queue to be emptied once a week in a team triage meeting
Important soon, but no updates in 60 days: No matching items
Important longterm, but no updates in 120 days: No matching items
many reactions, low priority: No matching items
many commenters, low priority: No matching items
Screaming into the void: No matching items
Needs information for over 2 weeks: No matching items
Support request over 30 days old: No matching items
Issues nearing expiration: No matching items
Pull requests: Approved and getting old: No matching items
Pull Requests: Stale (64)
Resolution: Add comment and/or close PR
Average age: 807.2d, Avg wait: 11.0d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 2541 |  |
Remove `rack-rewrite` gem as it appears it is no longer needed | 3y | 2wk | 2wk |   |
commented draft member-last send unreviewed
|
|||
| 2893 |  |
Add read-only configuration | 2y | 2wk | 2wk | |
commented draft member-last reviewed-with-comment send
|
|||
| 2699 | |
Fix broken tests by refershing materalized views | 2y | 2wk | 2wk | |
commented draft member-last send unreviewed
|
|||
| 2587 |  |
Update k8s test app base image |
| 2y | 2wk | 2wk | |
kind/enhancement
dependencies
|
assigned commented draft member-last send unreviewed
|
|
| 3014 |  |
Automated PR to update settings |
| 3wk | 2wk | 2wk | |
assigned assignee-updated commented member-last send unreviewed
|
||
| 2522 |  |
Auth persist api |
4
|
3y | 4wk | 3y | |
commented reviewed-with-comment
|
||
| 2436 | |
Auth api additions | 3y | 4wk | |
draft new-commits recv-q
|
||||
| 2712 |  |
POC: Batch retrieval with POST and JSON body | 2y | 4wk | 3mo | |
commented draft member-last new-commits send
|
|||
| 2853 |  |
cyberark/migrate-slosilo-gem | 2y | 4wk | |
new-commits
|
||||
| 2836 |  |
Solution Design: CyberArk Conjur Provider for Secret Store CSI Driver |
2
|
2y | 4wk | 3mo |    |
commented draft member-last new-commits send
|
||
| 2829 | |
Replace Conjur Auth Token with a valid JWT token | 2y | 4wk |
draft unreviewed
|
|||||
| 2807 | |
WIP: Add reset password rake task | 2y | 4wk | 3mo | |
commented draft member-last new-commits send
|
|||
| 2734 | |
Authn-JWT Refactor | 2y | 4wk | 3mo | |
commented member-last new-commits send similar
|
|||
| 2714 | |
Policy Template Factory | 2y | 4wk |
draft unreviewed
|
|||||
| 2666 | |
WIP: Policy lifecycle extensions | 2y | 4wk | |
draft reviewed-with-comment
|
||||
| 2439 | |
Semantic Logging (with metrics) | 3y | 4wk | 3y | |
commented draft member-last reviewed-with-comment send
|
|||
| 2543 | |
Potential Policy workflow for Synchronizer leader election | 3y | 4wk | 3y |  |
commented draft member-last reviewed-with-comment
|
|||
| 2551 |  |
Conjur tracing with jaeger |
| 3y | 4wk | 3mo |  |
assigned assignee-updated commented member-last new-commits send
|
||
| 2616 | |
Allow OIDC Providers to be available via local socket | 2y | 4wk | |
draft new-commits
|
||||
| 2631 | |
add logging if send message fails | 2y | 4wk | |
draft reviewed-with-comment
|
||||
| 2634 | |
Adds authenticator support for passing OIDC token via body or authorization header | 2y | 4wk | 2y | |
commented draft member-last new-commits send
|
|||
| 2640 |  |
Prevent status webservices from being returned on the providers endpoint | 2y | 4wk | 2y |  |
commented reviewed-with-comment send
|
|||
| 2696 | |
Developer documentation | 2y | 4wk |
draft unreviewed
|
|||||
| 2863 | |
WIP: Early Policy factory POC | 2y | 4wk |
draft unreviewed
|
|||||
| 2896 | |
PoC for managing write-only permission at the Sequel level | 2y | 4wk |
