Open PRs (72)

Resolution:

Average age: 98.8d, Avg wait: 18.9d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4241 Add support for pathLen basicConstraint
10
3d 15min 33min
approved
area/api
area/deploy
area/testing
dco-signoff: yes
do-not-merge/work-in-progress
kind/feature
release-note
size/XL
collaborator-last
commented
draft
new-commits
open-milestone
4251 Allows to configure which annotations get copied from Certificate
4
2h 17min 38min
approved
dco-signoff: yes
kind/cleanup
release-note
size/L
assigned
assignee-updated
changes-requested
commented
member-last
send
3646 DESIGN: certificates.k8s.io Adoption
15
5mo 2h 2h
approved
dco-signoff: yes
kind/design
release-note-none
size/L
assigned
assignee-updated
commented
member-last
new-commits
4249 serviceLabels for cert-manager-webhook service 21h 20h 21h
area/deploy
dco-signoff: no
do-not-merge/release-note-label-needed
needs-kind
needs-ok-to-test
size/XS
collaborator-last
recv
unreviewed
4226 add 'kubectl cert-manager version'
2
6d 2d 4d
dco-signoff: yes
needs-kind
ok-to-test
release-note
size/XXL
commented
contributor-last
recv
reviewed-with-comment
similar
4243 Cleanup goroutine management 3d 2d 3d
area/acme
area/monitoring
area/testing
dco-signoff: yes
do-not-merge/release-note-label-needed
kind/cleanup
ok-to-test
size/L
collaborator-last
commented
new-commits
send
4195 vault: Fix when certificate chain does not have a root ca 17d 3d 11d
dco-signoff: yes
do-not-merge/release-note-label-needed
needs-kind
needs-ok-to-test
size/S
assigned
assignee-updated
author-last
commented
new-commits
recv
recv-q
4225 Feature: Support both v1 and v1beta1 ingresses.
7
7d 3d 3d
approved
area/acme
area/acme/http01
area/ingress-shim
area/testing
dco-signoff: yes
kind/feature
release-note
size/XXL
assigned
assignee-updated
collaborator-last
commented
reviewed-with-comment
send
3931 Added PodDisruptionBudgets to helm chart
5
2mo 3d 6wk
approved
area/deploy
dco-signoff: yes
do-not-merge/hold
lgtm
needs-kind
needs-rebase
ok-to-test
release-note
size/L
assigned
assignee-updated
commented
new-commits
recv-q
send
4244 [WIP] adding a new feature set for Public ACME servers 3d 3d 3d
area/testing
dco-signoff: yes
do-not-merge/work-in-progress
needs-kind
needs-ok-to-test
release-note-none
size/M
collaborator-last
draft
recv
unreviewed
4234 Add startup api check Job 5d 5d 5d
area/deploy
dco-signoff: yes
kind/feature
ok-to-test
release-note
size/L
collaborator-last
commented
send
unreviewed
4072 Add a name to Prometheus scraping service port for Istio compatibillity 7wk 5d 7wk
area/deploy
dco-signoff: yes
needs-kind
needs-ok-to-test
release-note
size/XS
assigned
contributor-last
recv
recv-q
unreviewed
4219 add "components" Helm value 8d 6d 6d
area/deploy
dco-signoff: yes
kind/feature
ok-to-test
release-note
size/M
collaborator-last
commented
send
unreviewed
4171 A webhook startup probe to check that the cert-manager API is usable 3wk 9d 3wk
approved
area/deploy
dco-signoff: yes
needs-kind
needs-rebase
release-note
size/L
collaborator-last
commented
reviewed-with-comment
send
4209 Auto generate README.md & template Chart.yaml using tem 12d 10d 10d
area/deploy
dco-signoff: yes
kind/feature
ok-to-test
release-note
size/XXL
commented
contributor-last
recv
reviewed-with-comment
similar
3828 feat: add support to secretTemplates
10
3mo 10d 3wk
approved
area/api
area/deploy
area/testing
dco-signoff: yes
do-not-merge/release-note-label-needed
needs-kind
ok-to-test
size/XL
assigned
assignee-updated
commented
contributor-last
new-commits
open-milestone
recv
recv-q
3905 proxy ingress annotations to certificates for external issuers 3mo 10d 3mo
dco-signoff: yes
do-not-merge/release-note-label-needed
needs-kind
needs-ok-to-test
needs-rebase
size/M
assigned
collaborator-last
recv
unreviewed
4188 Helm cleanup 19d 10d 15d
area/deploy
area/testing
dco-signoff: yes
do-not-merge/release-note-label-needed
kind/cleanup
needs-rebase
ok-to-test
size/XXL
collaborator-last
commented
new-commits
recv
3639 Allow setting Helm chart service annotations 5mo 12d 5mo
area/deploy
dco-signoff: yes
needs-kind
needs-ok-to-test
needs-rebase
release-note
size/S
assigned
collaborator-last
recv
recv-q
similar
unreviewed
4069 Add: support for additional labels 1mo 12d 1mo
area/deploy
dco-signoff: yes
do-not-merge/release-note-label-needed
needs-kind
needs-ok-to-test
needs-rebase
size/L
collaborator-last
recv
unreviewed
4161 Update makefile 3wk 13d 13d
approved
dco-signoff: yes
kind/cleanup
release-note-none
size/M
collaborator-last
commented
unreviewed
