cert-manager + website + release Daily Triage

queue to be emptied once a day

Unprioritized issues older than 7 days (185)

Resolution: Add a priority/ or triage/ label

Average age: 203.2d, Avg wait: 76.7d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5359		Packaging cert-manager with Carvel			10d	9d	10d		kind/feature	recv
5357		Support ECDSA keys for ACME accounts PR#5356: Allow ECDSA for ACME client keys unreviewed			11d	11d	11d		kind/feature	pr-unreviewed recv
5355		Make the Helm chart container names unique to help troubleshoot			12d	12d	12d		kind/feature	recv
5349		Cannot install cert-manager with helm - Download failed - problem with Jetstack website			13d	11d	13d		kind/bug	recv recv-q
5348		Question: usage of an own acmedns api without /update endpoint			14d	14d	14d			recv
5347		Got error:0A00010B:SSL routines::wrong version number			16d	16d	16d		kind/bug	author-last recv
5344		metrics for failed calls to cloudflare			18d	18d	18d		kind/feature	recv
5326		Add ability to configure podTemplate securityContext fields in http solver			3wk	9d	3wk		kind/feature	recv
5316		Cert-manager shuts down without warning due to secret timeout			3wk	3wk	3wk		kind/bug	author-last recv recv-q
5310		Install cert-manager: error bounded in resource existing			3wk	3wk	3wk			recv
5304		`ParentRef` doesn't exists on newer versions of `gatewayAPI` PR#5305: :bug: fix #5304 / upgrade dependencies unreviewed			4wk	4wk	4wk		kind/bug	assigned assignee-updated author-last pr-unreviewed recv
5301		Error from server: request to convert CR from an invalid group/version: acme.cert-manager.io/v1alpha2			4wk	4wk	4wk			author-last recv
5298		Complete the Migration Away From Jetstack Names			4wk	4wk			kind/cleanup
5297		Failed to update endpoint cert-manager/cert-manager-webhook			4wk	3wk	4wk			recv
5296		Make caching			4wk	4wk			kind/bug
5293		helm inflator kustomize not same result as helm install			4wk	4wk	4wk		kind/bug	author-last recv recv-q
5284		Challenge remain pending and does't rerun after I delegate dns zone			5wk	5wk	5wk		kind/bug	recv
5283		DNS Challenges Not Added to Specified Ingress Despite Specifying in ACME ClusterIssuer Manifest			5wk	5wk	5wk		kind/bug	recv
5280		Update the Helm `kubeVersion` field to `1.20.0-0`, the minimum supported version since cert-manager 1.9			5wk	5wk			kind/cleanup
5279		cainjector is watching secrets in all the cluster even after setting --namespace flag			5wk	5wk	5wk		kind/bug	collaborator-last commented send
5278		Add Support for Contour HttpProxy (proof of concept included)			5wk	5wk	5wk		kind/feature	collaborator-last commented send
5274		Provide the ability to recover a Certificate request from an Error state		2	5wk	5wk	5wk		kind/feature	recv
5268		error decoding private key			5wk	5wk	5wk		kind/bug	recv
5267		cm-acme-http-solver triggers no.scale.down.node.pod.not.backed.by.controller due to lack of PodDisruptionBudget			5wk	5wk	5wk		kind/bug	recv
5265		Failed to determine a valid solver configuration for the set of domains on the Order			5wk	5wk	5wk			recv
5263		Test setup flake: go not found			5wk	5wk			kind/flake flake/test-setup
5262		Test setup flake: untaring go fails			5wk	5wk			kind/flake flake/test-setup
5260		In Gateway API mode, with 5+ challenge-solvers in one certificate, provisioning fails			5wk	5wk	5wk		kind/bug	recv
5255		Error installing on ipv6 cluster			6wk	6wk	6wk		kind/bug	recv
5254		AKS high severity : on disabling automounting API credentials for service account installation of cert manager timesout			6wk	19d	6wk		kind/bug	author-last recv
5253		Webhook FailedDiscoveryCheck failing or missing response from https://<ip>:10251/apis/webhook.cert-manager.io/v1alpha1: bad status			6wk	6wk	6wk		kind/bug	recv
5246		Secrets are not updated when key stores added/removed			6wk	6wk	6wk		kind/bug	recv
5238		no wait time between challenge requeues			7wk	7wk	7wk		kind/bug	recv
5230		Timeouts on Every Controller Reconcile Loop			7wk	7wk			kind/bug	pr-merged
5229		Add option to select CADN from yaml file for Venafi TPP requests			7wk	7wk	7wk		kind/feature	recv
5223		cert-manager reporting and alerting			1mo	1mo	1mo		kind/feature	recv
5220		Investigate improving resource consumption and performance in clusters with large amount of resources		4	1mo	1mo	1mo		kind/feature	assigned assignee-updated collaborator-last commented
5218		Install SSL certificate on CertManager container image Similar: #3896: Cert Manager failing to renew certificate (open)			1mo	1mo	1mo			recv similar
5215		Add relabeling in cert-manager serviceMonitor			1mo	1mo	1mo		kind/feature	author-last commented recv recv-q
