Once every quarter, look for stale issues, reprioritize, and de-duplicate.

Issues nearing expiration (16)

Resolution: Close or label as frozen

Average age: 262.1d, Avg wait: 81.4d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5406 url property in index.yaml at charts.jetstack.io not standard 3mo 6d 3mo
kind/bug
lifecycle/stale
collaborator-last
commented
send
5396 Passing empty IP Address in the certificate spec, fails certificate creation 3mo 11d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
5394 Cert Manager showing "error"="Operation cannot be fulfilled on certificates.cert-manager.io"
2
3mo 13d 3mo
lifecycle/stale
collaborator-last
recv
5392 cert-manager-webhook emit TLS handshake error from 10.240.1.63:53386: EOF 3mo 15d 3mo
lifecycle/stale
collaborator-last
recv
5391 Regex validation on acme/solvers is too strict
3mo 15d 3mo
lifecycle/stale
collaborator-last
recv
5388 InvalidChangeBatch: cannot be created because a non multivalue answer rrset exists with the same name and type
3mo 17d 3mo
kind/bug
lifecycle/stale
collaborator-last
recv
5357 Support ECDSA keys for ACME accounts 4mo 4wk 4mo
kind/feature
lifecycle/stale
author-last
pr-unreviewed
recv
5236 Cert Manager appending random string/numbers on the end of secret name
2
5mo 14d 5mo
triage/support
lifecycle/stale
collaborator-last
commented
recv-q
send
5198 Integration test flake: various timeouts 5mo 10d
lifecycle/stale
kind/flake
flake/test-logic
5193 Stuck on "propagation check failed"
5mo 8d 5mo
kind/bug
lifecycle/stale
area/acme
collaborator-last
commented
pr-merged
recv
similar
5069 Error presenting challenge: the server could not find the requested resource even though resource exists 7mo 10d 7mo
kind/bug
lifecycle/stale
recv
5004 After installing cert-manager using kubectl, "cmctl check api" fails with "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": context deadline exceeded
5
8mo 16d 4mo
lifecycle/stale
commented
send
similar
4747 Revoke Certificates
5
12
10mo 10d 10mo
kind/feature
lifecycle/stale
collaborator-last
recv
similar
3383 Certificate API doc omits "3072" as valid RSA key size 2y 3wk 2y
kind/bug
priority/important-longterm
lifecycle/stale
collaborator-last
commented
recv
2239 Create a CertificatePreset resource type to allow configurable defaulting
63
3y 7d 7mo
area/api
kind/feature
priority/backlog
priority/important-soon
lifecycle/stale
collaborator-last
commented
open-milestone
pr-closed
pr-merged
send
5054 fix webhook can not run with args of kubeconfig
7mo 4d 3mo
size/XS
release-note-none
kind/bug
needs-ok-to-test
lifecycle/stale
area/acme
dco-signoff: yes
collaborator-last
commented
send
unreviewed

Features that deserve a follow-up comment (1)

Resolution: Comment or close the issue

Average age: 860.5d, Avg wait: 701.5d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
262 [DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift
2y 2y 2y
kind/feature
priority/important-soon
author-last
commented
recv
recv-q

Features that have not been commented on within 90 days (4)

Resolution: Comment or close the issue

Average age: 870.3d, Avg wait: 175.4d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4349 allowing greater configuration for the cloud provider tests
1y 7mo 7mo
lifecycle/frozen
kind/feature
collaborator-last
commented
send
2178 Handling 'unregistering' certificates from Venafi TPP
11
3y 10mo 2y
lifecycle/frozen
kind/feature
priority/important-longterm
area/venafi
commented
recv-q
send
262 [DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift
2y 2y 2y
kind/feature
priority/important-soon
author-last
commented
recv
recv-q
155 Add 'unreleased version' & 'old version' warning banner to non-latest versions of docs 2y 2y 2y
kind/feature
priority/backlog
collaborator-last
commented
send

Bugs that have not been commented on within 60 days (16)

