queue to be emptied once a week in a team triage meeting
Important soon, but no updates in 60 days (14)
Resolution: Downgrade to important-longterm
Average age: 792.8d, Avg wait: 82.2d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 4722 |  |
High memory usage on cluster with many secrets |
8
|
8mo | 2mo | 8mo | |
kind/bug
priority/important-soon
|
contributor-last open-milestone recv
|
|
| 3992 |  |
Add non-CRD yaml file |
2
|
1y | 2mo | 1y |     |
priority/important-soon
area/deploy
|
commented open-milestone recv
|
|
| 3381 |  |
Setup separate package for cert-manager API | 
|
4
|
2y | 2mo | 2mo |     |
kind/feature
priority/important-soon
|
assigned assignee-updated commented member-last open-milestone send
|
| 1888 |  |
Certificate not matching private key when creating multiple ingress resources |
15
|
3y | 2mo | 2mo |       |
good first issue
help wanted
kind/bug
priority/important-soon
area/acme
|
commented open-milestone send
|
|
| 709 |  |
Update Securing NGINX-ingress tutorial for apiVersion networking.k8s.io/v1 |
|
1y | 11mo | 1y |
good first issue
priority/important-soon
|
recv
|
||
| 320 | |
Document how to install cert-manager using gitops and known issues with particular gitops implementations |
3
|
2y | 1y | 2y |   |
documentation
priority/important-soon
|
commented contributor-last
|
|
| 262 |  |
[DOCS]: Add info on how to customize kind CertManager when using OperatorHub method on Openshift |
|
2y | 2y | 2y | |
kind/feature
priority/important-soon
|
commented recv recv-q
|
|
| 229 | |
Documenting resolution for DigitalOcean + HTTP01 "connection timed out" error | 2y | 2y |  |
priority/important-soon
kind/documentation
|
contributor-last
|
|||
| 198 | |
Document release process |
| 2y | 2y | 2y | |
priority/important-soon
kind/documentation
|
assigned commented member-last send
|
|
| 195 | |
Document keystores | 2y | 1y | 2y | |
priority/important-soon
kind/documentation
|
commented member-last send
|
||
| 174 |  |
Add documentation for CRD conversion webhook ca injection | 2y | 2y | 2y | |
help wanted
priority/important-soon
kind/documentation
|
commented member-last send
|
||
| 144 | |
Improve webhook debugging info
|
2y | 1y | 2y | |
priority/important-soon
kind/documentation
|
commented member-last pr-merged send similar
|
||
| 90 | |
Document Certificate Subject Changes | 2y | 2y | 2y |  |
help wanted
good first issue
priority/important-soon
|
collaborator-last commented
|
||
| 69 |  |
SelfSignedIssuer configuration - API reference docs | 2y | 2y | 2y | |
help wanted
good first issue
priority/important-soon
kind/documentation
|
commented member-last send
|
Important longterm, but no updates in 120 days (9)
Resolution: Downgrade to backlog
Average age: 771.5d, Avg wait: 190.5d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 2178 | |
Handling 'unregistering' certificates from Venafi TPP |
11
|
3y | 8mo | 2y |     |
lifecycle/frozen
kind/feature
priority/important-longterm
area/venafi
|
commented recv-q send
|
|
| 850 | |
Document available cert-manager Prometheus metrics | 7mo | 5mo | 7mo |  |
documentation
good first issue
priority/important-longterm
|
contributor-last recv
|
||
| 551 |  |
Documentation on how to handle large-scale certificate management & best practices |
2
|
1y | 10mo | 1y | |
help wanted
priority/important-longterm
kind/documentation
|
contributor-last recv
|
|
| 401 | |
Bring tutorials up to date | 2y | 2y |
priority/important-longterm
|
|||||
| 344 | |
Add docs to explain webhooks | 2y | 1y | |
help wanted
good first issue
priority/important-longterm
|
contributor-last
|
|||
| 223 | |
Document wildcard certificate tutorial | 2y | 2y | 2y | |
priority/important-longterm
kind/documentation
|
commented contributor-last send
|
||
| 178 |  |
Order of versions of cert-manager in menu | 2y | 2y | 2y | |
priority/important-longterm
kind/documentation
|
commented contributor-last send
|
||
| 154 | |
Documenting repo management process | 2y | 2y | 2y | |
priority/important-longterm
kind/documentation
|
commented contributor-last send
|
||
| 56 |  |
Route53: document use of "region" field | 2y | 1y | 2y |  |