4199 Auto generate README.md & template Chart.yaml 16d 14d 15d
area/deploy
dco-signoff: yes
needs-kind
ok-to-test
release-note
size/XXL
commented
contributor-last
new-commits
recv
similar
4145 Allow additional namespaceSelector matchExpressions to be configured on ValidatingWebHook 4wk 17d 4wk
area/deploy
dco-signoff: yes
kind/feature
ok-to-test
release-note
size/XS
assigned
assignee-updated
author-last
commented
recv
recv-q
unreviewed
4164 [WIP] parametrizing dns01 tests 3wk 18d 3wk
area/testing
dco-signoff: yes
do-not-merge/work-in-progress
kind/feature
needs-ok-to-test
needs-rebase
release-note-none
size/L
collaborator-last
draft
recv
unreviewed
3607 WIP e2e test to confirm assumption of KU match on renewal 6mo 19d
approved
area/testing
dco-signoff: yes
do-not-merge/work-in-progress
kind/cleanup
needs-rebase
release-note-none
size/M
assigned
assignee-updated
collaborator-last
unreviewed
3996 make sure crd-* manifests are YAML before passing to controller-gen
2mo 19d 2wk
approved
dco-signoff: yes
do-not-merge/release-note-label-needed
needs-kind
needs-rebase
size/M
changes-requested
collaborator-last
commented
send
3871 [WIP] Adds ARM64 to test platforms 3mo 2wk 2wk
approved
dco-signoff: yes
do-not-merge/hold
do-not-merge/work-in-progress
kind/feature
release-note-none
size/S
assigned
assignee-updated
collaborator-last
commented
unreviewed
3605 fix: Set default nodeSelector to linux 6mo 2wk 2wk
area/acme
area/acme/http01
area/deploy
dco-signoff: yes
kind/bug
release-note
size/S
commented
member-last
reviewed-with-comment
send
3562 WIP: Resync Issuers and ClusterIssuers every 30 seconds
6mo 3wk 3wk
approved
area/testing
dco-signoff: yes
do-not-merge/hold
do-not-merge/work-in-progress
kind/bug
release-note
size/L
commented
draft
member-last
new-commits
open-milestone
send
4125 [WIP] Add install to cert-manager cli 5wk 3wk 4wk
dco-signoff: yes
do-not-merge/work-in-progress
kind/feature
needs-rebase
ok-to-test
release-note
size/XXL
collaborator-last
commented
draft
recv
similar
unreviewed
3727 DESIGN: Policy
4mo 3wk 3wk
approved
dco-signoff: yes
kind/design
release-note-none
size/XL
commented
member-last
reviewed-with-comment
send
4050 explicitly specify port protocol field to allow server side apply 2mo 4wk 2mo
area/deploy
dco-signoff: yes
needs-kind
needs-ok-to-test
release-note-none
size/XS
assigned
author-last
recv
recv-q
unreviewed
4078 Allow (Cluster)Issuer to define caBundle for ACME server TLS verification 7wk 5wk 6wk
area/acme
area/api
area/deploy
dco-signoff: yes
kind/feature
ok-to-test
release-note
size/L
commented
member-last
send
unreviewed
3466 WIP: Certificate Spec Defaulting 8mo 6wk 8mo
approved
area/api
dco-signoff: yes
do-not-merge/work-in-progress
needs-kind
needs-rebase
release-note
size/L
collaborator-last
commented
reviewed-with-comment
send
3614 Pass the key before hash and the token to the dns webhook solvers 5mo 7wk 5mo
area/acme
area/acme/dns01
area/api
area/deploy
area/testing
dco-signoff: yes
needs-kind
needs-ok-to-test
needs-rebase
release-note
size/L
author-last
commented
recv
recv-q
unreviewed
3305 Allow to set annotations for services 10mo 2mo 10mo
area/deploy
dco-signoff: yes
do-not-merge/release-note-label-needed
do-not-merge/work-in-progress
needs-kind
needs-rebase
ok-to-test
size/S
collaborator-last
commented
draft
send
similar
unreviewed
4044 Upgrade the Vault server used in E2E tests 2mo 2mo 2mo
approved
area/testing
dco-signoff: yes
needs-kind
release-note-none
size/S
collaborator-last
commented
send
unreviewed
3705 integration test for readiness controller
4
5mo 2mo 2mo
approved
area/testing
dco-signoff: yes
kind/cleanup
needs-rebase
release-note-none
size/L
assigned
assignee-updated
changes-requested
collaborator-last
commented
4027 bug: Don't sort json patch operations 2mo 2mo 2mo
approved
dco-signoff: yes
kind/bug
ok-to-test
release-note-none
size/XS
commented
contributor-last
new-commits
recv
3368 Add PrometheusRule and basic alert. Fixes #3342
3
9mo 2mo 8mo
area/deploy
dco-signoff: yes
needs-kind
ok-to-test
release-note
size/M
collaborator-last
commented
reviewed-with-comment
send
3410 Add API defaulting for Venafi Issuer config
9mo 2mo 7mo
approved
area/api
dco-signoff: yes
do-not-merge/hold
needs-kind
needs-rebase
release-note
size/XL
collaborator-last
commented
open-milestone
reviewed-with-comment
send
3635 WIP: renewBefore sanity checks
5mo 2mo 3mo
approved
dco-signoff: yes
do-not-merge/work-in-progress
needs-kind
needs-rebase
release-note-none
size/L
collaborator-last
commented
open-milestone
reviewed-with-comment
