be used as a multi-cluster active-active certificate manager?			2mo	2mo	2mo			recv
5572		Add the possibility to use two cluster issuers in a single ingress			2mo	2mo	2mo		kind/feature	recv
5566		upload Helm charts to OCI registry and sign them with cosign		4	2mo	2mo	2mo		kind/feature	commented member-last send
5565		cert-manager aws route53 hosted zone automatically add records.			2mo	2mo	2mo			recv
5558		Will auto-renewal of the root certificate automatically renew the certificate issued by the root certificate? Similar: #4797: Automatically renew certificates if OCSP indicates that it was revoked (open)			2mo	4d	2mo			recv similar
5557		error instantiating route53 challenge solver: unable to assume role: AccessDenied: Similar: #5486: Aggressive Retries from "error instantiating route53 challenge solver" (open)		2	2mo	2mo	2mo		kind/bug	recv similar
5553		Cert manager is looking for wrong service name		2	3mo	1d	3mo		lifecycle/stale	collaborator-last recv
5549		unknown field "enabled" in io.k8s.api.core.v1.PodSecurityContext		2	3mo	6wk	3mo			recv recv-q
5548		Pod is not running due to AppArmor not Enabled			3mo	2mo	3mo			recv
5545		openssl version used			3mo	5d	3mo		lifecycle/stale	collaborator-last recv
5543		Using Azure workload identity instead of AAD Pod Identities to configure the AzureDNS DNS01 challenge.			3mo	1mo	3mo		kind/feature	recv recv-q
5540		Changelog annotations to chart			3mo	8d	3mo		kind/feature	author-last recv
5538		Unable to set IPv6 podDNS config from values			3mo	9d	3mo		kind/bug	author-last recv
5537		Left over artifacts from cert-manager Similar: #4473: Add signing for cert-manager artifacts (closed)			3mo	9d	3mo		lifecycle/stale	collaborator-last recv recv-q similar
5536		Challenge stack on self check when host is unavailable from cluster.			3mo	10d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5531		Question regarding Apigee Hybrid cert-manager webhook support with CSI driver			3mo	4d	3mo		lifecycle/stale	collaborator-last recv
5527		Allow to add out-of-tree signers for cert-manager to approve.			3mo	14d	3mo		kind/feature lifecycle/stale	collaborator-last recv
5526		Separate section for breaking changes in release notes			3mo	15d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5524		cert-manager v1.10.0 always tries to access clusterissuers at cluster scope			3mo	2mo	3mo		kind/bug	recv recv-q
5521		Webhook Pod HealthCheck Port is missing in Webhook PSP			3mo	15d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5520		CrashLoopBackOff after restart of all deployments			3mo	9d	3mo		kind/bug lifecycle/stale	collaborator-last recv recv-q
5516		Forbidden: seccomp may not be set pod.metadata.annotations		8	3mo	3wk	3mo		kind/bug	author-last recv
5515		stuck on propagation check failed DNS record not yet propagated Similar: #5415: DNS record for xxx not yet propagated. can we use cloudflare for acme challenge and custom ns for propagation check? (closed) Similar: #5193: Stuck on "propagation check failed" (closed) Similar: #5042: propagation check failed: DNS record for xxx not yet propagated (closed) Similar: #4624: Propagation check failed when using DNS-01 (closed)			3mo	16d	3mo		kind/bug	contributor-last recv similar
5514		Venafi Issuer Read `caBundle` from Configmap or Secret			3mo	10d	3mo		kind/feature	contributor-last recv
5513		Deploy of cert-manager-webhook/cainjector:v1.9.1 got permission error Similar: #3281: cert-manager-cainjector and cert-manager-webhook pods are not running properly (closed)			3mo	10d	3mo		kind/bug lifecycle/stale	collaborator-last recv recv-q similar
5512		GoogleCloud API call failed: googleapi: Error 403: Permission denied on resource project $PROJECT_ID			3mo	2wk	3mo		kind/bug lifecycle/stale	collaborator-last recv
5509		Label cert-manager managed objects with 'app.kubernetes.io/managed-by'			3mo	3wk	3mo		kind/feature lifecycle/stale	collaborator-last recv
5508		is it possible to create k8s tls secret when I store crt and key into vault?			3mo	3wk	3mo		lifecycle/stale	collaborator-last recv
5507		CA provider authentication of issuer via certificate			3mo	3wk	3mo		kind/feature lifecycle/stale	collaborator-last recv
5503		cert-manager sub-chart documentation			3mo	3wk	3mo		lifecycle/stale	collaborator-last recv
5499		Failed to create CertificateRequest: admission webhook "webhook.cert-manager.io" denied the request			3mo	3wk	3mo		kind/bug lifecycle/stale	collaborator-last commented send
5494		Adding Custom extensions to certificates, the Subject Alternative Name (SAN) extension criticality ( OID = 2.5.29.17 )			3mo	4wk	3mo		kind/feature lifecycle/stale	collaborator-last recv
5488		Add support for creating pki secret engine in Vault			4mo	4wk	4mo		kind/feature lifecycle/stale	collaborator-last recv
5486		Aggressive Retries from "error instantiating route53 challenge solver" Similar: #5557: error instantiating route53 challenge solver: unable to assume role: AccessDenied: (open)			4mo	1d	4mo		kind/bug	recv similar
