Once every quarter, look for stale issues, reprioritize, and de-duplicate.
Issues nearing expiration: No matching items
Features that deserve a follow-up comment: No matching items
Features that have not been commented on within 90 days: No matching items
Bugs that deserve a follow-up comment (12)
Resolution: Comment or close the issue
Average age: 1340.3d, Avg wait: 1284.0d
Bugs that have not been commented on within 60 days (20)
Resolution: Comment or close the issue
Average age: 1429.6d, Avg wait: 770.4d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags | |
| 2841 |  |
Extracting `restricted_to` into a reference to an array of strings |
|
2y | 3mo | 3mo |  |
kind/bug
|
commented member-last send
|
||
| 1524 |  |
Querying resources as a role without specifying the fully qualified ID leads to a 403 response | 5y | 3mo | 3mo | |
kind/bug
component/conjur
|
commented member-last send
|
|||
| 1488 |  |
CI pipeline never exercises "environments/production.rb" | 5y | 4y | 5y |   |
kind/bug
component/conjur
rnd-boost
|
commented member-last open-milestone send
|
|||
| 813 | |
Host Factory created hosts don't have the policy namespace of their layer |
|
6y | 2y | 3y |   |
kind/bug
component/conjur
severity/medium
|
commented recv-q
|
||
| 1112 |  |
MSSQL connector reports "unsupported version" when backend can't be contacted | 5y | 5y | 5y |  |
kind/bug
triage/scoping
component/secretless-broker
component/secretless-plugins
triage/needs-epic
severity/low
|
commented member-last send
|
|||
| 89 | |
Repo's use of bash-lib means you can't run the scripts individually | 
| 5y | 4y | 4y |   |
component/k8s
kind/bug
component/demos
|
assigned commented member-last open-milestone send
|
||
| 202 |  |
Retry in conjur_variable lookup not working for errors out of urllib_error.HTTPError or socket.timeout | 
| 1y | 3mo | 3mo | |
kind/bug
|
assigned commented member-last send
|
||
| 94 |  |
Manifest example in provider's documentation is wrong. |
3
|
3y | 2mo | 3y |     |
component/terraform
kind/bug
internal-contributor
|
commented member-last send
|
||
| 12 previously listed items omitted: #1753 #704 #177 #133 #130 #68 #152 #530 #93 #82 #191 #258 | |||||||||||
Items that deserve a follow-up comment (183)
Resolution: Comment or close the issue
Average age: 1991.1d, Avg wait: 1950.0d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 2245 |  |
Add minimum thread count to puma configuration | 4y | 4y | 4y |
recv
|
||||
| 2117 | |
Fix all Conjur CC issues | 4y | 4y | 4y |
kind/technical-debt
|
recv
|
|||
| 2081 | |
Add tests for no STDIN but `--password-from-stdin` option is provided | 4y | 4y | 4y |
recv
|
||||
| 2062 | |
A test setup exists for testing simplified authn client config | 4y | 4y | 4y | |
kind/enhancement
component/conjur
|
contributor-last recv
|
||
| 1964 | |
Update upgrade process: separate schema and data restoration | 4y | 4y | 4y | |
kind/enhancement
component/conjur
|
contributor-last recv recv-q
|
||
| 1959 | |
There is a draft plan for improving Conjur sidecar automation in Kubernetes / OpenShift | 4y | 4y | 4y | |
component/k8s
kind/spike
|
contributor-last recv
|
||
| 1958 |  |
Adding recursive permit statements |
6
|
4y | 4y | 4y |  |
kind/enhancement
component/conjur
internal-contributor
|
recv
|
|
| 1787 | |
Conjur debian package is updated to exclude irrelevant files and directories | 
| 4y | 4y | 4y | |
component/appliance
kind/enhancement
component/conjur
|
assigned contributor-last recv
|
|
| 1718 |  |
Configure SSL certs/keys and postgres ssl_mode | 4y | 4y | 4y |  |
kind/enhancement
component/conjur
contributor
has-idea
|
recv recv-q
|
||
| 1602 | |
Tags and successful image publishes trigger builds of downstream projects | 5y | 5y | 5y |
triage/needs-info
kind/technical-debt
component/suite
|
recv
|
|||
| 1587 | |
Refactor `./start` | 5y | 5y | 5y |
kind/cleanup
|
recv
|
|||
| 1557 | |
Extend rake task to get next available trackable log message code | 5y | 5y | 5y |
kind/enhancement
component/conjur
|
recv
|
|||
| 1467 | |
Improve security by permitting only expected params | 5y | 5y | 5y |
kind/technical-debt
component/conjur
|
recv
|
|||
| 1265 | |
Kubernetes authenticator supports container-level application identity |