documentation
priority/important-longterm
|
contributor-last recv recv-q
|
many reactions, low priority (11)
Resolution: Upgrade to priority-soon, priority-longterm, or longterm-support
Average age: 341.6d, Avg wait: 40.0d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 5267 |  |
cm-acme-http-solver triggers no.scale.down.node.pod.not.backed.by.controller due to lack of PodDisruptionBudget |
5
|
3mo | 2mo | 3mo |  |
kind/bug
|
recv
|
|
| 4956 |  |
cert-manager created multiple CertificateRequest objects with the same certificate-revision
|
2
2
3
|
6mo | 15h | 6mo |      |
kind/bug
|
commented pr-merged recv recv-q
|
|
| 4821 |  |
Allow `ingressClassName` to be set for HTTP01 solver ingresses. | 3
78
|
8mo | 4d | 5mo |          |
kind/feature
area/ingress-shim
|
commented pr-unreviewed send
|
|
| 4786 | |
Investigate whether it would be valuable to decrease the initial backoff period for certificate issuance retries
|
9
|
8mo | 3wk | 3wk |  |
lifecycle/rotten
|
collaborator-last commented pr-merged
|
|
| 4654 |  |
Certificates issued by vault with isCa: true are missing CA:TRUE in certificate |
2
3
4
|
9mo | 2mo | 2mo |    |
kind/bug
|
commented member-last send similar
|
|
| 4144 |  |
Make it possible to use a projected service account token to the Vault Issuer instead of a service account Secret
|
21
|
1y | 2mo | 2mo |        |
kind/feature
priority/backlog
area/vault
|
commented member-last pr-closed send
|
|
| 2538 |  |
cert-manager does not use ingress.class from Ingress annotated with cert-manager.io/cluster-issuer |
57
|
2y | 8d | 1y |             |
area/api
kind/feature
priority/backlog
|
commented recv recv-q
|
|
| 3931 |  |
Added PodDisruptionBudgets to helm chart |
|
2
13
|
1y | 1d | 5mo |         |
size/L
release-note
approved
kind/feature
dco-signoff: yes
ok-to-test
area/deploy
|
assigned assignee-updated commented contributor-last new-commits recv recv-q
|
| 5324 | |
Create 20220720-per-certificate-owner-ref.md |
4
|
2mo | 12d | 3wk |  |
size/L
release-note-none
approved
kind/design
dco-signoff: yes
|
collaborator-last commented new-commits similar
|
|
| 5174 |  |
Add support for restricting the secrets watch list in cainjector |
5
|
4mo | 5wk | 3mo |  |
release-note
needs-rebase
needs-ok-to-test
size/M
dco-signoff: yes
needs-kind
|
collaborator-last commented recv recv-q unreviewed
|
|
| 583 | |
cert-manager with ZeroSSL | 44
|
1y | 3mo | 3mo |            |
commented send
|
many commenters, low priority (1)
Resolution: Upgrade to priority-soon, priority-longterm, or longterm-support
Average age: 76.8d, Avg wait: 0.0d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 5324 | |
Create 20220720-per-certificate-owner-ref.md |
4
|
2mo | 12d | 3wk | |
size/L
release-note-none
approved
kind/design
dco-signoff: yes
|
collaborator-last commented new-commits similar
|
Screaming into the void (2)
Resolution: Reopen, or ask folks to open a new issue
Average age: 725.7d, Avg wait: 619.8d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 4991 |  |
Successful challenge request, but no certificate |
4
|
6mo | 5d | 6mo |     |
kind/bug
|
closed commented recv recv-q
|
|
| 1582 |  |
Can't delete challenge |
45
39
10
36
191
|
3y | 1d | 3y |          |
kind/bug
|
closed commented recv recv-q
|
Needs information for over 2 weeks (6)
Resolution: Close or remove triage/needs-information label
Average age: 412.0d, Avg wait: 0.0d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 5173 |  |
Unable to create certificate with cert-manager v1.7.1 using Traefik 2.6.3 | 4mo | 3wk | 3mo | |
kind/bug
lifecycle/stale
triage/needs-information
area/acme/http01
|
collaborator-last commented send
|
||
| 5159 |  |
ACME account private key rotation support | 4mo | 3wk | 3mo | |
lifecycle/stale
triage/needs-information
|
collaborator-last commented send
|
||
| 5101 |  |
No backoff/delay when failing to create challenge solver pods | 5mo | 19d | 3mo | |
kind/bug
priority/important-longterm
lifecycle/stale
triage/needs-information
|
collaborator-last commented send
|
||
| 3748 |  |
Cert-manager causes API server panic on clusters with more than 20000 secrets.