5482		Implement support for hooks that get triggered after issuing or renewing certificates			4mo	21h	4mo		kind/feature lifecycle/rotten	collaborator-last recv
5481		Need metrics for DNS01 Challenges			4mo	16d	4mo		kind/feature lifecycle/stale	collaborator-last recv
5480		Route53 solver's STS certificate chain is not being trusted by the cert-manager pod			4mo	2d	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5479		Could not determine authoritative nameservers for \"_acme-challenge.XXX.com.		2	4mo	3d	4mo		lifecycle/rotten	collaborator-last recv recv-q
5472		Ability to check Venafi API parameter in log			4mo	5d	4mo		kind/feature lifecycle/rotten	collaborator-last recv
5470		Waiting on certificate issuance from order default/nginx-app-tls-z9xlj-2268860154: "pending" Issuing certificate as Secret does not exist			4mo	6d	4mo		lifecycle/rotten	collaborator-last recv recv-q
5467		External Key Generator			4mo	9d	4mo		kind/feature lifecycle/rotten	collaborator-last recv
5455		Support assuming role for route53 in AWS China (and other partitions)			4mo	14d	4mo		kind/feature lifecycle/rotten	collaborator-last recv
5454		make setup-integration-tests fail			4mo	5d	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5449		Gateway API exist, still getting error "the Gateway API CRDs do not seem to be present"			4mo	15d	4mo		lifecycle/rotten	collaborator-last recv
5448		how to disabled serverSideApply		2	4mo	17d	4mo		help wanted lifecycle/stale	collaborator-last recv
5439		setting certificate attributes in certificate resources Similar: #561: Certificate Resources (open)			4mo	7d	4mo		kind/feature lifecycle/rotten	collaborator-last commented send similar
5437		Issuer/ClusterIssuer support to specify vault token on local filesystem PR#5438: Add option tokenPath to Vault (cluster)issuer unreviewed			4mo	9d	4mo		lifecycle/stale	collaborator-last pr-unreviewed recv recv-q
5435		Issuer/ClusterIssuer vault with mounted JWT token			4mo	2wk	4mo		lifecycle/rotten	collaborator-last recv
5434		v1.7.3 still having "expired challenges" issue			4mo	2wk	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5433		Support certs that live for < 1h		3	4mo	7wk	4mo		kind/feature	author-last recv
5432		Certificate renewed but not the linked secret			4mo	7wk	4mo		kind/bug	contributor-last recv recv-q
5431		After generating a new Let's Encrypt certificate, it still uses the default cluster certificate.			4mo	14d	4mo		lifecycle/rotten	recv
5430		Improving DNS-01 challenge performance PR#5446: Allow concurrent same-FQDN DNS-01 challenges when using route53 commented PR#5447: Allow extra DNS-01 propagation time to be configured unreviewed			4mo	7wk	4mo		kind/feature	pr-reviewed-with-comment pr-unreviewed recv
5428		[Helm chart] Cert-manager's metrics can't be added to grafana data soource			4mo	3wk	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5359		Packaging cert-manager with Carvel		4	6mo	2wk	4mo		kind/feature lifecycle/rotten	collaborator-last commented send
5298		Complete the Migration Away From Jetstack Names			6mo	7wk	7wk		kind/cleanup	collaborator-last commented
5267		cm-acme-http-solver triggers no.scale.down.node.pod.not.backed.by.controller due to lack of PodDisruptionBudget		7	7mo	4wk	7mo		kind/bug	contributor-last recv
5230		Timeouts on Every Controller Reconcile Loop			7mo	2mo	2mo		kind/bug	commented member-last pr-merged
5220		Investigate improving resource consumption and performance in clusters with large amount of resources PR#5639: Design: reduce cert-manager controller's memory consumption new-commits		9	7mo	2mo	3mo		kind/feature	commented pr-new-commits recv-q
5211		Question about tolerations			7mo	19d	7mo		lifecycle/rotten	collaborator-last recv
5197		cert-manager-webhook to provide logs when handling a k8s api-server request		2	7mo	3d	7mo		good first issue help wanted kind/feature	assigned assignee-updated author-last commented recv
5171		TPP Allowed Domains can cause valid certificate to error			8mo	4wk	8mo		kind/bug area/venafi	contributor-last recv
5069		Error presenting challenge: the server could not find the requested resource even though resource exists			9mo	5wk	9mo		kind/bug	recv
5066		Threat model for cert-manager			9mo	2mo	9mo		kind/feature	commented
5062		Cert-manager stops processing order request in "processing" status after several attempts			9mo	2mo	2mo		kind/bug area/acme	author-last commented recv
5031		ValidateCAA test function is flaky			10mo	18h	18h		kind/bug kind/flake flake/test-logic	commented member-last send
4979		Overhaul the DNS01 solver		5	10mo	6wk			kind/feature	pr-closed
4959		Support AWS Auth Method for Vault PR#5530: Added support for using env config for configuring Vault issuer. unreviewed			10mo	16d	10mo		kind/feature lifecycle/rotten	collaborator-last pr-unreviewed recv
4956		cert-manager created multiple CertificateRequest objects with the same certificate-revision		2 2 3	10mo	4wk	10mo		kind/bug	commented pr-closed pr-merged recv recv-q