5211		Question about tolerations			2mo	2mo	2mo			recv
5210		Use instrumentedclient when performing credential verifications for Venafi client			2mo	2mo	2mo		kind/bug	pr-closed recv
5201		Periodically perform readiness checks for issuers			2mo	7wk	7wk		kind/bug	collaborator-last commented pr-closed pr-merged send
5198		Integration test flake: various timeouts			2mo	5wk			kind/flake flake/test-logic
5197		cert-manager-webhook to provide logs when handling a k8s api-server request		2	2mo	2mo	2mo		good first issue help wanted kind/feature	assigned assignee-updated collaborator-last commented send
5193		Stuck on "propagation check failed" Similar: #5042: propagation check failed: DNS record for xxx not yet propagated (open)			2mo	2mo	2mo		kind/bug area/acme	collaborator-last commented pr-merged send similar
5182		e2e flake: etcd request slowness			2mo	5wk			kind/flake flake/test-logic
5180		e2e flake: webhook context deadline exceeded			2mo	5wk	2mo		kind/flake flake/test-logic	collaborator-last commented
5179		e2e flake: Message: "admission webhook \"webhook.cert-manager.io\" denied the request: the server could not find the requested resource"			2mo	5wk	2mo		kind/flake flake/test-logic	collaborator-last commented
5178		e2e flake: mv: cannot stat 'bin/downloaded/tools/crane': No such file or directory			2mo	5wk	5wk		kind/flake flake/test-setup	commented member-last send
5177		e2e flake: /bin/bash: bin/tools/ytt: Permission denied			2mo	5wk			kind/flake flake/test-setup
5171		TPP Allowed Domains can cause valid certificate to error			2mo	2mo	2mo		kind/bug area/venafi	recv
5160		Support loading controller configuration from a versioned file			2mo	2mo	2mo		help wanted kind/feature	assigned assignee-updated collaborator-last commented
5156		Issued certificate having more validity period than root certificates.			2mo	2mo	2mo			recv
5150		cert-manager-cainjector not work			2mo	2mo	2mo		kind/bug	collaborator-last commented send
5149		topologySpreadConstraints support in helm chart		2	2mo	2mo	2mo		kind/feature	recv
5134		Letsencrypt acme cert challenges no longer working on AKS (nginx-ingress + cert-manager + clusterissuer + letsencrypt)		2	2mo	2mo	2mo		kind/bug	recv
5132		HTTP01 - Did not get expected response when querying endpoint, expected X, but got X			2mo	2mo	2mo		kind/bug	recv
5131		ingressShim doesn't supply x.509 subject fields required by our providers (TPP) policies			3mo	2d	3mo		kind/feature lifecycle/stale	collaborator-last recv
5128		helm chart: add annotations and labels globally			3mo	2d	3mo		kind/feature lifecycle/stale	collaborator-last recv
5120		Too many pending authorizations - On Certificate Orders			3mo	2mo	3mo		kind/bug	author-last commented recv
5114		Intermediate certificate is not updated in child certificate			3mo	5d	3mo		kind/bug lifecycle/stale	collaborator-last recv
5106		Makefile flake when checking shasums			3mo	5wk	5wk		kind/bug kind/flake flake/test-setup	commented member-last send
5098		Requested Certificates stuck in Pending			3mo	10d	3mo		kind/bug lifecycle/stale	contributor-last recv recv-q
5088		ACME Issuer should support option to write intermediate and root CAs to Ingress TLS secret			3mo	13d	3mo		kind/feature lifecycle/stale	collaborator-last recv
5086		Issuing certificate as Secret does not exist Similar: #5146: New certificate is not issued when duration is changed for existing secret (open)			3mo	12d	3mo		lifecycle/stale	collaborator-last recv similar
5078		Venafi unit-test are flakey when run via make			3mo	17d			lifecycle/stale	collaborator-last
5075		Create generic middleware/wrapper for instrumenting calls to external services			3mo	17d			lifecycle/stale	collaborator-last pr-merged
5073		Allow injecting CABundle to arbitrary Custom Resources			3mo	2mo	2mo		kind/feature	author-last commented recv
5072		Cert-Manager auto rollout in gcloudAnthos			3mo	17d	3mo		lifecycle/stale	collaborator-last commented send
5069		Error presenting challenge: the server could not find the requested resource even though resource exists			3mo	19d	3mo		kind/bug	recv
5068		cert-manager v1.9 tracking issue			3mo	18d			lifecycle/stale	collaborator-last
5066		Threat model for cert-manager			3mo	16d	3mo		kind/feature lifecycle/stale	collaborator-last commented
5062		Cert-manager stops processing order request in "processing" status after several attempts			3mo	17d	3mo		kind/bug lifecycle/stale area/acme	collaborator-last commented recv recv-q
5042		propagation check failed: DNS record for xxx not yet propagated Similar: #5193: Stuck on "propagation check failed" (open)		2	4mo	2mo	4mo		kind/bug	recv recv-q similar