|
11
|
2y | 2mo | 8mo |   |
kind/bug
triage/needs-information
|
commented contributor-last pr-merged send
|
|
| 3640 | |
Challenge Records Not Always Cleaned Up | 2y | 7wk | 7wk | |
kind/bug
area/acme
triage/needs-information
|
collaborator-last commented pr-merged pr-unreviewed
|
||
| 2882 |  |
Reuse / recovery of ExternalAccountBinding based account
|
3
6
30
|
2y | 3wk | 2y |                |
kind/bug
priority/important-soon
area/acme
triage/needs-information
lifecycle/rotten
|
collaborator-last commented pr-closed recv-q send
|
Support request over 30 days old (5)
Resolution: Close, or add to triage/long-term-support
Average age: 227.5d, Avg wait: 206.3d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 5294 |  |
Helm install: no matches for kind "ClusterIssuer" in version "cert-manager.io/v1alpha2" | 2mo | 2mo | 2mo | |
triage/support
|
commented recv similar
|
||
| 5292 |  |
Unable to delete/upgrade cert-manager | 2mo | 2mo | 2mo | |
triage/support
|
commented recv
|
||
| 5236 |  |
Cert Manager appending random string/numbers on the end of secret name |
2
|
3mo | 6wk | 3mo |  |
triage/support
|
commented recv-q send
|
|
| 770 |  |
Helm template fails with `--create-namespace` | 10mo | 9mo | 10mo | |
triage/support
|
contributor-last recv recv-q
|
||
| 480 |  |
Secret gets UID added to end of name | 2y | 1y | 2y | |
triage/support
|
contributor-last recv recv-q
|
Issues nearing expiration (24)
Resolution: Close or label as frozen
Average age: 288.9d, Avg wait: 78.2d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 5156 |  |
Issued certificate having more validity period than root certificates. | 4mo | 12d | 4mo |
lifecycle/rotten
|
collaborator-last recv
|
|||
| 5137 |  |
Slow healthz and livez endpoints cause liveness and readiness probe failures | 4mo | 21h | 4mo | |
kind/bug
priority/important-soon
lifecycle/rotten
|
collaborator-last commented open-milestone send
|
||
| 5134 |  |
Letsencrypt acme cert challenges no longer working on AKS (nginx-ingress + cert-manager + clusterissuer + letsencrypt) |
4
|
4mo | 3wk | 4mo |
kind/bug
lifecycle/rotten
|
collaborator-last recv
|
||
| 5132 |  |
HTTP01 - Did not get expected response when querying endpoint, expected X, but got X |
|
4mo | 3wk | 4mo |
kind/bug
lifecycle/rotten
|
collaborator-last recv
|
||
| 5131 |  |
ingressShim doesn't supply x.509 subject fields required by our providers (TPP) policies | 4mo | 12d | 4mo | |
kind/feature
lifecycle/rotten
|
contributor-last recv recv-q
|
||
| 5128 |  |
helm chart: add annotations and labels globally | 4mo | 3wk | 4mo |
kind/feature
lifecycle/rotten
|
collaborator-last recv
|
|||
| 5120 |  |
Too many pending authorizations - On Certificate Orders | 4mo | 3wk | 4mo | |
kind/bug
lifecycle/rotten
|
collaborator-last commented recv
|
||
| 5114 |  |
Intermediate certificate is not updated in child certificate | 4mo | 3wk | 4mo |
kind/bug
lifecycle/rotten
|
collaborator-last recv
|
|||
| 5086 |  |
Issuing certificate as Secret does not exist | 5mo | 9d | 5mo |    |
lifecycle/rotten
|
collaborator-last recv similar
|
||
| 4980 |  |
Waiting for DNS-01 challenge propagation: dial tcp 173.245.59.41:53: connect: connection refused |
2
|
6mo | 4d | 6mo |   |
kind/bug
lifecycle/rotten
|
collaborator-last commented recv-q send similar
|
|
| 4884 |  |
Add a similar secretTemplate to the secret that is created by ACME Issuer |
|
7mo | 13d | 7mo | |
kind/feature
lifecycle/rotten
|
collaborator-last commented recv
|
|
| 4786 | |
Investigate whether it would be valuable to decrease the initial backoff period for certificate issuance retries
|
9
|
8mo | 3wk | 3wk | |
lifecycle/rotten
|
collaborator-last commented pr-merged
|
|
| 4561 | |