|
5y | 5y | 5y |  |
component/k8s
kind/enhancement
component/conjur
|
contributor-last recv
|
|
| 1191 |  |
Architecture Diagram for DB off OpenShift | 5y | 5y | 5y |
recv
|
||||
| 1096 |  |
A central location exists for Conjur Log docs |
| 5y | 2y | 5y |
kind/developer-experience
|
assigned recv
|
||
| 844 | |
Policy reloading when an integration that auto-loads policy is used has passed XA | 6y | 6y | 6y | |
component/ldap-sync
component/pcf
kind/XA
|
contributor-last recv
|
||
| 840 | |
Kubernetes authenticator has a service account token option | 6y | 6y | 6y |
component/k8s
triage/needs-info
kind/enhancement
|
recv
|
|||
| 812 | |
Conjur k8s tests can be run on minikube | 6y | 6y | 6y |
kind/technical-debt
component/conjur
kind/developer-experience
|
recv
|
|||
| 614 |  |
Cucumber tests should run in random order | 6y | 6y | 6y |
recv
|
||||
| 582 |  |
Can't permit on a nested list of resources using policy | 7y | 6y | 7y |  |
contributor-last recv
|
|||
| 1347 | |
Secretless component quality levels move from alpha/beta/GA to community/trusted/certified | 4y | 4y | 4y |
kind/documentation
component/secretless-broker
|
recv
|
|||
| 1342 | |
Migrate to a new method for running the Secretless health check | 4y | 4y | 4y | |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
||
| 1336 | |
There should be capabilities in `secretless.yml` to supply custom settings to providers |
|
4y | 4y | 4y |  |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
|
| 1324 | |
Generic HTTP Connector: OAuth1 supports different signature hashing methods | 4y | 4y | 4y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 1312 | |
Create a Docker CLI Connector for Secretless | 4y | 4y | 4y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
recv
|
|||
| 1283 |  |
There is an example generic HTTP connector config for Salesforce | 5y | 4y | 5y |
kind/enhancement
component/secretless-broker
|
recv similar
|
|||
| 1279 | |
There is an example generic HTTP connector config for the Kubernetes API | 5y | 5y | 5y |
kind/enhancement
component/secretless-connectors
|
recv similar
|
|||
| 1262 | |
There is an example generic HTTP connector config for the Google Cloud SDK | 5y | 5y | 5y |
kind/enhancement
component/secretless-connectors
|
recv
|
|||
| 1241 |  |
There exists a Cassandra TCP Connector with username and password based authentication |
|
5y | 5y | 5y | |
kind/spike
component/secretless-broker
|
contributor-last recv recv-q
|
|
| 1225 | |
There is a central set of tests that validate the SSL configuration of the TLS connectors | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 1222 | |
Secretless has a Cassandra DB connector |
2
|
5y | 5y | 5y |  |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
commented contributor-last recv similar
|
|
| 1213 | |
Secretless has a DB2 connector |
2
|
5y | 5y | 5y |  |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
commented contributor-last recv recv-q similar
|
|
| 1205 | |
TLS Connectors share a structure for connection details | 5y | 4y | 5y | |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
contributor-last recv
|
||
| 1201 | |
Determine how Secretless responds to DB server TLS renegotiation | 5y | 5y | 5y |
kind/spike
component/secretless-broker
|
recv
|
|||
| 1182 | |
Secretless configuration files support ssl configuration information | 5y | 5y | 5y | |
kind/enhancement
|
contributor-last recv recv-q
|
||
| 1178 | |
Secretless optionally supports encryption for the client-to-Secretless connection | 5y | 5y | 5y |
triage/needs-info
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 1171 | |
Add Unix socket flow to Kubernetes tutorial | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 1132 | |
JDBC Jar is built at runtime for integration tests | 5y | 5y | 5y |
recv
|
||||
| 1097 | |
Database clients receive a meaningful error when a new connection request has bad credentials | 5y | 5y | 5y |
kind/enhancement
component/secretless-connectors
|
recv
|
|||
| 1094 | |
Secretless has configurable connection timeouts for connectors | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 1083 | |
Example plugin uses Secretless logger | 5y | 5y | 5y |