draft unreviewed
|
|||||
| 2944 | |
Log warning of dropped updates to existing resources in policy POST | 2y | 4wk |
draft unreviewed
|
|||||
| 2946 | |
Use context variable instead of instance variable for certs | 2y | 4wk |
draft unreviewed
|
|||||
| 2953 | |
Add OIDC proxy integration tests | 2y | 4wk |
draft unreviewed
|
|||||
| 2990 | |
Authn jwt refactor v5 | 2y | 4wk | 3mo | |
commented draft member-last send similar unreviewed
|
|||
| 2999 | |
Authenticator refactor v2 | 2y | 4wk |
draft unreviewed
|
|||||
| 2565 | |
Add annotation based user search | 3y | 2y | 2y | |
commented member-last new-commits send
|
|||
| 1443 | |
SSH connector improvements | 3y | 3y | |
draft unreviewed
|
||||
| 953 | |
improved ssh service connector | 5y | 3y |
draft unreviewed
|
|||||
| 1223 | |
POC: Auto generation of troubleshooting guide | 5y | 3y | |
draft new-commits
|
||||
| 1340 | |
WIP: mongodb connector |
| 4y | 3y |
assigned draft unreviewed
|
||||
| 1379 | |
WIP: Robust testing of AWS using feature-rich mock server |
2
|
4y | 3y | 4y |  |
commented draft member-last new-commits
|
||
| 186 |  |
Add resource values for nginx and postgres |
| 2y | 2y | 2y | |
kind/enhancement
contributor
|
assigned assignee-updated commented member-last send unreviewed
|
|
| 184 | |
Make Postgres FIPS compliant |
|
2y | 2y | 2y |   |
commented draft unreviewed
|
||
| 183 |  |
Add option from datakey to be provided from existing secret |
|
2
|
2y | 2y | 2y | |
kind/enhancement
contributor
|
assigned assignee-updated commented member-last reviewed-with-comment send
|
| 214 | |
Allow deployment of stable Conjur version |
| 3y | 3mo | 3mo | |
assigned commented draft member-last send unreviewed
|
||
| 218 | |
Added new PersistAuth endpoint to spec | 3y | 3mo | 3mo | |
commented member-last send unreviewed
|
|||
| 220 | |
Added new routes for OIDC functionality | 3y | 3mo | 3mo | |
commented member-last send unreviewed
|
|||
| 51 |  |
Added dry-run parameter on policy methods | 3mo | 2mo | 2mo | |
enhancement
kind/community
kind/enhancement
|
commented member-last send unreviewed
|
||
| 71 | |
Add GitHub Action to auto-refresh Java client | 3y | 3y |
draft unreviewed
|
|||||
| 92 |  |
Cleanup and add async methods |
| 5wk | 5wk | 5wk | |
kind/enhancement
kind/community
|
assigned assignee-updated commented member-last send unreviewed
|
|
| 85 | |
WIP: Publsh to nuget.org |
|
|
2y | 5mo | 5mo |  |
kind/enhancement
|
assigned assignee-updated commented draft member-last unreviewed
|
| 521 | |
Fix Postgres FIPS issue in tests | 2y | 3mo | 3mo | |
commented draft member-last send unreviewed
|
|||
| 527 | |
Add telemetry toggles | 2y | 2y |
draft unreviewed
|
|||||
| 552 |  |
leverage file temaplates with k8s-secret targets | 3mo | 3mo | 3mo |
recv unreviewed
|
||||
| 551 | |
improve error handling batch retrieve | 3mo | 3mo | 3mo |
recv unreviewed
|
||||
| 550 | |
retrieve k8s secrets based on label | 3mo | 3mo | 3mo |
recv unreviewed
|
||||
| 553 | |
Run in standalone mode | 3mo | 3mo | 3mo |
recv unreviewed
|
||||
| 75 |  |
POC to add security context values |
| 2y | 2y |
assigned draft unreviewed
|
||||
| 153 | |
Scan for and remove internal URLs | 1y | 3mo | 3mo | |
commented draft member-last send unreviewed
|
|||
| 76 | |
Use groups instead of layers | 2mo | 2mo |
draft unreviewed
|
|||||
| 206 | |
Sanity test fixes | 5mo | 5mo |
draft unreviewed
|
|||||
| 205 |  |
Fix the Sanity Test for Ansible 2.16 version | 8mo | 8mo |
unreviewed
|
|||||
| 185 |  |
ONYX-26897 To reuse the token | 2y | 2y | 2y | |
commented member-last new-commits