Ability to specify secret ownerReference as part of the Certificate request |
3
|
11mo | 17d | 11mo |  |
kind/feature
lifecycle/rotten
|
collaborator-last recv
|
|
| 4535 |  |
Kubernetes: x509 certificate signed by unknown authority, possibly because of ECDSA verification failure |
|
11mo | 8d | 11mo |      |
lifecycle/rotten
|
collaborator-last commented recv-q send similar
|
|
| 4410 |  |
Support configuration via operator subscription | 4
|
1y | 18d | 4mo |     |
kind/feature
lifecycle/rotten
|
collaborator-last commented send
|
|
| 4250 |  |
Support parallel DNS validation for same host |
6
|
1y | 4wk | 10mo |  |
priority/important-soon
lifecycle/rotten
area/acme/dns01
|
collaborator-last commented open-milestone recv recv-q
|
|
| 4033 | |
Automated updates of base images
|
1y | 9d | 9d | |
kind/feature
priority/important-soon
lifecycle/rotten
|
commented member-last open-milestone pr-merged
|
||
| 3706 |  |
renewal-hooks |
3
12
|
2y | 14d | 8mo |     |
kind/feature
priority/important-longterm
lifecycle/rotten
|
collaborator-last commented send
|
|
| 3592 |  |
Ability to not create ca.crt |
2
|
2y | 1d | 2y |    |
lifecycle/rotten
|
collaborator-last commented recv
|
|
| 2882 | |
Reuse / recovery of ExternalAccountBinding based account
|
3
6
30
|
2y | 3wk | 2y | |
kind/bug
priority/important-soon
area/acme
triage/needs-information
lifecycle/rotten
|
collaborator-last commented pr-closed recv-q send
|
|
| 4810 | |
Server Side Apply: Adds support for CA Injector controller to use SSA with Feature Gate |
4
|
8mo | 12d | 12d | |
size/L
release-note
needs-rebase
approved
kind/feature
priority/important-soon
lifecycle/rotten
dco-signoff: yes
area/deploy
|
collaborator-last commented open-milestone reviewed-with-comment send
|
|
| 4744 | |
Trigger controller: test the trigger cases | 8mo | 12d | 6mo | |
size/XL
release-note-none
needs-rebase
approved
kind/cleanup
lifecycle/rotten
dco-signoff: yes
area/testing
|
collaborator-last commented new-commits
|
||
| 5015 | |
Update the make target "e2e-setup-traefik" so that it can work for the version v1alpha2 of the Gateway API | 6mo | 12d | |
size/L
release-note-none
needs-rebase
approved
do-not-merge/work-in-progress
kind/cleanup
lifecycle/rotten
dco-signoff: yes
area/testing
|
collaborator-last draft recv-q unreviewed
|
|||
| 5139 |  |
Added feature-gates arguments to webhook pod | 4mo | 18d | 4mo | |
size/XS
release-note
needs-ok-to-test
lifecycle/rotten
dco-signoff: yes
area/deploy
needs-kind
|
changes-requested collaborator-last commented send
|
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 5324 | |
Create 20220720-per-certificate-owner-ref.md |
4
|
2mo | 12d | 3wk | |
size/L
release-note-none
approved
kind/design
dco-signoff: yes
|
collaborator-last commented new-commits similar
|
|
| 5387 |  |
Add option to load Vault CA bundle from Kubernetes Secret |
| 7wk | 12d | 19d | |
release-note
size/XL
approved
lgtm
area/api
kind/feature
dco-signoff: yes
area/testing
ok-to-test
area/deploy
|
assigned assignee-updated collaborator-last commented new-commits open-milestone send
|
|
| 5436 | |
Move CSR resource in design to GA |
|
19d | 12d | 19d | |
release-note
approved
size/S
kind/design
dco-signoff: yes
|
collaborator-last commented send unreviewed
|
|
| 1071 | |
Improved the summary on the docs homepage |
2
|
3wk | 3wk | 3wk |   |
approved
dco-signoff: yes
size/S
|
commented contributor-last new-commits recv-q
|
|
| 1072 | |
Adds documentation for the new `caBundleSecretRef` feature on the Vault Issuer |
|
3wk | 3wk | |
approved
dco-signoff: yes
size/M
|
changes-requested contributor-last
|
||
| 992 | |
Initial feature gate documentation |
2
|
4mo | 4mo | 4mo | |
approved
dco-signoff: yes