send
3702 Update import path following repository move 5mo 2mo 5mo
approved
area/acme
area/acme/dns01
area/acme/http01
area/api
area/ca
area/deploy
area/monitoring
area/testing
area/vault
dco-signoff: yes
do-not-merge/hold
kind/cleanup
kind/design
needs-rebase
release-note
size/XXL
collaborator-last
commented
unreviewed
3836 Refactor the end-to-end ACME HTTP01 tests (follow-up to #3444)
3mo 2mo 3mo
approved
area/testing
dco-signoff: yes
do-not-merge/work-in-progress
kind/cleanup
needs-rebase
release-note-none
size/XL
collaborator-last
commented
draft
unreviewed
3883 No need to specify namespaceSelector when in same namespace 3mo 3mo 3mo
area/deploy
dco-signoff: yes
do-not-merge/release-note-label-needed
needs-kind
needs-ok-to-test
size/XS
collaborator-last
recv
unreviewed
3405 Add Certificate Extensions support 9mo 7mo 9mo
area/api
area/deploy
dco-signoff: no
do-not-merge/release-note-label-needed
do-not-merge/work-in-progress
needs-kind
needs-ok-to-test
needs-rebase
size/L
collaborator-last
draft
recv
unreviewed
655 Install add 'kubectl cert-manager x install' documentation 1d 6h 7h
dco-signoff: yes
do-not-merge/cherry-pick-not-approved
ok-to-test
size/XL
commented
member-last
send
similar
unreviewed
656 Add 'kubectl cert-manager check api' docs 1d 6h 1d
dco-signoff: yes
do-not-merge/cherry-pick-not-approved
ok-to-test
size/M
commented
member-last
send
similar
unreviewed
640 Document the certificate shim support for Gateways 17d 2d
approved
dco-signoff: yes
do-not-merge/cherry-pick-not-approved
do-not-merge/work-in-progress
needs-rebase
size/L
changes-requested
contributor-last
draft
recv-q
521 Talk about key rotation downtime and "rotationPolicy: Always"
5
3mo 2d 17d
approved
dco-signoff: yes
do-not-merge/hold
needs-rebase
size/L
assigned
assignee-updated
commented
contributor-last
new-commits
650 Adjust list of Subject Alternative Names 6d 4d 4d
dco-signoff: no
ok-to-test
size/XS
commented
member-last
send
unreviewed
615 Adds documentation for CSR supporting all issuers, and the CTL command 5wk 6d 6d
approved
dco-signoff: yes
do-not-merge/cherry-pick-not-approved
size/L
collaborator-last
commented
unreviewed
545 Update akamai.md 2mo 13d 2mo
dco-signoff: yes
ok-to-test
size/M
author-last
commented
recv
reviewed-with-comment
638 Adds a FAQ as to why Vault's cert chain may not include the intermediate CA cert 18d 17d 17d
approved
dco-signoff: yes
do-not-merge/hold
size/S
commented
contributor-last
recv
reviewed-with-comment
634 feat: update secretTemplate documentation
3wk 2wk 3wk
dco-signoff: yes
ok-to-test
size/S
assigned
commented
contributor-last
new-commits
send
447 WIP Adds repo structure description 5mo 3wk 3wk
approved
dco-signoff: yes
do-not-merge/work-in-progress
needs-rebase
size/L
assigned
assignee-updated
commented
member-last
send
unreviewed
284 Clarify source of API docs 11mo 3wk 3wk
dco-signoff: yes
ok-to-test
size/XS
commented
member-last
reviewed-with-comment
send
578 WIP: A note about how not to use the ca.crt 1mo 3wk 3wk
dco-signoff: yes
do-not-merge/work-in-progress
size/M
changes-requested
commented
member-last
send
633 WIP: Kubectl cert manager install 3wk 3wk 3wk
dco-signoff: yes
do-not-merge/work-in-progress
size/L
commented
contributor-last
new-commits
similar
625 Document the use of the HTTP01 Gateway API solver 4wk 4wk
approved
dco-signoff: yes
do-not-merge/cherry-pick-not-approved
do-not-merge/work-in-progress
size/XXL
contributor-last
draft
unreviewed
589 cloud DNS: include missing project ID
6wk 5wk 5wk
dco-signoff: yes
ok-to-test
size/XS
changes-requested
commented
member-last
send
446 Add multiple ingresses usage section 5mo 5wk 5mo
dco-signoff: yes
needs-ok-to-test
needs-rebase
size/XS
contributor-last
recv
unreviewed
548 More doc around the approval API in the /concepts/certificaterequest page 2mo 5wk 7wk
approved
dco-signoff: yes
kind/cleanup
needs-rebase
size/XL
commented
contributor-last
unreviewed
451 update to ingress. 5mo 6wk 5mo
dco-signoff: no
needs-ok-to-test
size/XS
contributor-last
recv
unreviewed
558 While restoring a backup, the uid and resourceVersion should be ignored
2mo 6wk 7wk
approved
dco-signoff: yes
do-not-merge/hold
lgtm
size/S
assigned
assignee-updated
commented
contributor-last
recv-q
unreviewed
455 move cert-manager from jetstack to cert-manager 5mo 7wk 7wk
approved
dco-signoff: yes
do-not-merge/hold
needs-rebase
size/L
commented
member-last
send
unreviewed
518 Non-honoring external issuers: explain their impact 3mo 2mo
approved
dco-signoff: yes
do-not-merge/work-in-progress
needs-rebase