component/secretless-broker
kind/developer-experience
|
recv
|
|||
| 1065 | |
Broker can delegate basic sanity checks on `credentials` keys to plugins | 5y | 5y | 5y |
kind/enhancement
triage/scoping
component/secretless-broker
component/secretless-plugins
triage/needs-epic
kind/ux
|
recv
|
|||
| 1063 | |
Broker does early verification of plugin parameters | 5y | 5y | 5y | |
kind/enhancement
triage/scoping
component/secretless-broker
component/secretless-plugins
triage/needs-epic
severity/medium
kind/developer-experience
kind/ux
|
contributor-last recv
|
||
| 1042 | |
Conjur provider has improved automated tests | 5y | 5y | 5y |
component/secretless-providers
kind/technical-debt
|
recv
|
|||
| 1036 | |
Unit tests validate service connector plugin error handling | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 1021 | |
Add a Security Model to the connector plugin README | 5y | 5y | 5y |
kind/documentation
kind/developer-experience
component/secretless-connectors
|
recv
|
|||
| 1011 | |
ForceSSL defaults to true | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 994 | |
Use our logger implementation for signal/reload listener | 5y | 5y | 5y |
component/secretless-broker
kind/ux
|
recv
|
|||
| 993 | |
Use our logger implementation for health check output | 5y | 5y | 5y |
component/secretless-broker
kind/ux
|
recv
|
|||
| 992 | |
Reintroduce back some logging messages we lost in refactoring | 5y | 5y | 5y | |
component/secretless-broker
kind/cleanup
component/secretless-plugins
kind/technical-debt
severity/medium
kind/ux
|
contributor-last recv
|
||
| 980 | |
Secretless transmits packets after authentication without transforming them | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 979 | |
Add `--allow-builtin-plugin-overrides` CLI argument | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
component/secretless-plugins
security/low
|
recv
|
|||
| 957 | |
Re-evaluate ConnectionManager API | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
component/secretless-plugins
kind/technical-debt
|
recv
|
|||
| 941 | |
Remove URL parsing logic from `internal/proxyservice/proxy_service.go` | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
defined
|
recv
|
|||
| 940 | |
Add better logic when we can't open a tcp socket | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
kind/ux
|
recv
|
|||
| 937 | |
Replace XXXFunc with values in AvailablePlugins UTs | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 934 | |
Tests are added for external_plugins.go | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
kind/technical-debt
defined
|
recv
|
|||
| 902 | |
secretless.Logger is simplified with cleaner tests | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 875 | |
Logger tests use mocks for simplicity | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 836 | |
Improve support for configuration CRDs | 5y | 5y | 5y | |
kind/enhancement
component/secretless-broker
|
contributor-last recv
|
||
| 834 | |
Secretless supports plugin types besides connectors | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 822 | |
Make our plugin system work on windows | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 771 | |
Reduce MySQL handler noise |
| 6y | 5y | 6y | |
kind/technical-debt
component/secretless-connectors
|
assigned assignee-updated contributor-last recv
|
|
| 721 | |
Rename `TempFactory` to `TempFileFactory` |
| 6y | 5y | 6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
assigned recv
|
||
| 715 | |
CRDs are updated to use v2 configuration format | 6y | 5y | 6y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 701 | |
Best practices recommendations exist for writing new DB handlers | 6y | 6y | 6y |
kind/epic
component/secretless-broker
|
recv
|
|||
| 681 | |
Tutorial progress bar position is fixed | 6y | 6y | 6y |
component/secretless-broker
kind/XA
|
recv
|
|||
| 680 | |
Abstraction exists in tutorial to accept multiple tutorials as parameter | 6y | 6y | 6y |
component/secretless-broker
kind/XA
|
recv
|
|||
| 671 | |
A good way to prevent log leaks has been agreed upon | 6y | 6y | 6y |
kind/spike
component/secretless-broker
|
recv
|
|||
| 657 | |