5041		Failed to obtain venafi certificate: vcert error: your data contains problems: request doesn't match certificate: unmatched key modulus			4mo	3wk	4mo		kind/bug	contributor-last recv recv-q
5031		ValidateCAA test function is flaky			4mo	5wk	5wk		kind/bug kind/flake flake/test-logic	commented member-last send
5028		Wrong nameserver for vault clusterissuer			4mo	16d	3mo		lifecycle/stale	collaborator-last commented recv recv-q
5005		Investigate why Contour fails with "Gateway not found in cache" in some end-to-end Prow jobs			4mo	5wk	5wk		kind/flake flake/test-logic	commented member-last pr-closed send
5004		After installing cert-manager using kubectl, "cmctl check api" fails with "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": context deadline exceeded Similar: #5189: Post "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": context deadline exceeded (open) Similar: #4902: Hi getting error Not ready: Internal error occurred: failed calling webhook "webhook.cert-manager.io": Post "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": Address is not allowed (closed)		5	4mo	2wk	2wk			commented member-last send similar
5000		externalName: <service-name><namespace>.svc.cluster.local			4mo	17d	4mo		kind/feature lifecycle/rotten	collaborator-last recv
4999		Verification on 1.7.2 fails (Kubectl apply)			4mo	2d	4mo		kind/bug lifecycle/rotten	recv
4982		Cert manager issues - pod is in constant restart			4mo	3wk	4mo		lifecycle/rotten	collaborator-last commented send
4980		Waiting for DNS-01 challenge propagation: dial tcp 173.245.59.41:53: connect: connection refused Similar: #4648: Kubernetes 1.22 Challenge stuck at pending : Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200' (open)			4mo	2mo	4mo		kind/bug	commented recv-q send similar
4979		Overhaul the DNS01 solver		5	4mo	7wk			kind/feature	pr-closed
4959		Support AWS Auth Method for Vault			4mo	2mo	4mo		kind/feature	recv
4956		cert-manager created multiple CertificateRequest objects with the same certificate-revision		2 3	4mo	12d	4mo		kind/bug	commented pr-merged recv recv-q
4950		General flakiness of our end-to-end suite		3	5mo	5wk	5wk		lifecycle/frozen kind/flake	commented member-last pr-closed pr-merged send
4947		Custom labels/annotations in ACME solver services created by Issuer/ClusterIssuer		7	5mo	12d	5mo		kind/feature lifecycle/stale	collaborator-last recv
4941		Failed to perform self check GET request Similar: #3238: Waiting for http-01 challenge propagation: failed to perform self check GET request (closed)			5mo	3wk	5mo		kind/bug	recv recv-q similar
4940		Migrate to Ginkgo 2 to get JUnit XML reports on Prow timeouts			5mo	16d	3mo		kind/cleanup lifecycle/stale	collaborator-last commented open-milestone pr-merged send
4931		Enable Testing on ARM64			5mo	9d	5mo		kind/feature	author-last commented recv recv-q
4899		Certificate.Spec.RenewEvery instead of RenewBefore			5mo	11d	11d		kind/feature	collaborator-last commented
4896		Unable to generate self-signed pkcs12 Certificate		3	5mo	2d	5mo		lifecycle/rotten	collaborator-last recv
4893		Venafi ClusterIssuer fails to become Ready when authorize is slow		3	5mo	13d	3mo		kind/bug lifecycle/stale area/venafi	collaborator-last commented send
4892		Set up a permanent cert-manager installation to catch issues that only appear in long running deployments			5mo	7wk	7wk		kind/feature	collaborator-last commented
4884		Add a similar secretTemplate to the secret that is created by ACME Issuer			5mo	2mo	5mo		kind/feature	author-last commented recv
4877		HTTP01 solver fails self-check/propagation check on 1.7.1 when used with client-certificate auth on nginx Ingress 1.1.1			5mo	5wk	5mo		kind/bug	recv recv-q
4824		Repo Migration Followup Task List			6mo	4wk	5wk			assigned assignee-updated commented member-last pr-merged
4821		Allow `ingressClassName` to be set for HTTP01 solver ingresses. PR#5225: Add flag to allow switching ingressClassName specification unreviewed		61	6mo	4d	3mo		kind/feature lifecycle/stale area/ingress-shim	collaborator-last commented pr-unreviewed send
4797		Automatically renew certificates if OCSP indicates that it was revoked		6	6mo	5d	6mo		kind/feature area/acme	author-last commented recv
4786		Investigate whether it would be valuable to decrease the initial backoff period for certificate issuance retries		7	6mo	2mo	2mo			collaborator-last commented pr-merged send
4771		Internal error for webhook server certificate has expired or is not yet valid			6mo	3wk	6mo		lifecycle/rotten	collaborator-last commented recv recv-q