|
|||
| 186 | |
Onyx 26897 retry | 2y | 2y |
unreviewed
|
|||||
| 178 | |
Implement support for JWT authentication | 2y | 2y |
draft unreviewed
|
|||||
| 121 |  |
ReadMe Update and pointing to new version of conjur API go | 2y | 7mo | 2y |    |
commented member-last reviewed-with-comment send
|
|||
| 126 | |
Readme updated and unit test, acceptance testing, conjur-api-go version update | 2y | 7mo |
approved
|
|||||
| 133 |  |
Update Conjur secret value | 1y | 7mo | 1y |
recv unreviewed
|
||||
| 10 | |
Add Tracer creation functions | 2y | 2y |
unreviewed
|
Overdue answers for a question (9)
Resolution: Add a comment
Average age: 1662.0d, Avg wait: 1137.7d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags |
| 1753 |  |
Conjur policy reload does not update annotations in APPEND mode | 4y | 4y | 4y |  |
kind/bug
component/conjur
severity/critical
source/salesforce
|
recv recv-q
|
||
| 1718 |  |
Configure SSL certs/keys and postgres ssl_mode | 4y | 4y | 4y |   |
kind/enhancement
component/conjur
contributor
has-idea
|
recv recv-q
|
||
| 1559 |  |
authn_k8s:inject_client_cert: Make client cert path configurable |
4
15
|
5y | 4y | 4y |    |
component/k8s
triage/needs-info
kind/enhancement
contributor
has-idea
|
commented recv-q send
|
|
| 813 | |
Host Factory created hosts don't have the policy namespace of their layer |
|
6y | 2y | 3y |   |
kind/bug
component/conjur
severity/medium
|
commented recv-q
|
|
| 260 | |
Add MongoDB handler/listener |
6
|
6y | 2mo | 6y |   |
kind/enhancement
kind/epic
component/secretless-connectors
|
recv recv-q
|
|
| 149 |  |
Summon has examples of unofficial "provider wrappers" somewhere (e.g. `gopass`) |
2
5
|
5y | 4y | 5y | |
kind/enhancement
component/summon
triage/scoping
kind/developer-experience
contributor
has-idea
|
recv recv-q
|
|
| 289 |  |
Add optional hostAliases to values.yaml | 4y | 4y | 4y |  |
component/k8s
kind/enhancement
|
recv recv-q
|
||
| 93 |  |
TLS handshake error when following README in local cluster | 2y | 2y | 2y | |
kind/bug
|
recv recv-q
|
||
| 191 |  |
Unable to run cyberark.conjur.conjur_host_identity role. | 2y | 1y | 2y | |
kind/bug
|
recv recv-q
|
Updated support requests (177)
Resolution: Move out of support, or add a comment
Average age: 1927.0d, Avg wait: 1890.8d
| ID | Au | Desc | As | Rea | Cr | Up | Re | Cmntrs | Labels | Tags | |
| 2245 |  |
Add minimum thread count to puma configuration | 4y | 4y | 4y |
recv
|
|||||
| 2117 | |
Fix all Conjur CC issues | 4y | 4y | 4y |
kind/technical-debt
|
recv
|
||||
| 2081 | |
Add tests for no STDIN but `--password-from-stdin` option is provided | 4y | 4y | 4y |
recv
|
|||||
| 1958 |  |
Adding recursive permit statements |
6
|
4y | 4y | 4y | |
kind/enhancement
component/conjur
internal-contributor
|
recv
|
||
| 1602 | |
Tags and successful image publishes trigger builds of downstream projects | 5y | 5y | 5y |
triage/needs-info
kind/technical-debt
component/suite
|
recv
|
||||
| 1587 | |
Refactor `./start` | 5y | 5y | 5y |
kind/cleanup
|
recv
|
||||
| 1557 | |
Extend rake task to get next available trackable log message code | 5y | 5y | 5y |
kind/enhancement
component/conjur
|
recv
|
||||
| 1467 | |
Improve security by permitting only expected params | 5y | 5y | 5y |
kind/technical-debt
component/conjur
|
recv
|
||||
| 1191 |  |
Architecture Diagram for DB off OpenShift | 5y | 5y | 5y |
recv
|
|||||
| 1096 |  |
A central location exists for Conjur Log docs |
| 5y | 2y | 5y |
kind/developer-experience
|
assigned recv
|
|||
| 840 | |
Kubernetes authenticator has a service account token option | 6y | 6y | 6y |