size/M
|
commented contributor-last recv recv-q reviewed-with-comment
|
Pull Requests: Stale (55)
Resolution: Add comment and/or close PR
Average age: 227.7d, Avg wait: 44.1d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags | |
| 5427 |  |
Added support for disableChallengePresentation for issuers and clusterissuers |
|
4wk | 6d | 12d |  |
release-note
area/api
needs-ok-to-test
size/M
area/acme
dco-signoff: yes
area/deploy
needs-kind
|
commented recv unreviewed
|
||
| 5378 | |
Unify semver version generation | 1mo | 8d | 5wk | |
size/L
release-note-none
needs-rebase
approved
do-not-merge/work-in-progress
kind/cleanup
dco-signoff: yes
|
changes-requested collaborator-last commented draft
|
|||
| 5383 | |
Generate applyconfigurations and Apply functions | 7wk | 8d | 7wk | |
release-note
needs-rebase
approved
area/api
do-not-merge/work-in-progress
size/XXL
dco-signoff: yes
needs-kind
|
collaborator-last commented draft send similar unreviewed
|
|||
| 4969 |  |
add acmeHttp01SolverImage | 6mo | 10d | 6mo |  |
size/XS
release-note
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
|
commented recv recv-q unreviewed
|
|||
| 5093 |  |
Add relabeling and metricRelabelings settings for ServiceMonitor. | 5mo | 11d | 5mo |  |
release-note
size/S
needs-ok-to-test
dco-signoff: yes
area/deploy
needs-kind
|
recv recv-q unreviewed
|
|||
| 4330 |  |
Add client certificate auth method for Vault issuer | 1y | 12d | 5mo |  |
release-note
size/XL
area/api
kind/feature
area/acme
area/vault
dco-signoff: yes
area/testing
ok-to-test
area/deploy
|
collaborator-last commented recv recv-q unreviewed
|
|||
| 4502 |  |
support subject and email annotations for ingress/gateway |
6
|
1y | 12d | 6wk |  |
size/L
release-note-none
area/api
kind/feature
area/acme
dco-signoff: yes
area/testing
ok-to-test
area/acme/dns01
area/deploy
|
collaborator-last commented new-commits open-milestone send
|
||
| 4835 | |
Making sure per fixture only 1 setup is active at the same time |
| 7mo | 12d | 3mo | |
release-note-none
kind/bug
size/M
lifecycle/stale
dco-signoff: yes
area/testing
|
assigned assignee-updated collaborator-last commented reviewed-with-comment
|
||
| 4570 |  |
`RevisionHistoryLimit` has a default value of 25 |
|
|
11mo | 12d | 2mo | |
release-note
area/api
size/M
dco-signoff: yes
ok-to-test
area/deploy
needs-kind
|
assigned collaborator-last commented new-commits send
|
|
| 4209 | |
Auto generate README.md, Chart.yaml, values.schema.json and values.yaml using tem & helm-jsonschema-gen |
3
|
1y | 12d | 3mo | |
release-note
needs-rebase
approved
do-not-merge/work-in-progress
kind/feature
size/XXL
dco-signoff: yes
ok-to-test
area/deploy
|
collaborator-last commented draft new-commits similar
|
||
| 5003 |  |
Implement the DNS-over-HTTPS check | 6mo | 12d | 2mo |  |
release-note-none
do-not-merge/work-in-progress
size/XXL
area/acme
dco-signoff: yes
area/testing
ok-to-test
area/acme/dns01
needs-kind
|
collaborator-last commented draft recv recv-q unreviewed
|
|||
| 5083 | |
WIP: Generate applyconfigurations and Apply functions |
| 5mo | 12d | 5mo | |
release-note-none
needs-rebase
approved
do-not-merge/work-in-progress
size/XXL
dco-signoff: yes
area/testing
needs-kind
|
assigned assignee-updated collaborator-last commented send similar unreviewed
|
||
| 5094 | |
WIP server-side apply in tests v2 | 5mo | 12d |
size/L
release-note-none
needs-rebase
approved
do-not-merge/work-in-progress
kind/cleanup
dco-signoff: yes
area/testing
|
collaborator-last unreviewed
|
|||||
| 5126 | |
WIP: Only remove the cleanup finalizer if the cleanup succeeds | 4mo | 12d | 4mo | |
size/L
release-note-none
needs-rebase
approved
do-not-merge/work-in-progress
kind/cleanup