4747		Revoke Certificates Similar: #561: Certificate Resources (open)		2 5	6mo	6wk	6mo		kind/feature	recv similar
4685		Unexpected EOF during watch stream event decoding: unexpected EOF			7mo	3mo	7mo		lifecycle/frozen kind/bug	contributor-last recv recv-q
4654		Certificates issued by vault with isCa: true are missing CA:TRUE in certificate		2 3 4	8mo	4wk	4wk		kind/bug	commented member-last send
4621		Allow Certificate secretTemplate to specify the cert-manager.io/allow-direct-injection annotation			8mo	17d	3mo		kind/feature lifecycle/stale	collaborator-last commented open-milestone pr-closed send
4594		TLS handshake error: EOF		4	9mo	11d	2mo		kind/bug	commented recv-q send
4561		Ability to specify secret ownerReference as part of the Certificate request		3	9mo	2mo	9mo		kind/feature	recv
4535		Kubernetes: x509 certificate signed by unknown authority, possibly because of ECDSA verification failure			9mo	2mo	9mo			commented recv-q send
4490		Subject Ingress Annotations PR#4502: support subject and email annotations for ingress/gateway new-commits		3	10mo	3d	10mo		kind/feature	pr-new-commits recv
4454		Add certificate issuer / issuer type in prometheus metrics PR#5038: Added issuer_name, issuer_kind and issuer_group to prom metrics new-commits		8	11mo	2d	4mo		good first issue help wanted kind/feature lifecycle/rotten	collaborator-last commented open-milestone pr-new-commits recv-q send
4423		Cert renewal loop		2	11mo	4wk	10mo		kind/bug	author-last commented recv recv-q
4410		Support configuration via operator subscription		4	11mo	2mo	2mo		kind/feature	commented member-last send
4349		allowing greater configuration for the cloud provider tests			1y	3mo	3mo		lifecycle/frozen kind/feature	collaborator-last commented send
4331		Add Uninstall & Upgrade commands to `kubectl cert-manager`			1y	7d			kind/feature lifecycle/rotten	collaborator-last pr-closed
4246		ACME DNS Challenge and Propagation Delay (NXDOMAIN)		7	1y	4wk	1y		kind/bug	recv
4216		Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large			1y	1y	1y			recv
3958		Sane defaults for Certificate revision history limit Similar: #4071: Add a default value to RevisionHistoryLimit if none is provided in the Certificate (closed)		9	1y	2mo	1y		kind/feature	recv recv-q similar
3896		Cert Manager failing to renew certificate Similar: #5218: Install SSL certificate on CertManager container image (open) Similar: #4895: cert manager webook certificate (closed)		17	1y	2mo	10mo		kind/bug	commented recv-q send similar
3747		Certificate issuerRef should be optional			1y	3wk	1y		kind/feature lifecycle/rotten	collaborator-last recv
3719		DNS-01 broken scenario (GCP Cloud DNS)			1y	2mo	1y		kind/bug	author-last recv
3592		Ability to not create ca.crt		2	2y	2mo	2y			author-last commented recv
3565		requestmanager_controller got stuck in a loop and stopped generating new certificates afterward		12	2y	12d	10mo		kind/bug	commented recv-q send
2380		Helm chart version is not SemVer-compatible		4	2y	16d	1y		kind/bug	commented recv recv-q
1006		Use descriptive text instead of alt for `feature icon`			2mo	2mo	2mo			recv
1001		Document a policy for required CI health before we can release			2mo	2mo	2mo			recv
998		Documentation venafi configuration references venafi documentation page which returns 403			2mo	2mo	2mo			recv
993		Document which resources do/do not get garbage collected			2mo	2mo	2mo		good first issue	contributor-last recv
988		Document how feature gated fields can be added to API			2mo	2mo	2mo			recv
981		The `kubectl operator install` instructions are broken (after upgrading kubectl operator v0.3.0 -> v0.4.0)			3mo	3mo	3mo			commented member-last
975		Some pages do not make it clear what the user should read next			3mo	3mo
974		Investigate styled 404 page			3mo	3mo
955		Document when the vault pki role required setting `require_cn=false`			3mo	3mo
944		Document how to install cert-manager in a different namespace		2	3mo	2mo	3mo		good first issue	assigned assignee-updated contributor-last recv recv-q
936		Review public envvars for site			3mo	3mo	3mo			commented member-last
931		Improve upgrade instructions using helm			3mo	3mo	3mo			recv
923		GSoD2022: Improve the navigation and structure of the cert-manager website Similar: #921: GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak (open)			3mo	3mo	3mo			assigned contributor-last recv similar
922		GSoD2022: Dashamir Hoxha			3mo	3mo	3mo			assigned assignee-updated commented member-last send