Resolution: Comment or close the issue

Average age: 253.0d, Avg wait: 50.0d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5423 Security compliance check for cert-manager as per CIS Benchmark 2mo 2mo 2mo
kind/bug
commented
member-last
send
5279 cainjector is watching secrets in all the cluster even after setting --namespace flag
4mo 2mo 2mo
kind/bug
commented
member-last
send
5074 Race condition between issuers, certificates, and secrets
7mo 3mo 3mo
lifecycle/frozen
kind/bug
priority/important-soon
commented
member-last
open-milestone
pr-new-commits
send
4620 Vault Issuer does not retry signing CertificateRequests if the status is pending
6
1y 2mo 3mo
kind/bug
priority/important-longterm
area/vault
commented
recv-q
send
similar
3565 requestmanager_controller got stuck in a loop and stopped generating new certificates afterward
12
2y 2mo 1y
kind/bug
commented
recv-q
send
802 Spelling errors are unclear in pull request CI results and spell checker is unmaintained
10mo 10mo
kind/bug
contributor-last
pr-merged
422 Page last modified date incorrect 2y 2y 2y
kind/bug
collaborator-last
commented
send
9 previously listed items omitted: #5480 #5454 #5434 #5432 #5428 #5421 #5415 #5171 #3283

Items that deserve a follow-up comment (48)

Resolution: Comment or close the issue

Average age: 381.8d, Avg wait: 353.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
5479 Could not determine authoritative nameservers for \"_acme-challenge.XXX.com. 2mo 2mo 2mo
author-last
recv
recv-q
5470 Waiting on certificate issuance from order default/nginx-app-tls-z9xlj-2268860154: "pending" Issuing certificate as Secret does not exist 2mo 2mo 2mo
author-last
recv
recv-q
5449 Gateway API exist, still getting error "the Gateway API CRDs do not seem to be present" 2mo 2mo 2mo
recv
5435 Issuer/ClusterIssuer vault with mounted JWT token 2mo 2mo 2mo
recv
5431 After generating a new Let's Encrypt certificate, it still uses the default cluster certificate. 2mo 2mo 2mo
recv
5211 Question about tolerations 5mo 2mo 5mo
author-last
recv
2334 Add network policy allowance into documentation
16
3y 2mo 1y
good first issue
help wanted
kind/documentation
priority/backlog
area/deploy
commented
pr-merged
recv
recv-q
1063 "Securing Ingresses with Venafi" tutorial contains link to missing manifest
3mo 3mo 3mo
author-last
pr-merged
recv
1062 Document process for offboarding maintainers 3mo 3mo 3mo
recv
similar
1061 Document onboarding process for new maintainers 3mo 3mo 3mo
recv
similar
1054 Run spell checker in a pre-commit hook 3mo 3mo 3mo
good first issue
kind/cleanup
recv
1006 Use descriptive text instead of alt for `feature icon` 5mo 5mo 5mo
recv
1001 Document a policy for required CI health before we can release 5mo 5mo 5mo
recv
998 Documentation venafi configuration references venafi documentation page which returns 403 5mo 3mo 5mo
contributor-last
recv
993 Document which resources do/do not get garbage collected 5mo 5mo 5mo
good first issue
contributor-last
recv
988 Document how feature gated fields can be added to API 6mo 6mo 6mo