4950		General flakiness of our end-to-end suite		3	10mo	7mo	7mo		lifecycle/frozen kind/flake	commented member-last pr-closed pr-merged send
4947		Custom labels/annotations in ACME solver services created by Issuer/ClusterIssuer		7	10mo	3wk	10mo		kind/feature lifecycle/rotten	collaborator-last recv
4931		Enable Testing on ARM64			11mo	6wk	10mo		kind/feature	author-last commented recv recv-q
4899		Certificate.Spec.RenewEvery instead of RenewBefore			11mo	23h	6mo		kind/feature lifecycle/stale	collaborator-last commented
4877		HTTP01 solver fails self-check/propagation check on 1.7.1 when used with client-certificate auth on nginx Ingress 1.1.1			11mo	2mo	11mo		kind/bug	author-last recv recv-q
4824		Repo Migration Followup Task List			1y	16d	16d			assigned assignee-updated commented member-last pr-merged
4821		Allow `ingressClassName` to be set for HTTP01 solver ingresses. PR#5225: Add flag to allow switching ingressClassName specification unreviewed		5 114	1y	6wk	9mo		kind/feature area/ingress-shim	commented pr-unreviewed recv-q send
4797		Automatically renew certificates if OCSP indicates that it was revoked Similar: #5558: Will auto-renewal of the root certificate automatically renew the certificate issued by the root certificate? (open)		6	1y	2mo	1y		kind/feature area/acme	commented contributor-last recv similar
4685		Unexpected EOF during watch stream event decoding: unexpected EOF		5	1y	1mo	1y		lifecycle/frozen kind/bug	recv recv-q
4594		TLS handshake error: EOF		14	1y	7wk	7mo		kind/bug	commented recv-q send
4561		Ability to specify secret ownerReference as part of the Certificate request		3	1y	4wk	1y		kind/feature	recv
4423		Cert renewal loop		2	1y	3wk	1y		kind/bug	author-last commented recv recv-q
4349		allowing greater configuration for the cloud provider tests			1y	9mo	9mo		lifecycle/frozen kind/feature	collaborator-last commented send
4216		Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large			2y	3wk	2y		lifecycle/stale	collaborator-last recv
3958		Sane defaults for Certificate revision history limit		10	2y	2mo	2mo		kind/feature	commented recv-q send
3896		Cert Manager failing to renew certificate Similar: #5716: Certificate renewal fails during DNS challenge with Route53 (open)		17	2y	2mo	1y		kind/bug	commented recv-q send similar
3592		Ability to not create ca.crt		2	2y	19h	2y		lifecycle/stale	collaborator-last commented recv
3565		requestmanager_controller got stuck in a loop and stopped generating new certificates afterward		13	2y	12d	1y		kind/bug lifecycle/rotten	collaborator-last commented recv-q send
2380		Helm chart version is not SemVer-compatible		5	3y	2mo	2y		kind/bug	author-last commented recv recv-q
1168		Rendering issues for generated API docs			13d	9d	9d			commented member-last pr-merged
1159		Why the sample issuer still uses kubebuilder version 2 ?			18d	18d	18d			recv
1132		New version of adcs-issuer			6wk	16d	16d			commented member-last send
1125		Describe cert-manager feature policy			1mo	3wk	1mo			contributor-last recv recv-q
1101		Feature request for updating documentation.			2mo	2mo	2mo			recv
1063		"Securing Ingresses with Venafi" tutorial contains link to missing manifest			5mo	5mo	5mo			author-last pr-merged recv
1062		Document process for offboarding maintainers Similar: #1061: Document onboarding process for new maintainers (open)			5mo	5mo	5mo			recv similar
1061		Document onboarding process for new maintainers Similar: #1062: Document process for offboarding maintainers (open)			5mo	5mo	5mo			recv similar
1054		Run spell checker in a pre-commit hook			5mo	5mo	5mo		good first issue kind/cleanup	recv
1006		Use descriptive text instead of alt for `feature icon`			7mo	7mo	7mo			recv
1001		Document a policy for required CI health before we can release			7mo	7mo	7mo			recv
998		Documentation venafi configuration references venafi documentation page which returns 403			8mo	5mo	8mo			contributor-last recv
993		Document which resources do/do not get garbage collected			8mo	8mo	8mo		good first issue	contributor-last recv
988		Document how feature gated fields can be added to API			8mo	8mo	8mo			recv
981		The `kubectl operator install` instructions are broken (after upgrading kubectl operator v0.3.0 -> v0.4.0)			8mo	8mo	8mo			commented member-last
975		Some pages do not make it clear what the user should read next			9mo	9mo
974		Investigate styled 404 page			9mo	9mo
955		Document when the vault pki role required setting `require_cn=false`			9mo	3mo
944		Document how to install cert-manager in a different namespace		2	9mo	7mo	9mo		good first issue	assigned assignee-updated contributor-last recv recv-q
931		Improve upgrade instructions using helm			9mo	9mo	9mo			recv
923		GSoD2022: Improve the navigation and structure of the cert-manager website Similar: #921: GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak (open)			9mo	9mo	9mo			assigned contributor-last recv similar