921		GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak Similar: #923: GSoD2022: Improve the navigation and structure of the cert-manager website (open)			3mo	3mo	3mo			assigned assignee-updated commented member-last send similar
899		Upgrading from v1.7 to v1.8 check command should exclude null.		2	4mo	3mo	4mo			recv recv-q
868		Document RBAC Similar: #844: Document feature gates (open)			4mo	4mo	4mo			contributor-last recv similar
866		Securing NGINX-ingress Similar: #326: Securing Ingresses with Venafi (open)			4mo	4mo	4mo			recv similar
851		create Cilium ingress tls example		3	6mo	7wk	6mo			assigned assignee-updated recv
847		missing documentation/information olm based installation metric prometheus			6mo	6mo	6mo			contributor-last recv
844		Document feature gates Similar: #868: Document RBAC (open)			6mo	6mo				similar
841		remove dependency on golang from cmctl and kubectl-plugin installation documentation			6mo	6mo	6mo			contributor-last pr-merged recv recv-q
836		Syncing Secrets Across Namespaces			6mo	4mo	6mo			recv
802		Spelling errors are unclear in pull request CI results and spell checker is unmaintained			6mo	6mo			kind/bug	contributor-last pr-merged
776		Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret			8mo	8mo	8mo			commented member-last send
758		API reference docs: enum values not documented with typedef			9mo	9mo	9mo			recv
746		Enable Dark mode in the docs website			9mo	9mo	9mo			recv
706		Default key usages			10mo	10mo	10mo			recv
697		[IRSA] Needs `runAsUser: 1001`			11mo	11mo	11mo			recv
693		Azure DNS pod identity incorrectly documents principal_id			11mo	11mo	11mo			commented member-last send
672		List required Google CloudDNS permissions exhaustively			1y	1y	1y			recv
662		Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"			1y	1y	1y			recv
645		Investigate & add an FAQ/warning about images rolled back after GitOps upgrade			1y	6mo	1y			recv recv-q
642		Move/ link to Webhook debugging docs Similar: #144: Improve webhook debugging info (open)			1y	1y				similar
604		Make it so that it is easier to find the doc for fixing webhook issues			1y	3mo	1y			contributor-last recv
583		cert-manager with ZeroSSL		42	1y	5wk	5wk			commented send
568		Add a diagram for LetsEncrypt cert issuance flow to the docs		4	1y	1y	1y			recv
561		Certificate Resources Similar: #4747: Revoke Certificates (open)			1y	1y	1y			recv similar
554		HTTP Validation, privateKeySecretRef			1y	1y	1y			contributor-last recv
549		Effort towards a more user-friendly website			1y	1y
543		Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates		4	1y	1y	1y			commented member-last send
542		Document the Istio VirtualService HTTP01 configuration options			1y	1y
532		Rework of the landing page (cert-manager.io)		3	1y	8mo	1y		help wanted good first issue	commented member-last send
486		OpenShift - broken link			1y	1y	1y			commented member-last send
469		DNS01: Delegated Domains for DNS01 example yaml solvers list items			1y	1y	1y			recv
466		installation/compatiblity			1y	1y	1y			recv
457		cainjector docs are missing the option to inject certs in apiservice resources			1y	1y	1y			recv
454		Cluster Resource Namespace			1y	1y	1y			recv
426		Create a sequence diagram that shows how a certificate gets issued with let's encrypt		2	2y	1y	1y			commented member-last pr-merged
425		Document ocspServers			2y	2y	2y		kind/documentation	commented member-last
422		Page last modified date incorrect			2y	2y	2y		kind/bug	collaborator-last commented send
386		Uninstalling on Kubernetes - How to delete all those user created resources?			2y	2y	2y			collaborator-last commented send
330		Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1)			2y	2y	2y			collaborator-last commented send
326		Securing Ingresses with Venafi Similar: #866: Securing NGINX-ingress (open)			2y	2y	2y			collaborator-last commented send similar
295		Route53			2y	2y	2y		kind/documentation	commented member-last send
79		Design for partial automation of release process			1mo	1mo	1mo			commented member-last send
50		Move cert-manager-release infrastructure to CNCF's GCP account			10mo	7mo	7mo			commented member-last
42		Publish latest release number as part of creating a final release			11mo	11mo	11mo			commented member-last send
31		Move the manual steps of our release process to cmrel commands			1y	11mo	11mo			commented member-last pr-closed
27		Create cert-manager specific testing infrastructure			1y	10mo	10mo			assigned assignee-updated commented member-last pr-merged send
19		Incorrect command line help: should include a --branch argument			2y	2y	2y		kind/cleanup	commented contributor-last