K8s tutorial scripts use correct method for waiting on containers | 6y | 5y | 6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
|||
| 645 | |
Jekyll can create foldable content from markdown |
|
6y | 6y | 6y | |
kind/enhancement
component/secretless-site
|
contributor-last recv
|
|
| 640 | |
Cleanup and document code for autogenerating test secretless.yml |
|
6y | 6y | 6y |
component/secretless-broker
kind/technical-debt
|
recv
|
||
| 625 | |
SSL util functions for handlers have correct interface and clean code | 6y | 6y | 6y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 624 | |
Use structured representation of options for Pg Handler | 6y | 6y | 6y |
component/pg-handler
kind/technical-debt
|
recv similar
|
|||
| 623 | |
MySQL Handler has good code quality and all required tests | 6y | 6y | 6y |
in progress
kind/epic
component/secretless-broker
kind/technical-debt
on-hold
|
recv
|
|||
| 617 | |
Credentials are consistently zeroized after use | 6y | 6y | 6y |
kind/epic
component/secretless-broker
security/medium
|
recv
|
|||
| 608 | |
Improve dev flow on tests, test documentation, and test infrastructure | 6y | 5y | 6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
|||
| 607 | |
MySQL/PG/SSL tests have been refactored | 6y | 6y | 6y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 592 | |
Simplify ConfigureBackend in database handlers | 6y | 6y | 6y | |
kind/enhancement
component/secretless-broker
kind/technical-debt
on-hold
|
contributor-last recv recv-q
|
||
| 591 | |
Add README to the integration tests | 6y | 5y | 6y |
kind/documentation
component/secretless-broker
kind/technical-debt
on-hold
good-first-issue
|
recv similar
|
|||
| 514 | |
Providers retrieve secret values per connection in batches if possible | 6y | 6y | 6y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 510 | |
AWS Secrets credential provider has integration tests | 6y | 6y | 6y |
kind/enhancement
component/secretless-broker
|
recv
|
|||
| 507 | |
Secretless has AWS Secrets Provider | 6y | 6y | 6y |
kind/epic
|
recv
|
|||
| 506 | |
Config watcher is tested | 6y | 5y | 6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
|||
| 505 | |
Secretless watches for config file changes | 6y | 5y | 6y |
kind/epic
component/secretless-broker
|
recv
|
|||
| 498 | |
Unit tests should not require mercurial |
|
6y | 6y | 6y | |
component/secretless-broker
kind/technical-debt
|
contributor-last recv recv-q
|
|
| 493 |  |
Conjur authentication logic is removed from the provider | 6y | 6y | 6y |
kind/enhancement
component/secretless-broker
triage/needs-epic
|
recv
|
|||
| 483 | |
PostgreSQL handler protocol has unit tests | 6y | 6y | 6y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 477 | |
Secretless quick start demo instructions are clear about flow | 6y | 6y | 6y |
kind/documentation
kind/enhancement
to do
component/demos
component/secretless-broker
|
recv
|
|||
| 475 | |
Make localhost socket use info more prominent |
| 6y | 6y | 6y | |
kind/documentation
component/secretless-broker
security/low
selected
|
assigned assignee-updated contributor-last recv recv-q
|
|
| 473 | |
Secretless optionally retries connections | 6y | 6y | 6y |
kind/enhancement
component/secretless-providers
component/secretless-broker
|
recv
|
|||
| 467 | |
HTTP response times are measured | 6y | 5y | 6y |
kind/enhancement
to do
component/secretless-broker
good-first-issue
|
recv
|
|||
| 466 | |
SSH throughput is measured | 6y | 5y | 6y |
kind/enhancement
to do
component/secretless-broker
good-first-issue
|
recv
|
|||
| 451 | |
Secretless has an Azure Key Vault credential provider |
|
6y | 6y | 6y |
triage/scoping
kind/epic
component/secretless-providers
|
recv
|
||
| 449 |  |
Microsoft Love - Support for Microsoft/Azure tools |
2
|
6y | 6y | 6y | |
triage/needs-epic
|
contributor-last recv recv-q
|
|
| 409 | |
Website has performance page | 6y | 6y | 6y |
kind/documentation
to do
component/secretless-site
|
recv
|
|||
| 400 | |
Broker documentation is improved | 6y | 6y | 6y |
to do
kind/epic
component/secretless-broker
|
recv
|
|||
| 383 | |
Broker is secure | 6y | 6y | 6y |
in progress
kind/enhancement
kind/epic
component/secretless-broker
|
recv
|
|||
| 380 | |
Broker is easy to develop for |
| 6y | 6y | 6y |
