Skip to content
Automatically provision and manage TLS certificates in Kubernetes
Go Starlark Shell Other
Branch: master
Clone or download

Latest commit

jetstack-bot Merge pull request #2858 from FairwindsOps/sudermanjr/helm-chart-cont…
…ainer-security-context

Fix #2849 Add container security context to helm chart deployments
Latest commit bd5cd51 May 23, 2020

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github Add additional issue template types Aug 9, 2018
build Fix 'make images' May 6, 2020
cmd Use acme AccountRegistry throughout and tidy up ACME setup code May 13, 2020
deploy Merge pull request #2858 from FairwindsOps/sudermanjr/helm-chart-cont… May 23, 2020
design WIP: draft of extensible certificates controller doc Apr 15, 2020
devel Allow setting FEATURE_GATES in devel/addon/certmanager/install.sh Apr 15, 2020
docs Remove docs/ directory and replace with basic README Jan 20, 2020
hack Remove x-kubernetes-preserve-unknown-fields from Issuer and ClusterIs… May 13, 2020
logo Add logo in svg format Jul 8, 2019
pkg accounts: Use RWMutex instead of regular Mutex May 13, 2020
test Moves ctl kubeconfig flags to top level Apr 30, 2020
tools/cobra Update references to ctl binary name May 5, 2020
.bazelrc Move print-workspace-status.sh into hack/build Sep 27, 2019
.gitignore Moves ctl kubeconfig flags to top level Apr 30, 2020
BUILD.bazel Remove UBI May 1, 2020
CODE_OF_CONDUCT.md Create CODE_OF_CONDUCT.md Oct 22, 2017
CONTRIBUTING.md Add details on DCO sign-off Aug 13, 2018
LICENSE add apache 2.0 license Jul 22, 2017
LICENSES Adds doc generation for cobra controlled ctl comands Apr 30, 2020
Makefile Fix 'make images' May 6, 2020
OWNERS Add meyskens to reviewers and approvers Mar 5, 2020
README.md Update Helm chart & other docs with new URLs and info Mar 24, 2020
WORKSPACE Bump Go to 1.14.2 May 4, 2020
go.mod Adds doc generation for cobra controlled ctl comands Apr 30, 2020
go.sum Adds doc generation for cobra controlled ctl comands Apr 30, 2020

README.md

Build Status Go Report Card

cert-manager

cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources.

It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.

It is loosely based upon the work of kube-lego and has borrowed some wisdom from other similar projects e.g. kube-cert-manager.

cert-manager high level overview diagram

Current status

As this project is pre-1.0, we do not currently offer strong guarantees around our API stability.

Notably, we may choose to make breaking changes to our API specification (i.e. the Issuer, ClusterIssuer and Certificate resources) in new minor releases.

These will always be clearly documented in the upgrade section of the documentation.

Documentation

Documentation for cert-manager can be found at cert-manager.io. Please make sure to select the correct version of the documentation to view on the top right of the page.

For the common use-case of automatically issuing TLS certificates to Ingress resources, aka a kube-lego replacement, see the cert-manager nginx ingress quick start guide.

See Installation within the documentation for installation instructions.

Troubleshooting

If you encounter any issues whilst using cert-manager, we have a number of places you can use to try and get help.

The quickest way to ask a question is to first post on our Slack channel (#cert-manager) on the Kubernetes Slack. There are a lot of community members in this channel, and you can often get an answer to your question straight away!

You can also try searching for an existing issue. Properly searching for an existing issue will help reduce the number of duplicates, and help you find the answer you are looking for quicker.

Please also make sure to read through the relevant pages in the documentation before opening an issue. You can also search the documentation using the search box on the top left of the page.

If you believe you have encountered a bug, and cannot find an existing issue similar to your own, you may open a new issue. Please be sure to include as much information as possible about your environment.

Community

There is a Google Group used for project wide announcements and development coordination. Anybody can join the group by visiting here and clicking "Join Group". A Google account is required to join the group.

Bi-weekly development meeting

Once you have become a member, you should receive an invite to the bi-weekly development meeting, hosted on Wednesdays at 5pm UK Time on Zoom.us.

Anyone is welcome to join these calls, even if just to ask questions.
Meeting notes are recorded in Google docs.

Daily standups

You are also welcome to join our daily standup every day at 10.30am UK Time on Google Meet. Invites are sent via the Google Group

Contributing

We welcome pull requests with open arms! There's a lot of work to do here, and we're especially concerned with ensuring the longevity and reliability of the project.

Please take a look at our issue tracker if you are unsure where to start with getting involved!

We also use the #cert-manager channel on kubernetes.slack.com for chat relating to the project.

Developer documentation is available in the official documentation.

Changelog

The list of releases is the best place to look for information on changes between releases.

Logo design by Zoe Paterson

You can’t perform that action at this time.