recv
944 Document how to install cert-manager in a different namespace
2
7mo 5mo 7mo
good first issue
assigned
assignee-updated
contributor-last
recv
recv-q
931 Improve upgrade instructions using helm
7mo 7mo 7mo
recv
923 GSoD2022: Improve the navigation and structure of the cert-manager website 7mo 6mo 7mo
assigned
contributor-last
recv
similar
899 Upgrading from v1.7 to v1.8 check command should exclude null.
2
7mo 7mo 7mo
recv
recv-q
868 Document RBAC 8mo 8mo 8mo
contributor-last
recv
similar
866 Securing NGINX-ingress 8mo 8mo 8mo
recv
similar
851 create Cilium ingress tls example
3
9mo 5mo 9mo
assigned
assignee-updated
recv
850 Document available cert-manager Prometheus metrics 9mo 7mo 9mo
documentation
good first issue
priority/important-longterm
contributor-last
recv
847 missing documentation/information olm based installation metric prometheus 9mo 9mo 9mo
contributor-last
recv
841 remove dependency on golang from cmctl and kubectl-plugin installation documentation
10mo 10mo 10mo
contributor-last
pr-merged
recv
recv-q
836 Syncing Secrets Across Namespaces
10mo 8mo 10mo
recv
758 API reference docs: enum values not documented with typedef 1y 1y 1y
recv
746 Enable Dark mode in the docs website 1y 1y 1y
recv
709 Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1
1y 1y 1y
good first issue
priority/important-soon
recv
706 Default key usages 1y 1y 1y
recv
697 [IRSA] Needs `runAsUser: 1001` 1y 1y 1y
recv
672 List required Google CloudDNS permissions exhaustively 1y 1y 1y
recv
662 Using "azureDNS" for the DNS01 Solver results "Multiple user assigned identities exist, please specify the clientId / resourceId"
1y 1y 1y
recv
645 Investigate & add an FAQ/warning about images rolled back after GitOps upgrade 1y 9mo 1y
recv
recv-q
604 Make it so that it is easier to find the doc for fixing webhook issues 1y 7mo 1y
contributor-last
recv
568 Add a diagram for LetsEncrypt cert issuance flow to the docs
4
2y 2y 2y
recv
561 Certificate Resources 2y 2y 2y
recv
similar
554 HTTP Validation, privateKeySecretRef 2y 1y 2y
contributor-last
recv
551 Documentation on how to handle large-scale certificate management & best practices
2
2y 1y 2y
help wanted
priority/important-longterm
kind/documentation
contributor-last
recv
484 Please add anchor tags to your subheadings
2y 2y 2y
priority/backlog
kind/documentation
commented
contributor-last
pr-merged
recv
469 DNS01: Delegated Domains for DNS01 example yaml solvers list items 2y 2y 2y
recv
466 installation/compatiblity 2y 2y 2y
recv
457 cainjector docs are missing the option to inject certs in apiservice resources
2y 2y 2y
recv
454 Cluster Resource Namespace 2y 2y 2y
recv
similar
354 DigitalOcean access-token should not be base64-encoded 2y 2y 2y
priority/awaiting-more-evidence
author-last
commented
recv
76 Upgrading from v0.10 to v0.11 - missing cainjector annotation 2y 2y 2y
priority/backlog
kind/documentation
contributor-last
recv
56 Route53: document use of "region" field 3y 2y 3y
documentation
priority/important-longterm
contributor-last
recv
recv-q

