generic Receive queue :: Triage Party

Issues that may be waiting for our response
NOTE: for this to work properly, GitHub token must have read access to read organization members

Questions awaiting follow-up: No matching items

Bugs awaiting follow-up (38)

Resolution: Comment or close the issue

Average age: 201.4d, Avg wait: 103.2d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5864		Certmgr allows creating certificates expiring after ca expiration.			8d	8d	8d		kind/bug	recv
5862		http01.ingress.class doesn't work			8d	5d	8d		kind/bug	recv
5845		Error presenting challenge: Unable to check the TXT record: ### Unexpected HTTP status: 401 during certificate renewal			2wk	2wk	2wk		kind/bug	recv
5826		ACMEDNS, cnameStrategy: Follow (follow CNAME records recursively), dns01-recursive-nameservers-only - NXDOMAIN			3wk	3wk	3wk		kind/bug	recv
5775		Atos IDnomic ACME Gateway			6wk	3wk	5wk		kind/bug area/acme	author-last commented recv
5779		cloudDNS 's hostedZoneName is not sufficient to replace the dns01-recursive-nameservers flag			6wk	6wk	6wk		kind/bug	recv
5756		Challenge is stuck at "Waiting for DNS-01 challenge propagation" Similar: #5752: Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200' (open) Similar: #4246: ACME DNS Challenge and Propagation Delay (NXDOMAIN) (closed)			7wk	7wk	7wk		kind/bug	author-last commented recv similar
5760		Feature/Bug: Filter Ingress Url by ACME Solvers PR#5761: feat: Add option to allow filtering DNS Names by ACME Challenge solvers unreviewed			7wk	7wk	7wk		kind/bug kind/feature	pr-unreviewed recv
5755		JKS truststore.jks not found in resulting secret in v1.11.0		3	7wk	4wk	7wk		kind/bug	pr-unreviewed recv
5751		Wildcard DNS domains and `cnameStrategy: Follow` don't work nicely together			1mo	6wk	1mo		kind/bug	recv recv-q
5752		Waiting for HTTP-01 challenge propagation: wrong status code '404', expected '200' Similar: #5756: Challenge is stuck at "Waiting for DNS-01 challenge propagation" (open) Similar: #2517: http-01 challenge propagation: wrong status code '404', expected '200' (closed)			1mo	1mo	1mo		kind/bug	recv similar
5708		Cert Manager working with only example.com not with svc.cluster.local			2mo	2mo	2mo		kind/bug	collaborator-last recv
5664		Error: INSTALLATION FAILED: failed post-install: timed out waiting for the condition			3mo	4wk	3mo		kind/bug	recv recv-q
5716		Certificate renewal fails during DNS challenge with Route53 Similar: #3896: Cert Manager failing to renew certificate (open)			2mo	1mo	2mo		kind/bug	recv similar
5611		ACME HTTP challenge pods blocked by OpenShift			3mo	13d	3mo		kind/bug	author-last recv
5650		provider rfc2136 send updates to top level zone Similar: #5630: provider rfc2136: updates are sent to wrong dns zone (open)			3mo	5d	3mo		kind/bug lifecycle/stale	collaborator-last recv similar
5585		ClusterIssuer cannot read the ServiceAccount token secret			4mo	5d	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5596		Current PSP is not sufficient to work with CSI volume			4mo	4wk	4mo		kind/bug lifecycle/stale	collaborator-last recv
5538		Unable to set IPv6 podDNS config from values			4mo	1mo	4mo		kind/bug	author-last recv
5557		error instantiating route53 challenge solver: unable to assume role: AccessDenied: Similar: #5486: Aggressive Retries from "error instantiating route53 challenge solver" (open)		4	4mo	4wk	4mo		kind/bug	recv recv-q similar
5524		cert-manager v1.10.0 always tries to access clusterissuers at cluster scope			5mo	5d	5mo		kind/bug lifecycle/rotten	collaborator-last recv recv-q
5520		CrashLoopBackOff after restart of all deployments			5mo	3wk	5mo		kind/bug lifecycle/rotten	collaborator-last recv recv-q
5536		Challenge stack on self check when host is unavailable from cluster.			4mo	3wk	4mo		kind/bug lifecycle/rotten	collaborator-last recv
5516		Forbidden: seccomp may not be set pod.metadata.annotations		2 10	5mo	2mo	5mo		kind/bug	author-last recv
5171		TPP Allowed Domains can cause valid certificate to error			9mo	4wk	9mo		kind/bug area/venafi	recv
5062		Cert-manager stops processing order request in "processing" status after several attempts			11mo	3wk	3mo		kind/bug lifecycle/stale area/acme	collaborator-last commented recv
5048		certificate not renewed for ingress with multiple hosts and http01-edit-in-place		3	11mo	3wk	10mo		kind/bug priority/backlog	commented recv
5069		Error presenting challenge: the server could not find the requested resource even though resource exists			10mo	2mo	10mo		kind/bug	recv
4877		HTTP01 solver fails self-check/propagation check on 1.7.1 when used with client-certificate auth on nginx Ingress 1.1.1			1y	12d	1y		kind/bug lifecycle/rotten	collaborator-last recv recv-q
4722		High memory usage on cluster with many secrets		10	1y	4wk	1y		kind/bug priority/important-soon	assigned assignee-updated recv recv-q
4685		Unexpected EOF during watch stream event decoding: unexpected EOF		5	1y	3mo	1y		lifecycle/frozen kind/bug	recv recv-q
4956		cert-manager created multiple CertificateRequest objects with the same certificate-revision		2 2 3	1y	2mo	1y		kind/bug	commented pr-closed pr-merged pr-unreviewed recv recv-q
4423		Cert renewal loop		2	2y	2mo	1y		kind/bug	author-last commented recv recv-q
2380		Helm chart version is not SemVer-compatible		5	3y	19d	2y		kind/bug	commented recv recv-q
5515		stuck on propagation check failed DNS record not yet propagated			5mo	22h	5mo		kind/bug	recv
5513		Deploy of cert-manager-webhook/cainjector:v1.9.1 got permission error			5mo	4wk	5mo		kind/bug lifecycle/rotten	collaborator-last recv recv-q
5486		Aggressive Retries from "error instantiating route53 challenge solver" Similar: #5780: error instantiating route53 challenge solver: unable to assume role: AccessDenied (open) Similar: #5557: error instantiating route53 challenge solver: unable to assume role: AccessDenied: (open)		2	5mo	6wk	5mo		kind/bug	recv recv-q similar
4846		More than one Certificate nominating same Secret induces runaway creation of many CertificateRequests and Orders PR#5567: WIP: Certificates: preventing CertificateRequest creation runaway commented		3	1y	6wk	4mo		kind/bug priority/important-soon	commented contributor-last pr-closed pr-reviewed-with-comment recv

