cert-manager

cert-manager is a Kubernetes add-on to automate the management and issuance ofTLS certificates from various issuing sources.

It will ensure certificates are valid and up to date periodically, and attemptto renew certificates at an appropriate time before expiry.

It is loosely based upon the work of kube-legoand has borrowed some wisdom from other similar projects e.g.kube-cert-manager.

Documentation

Documentation for cert-manager can be found at cert-manager.io.Please make sure to select the correct version of the documentation to view onthe top right of the page.

Issues and PRs towards the documentation should be filed in the website repo.

For the common use-case of automatically issuing TLS certificates toIngress resources, aka a kube-legoreplacement, see the cert-manager nginx ingress quick startguide.

See Installationwithin the documentationfor installation instructions.

Troubleshooting

If you encounter any issues whilst using cert-manager, we have a number of places youcan use to try and get help.

First of all we recommend looking at the troubleshooting guide of our documentation.

The quickest way to ask a question is to first post on our Slack channel (#cert-manager)on the Kubernetes Slack.There are a lot of community members in this channel, and you can often get an answerto your question straight away!

You can also try searching for an existing issue.Properly searching for an existing issue will help reduce the number of duplicates,and help you find the answer you are looking for quicker.

Please also make sure to read through the relevant pages in the documentationbefore opening an issue. You can also search the documentation using the search box on thetop left of the page.

If you believe you have encountered a bug, and cannot find an existing issue similar to yourown, you may open a new issue.Please be sure to include as much information as possible about your environment.

Community

The cert-manager-dev Google Group is used for project wide announcements and development coordination.Anybody can join the group by visiting hereand clicking "Join Group". A Google account is required to join the group.

Bi-weekly Development Meeting

Once you've joined the cert-manager-dev Google Group, you should receive an invite to the bi-weekly developmentmeeting, hosted every other Wednesday at 5pm London time on Google Meet.

Anyone is welcome to join these calls, even if just to ask questions. Meeting notes are recorded inGoogle docs.

Daily Standups

You are also welcome to join our daily standup every weekday at 10.30am London timeon Google Meet. For more information, see cert-manager.io.

Contributing

We welcome pull requests with open arms! There's a lot of work to do here, andwe're especially concerned with ensuring the longevity and reliability of theproject.

Please take a look at our issue trackerif you are unsure where to start with getting involved!

We also use the #cert-manager and #cert-manager-dev channels on Kubernetes Slackfor chat relating to the project.

Developer documentation is available on the cert-manager.io website.

Coding Conventions

Code style guidelines are documented on the coding conventions pageof the cert-manager website. Please try to follow those guidelines if you're submitting a pull request for cert-manager.

Importing cert-manager as a Module

⚠️ Please note that cert-manager does not currently provide a Go module compatibility guarantee. That means thatmost code under pkg/ is subject to change in a breaking way, even between minor or patch releases and even ifthe code is currently publicly exported.

This lack of a Go module compatibility guarantee does not affect API version guaranteesunder the Kubernetes Deprecation Policy.

Security Reporting

Security is the number one priority for cert-manager. If you think you've founda security vulnerability, we'd love to hear from you.

Please follow the instructions in SECURITY.md to report avulnerability to the team.

Changelog

The list of releasesis the best place to look for information on changes between releases.

_{^{Logo design by Zoe Paterson}}