size/XS
contributor-last
draft
unreviewed
528 Update "Setting Nameservers for DNS01 Self Check" example 3mo 3mo 3mo
dco-signoff: yes
needs-ok-to-test
size/XS
contributor-last
recv
unreviewed
249 add clarity of role use for eks clusterissuer 1y 5mo 5mo
dco-signoff: no
ok-to-test
size/S
assigned
commented
member-last
reviewed-with-comment
send
35 Sort versions when running "cmrel staged" and add cmrel staged --help
2
1mo 3wk 3wk
approved
dco-signoff: yes
size/M
commented
member-last
new-commits
17 Add image validation for Docker architecture 1y 3wk 3wk
dco-signoff: yes
lgtm
size/L
assigned
assignee-updated
commented
member-last
new-commits
send
36 Add the "cmrel update-release-branch" command 7wk 7wk 7wk
approved
dco-signoff: yes
do-not-merge/work-in-progress
size/M
commented
draft
member-last
unreviewed

Open Issues (455)

Resolution:

Average age: 255.8d, Avg wait: 53.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4250 Support parallel DNS validation for same host 6h 6h 6h
recv
4248 Run cert-manager e2e tests with the race flag
2d 2d
area/testing
kind/cleanup
pr-merged
4247 OCP Ingress Support for Cert-Manager 1.4 3d 2d 2d
kind/feature
triage/support
author-last
commented
recv
recv-q
similar
4246 ACME DNS Challenge and Propagation Delay (NXDOMAIN) 3d 3d 3d
kind/bug
recv
4245 Ingress Shim Certificate Incorrectly Renewed Due To Usages Change 3d 3d
kind/bug
4235 Reconsider error condition on empty secretnames in TLS hosts. 5d 5d 5d
kind/feature
recv
4220 Reuse existing identical certificates 7d 7d 7d
kind/feature
recv
similar
4216 Error getting keypair for CA issuer: error parsing ecdsa private key: x509: failed to parse EC private key: asn1: structure error: length too large 10d 10d 10d
recv
4215 Include example manifests in this repo for reference 10d 10d 10d
recv
4214 Certificate orders get in an unknown state. 10d 10d 10d
kind/bug
recv
4212 Ingress-shim to remove certificates if owned ingress lacks autoCertificateAnnotations 11d 5d 5d
kind/feature
collaborator-last
commented
send
4211 support for importing multiple CA in jks certificates 12d 12d 12d
kind/feature
recv
similar
4210 Syncing secret across namespaces gives error "unable to fetch certificate that owns the secret" 12d 12d 12d
kind/bug
recv
4203 Add a make target for building static manifests with specific image 15d 15d
area/deploy
kind/feature
4196 Enhance CA issuer with HSM support
17d 6d 13d
area/ca
help wanted
kind/feature
author-last
commented
recv
4193 Implement automated krew-index updates
17d 7d 7d
kind/feature
commented
member-last
send
4191 Setting default values for Pod's "resources"?
2
18d 18d 18d
commented
member-last
send
4189 Support setting a different password for the private key in a Java keystore 19d 10d
area/api
good first issue
help wanted
kind/feature
similar
4187 Upgrade to cert-manager v1.3.1 causes outage on EKS 19d 19d 19d
kind/bug
recv
4180 Add tests to #4138
3wk 3wk 3wk
kind/feature
assigned
assignee-updated
contributor-last
pr-merged
recv
4179 Universal cert-manager installing, uninstalling, debugging and upgrading 3wk 3wk 3wk
recv
4173 Enable domains for no_proxy 3wk 3wk 3wk
kind/feature
author-last
recv
recv-q
4170 Use Dependabot for automatic dependency upgrades 3wk 3wk 3wk
kind/feature
recv
4167 Support for full chain validation on issued certificates
3
3
3wk 3d 3d
kind/bug
collaborator-last
commented
send
4166 cert-manager should allow to store certificate in vault 3wk 3wk 3wk
kind/feature
recv
similar
4162 The kubectl.kubernetes.io/last-applied-configuration annotation is copied to CertificateRequests
6
3wk 3d 3d
kind/bug
assigned
assignee-updated
collaborator-last
commented
open-milestone
pr-changes-requested
send
4159 Unable to create venafi issuer with kubernetes 3wk 3wk 3wk
kind/bug
recv
similar
4153 Support DoT (DNS over TLS) for Recursive Nameservers 3wk 3wk 3wk
kind/feature
recv
4148 Kubernetes Ingress Controller Fake Certificate 4wk 3wk 4wk
author-last
recv
4146 Provide cert store format choice for PEM combined
4wk 4wk 4wk
kind/feature
recv
4144 Can't create vault Issuer with enabled JWT Issuer Validation 4wk 4d 4d
area/vault
kind/bug
priority/awaiting-more-evidence
author-last
commented
recv
4139 Old Helm charts should be deprecated
4wk 4wk
kind/bug
pr-merged
4135 Exclude some parent labels from being replicated on child objects 4wk 4wk 4wk
kind/feature
author-last
recv
4132 Helm chart should have kubeVersion constraints 4wk 4wk
kind/feature
4131 Changing/Renewing OAUTH token requries Re-creation of Venafi Cluster Issuer
4wk 3wk 3wk