component/k8s
triage/needs-info
kind/enhancement
|
recv
|
||||
| 812 | |
Conjur k8s tests can be run on minikube | 6y | 6y | 6y |
kind/technical-debt
component/conjur
kind/developer-experience
|
recv
|
||||
| 614 |  |
Cucumber tests should run in random order | 6y | 6y | 6y |
recv
|
|||||
| 482 |  |
Document maximum policy size | 7y | 17d | 7y |
kind/documentation
good-first-issue
rnd-boost
|
open-milestone recv
|
||||
| 1347 | |
Secretless component quality levels move from alpha/beta/GA to community/trusted/certified | 4y | 4y | 4y |
kind/documentation
component/secretless-broker
|
recv
|
||||
| 1324 | |
Generic HTTP Connector: OAuth1 supports different signature hashing methods | 4y | 4y | 4y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 1312 | |
Create a Docker CLI Connector for Secretless | 4y | 4y | 4y |
kind/enhancement
component/secretless-broker
component/secretless-connectors
|
recv
|
||||
| 1283 |  |
There is an example generic HTTP connector config for Salesforce | 5y | 4y | 5y |
kind/enhancement
component/secretless-broker
|
recv similar
|
||||
| 1279 | |
There is an example generic HTTP connector config for the Kubernetes API | 5y | 5y | 5y |
kind/enhancement
component/secretless-connectors
|
recv similar
|
||||
| 1262 | |
There is an example generic HTTP connector config for the Google Cloud SDK | 5y | 5y | 5y |
kind/enhancement
component/secretless-connectors
|
recv
|
||||
| 1225 | |
There is a central set of tests that validate the SSL configuration of the TLS connectors | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 1201 | |
Determine how Secretless responds to DB server TLS renegotiation | 5y | 5y | 5y |
kind/spike
component/secretless-broker
|
recv
|
||||
| 1178 | |
Secretless optionally supports encryption for the client-to-Secretless connection | 5y | 5y | 5y |
triage/needs-info
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 1171 | |
Add Unix socket flow to Kubernetes tutorial | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 1152 | |
Proxyservice package is unit tested | 5y | 2wk | 5y |
kind/enhancement
component/secretless-broker
kind/technical-debt
good-first-issue
kind/quality
|
recv
|
||||
| 1132 |  |
JDBC Jar is built at runtime for integration tests | 5y | 5y | 5y |
recv
|
|||||
| 1097 | |
Database clients receive a meaningful error when a new connection request has bad credentials | 5y | 5y | 5y |
kind/enhancement
component/secretless-connectors
|
recv
|
||||
| 1094 | |
Secretless has configurable connection timeouts for connectors | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 1083 | |
Example plugin uses Secretless logger | 5y | 5y | 5y |
component/secretless-broker
kind/developer-experience
|
recv
|
||||
| 1065 | |
Broker can delegate basic sanity checks on `credentials` keys to plugins | 5y | 5y | 5y |
kind/enhancement
triage/scoping
component/secretless-broker
component/secretless-plugins
triage/needs-epic
kind/ux
|
recv
|
||||
| 1042 | |
Conjur provider has improved automated tests | 5y | 5y | 5y |
component/secretless-providers
kind/technical-debt
|
recv
|
||||
| 1036 | |
Unit tests validate service connector plugin error handling | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 1021 | |
Add a Security Model to the connector plugin README | 5y | 5y | 5y |
kind/documentation
kind/developer-experience
component/secretless-connectors
|
recv
|
||||
| 1011 | |
ForceSSL defaults to true | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 994 | |