922		GSoD2022: Dashamir Hoxha			9mo	9mo	9mo			assigned assignee-updated commented member-last send
921		GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak Similar: #923: GSoD2022: Improve the navigation and structure of the cert-manager website (open)			9mo	9mo	9mo			assigned assignee-updated commented member-last send similar
899		Upgrading from v1.7 to v1.8 check command should exclude null.		2	10mo	9mo	10mo			recv recv-q
868		Document RBAC Similar: #844: Document feature gates (open)			10mo	10mo	10mo			contributor-last recv similar
866		Securing NGINX-ingress Similar: #326: Securing Ingresses with Venafi (open)			10mo	10mo	10mo			recv similar
851		create Cilium ingress tls example		3	11mo	7mo	11mo			assigned assignee-updated recv
847		missing documentation/information olm based installation metric prometheus			11mo	11mo	11mo			contributor-last recv
844		Document feature gates Similar: #868: Document RBAC (open)			1y	1y				similar
841		remove dependency on golang from cmctl and kubectl-plugin installation documentation			1y	1y	1y			contributor-last pr-merged recv recv-q
836		Syncing Secrets Across Namespaces			1y	10mo	1y			recv
802		Spelling errors are unclear in pull request CI results and spell checker is unmaintained			1y	1y			kind/bug	contributor-last pr-merged
776		Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret			1y	1y	1y			commented member-last send
758		API reference docs: enum values not documented with typedef			1y	1y	1y			recv
746		Enable Dark mode in the docs website			1y	1y	1y			recv
706		Default key usages			1y	1y	1y			recv
697		[IRSA] Needs `runAsUser: 1001`			1y	1y	1y			recv
693		Azure DNS pod identity incorrectly documents principal_id			1y	1y	1y			commented member-last send
672		List required Google CloudDNS permissions exhaustively			2y	2y	2y			recv
662		Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"			2y	1y	2y			recv
645		Investigate & add an FAQ/warning about images rolled back after GitOps upgrade			2y	11mo	2y			recv recv-q
642		Move/ link to Webhook debugging docs Similar: #144: Improve webhook debugging info (open)			2y	2y				similar
604		Make it so that it is easier to find the doc for fixing webhook issues			2y	9mo	2y			contributor-last recv
583		cert-manager with ZeroSSL		44	2y	7mo	7mo			commented send
568		Add a diagram for LetsEncrypt cert issuance flow to the docs		4	2y	2y	2y			recv
561		Certificate Resources Similar: #5439: setting certificate attributes in certificate resources (open) Similar: #4747: Revoke Certificates (closed)			2y	2y	2y			recv similar
554		HTTP Validation, privateKeySecretRef			2y	2y	2y			contributor-last recv
549		Effort towards a more user-friendly website			2y	2y
543		Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates		4	2y	2y	2y			commented member-last send
542		Document the Istio VirtualService HTTP01 configuration options			2y	2y
532		Rework of the landing page (cert-manager.io)		3	2y	1y	2y		help wanted good first issue	commented member-last send
486		OpenShift - broken link			2y	2y	2y			commented member-last send
469		DNS01: Delegated Domains for DNS01 example yaml solvers list items			2y	2y	2y			recv
466		installation/compatiblity			2y	2y	2y			recv
457		cainjector docs are missing the option to inject certs in apiservice resources			2y	2y	2y			recv
454		Cluster Resource Namespace Similar: #5590: Configure cluster resource namespace in ClusterIssuer spec (open)			2y	2y	2y			recv similar
426		Create a sequence diagram that shows how a certificate gets issued with let's encrypt		2	2y	2y	2y			commented member-last pr-merged
425		Document ocspServers			2y	2y	2y		kind/documentation	commented member-last
422		Page last modified date incorrect			2y	2y	2y		kind/bug	collaborator-last commented send
386		Uninstalling on Kubernetes - How to delete all those user created resources?			2y	2y	2y			collaborator-last commented send
330		Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1)			2y	2y	2y			collaborator-last commented send
326		Securing Ingresses with Venafi Similar: #866: Securing NGINX-ingress (open)			2y	2y	2y			collaborator-last commented send similar
295		Route53			2y	2y	2y		kind/documentation	commented member-last send
79		Design for partial automation of release process			7mo	7mo	7mo			commented member-last send
50		Move cert-manager-release infrastructure to CNCF's GCP account			1y	1y	1y			commented member-last
42		Publish latest release number as part of creating a final release			1y	1y	1y			commented member-last send
31		Move the manual steps of our release process to cmrel commands			2y	1y	1y			commented member-last pr-closed
27		Create cert-manager specific testing infrastructure			2y	1y	1y			assigned assignee-updated commented member-last pr-merged send
19		Incorrect command line help: should include a --branch argument			2y	2y	2y		kind/cleanup	commented contributor-last