area/venafi
kind/bug
priority/awaiting-more-evidence
author-last
commented
recv
4120 v1.5 Public Roadmap 5wk 4h 3d
Epic
commented
member-last
pr-reviewed-with-comment
4118 Support for solving HTTP01 challenges with the Gateway API
5wk 3d 3d
area/acme/http01
kind/feature
priority/backlog
assigned
assignee-updated
commented
member-last
open-milestone
pr-closed
similar
4114 Endless Sync Loop when installing Helm Chart via ArgoCD 5wk 5wk 5wk
kind/bug
author-last
pr-closed
pr-unreviewed
recv
similar
4102 Default leader election namespace to installation namespace 6wk 5wk 5wk
kind/feature
collaborator-last
commented
send
4097 Generating SSL + ingress-nginx issue 6wk 5d 6wk
kind/bug
recv
recv-q
4095 Update private Docker registry path 6wk 6wk 6wk
recv
4093 Clean up/document the defaulting in fuzzer funcs
6wk 6wk
kind/cleanup
priority/backlog
pr-merged
4089 make images throwing unbound variable error 6wk 6wk 6wk
priority/awaiting-more-evidence
triage/support
collaborator-last
commented
send
4086 [CA Issuer] Metrics for getting issuer cert expiration 6wk 6wk 6wk
recv
4077 Incorrect installation information in the Helm chart 7wk 7wk
kind/bug
similar
4076 Incorrect Kubernetes compatibility information in the Helm chart 7wk 7wk
kind/bug
similar
4075 Renew certificate keeps in pending state 7wk 6wk 6wk
triage/support
collaborator-last
commented
send
4073 Internal error occurred: failed calling webhook 7wk 6wk 7wk
recv
similar
4071 Add a default value to RevisionHistoryLimit if none is provided in the Certificate
7wk 7wk 7wk
kind/feature
recv
similar
4068 cert-manager certificate always update when "helm install" command is executed.
1mo 6wk 6wk
kind/bug
priority/important-longterm
collaborator-last
commented
send
4066 [Flake] test/e2e/suite/issuers/acme/certificate/http01.go test 2mo 2mo 2mo
area/testing
kind/flake
priority/important-longterm
collaborator-last
commented
open-milestone
4061 Permission denied errors on AWS cause R53 DDoS 2mo 5wk 5wk
area/acme/dns01
kind/bug
priority/important-soon
commented
member-last
send
4057 Remove deprecated APIs
2mo 2wk 5wk
area/api
kind/cleanup
priority/important-soon
collaborator-last
commented
pr-merged
similar
4053 Error setup role to manage Route53 dns01 2mo 16d 2mo
kind/bug
recv
recv-q
4047 Flaky test: //test/integration/certificates 2mo 2mo
kind/bug
kind/flake
similar
4045 Flaky test: //test/integration/validation 2mo 2mo 2mo
kind/bug
kind/flake
commented
member-last
similar
4041 Switch the api versions accepted by validating and mutating webhook to `v1` only 2mo 2mo
kind/cleanup
4033 Automated updates of base images
2mo 2mo 2mo
kind/feature
collaborator-last
commented
pr-merged
4032 Consider ArtifactHub vulnerability scanning 2mo 2mo
kind/feature
4030 Come up with a proposal for removing Bazel from cert-manager codebase
2mo 5wk 5wk
kind/cleanup
kind/design
priority/important-longterm
commented
member-last
pr-unreviewed
send
4023 Vault generated certificates
4
2mo 4wk 2mo
kind/bug
pr-new-commits
recv
recv-q
similar
4020 server side apply failed 2mo 2mo 2mo
kind/bug
priority/backlog
collaborator-last
commented
pr-unreviewed
send
4019 Internal error occurred: conversion webhook for cert-manager.io/v1 2mo 2mo 2mo
triage/support
collaborator-last
commented
send
4014 Use constant values for baseDelay, maxDelay of workqueue
2mo 2mo
kind/cleanup
priority/backlog
pr-merged
4011 Memory segmentation bug when using Vault 2mo 2mo 2mo
area/vault
kind/bug
priority/important-soon
triage/needs-information
collaborator-last
commented
open-milestone
send
4010 Update cert-manager Helm chart Readme 2mo 18d
area/deploy
kind/cleanup
priority/important-longterm
assigned
assignee-updated
contributor-last
pr-new-commits
pr-reviewed-with-comment
4006 Test ACME account email update
2mo 2mo
area/acme
area/testing
kind/cleanup
priority/backlog
pr-merged
4005 Manage ACME accounts registry better 2mo 2mo
area/acme
kind/cleanup
priority/backlog
4004 Better/clearer handling of issuer secrets
2mo 2mo
kind/cleanup
priority/backlog
pr-merged
4003 Accepting challenge authorization failed 2mo 2mo 2mo
area/acme/http01
kind/bug
recv
3998 Allow setting caBundle in (Cluster)Issuers to request certificates from https ACME using internal PKI 2mo 2mo 2mo
kind/feature
pr-unreviewed
recv
3992 Add non-CRD yaml file 2mo 13d 13d
area/deploy
commented
member-last
send
3991 cert-manager v1.3.1 pods crash after installation 2mo 2mo 2mo
kind/bug
triage/support
commented
recv-q
send
3990 crt.sh is showing certs issued while k8s cluster is showing status as false 2mo 3d 6wk