area/acme
dco-signoff: yes
area/testing
|
collaborator-last commented unreviewed
|
|||
| 5373 |  |
Allow config of http01 solver pod security context |
2
|
1mo | 12d | 1mo | |
size/L
release-note
area/api
kind/feature
area/acme
dco-signoff: yes
ok-to-test
area/acme/http01
area/deploy
|
collaborator-last commented open-milestone recv recv-q unreviewed
|
||
| 5370 | |
Use CUE to generate values.yaml and values.schema.json |
|
2mo | 12d | 5wk | |
release-note
needs-rebase
approved
do-not-merge/work-in-progress
kind/feature
size/XXL
dco-signoff: yes
area/deploy
|
collaborator-last commented draft new-commits similar
|
||
| 5105 |  |
Replace update with patch operation | 4mo | 15d | 4mo |
release-note-none
needs-rebase
size/S
needs-ok-to-test
lifecycle/stale
dco-signoff: yes
area/testing
needs-kind
|
collaborator-last recv unreviewed
|
||||
| 5127 |  |
Add EncodeUsagesInRequestAnnotationKey for certificate |
|
4mo | 15d | 4mo | |
release-note
needs-rebase
size/S
area/api
needs-ok-to-test
lifecycle/stale
dco-signoff: yes
needs-kind
|
collaborator-last commented send unreviewed
|
||
| 5308 |  |
Add the Workload Identities for azureDns | 2mo | 4wk | 6wk | |
size/L
release-note
needs-rebase
area/api
needs-ok-to-test
area/acme
dco-signoff: yes
area/acme/dns01
needs-kind
|
commented member-last send unreviewed
|
|||
| 5054 |  |
fix webhook can not run with args of kubeconfig |
|
5mo | 5wk | 5wk | |
size/XS
release-note-none
kind/bug
needs-ok-to-test
area/acme
dco-signoff: yes
|
commented member-last send unreviewed
|
||
| 5303 |  |
Stop infinitely reissuing certs with shared Secret |
|
3
|
2mo | 2mo | 2mo | |
release-note
size/S
do-not-merge/work-in-progress
needs-ok-to-test
dco-signoff: yes
needs-kind
|
assigned assignee-updated collaborator-last commented draft new-commits recv
|
|
| 1075 | |
Move Issuer / ClusterIssuer and Certificate resource content to a sub-folder of configuration/ | 3wk | 6d |  |
approved
dco-signoff: yes
size/L
needs-rebase
|
contributor-last reviewed-with-comment
|
||||
| 984 | |
Fix zerossl tutorial path |
| 4mo | 10d | 4mo | |
dco-signoff: yes
size/L
ok-to-test
|
assigned contributor-last recv recv-q unreviewed
|
||
| 1048 | |
[WIP] Document structure updates | 2mo | 6wk | 7wk | |
dco-signoff: yes
size/XXL
needs-rebase
do-not-merge/work-in-progress
ok-to-test
|
commented contributor-last send unreviewed
|
|||
| 1032 | |
projects/approver-policy: selector.namespace |
| 2mo | 7wk | |
approved
dco-signoff: yes
lgtm
do-not-merge/hold
size/M
|
approved assigned contributor-last
|
|||
| 1034 |  |
Add link to ACME DNS01 webhook for PowerDNS | 2mo | 2mo | 2mo | |
size/XS
dco-signoff: yes
needs-rebase
needs-ok-to-test
|
contributor-last recv unreviewed
|
|||
| 1005 |  |
Route53 accessKeyIDSecretRef docs | 3mo | 3mo | 3mo | |
size/XS
dco-signoff: yes
needs-ok-to-test
|
recv unreviewed
|
|||
| 930 |  |
update ibmcloud cis webhook link |
| 5mo | 4mo | 5mo | |
size/XS
dco-signoff: yes
needs-ok-to-test
|
assigned assignee-updated commented recv unreviewed
|
||
| 982 | |
WIP: [GSOD] Define our audiences | 4mo | 4mo | |
approved
dco-signoff: yes
do-not-merge/work-in-progress
size/M
|
unreviewed
|
||||
| 859 | |
Move the meetings and slack information to a separate page |
|
6mo | 4mo | 4mo | |
approved
dco-signoff: yes
needs-rebase
size/M
|
changes-requested commented member-last send
|
||
| 948 |  |
add note to ingress class definition |
| 5mo | 5mo | 5mo | |
dco-signoff: no
size/XS
needs-ok-to-test
|
assigned recv unreviewed
|
||
| 701 |  |
Issuer with IRSA needs ambient credentials flag |
|
1y | 5mo | 8mo |  |
dco-signoff: no
size/S
ok-to-test
|
commented contributor-last new-commits send
|
||
| 446 |  |