Uncommented older than 7 days (105)

Resolution: Add a priority/ or triage/ label

Average age: 201.1d, Avg wait: 165.7d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
4846		More than one Certificate nominating same Secret induces runaway creation of many CertificateRequests and Orders PR#5303: Stop infinitely reissuing certs with shared Secret new-commits		2	6mo	1mo	6mo		kind/bug priority/important-soon	contributor-last pr-new-commits recv recv-q
4722		High memory usage on cluster with many secrets		8	7mo	17d	7mo		kind/bug priority/important-soon	contributor-last open-milestone recv
4653		Venafi TPP Support for Oauth		3	8mo	4wk	8mo		kind/feature priority/backlog	recv recv-q
4648		Kubernetes 1.22 Challenge stuck at pending : Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200' Similar: #4980: Waiting for DNS-01 challenge propagation: dial tcp 173.245.59.41:53: connect: connection refused (open) Similar: #3238: Waiting for http-01 challenge propagation: failed to perform self check GET request (closed) Similar: #2517: http-01 challenge propagation: wrong status code '404', expected '200' (closed)		2 14	8mo	17d	8mo		kind/bug priority/backlog lifecycle/stale	collaborator-last recv recv-q similar
3898		Allow setting PodDisruptionBudget policies via helm chart PR#3931: Added PodDisruptionBudgets to helm chart new-commits		3	1y	2mo	1y		kind/feature priority/important-longterm area/deploy	author-last pr-closed pr-new-commits recv
3711		Export issued cert into AWS ACM		19	1y	23h	1y		kind/feature priority/backlog lifecycle/rotten	collaborator-last recv
3655		Specify Name Constraints in CA Certificate		4	2y	5wk	2y		kind/feature priority/backlog	author-last recv
850		Document available cert-manager Prometheus metrics			6mo	3mo	6mo		documentation good first issue priority/important-longterm	contributor-last recv
770		Helm template fails with `--create-namespace`			8mo	7mo	8mo		triage/support	contributor-last recv recv-q
709		Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1			10mo	9mo	10mo		good first issue priority/important-soon	recv
551		Documentation on how to handle large-scale certificate management & best practices		2	1y	8mo	1y		help wanted priority/important-longterm kind/documentation	contributor-last recv
480		Secret gets UID added to end of name			1y	1y	1y		triage/support	contributor-last recv recv-q
76		Upgrading from v0.10 to v0.11 - missing cainjector annotation			2y	2y	2y		priority/backlog kind/documentation	contributor-last recv
56		Route53: document use of "region" field			2y	1y	2y		documentation priority/important-longterm	contributor-last recv recv-q
91 previously listed items omitted

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 789.8d, Avg wait: 90.8d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
709		Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1			10mo	9mo	10mo		good first issue priority/important-soon	recv
320		Document how to install cert-manager using gitops and known issues with particular gitops implementations		3	2y	1y	2y		documentation priority/important-soon	commented contributor-last
262		[DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift			2y	2y	2y		kind/feature priority/important-soon	author-last commented recv recv-q
229		Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error			2y	2y			priority/important-soon kind/documentation	contributor-last
198		Document release process			2y	2y	2y		priority/important-soon kind/documentation	assigned commented member-last send
195		Document keystores			2y	1y	2y		priority/important-soon kind/documentation	commented member-last send
174		Add documentation for CRD conversion webhook ca injection			2y	2y	2y		help wanted priority/important-soon kind/documentation	commented member-last send
144		Improve webhook debugging info Similar: #642: Move/ link to Webhook debugging docs (open)			2y	1y	2y		priority/important-soon kind/documentation	commented member-last pr-merged send similar
90		Document Certificate Subject Changes			2y	2y	2y		help wanted good first issue priority/important-soon	collaborator-last commented
69		SelfSignedIssuer configuration - API reference docs			2y	2y	2y		help wanted good first issue priority/important-soon kind/documentation	commented member-last send

Important longterm, but no updates in 180 days (8)

Resolution: Downgrade to backlog

Average age: 786.6d, Avg wait: 180.1d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
2178		Handling 'unregistering' certificates from Venafi TPP		11	2y	7mo	2y		lifecycle/frozen kind/feature priority/important-longterm area/venafi	commented recv-q send
551		Documentation on how to handle large-scale certificate management & best practices		2	1y	8mo	1y		help wanted priority/important-longterm kind/documentation	contributor-last recv
401		Bring tutorials up to date			2y	2y			priority/important-longterm
344		Add docs to explain webhooks			2y	1y			help wanted good first issue priority/important-longterm	contributor-last
223		Document wildcard certificate tutorial			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
178		Order of versions of cert-manager in menu			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
154		Documenting repo management process			2y	2y	2y		priority/important-longterm kind/documentation	commented contributor-last send
56		Route53: document use of "region" field			2y	1y	2y		documentation priority/important-longterm	contributor-last recv recv-q