area/acme
kind/bug
priority/important-soon
commented
recv-q
send
3979 Certificates for multiple domains (Let's Encrypt) 2mo 2mo 2mo
author-last
recv
3977 cert-manager-webhook Firewalld Issues 2mo 2mo 2mo
kind/bug
author-last
recv
recv-q
3976 Flaky test: //test/integration/ctl TestCtlRenew/--all-namespaces_and_-l_foo=bar_given 2mo 2mo 2mo
kind/bug
kind/flake
priority/important-longterm
collaborator-last
commented
open-milestone
send
3968 acme http01: 504 Gateway Time-out 2mo 2mo 2mo
area/acme/http01
kind/bug
recv
3967 Does the certificate chain include a root CA certificate by default? 2mo 2mo 2mo
area/venafi
kind/bug
recv
3966 Using Cert Manager with Hashicorp Vault 2mo 2mo 2mo
triage/support
collaborator-last
commented
send
3961 Fix pkg/util/pki TestPrivateKeyEncodings test 2mo 2mo
area/testing
kind/cleanup
3959 Keep USERS.md up to date
2mo 2mo
3958 Sane defaults for Certificate revision history limit
2
2mo 2mo 2mo
kind/feature
recv
similar
3957 Support JKS trust store for ACME certificates 2mo 14d 2mo
kind/feature
commented
recv-q
send
similar
3954 Allow ingress-shim to opt-in for privatekey rotation 'Always'
3
2mo 5d 2mo
area/api
kind/feature
priority/backlog
assigned
assignee-updated
commented
send
3952 Add helm install to cert-manager cli 2mo 6wk 6wk
kind/feature
collaborator-last
commented
pr-unreviewed
send
3951 Replace DynamicClient for Istio VirtualService with properly generated client
2mo 2mo 2mo
kind/feature
collaborator-last
commented
pr-merged
send
3950 Add support for adding cert-manager HTTP01 routing rules to existing Istio VirtualService
2mo 2mo 2mo
kind/feature
priority/important-longterm
collaborator-last
commented
pr-merged
send
3949 Option to store selfsigned cert/key pair into two secrets.
2
2mo 2mo 2mo
kind/feature
recv
3948 Encryption Password for Keystore/Truststore from Vault 2mo 7wk 2mo
kind/feature
author-last
commented
recv
3947 Linting to check API annotations 2mo 2mo
kind/feature
3941 Certificate renewal get stuck if Vault becomes temporarily inaccessible during the the time of renewal.
2mo 2mo 2mo
kind/bug
recv
3930 Add migration tests against forked repositories 2mo 5wk 5wk
commented
member-last
send
3929 Turn on parallelization in Ginkgo to speed up Prow jobs 2mo 2mo
area/testing
kind/cleanup
priority/backlog
3925 Please make all configuration entries under the dns providers etc. work with valueFrom 3mo 3mo 3mo
recv
3924 External Challenge Solver: Support for various Virtual Service implementations 3mo 5wk 5wk
kind/feature
commented
member-last
open-milestone
pr-merged
pr-unreviewed
send
3920 Support gateway-api HTTPRoute for HTTP01 solving 3mo 3mo 3mo
help wanted
kind/feature
priority/backlog
collaborator-last
commented
send
similar
3911 Re-enable Venafi Cloud e2e tests 3mo 3mo
area/testing
area/venafi
kind/bug
priority/important-longterm
similar
3910 ACME Certificate in "False" state even when order and certificaterequest are completed 3mo 3mo 3mo
kind/bug
author-last
recv
3909 Make wait time configurable when creating route53 challenge
2
3mo 3mo 3mo
area/acme/dns01
kind/feature
priority/important-longterm
recv
3904 Akamai Fast DNS should use V2 API and rename to Edge DNS
3mo 3mo 3mo
area/acme/dns01
kind/bug
kind/feature
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
send
3899 Delete Venafi TPP test certs created by e2e tests 3mo 3mo
area/testing
area/venafi
kind/cleanup
priority/important-longterm
3898 Allow setting PodDisruptionBudget policies via helm chart 3mo 3mo 3mo
area/deploy
kind/feature
priority/important-longterm
pr-new-commits
recv
3896 Cert Manager failing to renew certificate
15
3mo 10d 3mo
kind/bug
recv
recv-q
similar
3895 Multiple CSRs posted to Venafi TPP causing errors in certificate state.
3mo 2mo 2mo
area/venafi
kind/bug
priority/important-soon
collaborator-last
commented
send
3890 support more secret type 3mo 3mo 3mo
collaborator-last
commented
send
3888 Create process for cert-manager distributors to get advance embargoed security notices 3mo 3mo
kind/feature
priority/backlog
3884 Certs Owner Reference on secret from issuer
3mo 2mo 2mo
kind/feature
collaborator-last
commented
send
3874 Getting "Error from server: conversion webhook for acme.cert-manager.io/v1alpha2, Kind=Challenge failed: Post https://cert-manager-webhook.cert-manager.svc:443/convert?timeout=30s: service "cert-manager-webhook" not found" 3mo 2mo 3mo
recv
recv-q
similar
3870 Unable to Delete Challenge After Failed Uninstall 3mo 2mo 2mo
kind/bug
priority/awaiting-more-evidence
triage/support
collaborator-last
commented
send
3868 Document Go API Compatibility (or Lack Thereof)
3mo 2mo 2mo
kind/documentation
kind/feature
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
pr-merged
3853 Be able to specify the imagePullSecret to use for the HTTP01 ACME solver pod 3mo 2mo 2mo
kind/feature
priority/important-longterm
author-last
commented
recv
similar
3852 Be able to specify a serviceAccount for the HTTP01 ACME solver pod
3mo 3mo 3mo
kind/feature
priority/important-soon
collaborator-last
commented
pr-closed
send
similar
3849 Make debugging e2e tests locally easier 3mo 3mo
area/testing
priority/backlog
3848 Wildcard certificates not being resolved correctly. 3mo 3mo 3mo
area/acme/dns01
kind/bug
priority/important-soon
collaborator-last
commented
send
3844 Add --version to the cert-manager-controller CLI 3mo 10d 10d
kind/feature
priority/backlog
commented
member-last
3842 Issuing same certificate on different namespaces does not work 3mo 3mo 3mo
triage/support
collaborator-last
commented
send
3839 Ingress with cert-manager and clusterIssuer is opening in an insecured mode with warning and not as https 3mo 3mo 3mo
triage/support
collaborator-last
commented
send
3837 Prow: investigate the many setup failures
3mo 17d
area/testing
kind/bug
priority/important-soon
contributor-last
pr-merged
recv-q
3826 Error re-connecting fluxcd after cert-manager update 1.0.4 procedure 3mo 7d 7d
kind/bug
priority/awaiting-more-evidence
triage/support
commented
member-last
send
3825 restoring parallel setup behaviour for e2e tests 3mo 3mo 3mo
good first issue
help wanted
kind/feature
priority/important-longterm
recv
3824 http01 challange creates an invalid ingress resource when ingress class is set