Use our logger implementation for signal/reload listener | 5y | 5y | 5y |
component/secretless-broker
kind/ux
|
recv
|
||||
| 993 | |
Use our logger implementation for health check output | 5y | 5y | 5y |
component/secretless-broker
kind/ux
|
recv
|
||||
| 980 | |
Secretless transmits packets after authentication without transforming them | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 979 | |
Add `--allow-builtin-plugin-overrides` CLI argument | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
component/secretless-plugins
security/low
|
recv
|
||||
| 957 | |
Re-evaluate ConnectionManager API | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
component/secretless-plugins
kind/technical-debt
|
recv
|
||||
| 941 | |
Remove URL parsing logic from `internal/proxyservice/proxy_service.go` | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
defined
|
recv
|
||||
| 940 | |
Add better logic when we can't open a tcp socket | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
kind/ux
|
recv
|
||||
| 937 | |
Replace XXXFunc with values in AvailablePlugins UTs | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 934 | |
Tests are added for external_plugins.go | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
kind/technical-debt
defined
|
recv
|
||||
| 902 | |
secretless.Logger is simplified with cleaner tests | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 875 | |
Logger tests use mocks for simplicity | 5y | 5y | 5y |
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 834 | |
Secretless supports plugin types besides connectors | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 822 | |
Make our plugin system work on windows | 5y | 5y | 5y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 721 | |
Rename `TempFactory` to `TempFileFactory` |
| 6y | 5y | 6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
assigned recv
|
|||
| 715 | |
CRDs are updated to use v2 configuration format | 6y | 5y | 6y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 704 | |
fs_watcher has a goroutine leak | 6y | 6y | 6y |
kind/bug
component/secretless-broker
|
recv
|
||||
| 701 | |
Best practices recommendations exist for writing new DB handlers | 6y | 6y | 6y |
kind/epic
component/secretless-broker
|
recv
|
||||
| 681 | |
Tutorial progress bar position is fixed | 6y | 6y | 6y |
component/secretless-broker
kind/XA
|
recv
|
||||
| 680 | |
Abstraction exists in tutorial to accept multiple tutorials as parameter | 6y | 6y | 6y |
component/secretless-broker
kind/XA
|
recv
|
||||
| 671 | |
A good way to prevent log leaks has been agreed upon | 6y | 6y | 6y |
kind/spike
component/secretless-broker
|
recv
|
||||
| 657 | |
K8s tutorial scripts use correct method for waiting on containers | 6y | 5y | 6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
||||
| 640 | |
Cleanup and document code for autogenerating test secretless.yml |
|
6y | 6y | 6y |
component/secretless-broker
kind/technical-debt
|
recv
|
|||
| 625 | |
SSL util functions for handlers have correct interface and clean code | 6y | 6y | 6y |
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 624 | |
Use structured representation of options for Pg Handler | 6y | 6y | 6y |
component/pg-handler
kind/technical-debt
|
recv similar
|
||||
| 623 | |
MySQL Handler has good code quality and all required tests | 6y | 6y | 6y |
in progress
kind/epic
component/secretless-broker
kind/technical-debt
on-hold
|
recv
|
||||
| 617 | |
Credentials are consistently zeroized after use | 6y | 6y | 6y |
kind/epic
component/secretless-broker
security/medium
|
recv
|
||||
| 608 | |