Features awaiting follow-up (26)

Resolution: Comment or close the issue

Average age: 261.3d, Avg wait: 99.1d

ID	Au	Desc	As	Rea	Cr	Up	Re	Cmntrs	Labels	Tags
5877		Adding Domains.Google.com as an option for DNS-01			2d	2d	2d		kind/feature	recv
5772		Develop new Helm chart for cert-manager CRD manifests			7wk	7wk	7wk		kind/feature	recv
5767		force renew others when root cert renews			7wk	7wk	7wk		kind/feature	recv
5700		Support for issuing public certs using AWS ACM and DNS verification			2mo	2mo	2mo		kind/feature	author-last recv
5760		Feature/Bug: Filter Ingress Url by ACME Solvers PR#5761: feat: Add option to allow filtering DNS Names by ACME Challenge solvers unreviewed			7wk	7wk	7wk		kind/bug kind/feature	pr-unreviewed recv
5699		Customize Cloudflare base url			2mo	2mo	2mo		kind/feature	contributor-last recv
5697		Support PodSecurityAdmission		4	2mo	7d	2mo		kind/feature	author-last recv recv-q
5665		Allow defining keystore password as litteral instead of SecretRef			2mo	2mo	2mo		kind/feature	recv
5626		Helm: Allow configuration of readiness, liveness and startup probes for all created Pods PR#5670: feat(chart): support probes for cert-manager and cainjector changes-requested			3mo	2mo	2mo		kind/feature	author-last commented pr-changes-requested recv
5580		Mounting emptyDir to /tmp directory (webhook)			4mo	5wk	4mo		kind/feature	author-last recv
5572		Add the possibility to use two cluster issuers in a single ingress			4mo	12d	4mo		kind/feature lifecycle/rotten	collaborator-last recv
5543		Using Azure workload identity instead of AAD Pod Identities to configure the AzureDNS DNS01 challenge.			4mo	16d	4mo		kind/feature lifecycle/stale	collaborator-last recv recv-q
5540		Changelog annotations to chart			4mo	1mo	4mo		kind/feature	author-last recv
5514		Venafi Issuer Read `caBundle` from Configmap or Secret			5mo	1mo	5mo		kind/feature	contributor-last recv
5433		Support certs that live for < 1h Similar: #15: Feature: Support for ECC certs (open)		3	6mo	9d	6mo		kind/feature	author-last recv similar
5430		Improving DNS-01 challenge performance PR#5446: Allow concurrent same-FQDN DNS-01 challenges when using route53 commented PR#5447: Allow extra DNS-01 propagation time to be configured unreviewed			6mo	11d	6mo		kind/feature	pr-reviewed-with-comment pr-unreviewed recv
4931		Enable Testing on ARM64			1y	2d	1y		kind/feature lifecycle/stale	collaborator-last commented recv recv-q
4797		Automatically renew certificates if OCSP indicates that it was revoked Similar: #5558: Will auto-renewal of the root certificate automatically renew the certificate issued by the root certificate? (open)		6	1y	3wk	1y		kind/feature area/acme	commented recv similar
4778		Add cmctl upgrade migrate-api-version --dry-run		4	1y	1mo	11mo		good first issue help wanted kind/feature priority/important-longterm area/ctl	assigned assignee-updated commented contributor-last recv
4561		Ability to specify secret ownerReference as part of the Certificate request		3	1y	2mo	1y		kind/feature	recv
4153		Support DoT (DNS over TLS) for Recursive Nameservers			2y	2mo	10mo		kind/feature priority/backlog area/acme/dns01	author-last commented recv
3898		Allow setting PodDisruptionBudget policies via helm chart PR#3931: Added PodDisruptionBudgets to helm chart approved		4	2y	11d	2y		kind/feature priority/important-longterm area/deploy	author-last pr-approved pr-closed recv
3655		Specify Name Constraints in CA Certificate		10	2y	2mo	2y		kind/feature priority/backlog	contributor-last recv
2538		cert-manager does not use ingress.class from Ingress annotated with cert-manager.io/cluster-issuer		60	3y	1mo	2y		area/api kind/feature priority/backlog	commented recv recv-q
5615		Integrate cert-manager with DigitalOcean LBs			3mo	17d	3mo		kind/feature lifecycle/stale	collaborator-last recv
5821		Allow renewBefore to be a percentage			4wk	4wk	4wk		kind/feature	recv

Items that deserve a follow-up comment: No matching items