Items that have not been commented on within 60 days (94)

Resolution: Comment or close the issue

Average age: 560.3d, Avg wait: 173.6d
ID Au Desc As Rea Cr Up Re Cmntrs Labels Tags
4950 General flakiness of our end-to-end suite
3
8mo 4mo 4mo
lifecycle/frozen
kind/flake
commented
member-last
pr-closed
pr-merged
send
1168 docs: Add info about client side certificate rotation best practices.
21
3y 2y 2y
help wanted
lifecycle/frozen
kind/documentation
priority/backlog
collaborator-last
commented
pr-closed
send
981 The `kubectl operator install` instructions are broken (after upgrading kubectl operator v0.3.0 -> v0.4.0) 6mo 6mo 6mo
commented
member-last
975 Some pages do not make it clear what the user should read next 7mo 7mo
974 Investigate styled 404 page 7mo 7mo
936 Review public envvars for site 7mo 7mo 7mo
commented
member-last
922 GSoD2022: Dashamir Hoxha 7mo 7mo 7mo
assigned
assignee-updated
commented
member-last
send
921 GSoD2022: Improve the Navigation and Structure of the cert-manager Website by Mehak 7mo 7mo 7mo
assigned
assignee-updated
commented
member-last
send
similar
844 Document feature gates 9mo 9mo
similar
776 Explain that you can pre-provision a Secret and Certificate.Spec.SecretName can refer to an existing Secret 11mo 11mo 11mo
commented
member-last
send
753 Route53 - AWS IAM Account Setup is confusing
1y 7mo 7mo
priority/backlog
commented
member-last
send
693 Azure DNS pod identity incorrectly documents principal_id 1y 1y 1y
commented
member-last
send
642 Move/ link to Webhook debugging docs 1y 1y
similar
583 cert-manager with ZeroSSL
44
2y 5mo 5mo
commented
send
549 Effort towards a more user-friendly website 2y 2y
543 Add getting started documentation for users who want to quickly use cert-manager to issue LetsEncrypt certificates
4
2y 1y 1y
commented
member-last
send
542 Document the Istio VirtualService HTTP01 configuration options 2y 2y
532 Rework of the landing page (cert-manager.io)
3
2y 1y 1y
help wanted
good first issue
commented
member-last
send
486 OpenShift - broken link
2y 1y 1y
commented
member-last
send
459 cert manager is no longer on the OpenShift operator list 2y 7mo 2y
priority/awaiting-more-evidence
assigned
assignee-updated
commented
contributor-last
recv-q
send
426 Create a sequence diagram that shows how a certificate gets issued with let's encrypt
2
2y 2y 2y
commented
member-last
pr-merged
425 Document ocspServers 2y 2y 2y
kind/documentation
commented
member-last
414 Explain cert-manager repo structure
2
2y 2y 2y
priority/backlog
kind/documentation
assigned
assignee-updated
commented
member-last
pr-closed
pr-merged
send
401 Bring tutorials up to date 2y 2y
priority/important-longterm
386 Uninstalling on Kubernetes - How to delete all those user created resources?
2y 2y 2y
collaborator-last
commented
send
344 Add docs to explain webhooks 2y 2y
help wanted
good first issue
priority/important-longterm
contributor-last
330 Case for CertificatePrivateKey (encoding, algorithm) is wrong (v1) 2y 2y 2y
collaborator-last
commented
send
326 Securing Ingresses with Venafi 2y 2y 2y
collaborator-last
commented
send
similar
320 Document how to install cert-manager using gitops and known issues with particular gitops implementations
3
2y 2y 2y
documentation
priority/important-soon
commented
contributor-last
295 Route53 2y 2y 2y
kind/documentation
commented
member-last
send
237 docs for ACMEChallengeSolverHTTP01Ingress doesn't specify what `class` values are available
2y 2y 2y
priority/backlog
kind/documentation
collaborator-last
commented
pr-closed
send
234 Backup and Restore Resources
3
2y 2y 2y
priority/backlog
kind/documentation
commented
member-last
pr-merged
send
232 Document keystored in usage/certificate 2y 2y
priority/backlog
kind/documentation
contributor-last
229 Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error 2y 2y
priority/important-soon
kind/documentation
contributor-last
228 Documentation needs correction for external-account-bindings
2y 2y
good first issue
priority/backlog
kind/documentation
pr-merged
223 Document wildcard certificate tutorial 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
198 Document release process 2y 2y 2y
priority/important-soon
kind/documentation
assigned
commented
member-last
send
197 Document ACME account mismatch 2y 2y 2y
good first issue
priority/backlog
kind/documentation
collaborator-last
commented
195 Document keystores 2y 2y 2y
priority/important-soon
kind/documentation
commented
member-last
send
178 Order of versions of cert-manager in menu 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
174 Add documentation for CRD conversion webhook ca injection 2y 2y 2y
help wanted
priority/important-soon
kind/documentation
commented
member-last
send
154 Documenting repo management process 2y 2y 2y
priority/important-longterm
kind/documentation
commented
contributor-last
send
144 Improve webhook debugging info
2y 2y 2y
priority/important-soon
kind/documentation
commented
member-last
pr-merged
send
similar
130 FAQ: How does cert-manager handle ingresses with valid TLS secrets? 2y 2y 2y
help wanted
priority/backlog
kind/documentation
commented
contributor-last
send
90 Document Certificate Subject Changes 2y 2y 2y
help wanted
good first issue
priority/important-soon
collaborator-last
commented
69 SelfSignedIssuer configuration - API reference docs 2y 2y 2y
help wanted
good first issue
priority/important-soon
kind/documentation
commented
member-last
send
79 Design for partial automation of release process 5mo 5mo 5mo
commented
member-last
send
50 Move cert-manager-release infrastructure to CNCF's GCP account
1y 10mo 10mo
commented
member-last
42 Publish latest release number as part of creating a final release
1y 1y 1y
commented
member-last
send
31 Move the manual steps of our release process to cmrel commands
2y 1y 1y
commented
member-last
pr-closed
27 Create cert-manager specific testing infrastructure
2y 1y 1y
assigned
assignee-updated
commented
member-last
pr-merged
send
19 Incorrect command line help: should include a --branch argument 2y 2y 2y
kind/cleanup
commented
contributor-last
2 Set up periodic job to publish an experimental release build
2y 2y
priority/backlog
assigned
contributor-last
41 previously listed items omitted
Triage Party v1.3.0