3
3mo 14d 2mo
area/ingress-shim
kind/bug
priority/backlog
commented
recv-q
send
3821 Error updating from 0.16 to 1.0 version 3mo 3mo 3mo
kind/bug
priority/awaiting-more-evidence
triage/support
collaborator-last
commented
send
3820 Controller fails to process new certs when there are a large number of pending ones 3mo 3mo 3mo
kind/bug
priority/important-soon
collaborator-last
commented
send
3814 Can `cert-manager.io/cluster-issuer: nameOfClusterIssuer` annotation be made to work on a namespace? 4mo 3mo 3mo
area/api
area/ingress-shim
kind/feature
priority/awaiting-more-evidence
collaborator-last
commented
send
similar
3810 Certificates stuck issuing and unready after cert-manager restart 4mo 3mo 3mo
kind/bug
priority/important-soon
author-last
commented
recv
similar
3808 Supporting traefik IngressRoute objects?
2
4mo 3mo 3mo
area/ingress-shim
priority/important-longterm
collaborator-last
commented
send
3804 support building for and from ARM
2
5
4mo 3mo 3mo
kind/feature
priority/important-longterm
collaborator-last
commented
pr-merged
pr-unreviewed
send
3801 Allow defining prime time windows where we don't want certificate renewal getting triggered
4mo 3mo 3mo
kind/feature
priority/important-longterm
commented
member-last
send
3800 Documentation requires more elaboration on the cert renewal behavior.
2
4mo 3mo 3mo
priority/awaiting-more-evidence
triage/support
collaborator-last
commented
send
3799 keystores generation when securing ingress
2
2
4mo 3mo 3mo
kind/feature
priority/backlog
collaborator-last
commented
send
3796 Intermittent E2E test failure: ERROR: 1 setup jobs failed. Check logs above for details
4mo 3mo 3mo
area/testing
good first issue
kind/flake
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
pr-merged
send
3783 CLI tool should have an install command
4mo 4wk 3mo
area/ctl
area/deploy
kind/feature
priority/backlog
assigned
assignee-updated
commented
contributor-last
pr-unreviewed
3780 WSL2 support or is there an existing process in place? 4mo 2mo 4mo
kind/feature
priority/backlog
recv
3778 Route53 dns challenge with less privileged hosted zone doesn't work with few domains pointing to the same record
2
4mo 5wk 5wk
area/acme/dns01
kind/bug
priority/important-soon
commented
member-last
send
3777 Non-compliant behaviour: re-POSTing challenge instead of polling authorization 4mo 2d 4mo
kind/bug
priority/awaiting-more-evidence
recv
recv-q
3767 ClusterIssuer incorrect DNS Resolution
4mo 2mo 4mo
kind/bug
priority/backlog
commented
send
3766 support for "leases" for leader election
4mo 2mo 2mo
good first issue
help wanted
kind/feature
priority/important-soon
collaborator-last
commented
send
3761 Document a security issue reporting, response, and distribution process
2
5
4mo 3mo 3mo
kind/documentation
kind/feature
priority/important-soon
assigned
assignee-updated
collaborator-last
commented
pr-merged
send
3755 Letsencrypt challenges missing nginx ingress and flooding apache logs 4mo 3mo 3mo
kind/bug
triage/support
author-last
commented
recv
3751 Cert-Manager doesn't proxying custom annotations from Ingress
4mo 3mo 3mo
area/ingress-shim
kind/feature
priority/backlog
collaborator-last
commented
pr-unreviewed
send
similar
3748 Cert-manager causes API server panic on clusters with more than 20000 secrets.
2
4mo 7wk 4mo
kind/bug
triage/needs-information
commented
pr-merged
recv
recv-q
3747 Certificate issuerRef should be optional 4mo 4mo 4mo
kind/feature
recv
3743 Excessive DNS caching for DNS verification
4mo 4mo 4mo
kind/bug
recv
3739 Helm chart fails to install CRDs when using ArgoCD 4mo 5wk 4mo
kind/bug
recv
similar
3738 PKI: inject a time.Time in certificate template functions instead of using time.Now
4mo 3mo 3mo
kind/cleanup
priority/important-soon
assigned
assignee-updated
commented
member-last
pr-merged
send
3729 Possible Bug in RFC2136? Or Missconfiguration? 4mo 3mo 4mo
triage/support
recv
3726 Deprecated Ingress API
2
4mo 6wk 6wk
kind/bug
priority/important-soon
collaborator-last
commented
open-milestone
pr-merged
pr-reviewed-with-comment
send
similar