Improve dev flow on tests, test documentation, and test infrastructure | 6y | 5y | 6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
||||
| 607 | |
MySQL/PG/SSL tests have been refactored | 6y | 6y | 6y |
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 591 | |
Add README to the integration tests | 6y | 5y | 6y |
kind/documentation
component/secretless-broker
kind/technical-debt
on-hold
good-first-issue
|
recv similar
|
||||
| 514 | |
Providers retrieve secret values per connection in batches if possible | 6y | 6y | 6y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 510 | |
AWS Secrets credential provider has integration tests | 6y | 6y | 6y |
kind/enhancement
component/secretless-broker
|
recv
|
||||
| 507 | |
Secretless has AWS Secrets Provider | 6y | 6y | 6y |
kind/epic
|
recv
|
||||
| 506 | |
Config watcher is tested | 6y | 5y | 6y |
component/secretless-broker
kind/technical-debt
good-first-issue
|
recv
|
||||
| 505 | |
Secretless watches for config file changes | 6y | 5y | 6y |
kind/epic
component/secretless-broker
|
recv
|
||||
| 493 |  |
Conjur authentication logic is removed from the provider | 6y | 6y | 6y |
kind/enhancement
component/secretless-broker
triage/needs-epic
|
recv
|
||||
| 483 | |
PostgreSQL handler protocol has unit tests | 6y | 6y | 6y |
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 477 | |
Secretless quick start demo instructions are clear about flow | 6y | 6y | 6y |
kind/documentation
kind/enhancement
to do
component/demos
component/secretless-broker
|
recv
|
||||
| 473 | |
Secretless optionally retries connections | 6y | 6y | 6y |
kind/enhancement
component/secretless-providers
component/secretless-broker
|
recv
|
||||
| 467 | |
HTTP response times are measured | 6y | 5y | 6y |
kind/enhancement
to do
component/secretless-broker
good-first-issue
|
recv
|
||||
| 466 | |
SSH throughput is measured | 6y | 5y | 6y |
kind/enhancement
to do
component/secretless-broker
good-first-issue
|
recv
|
||||
| 465 | |
MySQL query response times are measured | 6y | 4wk | 6y |
kind/enhancement
component/secretless-broker
on-hold
implementing
|
recv
|
||||
| 451 | |
Secretless has an Azure Key Vault credential provider |
|
6y | 6y | 6y |
triage/scoping
kind/epic
component/secretless-providers
|
recv
|
|||
| 409 | |
Website has performance page | 6y | 6y | 6y |
kind/documentation
to do
component/secretless-site
|
recv
|
||||
| 400 | |
Broker documentation is improved | 6y | 6y | 6y |
to do
kind/epic
component/secretless-broker
|
recv
|
||||
| 383 | |
Broker is secure | 6y | 6y | 6y |
in progress
kind/enhancement
kind/epic
component/secretless-broker
|
recv
|
||||
| 381 | |
Broker has additional configuration options | 6y | 4wk | 6y |
kind/enhancement
kind/epic
component/secretless-broker
|
recv
|
||||
| 380 | |
Broker is easy to develop for |
| 6y | 6y | 6y |
kind/epic
component/secretless-broker
kind/technical-debt
|
assigned recv
|
|||
| 374 | |
A pass-through listener exists | 6y | 4wk | 6y |
kind/enhancement
to do
component/secretless-broker
kind/technical-debt
|
recv
|
||||
| 354 | |
Istio can be used with an external DB |
| 6y | 6y | 6y |
kind/spike
to do
component/secretless-broker
|
assigned recv
|
|||
| 325 | |
Secretless can be deployed with a sidecar injector |
| 6y | 6y | 6y |
triage/scoping
kind/epic
|
assigned recv
|
|||
| 265 | |
Secretless has option to configure response when provider fails to resolve a variable | 6y | 6y | 6y |
component/secretless-broker
|
recv
|
||||
| 82 | |
AWS handler has test suite with documentation |
| 7y | 6y | 7y |