Uncommented older than 7 days (128)

Resolution: Add a priority/ or triage/ label

Average age: 241.5d, Avg wait: 212.5d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
4722		High memory usage on cluster with many secrets		10	1y	4d	1y		kind/bug priority/important-soon	recv recv-q
3898		Allow setting PodDisruptionBudget policies via helm chart PR#3931: Added PodDisruptionBudgets to helm chart approved		3	2y	7wk	2y		kind/feature priority/important-longterm area/deploy	author-last pr-approved pr-closed recv
3655		Specify Name Constraints in CA Certificate		9	2y	4wk	2y		kind/feature priority/backlog	contributor-last recv
850		Document available cert-manager Prometheus metrics			11mo	9mo	11mo		documentation good first issue priority/important-longterm	contributor-last recv
770		Helm template fails with `--create-namespace`			1y	1y	1y		triage/support	contributor-last recv recv-q
709		Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1			1y	1y	1y		good first issue priority/important-soon	recv
551		Documentation on how to handle large-scale certificate management & best practices		2	2y	1y	2y		help wanted priority/important-longterm kind/documentation	contributor-last recv
480		Secret gets UID added to end of name			2y	2y	2y		triage/support	contributor-last recv recv-q
76		Upgrading from v0.10 to v0.11 - missing cainjector annotation			3y	2y	3y		priority/backlog kind/documentation	contributor-last recv
56		Route53: document use of "region" field			3y	2y	3y		documentation priority/important-longterm	contributor-last recv recv-q
118 previously listed items omitted