kind/epic
component/secretless-broker
kind/technical-debt
|
assigned recv
|
||
| 379 | |
Performance metrics are published |
|
6y | 5y | 6y | |
kind/enhancement
to do
kind/epic
component/secretless-broker
|
contributor-last recv
|
|
| 354 | |
Istio can be used with an external DB |
| 6y | 6y | 6y |
kind/spike
to do
component/secretless-broker
|
assigned recv
|
||
| 325 | |
Secretless can be deployed with a sidecar injector |
| 6y | 6y | 6y |
triage/scoping
kind/epic
|
assigned recv
|
||
| 270 | |
SSH agent only keeps loaded keys for the duration of connection | 6y | 6y | 6y | |
kind/enhancement
component/secretless-broker
kind/technical-debt
security/low
on-hold
|
contributor-last recv
|
||
| 265 | |
Secretless has option to configure response when provider fails to resolve a variable | 6y | 6y | 6y |
component/secretless-broker
|
recv
|
|||
| 264 | |
Secretless optionally supports secrets caching |
2
|
6y | 5y | 6y | |
component/secretless-providers
component/secretless-broker
|
contributor-last recv recv-q
|
|
| 260 | |
Add MongoDB handler/listener |
6
|
6y | 2mo | 6y |  |
kind/enhancement
kind/epic
component/secretless-connectors
|
recv recv-q
|
|
| 249 | |
Secrets do not remain in the sidecar memory |
| 6y | 6y | 6y | |
kind/epic
requested-by/cyberark-pm
|
assigned assignee-updated contributor-last recv recv-q
|
|
| 82 | |
AWS handler has test suite with documentation |
| 7y | 6y | 7y |
component/aws-handler
|
assigned recv
|
||
| 31 | |
Use a dot foo.bar scheme to access nested data from HashiCorp Vault | 7y | 6y | 7y |
component/vault-provider
triage/needs-epic
|
recv
|
|||
| 16 | |
Helm charts are published to Helm artifact hub and helm/hub | 4y | 4y | 4y |
recv
|
||||
| 12 | |
Helm charts repo is updated after new helm chart release | 5y | 5y | 5y |
component/k8s
kind/enhancement
|
recv
|
|||
| 167 |  |
Add nodeSelector to list of Chart Parameters | 3y | 3y | 3y |
kind/enhancement
contributor
|
recv
|
|||
| 142 | |
Add check/warning for pre-existing ClusterRole in Kubernetes example scripts | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
|||
| 141 | |
Clarify compatible database versions in README | 4y | 4y | 4y |
component/conjur
kind/documentation
|
recv
|
|||
| 139 |  |
Make conjur proxy container optional and configurable |
2
|
4y | 4y | 4y | |
kind/enhancement
triage/needs-info
component/conjur
|
recv
|
|
| 136 | |
Add option to auto-create a Conjur data encryption key | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
|||
| 135 | |
Add deprecation warnings to NOTES.txt | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
|||
| 134 | |
Deprecated features to consider for removal for next major release (3.0.0) |
|
4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
||
| 132 | |
Add authn-k8s demo app E2E test based on KinD GitHub actions | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
|||
| 131 | |
Eliminate redundant Kubernetes service for Conjur |
5
|
4y | 4y | 4y |  |
kind/enhancement
component/conjur
|
commented contributor-last recv
|
|
| 104 | |
Reorganize README.md KinD example to make it more of a Getting Started guide | 4y | 2mo | 4y |
kind/enhancement
component/conjur
good-first-issue
|
recv
|
|||
| 86 | |
Document use of or add subchart for bitnami/postgresql | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
|||
| 61 | |
Helm pipeline runs `helm package` on tags and auto-adds the artifact to a GitHub release | 5y | 5y | 5y | |
component/k8s
kind/infrastructure
|
contributor-last recv
|
||
| 57 | |
Pipeline validates upgrade instructions | 5y | 5y | 5y |
component/k8s
kind/infrastructure
|
recv
|
|||
| 54 | |
Automated end-to-end testing suite | 5y | 5y | 5y | |
kind/enhancement
kind/technical-debt
component/k8s
component/conjur
kind/quality
|
contributor-last recv recv-q
|
||
| 46 | |
Adds TLS between Conjur and posgres pod | 5y | 5y | 5y |
kind/enhancement
component/conjur
|
recv
|
|||
| 28 | |
Documentation is updated to clarify setup steps |
|
6y | 5y | 6y |  |
good-first-issue
|
recv
|
|
| 9 | |
CI pipeline runs kubesec | 6y | 5y | 6y |
good-first-issue
|
recv
|
|||
| 7 |  |
Conjur Helm chart has published shasums | 6y | 6y | 6y |
kind/enhancement
component/k8s