Add multiple ingresses usage section | 2y | 5mo | 1y | |
size/XS
dco-signoff: yes
needs-rebase
needs-ok-to-test
|
changes-requested commented contributor-last send
|
|||
| 589 |  |
cloud DNS: include missing project ID |
|
1y | 5mo | 1y | |
size/XS
dco-signoff: yes
needs-rebase
ok-to-test
|
changes-requested commented contributor-last send
|
||
| 689 | |
Retro 1.5 follow-up: PR to website on every feature PR |
|
1y | 5mo | 1y | |
approved
size/XS
dco-signoff: yes
needs-rebase
|
changes-requested commented contributor-last send
|
||
| 751 |  |
Added kubectl config for recursive nameservers | 11mo | 5mo | 10mo | |
dco-signoff: no
size/XS
needs-rebase
ok-to-test
|
approved commented contributor-last send
|
|||
| 765 |  |
Document that DNS-01 ClusterIssuer use kube-system secret |
| 10mo | 5mo | 10mo | |
size/XS
dco-signoff: yes
needs-rebase
needs-ok-to-test
|
assigned changes-requested commented contributor-last send
|
||
| 790 |  |
Update route53.md | 9mo | 5mo | 8mo | |
dco-signoff: no
size/XS
needs-rebase
needs-ok-to-test
|
changes-requested commented contributor-last send
|
|||
| 884 |  |
remove duplicate code | 6mo | 5mo | 6mo | |
dco-signoff: no
size/XS
needs-rebase
needs-ok-to-test
|
changes-requested contributor-last recv
|
|||
| 528 |  |
Update "Setting Nameservers for DNS01 Self Check" example | 1y | 6mo | 1y |
size/XS
dco-signoff: yes
needs-rebase
needs-ok-to-test
|
contributor-last recv unreviewed
|
||||
| 451 |  |
update to ingress. | 2y | 8mo | 2y | |
dco-signoff: no
size/XS
needs-rebase
needs-ok-to-test
|
contributor-last recv unreviewed
|
|||
| 548 | |
More doc around the approval API in the /concepts/certificaterequest page |
|
|
1y | 1y | 1y | |
approved
dco-signoff: yes
kind/cleanup
size/XL
needs-rebase
|
assigned assignee-updated changes-requested commented contributor-last send
|
|
| 17 | |
Add image validation for Docker architecture |
| 2y | 1y | 1y | |
dco-signoff: yes
lgtm
size/L
needs-rebase
|
assigned assignee-updated commented contributor-last new-commits send
|
||
| 43 | |
No more requirement "be in the release folder" to run cmrel, remove the flag --cloudbuild | 1y | 1y |
dco-signoff: yes
approved
size/M
needs-rebase
|
contributor-last unreviewed
|
|||||
| 36 | |
Add the "cmrel update-release-branch" command | 1y | 1y | 1y | |
dco-signoff: yes
approved
size/M
needs-rebase
do-not-merge/work-in-progress
|
commented contributor-last draft unreviewed
|
|||
| 10 previously listed items omitted: #4810 #4744 #5324 #5015 #5387 #5139 #5174 #1071 #1072 #992 | |||||||||||
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags | |
| 5316 |  |
Cert-manager shuts down without warning due to secret timeout | 2mo | 2mo | 2mo | |
kind/bug
|
recv recv-q
|
|||
| 5215 |  |
Add relabeling in cert-manager serviceMonitor | 3mo | 4wk | 3mo | |
kind/feature
|
commented recv recv-q
|
|||
| 5042 |  |
propagation check failed: DNS record for xxx not yet propagated |
3
|
5mo | 3wk | 5mo |    |
kind/bug
lifecycle/stale
|
collaborator-last recv recv-q similar
|
||
| 4941 |  |
Failed to perform self check GET request | 6mo | 2mo | 6mo |    |
kind/bug
|
recv recv-q similar
|
|||
| 4931 |  |
Enable Testing on ARM64 | 6mo | 2mo | 6mo | |
kind/feature
|
commented recv recv-q
|
|||
| 4918 |  |
Leader election timeout (?) causes exit |
|
7mo | 5wk | 5mo |     |
priority/important-longterm
|
commented recv recv-q
|
||
| 4877 |  |
HTTP01 solver fails self-check/propagation check on 1.7.1 when used with client-certificate auth on nginx Ingress 1.1.1 |
|
7mo | 2mo | 7mo |  |
kind/bug
|
recv recv-q
|
||
| 4846 |  |
More than one Certificate nominating same Secret induces runaway creation of many CertificateRequests and Orders |
2
|
7mo | 19d | 7mo |  |
kind/bug