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 962.9d, Avg wait: 125.5d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
709		Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1			1y	1y	1y		good first issue priority/important-soon	recv
320		Document how to install cert-manager using gitops and known issues with particular gitops implementations		3	2y	2y	2y		documentation priority/important-soon	commented contributor-last
262		[DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift			2y	2y	2y		kind/feature priority/important-soon	author-last commented recv recv-q
229		Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error			2y	2y			priority/important-soon kind/documentation	contributor-last
198		Document release process			2y	2y	2y		priority/important-soon kind/documentation	assigned commented member-last send
195		Document keystores			2y	2y	2y		priority/important-soon kind/documentation	commented member-last send
174		Add documentation for CRD conversion webhook ca injection			2y	2y	2y		help wanted priority/important-soon kind/documentation	commented member-last send
144		Improve webhook debugging info Similar: #642: Move/ link to Webhook debugging docs (open)			2y	2y	2y		priority/important-soon kind/documentation	commented member-last pr-merged send similar
90		Document Certificate Subject Changes			3y	2y	2y		help wanted good first issue priority/important-soon	collaborator-last commented
69		SelfSignedIssuer configuration - API reference docs			3y	2y	2y		help wanted good first issue priority/important-soon kind/documentation	commented member-last send

Important longterm, but no updates in 180 days (9)

Resolution: Downgrade to backlog

Average age: 892.5d, Avg wait: 230.8d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
2178		Handling 'unregistering' certificates from Venafi TPP		11	3y	1y	2y		lifecycle/frozen kind/feature priority/important-longterm area/venafi	commented recv-q send
401		Bring tutorials up to date			2y	2y			priority/important-longterm
344		Add docs to explain webhooks			2y	2y			help wanted good first issue priority/important-longterm	contributor-last
223		Document wildcard certificate tutorial			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
178		Order of versions of cert-manager in menu			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
154		Documenting repo management process			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
3 previously listed items omitted: #850 #551 #56

Pull Requests: Review Ready (14)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 202.2d, Avg wait: 85.1d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5093		Add relabeling and metricRelabelings settings for ServiceMonitor.			9mo	2d	9mo		release-note size/S needs-ok-to-test lifecycle/stale dco-signoff: yes area/deploy needs-kind	assigned recv recv-q unreviewed
5761		feat: Add option to allow filtering DNS Names by ACME Challenge solvers			4d	4d	4d		size/L release-note-none area/api needs-ok-to-test area/acme dco-signoff: yes needs-kind	author-last recv unreviewed
5747		BUGFIX: if a LiteralSubject is set, the RequestMatchesSpec function does skip too many checks			9d	6d			release-note-none approved kind/bug kind/cleanup kind/design kind/documentation kind/feature size/M dco-signoff: yes	collaborator-last unreviewed
5701		feat: added custom endpoint override flag for http solver			3wk	3wk	3wk		release-note kind/feature needs-ok-to-test size/M area/acme dco-signoff: yes area/acme/http01	recv recv-q unreviewed
5686		Add missing healthz port to PSP in Helm Chart when hostNetwork is used			4wk	4wk	4wk		size/XS release-note needs-ok-to-test dco-signoff: yes area/deploy needs-kind	collaborator-last recv unreviewed
4330		Add client certificate auth method for Vault issuer			2y	6wk	9mo		release-note size/XL area/api kind/feature area/acme area/vault dco-signoff: yes area/testing ok-to-test area/deploy	collaborator-last commented recv recv-q unreviewed
5447		Allow extra DNS-01 propagation time to be configured			4mo	6wk	4mo		release-note size/S area/acme dco-signoff: yes ok-to-test area/acme/dns01 needs-kind	author-last commented recv unreviewed
5324		Create 20220720-per-certificate-owner-ref.md Similar: #5158: Added certificate owner ref field (open)		5	6mo	7wk	4mo		size/L release-note-none approved kind/design dco-signoff: yes	commented contributor-last recv-q reviewed-with-comment similar
3931		Added PodDisruptionBudgets to helm chart		3 15	2y	2mo	3mo		size/L release-note approved kind/feature dco-signoff: yes ok-to-test area/deploy	approved assigned assignee-updated commented recv recv-q
992		Initial feature gate documentation		9	8mo	13d	8mo		approved dco-signoff: yes size/L	commented contributor-last new-commits recv recv-q
1071		Improved the summary on the docs homepage		2	4mo	4mo	4mo		approved dco-signoff: yes size/S	commented contributor-last new-commits recv-q
1005		Route53 accessKeyIDSecretRef docs			7mo	7mo	7mo		size/XS dco-signoff: yes needs-ok-to-test	recv unreviewed
948		add note to ingress class definition			9mo	9mo	9mo		dco-signoff: no size/XS needs-ok-to-test	assigned author-last recv unreviewed
112		Bump helm.sh/helm/v3 from 3.9.4 to 3.10.3			7wk	7wk	7wk		dco-signoff: yes needs-ok-to-test size/L dependencies	contributor-last recv unreviewed