component/openshift
|
recv
|
|||
| 186 | |
Migrate client configuration from `conjur-cli` gem to this gem | 4y | 4y | 4y |
component/api/ruby
kind/enhancement
|
recv
|
|||
| 148 |  |
Ruby client library tests are run against the EE |
| 6y | 6y | 6y |
component/api/ruby
selected
|
assigned recv
|
||
| 145 | |
Allow using multiple independent API connections | 6y | 6y | 6y |
recv
|
||||
| 128 | |
Token expiration should be aware of the "exp" field in new style tokens | 7y | 7y | 7y |
recv
|
||||
| 102 | |
Add ability to pass in CONJUR_APPLIANCE_URL and CONJUR_ACCOUNT into Conjur class |
|
4y | 4y | 4y |
component/api/java
kind/enhancement
internal-contributor
|
recv
|
||
| 99 | |
Unit tests exist for each class | 4y | 4y | 4y |
component/api/java
kind/enhancement
|
recv
|
|||
| 16 |  |
NullPointerException when using single Conjur instance to retrieve multiple secrets | 7y | 5y | 7y | |
good-first-issue
|
contributor-last recv
|
||
| 251 |  |
Default not supported for `gopass` | 1y | 1y | 1y |
kind/enhancement
|
recv
|
|||
| 153 | |
Multiple `-e` environments can be supported | 5y | 5y | 5y |
kind/enhancement
component/summon
|
recv
|
|||
| 151 | |
Add more information about `!file` handling | 5y | 2mo | 5y |
kind/documentation
kind/enhancement
component/summon
good-first-issue
|
recv
|
|||
| 149 |  |
Summon has examples of unofficial "provider wrappers" somewhere (e.g. `gopass`) |
2
5
|
5y | 4y | 5y | |
kind/enhancement
component/summon
triage/scoping
kind/developer-experience
contributor
has-idea
|
recv recv-q
|
|
| 93 |  |
Docs: `common` section and root vars injection rules should be better documented |
2
|
6y | 2y | 6y |  |
triage/needs-info
good-first-issue
|
contributor-last recv recv-q
|
|
| 17 | |
Ensure documentation is accurate | 5y | 5y | 5y |
triage/needs-info
kind/technical-debt
component/summon
kind/documentation
|
recv
|
|||
| 48 | |
Tests exist for `main.go` | 4y | 4y | 4y |
kind/technical-debt
kind/enhancement
component/summon
|
recv
|
|||
| 44 |  |
Ability to specify versions of secrets to retrieve | 4y | 4y | 4y | |
kind/enhancement
component/summon
contributor
has-idea
|
recv
|
||
| 17 |  |
Option to base64 encode secrets values | 5y | 5y | 5y |
recv
|
||||
| 22 |  |
Apple silicon is not supported for this provider |
|
2y | 2y | 2y |
kind/enhancement
contributor
|
recv
|
||
| 9 | |
Authenticator gets pod name / namespace using Kubernetes API | 6y | 4y | 6y |
rnd-boost
|
open-milestone recv
|
|||
| 549 |  |
Secrets rotation improvements |
|
|
3mo | 2mo | 2mo | |
kind/enhancement
|
assigned assignee-updated commented recv
|
| 289 | |
Add optional hostAliases to values.yaml | 4y | 4y | 4y |  |
component/k8s
kind/enhancement
|
recv recv-q
|
||
| 270 | |
Tests automate fetching version from values.yml instead of hardcoding it |
|
4y | 4y | 4y |
kind/technical-debt
component/k8s
|
recv
|
||
| 251 | |
Release automation - Push Helm Chart to helm-charts repo |
| 4y | 4y | 4y | |
rnd-boost
|
assigned assignee-updated contributor-last open-milestone recv recv-q
|
|
| 138 | |
Enhancement: Remove use of downward API from manifest |
| 4y | 4y | 4y |
assigned recv
|
|||
| 171 | |
Close ports for the conjur follower | 4y | 4y | 4y |
recv
|
||||
| 117 | |
Unbound variable error on stop | 5y | 5y | 5y |
recv
|
||||
| 116 | |
Repo needs a CHANGELOG | 5y | 5y | 5y |
kind/documentation
component/k8s
|
recv
|
|||
| 99 | |
Don't use separate yamls for OC and K8s where possible | 5y | 5y | 5y |
triage/scoping
kind/technical-debt
kind/enhancement
component/k8s
kind/cleanup
triage/needs-epic
kind/developer-experience
good-first-issue
|
recv
|
|||
| 55 | |
Tests include coverage of master deployment to both GKE and OpenShift | 6y | 6y | 6y |
component/openshift
kind/enhancement
component/k8s
kind/cleanup
triage/needs-epic
severity/low
kind/developer-experience
|
recv
|
|||
| 31 |  |
the check dep script is checking for OSHIFT_CONJUR_ADMIN_USERNAME but the scripts are using OPSHIFT_CLUSTER_ADMIN_USERNAME | 6y | 6y | 6y |
recv
|
||||
| 135 | |
Add validator host ID to allow authn-k8s config to be validated | 4y | 4y | 4y |
kind/enhancement
component/demos
|
recv
|
|||
| 130 | |
Automated tests only run against annotation-based identities | 4y | 4y | 4y |