3723 Order stays in an unknown state indefinitely for a particular ingress 4mo 4mo 4mo
kind/bug
recv
3720 Feature Request: Multi-cloud testing 4mo 4mo 4mo
help wanted
kind/feature
priority/backlog
commented
member-last
3719 DNS-01 broken scenario (GCP Cloud DNS) 4mo 3mo 4mo
kind/bug
author-last
recv
3718 Multiple CertificateRequest objects for a single Certificate resource 4mo 3mo 3mo
kind/bug
priority/awaiting-more-evidence
commented
member-last
send
similar
3716 Health check failed as CertificateSource is unhealthy"
4mo 2wk 4mo
kind/bug
recv
recv-q
3715 kube-dns not used for DNS01 challenges 4mo 4mo 4mo
kind/bug
author-last
recv
3711 Export issued cert into AWS ACM
3
4mo 3mo 4mo
kind/feature
priority/backlog
recv
3706 renewal-hooks
3
5mo 5wk 5wk
triage/support
collaborator-last
commented
send
3704 Document how to manually test cert-manager upgrade in release-process.md 5mo 3mo 3mo
kind/documentation
priority/important-soon
commented
member-last
open-milestone
3698 Support for gke workload identity in the helm chart? 5mo 5mo 5mo
triage/support
collaborator-last
commented
send
3696 Add an integration test for Readiness controller 5mo 5mo 5mo
good first issue
kind/cleanup
priority/backlog
assigned
assignee-updated
collaborator-last
commented
pr-changes-requested
3691 no_proxy settings not honored helm/kubernetes/vault 5mo 5mo 5mo
kind/bug
recv
3690 renewal stucks and output suspicious logs periodically
5mo 5mo 5mo
kind/bug
author-last
recv
3689 Certificate cannot be created because of attempts to create Order resources that already exist (on OVH)
3
5mo 5wk 2mo
help wanted
kind/bug
priority/important-longterm
commented
recv-q
send
3682 cert-manager support for v1 ingress nginx
5mo 7wk 7wk
kind/bug
priority/important-soon
collaborator-last
commented
send
similar
3681 When using a keystore.jks in secret, how can I specify a name for the alias 5mo 5mo 5mo
kind/feature
recv
3677 Provide configuration for delayed certificate update after creation 5mo 5mo 5mo
kind/feature
recv
3676 Configuring LE wildcard cert on EKS w/ Route53 DNS 5mo 5mo 5mo
collaborator-last
commented
send
3675 Donation of jniebuhr/aws-pca-issuer to the Cert Manager project
2
6
5mo 2mo 5mo
kind/documentation
kind/feature
priority/backlog
author-last
recv
3674 Update helm chart location 5mo 3mo 3mo
kind/cleanup
priority/backlog
commented
member-last
3673 Create cert-manager container registry 5mo 5mo
kind/cleanup
3672 Change the package import path from jetstack/cert-manager to cert-manager/cert-manager 5mo 3mo 3mo
kind/cleanup
priority/important-soon
collaborator-last
commented
pr-unreviewed
send
3671 Transfer repository to the cert-manager organisation 5mo 5mo 5mo
kind/cleanup
commented
member-last
3670 Create testing infrastructure for the cert-manager org 5mo 3mo 3mo
kind/cleanup
priority/important-soon
assigned
assignee-updated
commented
member-last
similar
3668 Secure Istio Gateway in Kubernetes using cert-manager. 5mo 5mo 5mo
kind/bug
author-last
recv
3660 order is showing as ready but stuck at the challenges. Not getting all the challenges. 5mo 5mo 5mo
recv
3659 custom DNS01 test fails when secondary nameserver is unresponsive 5mo 5mo 5mo
kind/bug
author-last
recv
3655 Specify Name Constraints in CA Certificate 5mo 2mo 5mo
kind/feature
priority/backlog
recv
3654 Create a Docker image with release dependencies/commands 5mo 5mo
kind/feature
priority/important-longterm
3653 install cert-manager: Readiness probe failed: HTTP probe failed with statuscode: 500 5mo 2mo 5mo
kind/bug
triage/support
recv
3651 Document how to set Issuer and Subject for self-signed certificates
2
5mo 5mo 5mo
kind/bug
recv
similar
3649 Challenge & secret sometimes not getting created for route53 issuer 5mo 5mo 5mo
kind/bug
recv
3648 Update Makefile in the root of the repo
3
5mo 6wk 6wk
good first issue
kind/cleanup
priority/backlog
assigned
assignee-updated
commented
member-last
pr-merged
send
3643 cert-manager-webhook getting deleted by garbage-collector 5mo 4mo 5mo
area/deploy
kind/bug
priority/backlog
triage/needs-information
collaborator-last
commented
send
3640