Pull Requests: Review Ready (27)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 63.6d, Avg wait: 27.1d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5346		Upgrade deps			16d	1d	1d		release-note-none approved area/api size/XXL area/acme dco-signoff: yes area/testing area/acme/dns01 area/acme/http01 area/deploy needs-kind	assigned assignee-updated commented member-last unreviewed
5373		Allow config of http01 solver pod security context		2	6d	4d	4d		size/L release-note area/api kind/feature area/acme dco-signoff: yes ok-to-test area/acme/http01 area/deploy	author-last commented open-milestone recv unreviewed
5336		CertificateRequest: re-sync SelfSigned CertificateRequest when target Secret is informed. Similar: #5379: CertificateSigningRequest: re-sync SelfSigned CertificateSigningRequest when target Secret is informed (open)			19d	4d	17d		release-note size/XL approved kind/feature dco-signoff: yes area/testing	collaborator-last commented open-milestone similar unreviewed
5379		CertificateSigningRequest: re-sync SelfSigned CertificateSigningRequest when target Secret is informed Similar: #5336: CertificateRequest: re-sync SelfSigned CertificateRequest when target Secret is informed. (open)			4d	4d			release-note size/XL approved kind/feature dco-signoff: yes area/testing	collaborator-last open-milestone similar unreviewed
5376		Upgrade gateway api to v0.5.0			5d	5d			release-note approved area/api kind/feature size/XXL area/acme dco-signoff: yes area/testing area/acme/http01 area/deploy	collaborator-last unreviewed
4330		Add client certificate auth method for Vault issuer			1y	9d	4mo		release-note size/XL area/api kind/feature area/acme area/vault dco-signoff: yes area/testing ok-to-test area/deploy	author-last commented recv unreviewed
5324		Create 20220720-per-certificate-owner-ref.md Similar: #5158: Added certificate owner ref field (open)			3wk	9d	18d		size/L release-note-none approved kind/design dco-signoff: yes	collaborator-last commented new-commits similar
5305		:bug: fix #5304 / upgrade dependencies			4wk	9d	4wk		size/XS release-note area/api dco-signoff: yes ok-to-test needs-kind	collaborator-last commented recv unreviewed
5353		Update year to 2022			12d	12d	12d		size/XS release-note-none needs-ok-to-test dco-signoff: yes needs-kind	collaborator-last recv unreviewed
5311		added healthcheck to containers port spec			3wk	15d	3wk		size/XS release-note-none needs-ok-to-test dco-signoff: yes area/deploy needs-kind	assigned author-last recv unreviewed
5093		Add relabeling and metricRelabelings settings for ServiceMonitor.			3mo	18d	3mo		release-note size/S needs-ok-to-test dco-signoff: yes area/deploy needs-kind	author-last recv recv-q unreviewed
5174		Add support for restricting the secrets watch list in cainjector		5	2mo	3wk	2mo		release-note needs-ok-to-test size/M dco-signoff: yes needs-kind	commented recv recv-q unreviewed
5208		Add: Kubernetes recommanded labels			2mo	4wk	7wk		size/XS release-note needs-ok-to-test dco-signoff: yes area/deploy needs-kind	commented recv recv-q unreviewed
5277		Add ability to set common set of labels across all resources			5wk	5wk	5wk		size/XS release-note needs-ok-to-test dco-signoff: yes area/deploy needs-kind	collaborator-last recv unreviewed
4969		add acmeHttp01SolverImage			4mo	5wk	4mo		size/XS release-note needs-ok-to-test dco-signoff: yes area/deploy needs-kind	commented recv recv-q unreviewed
4835		Making sure per fixture only 1 setup is active at the same time			6mo	1mo	1mo		release-note-none kind/bug size/M dco-signoff: yes area/testing	assigned assignee-updated commented member-last reviewed-with-comment
5054		fix webhook can not run with args of kubeconfig			3mo	2mo	3mo		size/XS release-note-none kind/bug needs-ok-to-test area/acme dco-signoff: yes	collaborator-last recv unreviewed
1057		Improve the table-of-contents			14h	14h			approved dco-signoff: yes size/M	unreviewed
1055		Update pomerium tutorial			2d	2d	2d		dco-signoff: yes size/L needs-ok-to-test	recv unreviewed
1036		Adds documentation on PKCS12 support for csi-driver			3wk	9d			approved dco-signoff: yes size/M	unreviewed
984		Fix zerossl tutorial path			2mo	7wk	2mo		dco-signoff: yes size/L ok-to-test	assigned contributor-last recv recv-q unreviewed
1005		Route53 accessKeyIDSecretRef docs			2mo	2mo	2mo		size/XS dco-signoff: yes needs-ok-to-test	recv unreviewed
992		Initial feature gate documentation		2	2mo	2mo	2mo		approved dco-signoff: yes size/M	commented contributor-last recv recv-q reviewed-with-comment
930		update ibmcloud cis webhook link			3mo	2mo	3mo		size/XS dco-signoff: yes needs-ok-to-test	assigned assignee-updated author-last commented recv unreviewed
948		add note to ingress class definition			3mo	3mo	3mo		dco-signoff: no size/XS needs-ok-to-test	assigned author-last recv unreviewed
90		Adds Image to prow context, pass context to job generators.			1d	1d	1d		dco-signoff: yes approved size/M	contributor-last recv unreviewed
89		Option to write generated prow config, and automatically create pull request against jetstack/testing			2d	1d	1d		dco-signoff: yes approved size/L	commented contributor-last recv recv-q unreviewed