kind/enhancement
component/demos
|
recv
|
|||
| 115 | |
Add DeploymentConfigs as app identity in Jenkins OpenShift CI | 4y | 4y | 4y |
kind/enhancement
component/demos
|
recv
|
|||
| 113 | |
Replace use of sed for yaml templating with Yaml.sh or helm charts | 4y | 4y | 4y |
kind/enhancement
component/demos
|
recv
|
|||
| 38 | |
Automated tests validate demos against Conjur OSS | 6y | 6y | 6y |
component/k8s
kind/technical-debt
component/demos
component/pipeline
|
recv
|
|||
| 32 | |
Scripts check conditions rather than sleeping | 6y | 6y | 6y |
component/k8s
kind/technical-debt
component/demos
|
recv
|
|||
| 91 | |
Users can determine buildpack version from Cloud Foundry | 4y | 4y | 4y |
component/pcf
kind/enhancement
|
recv
|
|||
| 80 | |
Secrets.yml configuration can be supplied as an environment variable |
3
|
4y | 4y | 4y |  |
kind/enhancement
component/conjur-sdk
|
contributor-last recv recv-q
|
|
| 36 | |
Demo has a CI pipeline for the local flow | 6y | 6y | 6y |
component/pcf
infra/pipelines
|
recv
|
|||
| 35 | |
Demo has a CI pipeline for the tile | 6y | 6y | 6y |
component/pcf
selected
infra/pipelines
|
recv
|
|||
| 56 | |
Collection is published to Automation Hub | 4y | 4y | 4y | |
component/ansible
kind/enhancement
|
contributor-last recv
|
||
| 49 | |
Add other ways to specify Conjur / DAP identity in `cyberark.conjur.conjur_variable` | 4y | 4y | 4y |
component/ansible
kind/enhancement
|
recv
|
|||
| 47 | |
The UX of configuring the lookup plugin and role has been evaluated | 4y | 4y | 4y |
recv
|
||||
| 46 | |
Roles are tested with Molecule | 4y | 4y | 4y |
component/ansible
kind/enhancement
|
recv
|
|||
| 45 | |
The log output of the conjur-role without "no_log" set to true has been reviewed | 4y | 4y | 4y |
component/ansible
kind/enhancement
kind/XA
|
recv
|
|||
| 44 | |
Roles and plugins share a build stage and test directory structure | 4y | 4y | 4y | |
kind/cleanup
component/ansible
kind/enhancement
|
contributor-last recv
|
||
| 43 | |
Documentation is clear that input variable path should not be urlencoded | 4y | 4y | 4y |
component/ansible
source/salesforce
kind/documentation
|
recv
|
|||
| 42 | |
Expand Ansible Collection to include Conjur Role | 4y | 4y | 4y |
component/ansible
kind/enhancement
Epic
|
recv
|
|||
| 30 | |
Migrate this Ansible role to the Conjur Ansible collection | 5y | 2mo | 5y |  |
kind/enhancement
component/ansible
|
contributor-last recv recv-q
|
||
| 26 | |
conjur_variable lookup plugin can be improved |
|
5y | 2mo | 5y | |
kind/enhancement
component/ansible
|
contributor-last recv recv-q
|
|
| 235 | |
Investigate if `puppetlabs-registry` dependency is still needed |
| 4y | 4y | 4y | |
blocked
triage/needs-info
kind/cleanup
component/puppet
|
assigned assignee-updated contributor-last recv
|
|
| 201 | |
Investigate (and possibly implement) ability to check if we can validate that agent credentials are valid | 4y | 4y | 4y | |
component/puppet
kind/enhancement
kind/developer-experience
kind/XA
kind/community
|
contributor-last recv
|
||
| 132 |  |
Add an ability to update Conjur secret |
2
|
1y | 1y | 1y |
kind/enhancement
|
recv
|
||
| 53 | |
Add Windows instructions to README | 5y | 5y | 5y |
component/terraform
kind/enhancement
|
recv
|
Items that have not been commented on within 60 days (209)
Resolution: Comment or close the issue
Average age: 2028.7d, Avg wait: 1662.1d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags | |
| 1562 | |
Baseline functionality for "Testing Best Practices" has been established |
| 5y | 4y | 4y |  |
kind/technical-debt
component/conjur
|
assigned commented member-last send
|
||
| 1559 |  |
authn_k8s:inject_client_cert: Make client cert path configurable |
4
15
|
5y | 4y | 4y |  |
component/k8s
triage/needs-info
kind/enhancement
contributor
has-idea
|
commented recv-q send
|
||
| 1519 | |
Adds info endpoint for server/follower ID and version for debugging |
|
5y | 4y | 4y | |
kind/enhancement
component/conjur
|
commented member-last send
|
||
| 1082 |  |
Investigate permission problems in master startup |
| 5y | 5y | 5y |  |
component/k8s
kind/spike
|
assigned commented member-last send
|
||
| 984 | |