priority/important-soon
lifecycle/stale
|
collaborator-last pr-new-commits recv recv-q
|
||
| 4685 | |
Unexpected EOF during watch stream event decoding: unexpected EOF |
2
|
9mo | 6wk | 9mo |   |
lifecycle/frozen
kind/bug
|
recv recv-q
|
||
| 4653 |  |
Venafi TPP Support for Oauth |
3
|
9mo | 19d | 9mo |     |
kind/feature
priority/backlog
|
recv recv-q
|
||
| 4620 |  |
Vault Issuer does not retry signing CertificateRequests if the status is pending |
5
|
10mo | 14d | 6wk |   |
kind/bug
priority/important-longterm
area/vault
|
commented recv-q send similar
|
||
| 4594 | |
TLS handshake error: EOF | 8
|
10mo | 4wk | 3mo |        |
kind/bug
|
commented recv-q send
|
||
| 4423 |  |
Cert renewal loop |
2
|
1y | 2mo | 1y | |
kind/bug
|
commented recv recv-q
|
||
| 3958 |  |
Sane defaults for Certificate revision history limit |
10
|
1y | 4wk | 1y |     |
kind/feature
|
recv recv-q similar
|
||
| 3896 |  |
Cert Manager failing to renew certificate |
17
|
1y | 7wk | 1y |   |
kind/bug
|
commented recv-q send similar
|
||
| 3820 |  |
Controller fails to process new certs when there are a large number of pending ones |
|
3
|
2y | 5wk | 7mo |     |
kind/bug
priority/important-soon
area/acme
|
assigned assignee-updated commented recv-q send
|
|
| 3565 |  |
requestmanager_controller got stuck in a loop and stopped generating new certificates afterward |
12
|
2y | 11d | 1y |             |
kind/bug
|
commented recv-q send
|
||
| 3521 | |
Integration with ExternalDNS |
21
|
2y | 14d | 5mo |     |
help wanted
lifecycle/frozen
kind/feature
priority/important-longterm
|
commented recv-q send
|
||
| 3298 |  |
Let's encrypt certificate caching to mitigate rate limits problems |
3
12
|
2y | 2mo | 8mo |      |
help wanted
kind/feature
priority/backlog
|
commented recv-q send
|
||
| 3283 |  |
Passing apiVersion as apiGroup should give a validation error | 2
17
|
2y | 6d | 2y |              |
area/api
kind/bug
priority/important-longterm
|
commented recv recv-q
|
||
| 3103 |  |
Adding probes to the cert-manager pods |
5
|
2y | 7d | 3mo |      |
kind/feature
priority/important-longterm
area/deploy
|
commented recv-q send
|
||
| 2722 |  |
Inject CA certificate into Secrets with cainjector |
18
|
2y | 3wk | 9mo |     |
kind/feature
priority/awaiting-more-evidence
|
commented recv-q send
|
||
| 2605 |  |
No flag to set structured logging output, e.g. JSON? |
37
|
2y | 3wk | 2y |       |
help wanted
kind/feature
priority/backlog
|
commented recv recv-q
|
||
| 2525 |  |
Better support multi-namespace & single-namespace deployments
|
20
|
2y | 2mo | 1y |        |
kind/feature
priority/important-longterm
area/deploy
|
commented pr-closed recv-q send
|
||
| 2478 |  |
Allow CA issuer secret rotation |
33
|
2y | 1mo | 2y |          |
kind/feature
priority/important-longterm
area/ca
|
commented open-milestone recv-q send
|
||
| 2380 |  |
Helm chart version is not SemVer-compatible |
4
|
2y | 7wk | 1y |      |
kind/bug
|
commented recv recv-q
|
||
| 2334 |  |
Add network policy allowance into documentation
|
16
|
2y | 19d | 1y |     |
good first issue
help wanted
kind/documentation
priority/backlog
area/deploy
|
commented pr-merged recv recv-q
|
||
| 2332 |  |
Private ACME authority aka custom root certificate for ACME |
17
|
2y | 2wk | 2y |    |
good first issue
help wanted
kind/feature
priority/backlog
area/acme
|
commented recv recv-q
|
||
| 899 |  |
Upgrading from v1.7 to v1.8 check command should exclude null. |
2
|
6mo | 5mo | 6mo |  |
recv recv-q
|
|||
| 645 | |
Investigate & add an FAQ/warning about images rolled back after GitOps upgrade | 1y | 7mo | 1y |  |
recv recv-q
|
||||
| 6 previously listed items omitted: #5236 #4535 #4250 #2538 #2178 #262 | |||||||||||