Unkinded Issues (108)

Resolution: Add a kind/ or triage/support label

Average age: 380.9d, Avg wait: 182.8d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5773		add support for encrypted Private keys in PKCS8 format			1d	1d	1d			recv
5735		context deadline exceeded			15d	15d	15d		triage/needs-information	collaborator-last commented send
4918		Leader election timeout (?) causes exit		2	11mo	3wk	9mo		priority/important-longterm	commented recv recv-q
3992		Add non-CRD yaml file		2	2y	3wk	2y		priority/important-soon area/deploy	author-last commented recv
1174		Document the docker images and how to find them			3d	3d	3d			recv
753		Route53 - AWS IAM Account Setup is confusing			1y	9mo	9mo		priority/backlog	commented member-last send
459		cert manager is no longer on the OpenShift operator list			2y	9mo	2y		priority/awaiting-more-evidence	assigned assignee-updated commented contributor-last recv-q send
354		DigitalOcean access-token should not be base64-encoded			2y	2y	2y		priority/awaiting-more-evidence	author-last commented recv
2		Set up periodic job to publish an experimental release build			2y	2y			priority/backlog	assigned contributor-last
99 previously listed items omitted

Unprioritized Recent Issues (196)

Resolution: Add a priority/ or triage/ label

Average age: 266.0d, Avg wait: 116.3d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5775		ACME idnomic			34min	34min	34min		kind/bug	recv
5774		Add descriptions for container image repos			19h	19h			good first issue kind/documentation
5772		Develop new Helm chart for cert-manager CRD manifests			1d	1d	1d		kind/feature	recv
5771		Certificate issue problems not reported back to user, Ingress `status` field does not show errors			1d	1d	1d		kind/feature	recv
5767		force renew others when root cert renews			3d	3d	3d		kind/feature	recv
5760		Feature/Bug: Filter Ingress Url by ACME Solvers PR#5761: feat: Add option to allow filtering DNS Names by ACME Challenge solvers unreviewed			4d	4d	4d		kind/bug kind/feature	pr-unreviewed recv
190 previously listed items omitted

Uncommented Recent Issues (7)

Resolution: Add a comment

Average age: 2.5d, Avg wait: 2.4d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
7 previously listed items omitted: #5775 #5773 #5772 #5771 #5767 #5760 #1174

New, has multiple reactions, but not important-soon: No matching items

New, has multiple commenters, but not important-soon: No matching items

needs information, has update: No matching items

Unprioritized issues older than 7 days (188)

Resolution: Add a priority/ or triage/ label

Average age: 277.2d, Avg wait: 121.2d

Uncommented older than 7 days (128)

Resolution: Add a priority/ or triage/ label

Average age: 241.5d, Avg wait: 212.5d

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 962.9d, Avg wait: 125.5d

Important longterm, but no updates in 180 days (9)

Resolution: Downgrade to backlog

Average age: 892.5d, Avg wait: 230.8d

Pull Requests: Review Ready (14)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 202.2d, Avg wait: 85.1d

Unkinded Issues (108)

Resolution: Add a kind/ or triage/support label

Average age: 380.9d, Avg wait: 182.8d

Unprioritized Recent Issues (196)

Resolution: Add a priority/ or triage/ label

Average age: 266.0d, Avg wait: 116.3d

Uncommented Recent Issues (7)

Resolution: Add a comment

Average age: 2.5d, Avg wait: 2.4d

Recently updated issue has a question (3)

Resolution: Add an answer

Average age: 213.0d, Avg wait: 146.7d