No indication of missing rotator | 6y | 6y | 6y | |
commented member-last
|
||||
| 843 | |
Secrets can be retrieved with variable prefix |
2
|
6y | 6y | 6y |  |
kind/enhancement
component/api
|
commented member-last
|
||
| 835 | |
Replace Ruby Sass | 6y | 3mo | 3mo |  |
commented member-last
|
||||
| 824 | |
Authenticate controller logs error message correctly | 6y | 5y | 5y | |
commented member-last send
|
||||
| 780 | |
LDAP Authenticator supports mutual TLS |
|
6y | 6y | 6y | |
triage/duplicate
component/authenticators
kind/enhancement
|
commented member-last send
|
||
| 678 |  |
authenticator prints useful error on 400 response | 6y | 4y | 5y | |
component/openshift
component/k8s
triage/needs-info
rnd-boost
|
commented member-last open-milestone send
|
|||
| 650 | |
A K8s/OpenShift version support matrix is available |
| 6y | 6y | 6y | |
component/k8s
kind/epic
kind/documentation
|
assigned commented member-last send
|
||
| 640 | |
Conjur Docker image follows the standard version naming convention | 6y | 5y | 5y | |
kind/enhancement
|
commented member-last send
|
|||
| 607 | |
A user sees the Audit events are visible to them | 7y | 5y | 5y | |
commented member-last send
|
||||
| 540 | |
Deprecate the route GET /resources/:account | 7y | 6y | 6y | |
component/conjur
|
commented member-last send
|
|||
| 509 |  |
Error msg unclear when loading policy with multiple unnamed hostfactory configurations | 7y | 2y | 2y |  |
kind/enhancement
component/cli
component/conjur
|
commented member-last send
|
|||
| 181 | |
String ids considered harmful | 7y | 5y | 5y | |
commented member-last send
|
||||
| 1337 | |
Support multi-value dynamic credentials |
6
|
4y | 4y | 4y | |
kind/enhancement
component/secretless-broker
contributor
has-idea
|
commented send
|
||
| 1335 | |
Support Vault AppRole auth method in provider |
|
4
|
4y | 4y | 4y | |
kind/enhancement
component/secretless-broker
implementing
contributor
has-idea
|
assigned assignee-updated commented send
|
|
| 558 | |
Investigate the impact of TLS between Secretless and backend server | 6y | 6y | 6y | |
component/secretless-broker
kind/technical-debt
|
commented member-last
|
|||
| 60 | |
GoLang SDK correctly handles Users/Hosts with `api_key_enabled` | 5y | 4mo | 4mo | |
kind/enhancement
support/serious
|
commented member-last send similar
|
|||
| 22 | |
Allow reading the auth token provided by Kubernetes/OpenShift sidecar |
| 6y | 6y | 6y | |
kind/enhancement
merged
|
assigned commented member-last send
|
||
| 56 | |
Add integration tests | 5y | 4mo | 4mo | |
kind/technical-debt
kind/enhancement
kind/quality
component/conjur-sdk
|
commented member-last send similar
|
|||
| 49 | |
Add Batch Secret Retrieval | 5y | 4mo | 4mo | |
kind/enhancement
component/conjur-sdk
|
commented member-last send
|
|||
| 47 | |
Retrieving Environment Variables for Authentication | 5y | 4mo | 4mo | |
kind/enhancement
component/conjur-sdk
|
commented member-last send
|
|||
| 38 | |
.NET SDK correctly handles Users/Hosts with `api_key_enabled` | 5y | 5mo | 5mo | |
kind/enhancement
support/serious
|
commented member-last send similar
|
|||
| 24 | |
Library is compatible with both .Net Core and Framework |
|
6y | 4mo | 4mo | |
kind/enhancement
|
commented member-last send
|
||
| 162 |  |
Openshift password should be given/pulled from summon | 4y | 4y | 4y | |
commented member-last send
|
||||
| 161 | |
Auto Enrollment Secrets Add should be part of the script |
|
4y | 4y | 4y | |
commented member-last send
|
|||
| 119 | |
Migrate secrets provider repo to use the helm chart for deploying conjur in automation |
|
5y | 4y | 5y | |
rnd-boost
|
commented contributor-last open-milestone recv-q
|
||
| 11 | |
conjur-authenticator rolebinding requires elevated privileges to create | 6y | 6y | 6y | |
component/k8s
kind/enhancement
|
commented member-last
|
|||
| 10 | |
test app is deployed using helm chart | 6y | 6y | 6y | |
component/k8s
kind/enhancement
component/demos
|
commented member-last send
|
|||
| 37 | |
There is a demo showing how to use this collection |
| 4y | 4y | 4y | |
component/ansible
on-hold
kind/demo
|
assigned assignee-updated commented member-last send
|
||
| 177 previously listed items omitted | |||||||||||