Unkinded Issues (98)

Resolution: Add a kind/ or triage/support label

Average age: 296.0d, Avg wait: 118.5d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5159		ACME account private key rotation support			2mo	2mo	2mo		triage/needs-information	collaborator-last commented send
4963		How do i get the root cert expiry metrics if manual issuer?			4mo	17d	3mo		priority/awaiting-more-evidence priority/backlog lifecycle/stale	collaborator-last commented send
4948		Apply changes to test objects by patching instead of updating PR#5105: Replace update with patch operation unreviewed			5mo	17d			priority/important-soon lifecycle/stale area/testing	collaborator-last open-milestone pr-merged pr-unreviewed
4918		Leader election timeout (?) causes exit			5mo	2mo	3mo		priority/important-longterm	commented recv recv-q
4910		CNCF incubation tracking issue			5mo	1mo	5mo		priority/important-soon	assigned assignee-updated commented contributor-last recv
4538		Enable new Auth methods for Vault		3	9mo	17d	3mo		priority/important-longterm lifecycle/stale	collaborator-last commented send
4250		Support parallel DNS validation for same host		5	1y	7d	8mo		priority/important-soon lifecycle/stale area/acme/dns01	collaborator-last commented open-milestone recv recv-q
3992		Add non-CRD yaml file		2	1y	14d	1y		priority/important-soon area/deploy	commented open-milestone recv
753		Route53 - AWS IAM Account Setup is confusing			9mo	3mo	3mo		priority/backlog	commented member-last send
459		cert manager is no longer on the OpenShift operator list			1y	3mo	1y		priority/awaiting-more-evidence	assigned assignee-updated commented contributor-last recv-q send
354		DigitalOcean access-token should not be base64-encoded			2y	2y	2y		priority/awaiting-more-evidence	author-last commented recv
2		Set up periodic job to publish an experimental release build			2y	1y			priority/backlog	assigned contributor-last
86 previously listed items omitted

Unprioritized Recent Issues (187)

Resolution: Add a priority/ or triage/ label

Average age: 201.1d, Avg wait: 75.9d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5386		Add subsection for microk8s clusters in ACME/HTTP01 article			14h	14h	14h		kind/feature	recv
1054		Run spell checker in a pre-commit hook			4d	4d	4d		good first issue kind/cleanup	recv
185 previously listed items omitted

Uncommented Recent Issues (2)

Resolution: Add a comment

Average age: 2.7d, Avg wait: 2.2d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5386		Add subsection for microk8s clusters in ACME/HTTP01 article			14h	14h	14h		kind/feature	recv
1054		Run spell checker in a pre-commit hook			4d	4d	4d		good first issue kind/cleanup	recv

New, has multiple reactions, but not important-soon: No matching items

New, has multiple commenters, but not important-soon: No matching items

needs information, has update: No matching items

Unprioritized issues older than 7 days (185)

Resolution: Add a priority/ or triage/ label

Average age: 203.2d, Avg wait: 76.7d

Uncommented older than 7 days (105)

Resolution: Add a priority/ or triage/ label

Average age: 201.1d, Avg wait: 165.7d

Important soon, but no updates in 90 days (10)

Resolution: Downgrade to important-longterm

Average age: 789.8d, Avg wait: 90.8d

Important longterm, but no updates in 180 days (8)

Resolution: Downgrade to backlog

Average age: 786.6d, Avg wait: 180.1d

Pull Requests: Review Ready (27)

Resolution: Review requests or mark them as do-not-merge/work-in-progress

Average age: 63.6d, Avg wait: 27.1d

Unkinded Issues (98)

Resolution: Add a kind/ or triage/support label

Average age: 296.0d, Avg wait: 118.5d

Unprioritized Recent Issues (187)

Resolution: Add a priority/ or triage/ label

Average age: 201.1d, Avg wait: 75.9d

Uncommented Recent Issues (2)

Resolution: Add a comment

Average age: 2.7d, Avg wait: 2.2d

Recently updated issue has a question (1)

Resolution: Add an answer

Average age: 969.9d, Avg wait: 0.0d