component/aws-handler
|
assigned recv
|
|||
| 31 | |
Use a dot foo.bar scheme to access nested data from HashiCorp Vault | 7y | 6y | 7y |
component/vault-provider
triage/needs-epic
|
recv
|
||||
| 16 |  |
Helm charts are published to Helm artifact hub and helm/hub | 4y | 4y | 4y |
recv
|
|||||
| 12 | |
Helm charts repo is updated after new helm chart release | 5y | 5y | 5y |
component/k8s
kind/enhancement
|
recv
|
||||
| 177 |  |
Conjur does not start with an external Postgres database due to OpenSSL internal error, assertion failed: Low level API call to digest SHA256 forbidden in FIPS mode | 2y | 2y | 2y |
kind/bug
contributor
|
recv
|
||||
| 167 |  |
Add nodeSelector to list of Chart Parameters | 3y | 3y | 3y |
kind/enhancement
contributor
|
recv
|
||||
| 142 | |
Add check/warning for pre-existing ClusterRole in Kubernetes example scripts | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
||||
| 141 | |
Clarify compatible database versions in README | 4y | 4y | 4y |
component/conjur
kind/documentation
|
recv
|
||||
| 139 | |
Make conjur proxy container optional and configurable |
2
|
4y | 4y | 4y | |
kind/enhancement
triage/needs-info
component/conjur
|
recv
|
||
| 136 | |
Add option to auto-create a Conjur data encryption key | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
||||
| 135 | |
Add deprecation warnings to NOTES.txt | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
||||
| 134 | |
Deprecated features to consider for removal for next major release (3.0.0) |
|
4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
|||
| 133 | |
Instructions fail when LoadBalancer service defines a hostname instead of an IP for the LB ingress | 4y | 4y | 4y |
component/conjur
kind/bug
|
recv
|
||||
| 132 | |
Add authn-k8s demo app E2E test based on KinD GitHub actions | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
||||
| 130 |  |
Failure in Conjur schema migrations of external DB can't recover | 4y | 4y | 4y |
component/conjur
kind/bug
|
recv
|
||||
| 104 | |
Reorganize README.md KinD example to make it more of a Getting Started guide | 4y | 2mo | 4y |
kind/enhancement
component/conjur
good-first-issue
|
recv
|
||||
| 86 | |
Document use of or add subchart for bitnami/postgresql | 4y | 4y | 4y |
kind/enhancement
component/conjur
|
recv
|
||||
| 68 | |
Helm deployment instructions (README) include architecture diagrams | 4y | 4y | 4y |
component/conjur
kind/bug
|
recv
|
||||
| 57 | |
Pipeline validates upgrade instructions | 5y | 5y | 5y |
component/k8s
kind/infrastructure
|
recv
|
||||
| 46 | |
Adds TLS between Conjur and posgres pod | 5y | 5y | 5y |
kind/enhancement
component/conjur
|
recv
|
||||
| 28 | |
Documentation is updated to clarify setup steps |
|
6y | 5y | 6y |  |
good-first-issue
|
recv
|
||
| 9 | |
CI pipeline runs kubesec | 6y | 5y | 6y |
good-first-issue
|
recv
|
||||
| 7 |  |
Conjur Helm chart has published shasums | 6y | 6y | 6y |
kind/enhancement
component/k8s
component/openshift
|
recv
|
||||
| 186 | |
Migrate client configuration from `conjur-cli` gem to this gem | 4y | 4y | 4y |
component/api/ruby
kind/enhancement
|
recv
|
||||
| 148 |  |
Ruby client library tests are run against the EE |
| 6y | 6y | 6y |
component/api/ruby
selected
|
assigned recv
|
|||
| 145 | |
Allow using multiple independent API connections | 6y | 6y | 6y |
recv
|
|||||
| 128 | |
Token expiration should be aware of the "exp" field in new style tokens | 7y | 7y | 7y |
recv
|
|||||
| 102 | |
Add ability to pass in CONJUR_APPLIANCE_URL and CONJUR_ACCOUNT into Conjur class |
|
4y | 4y | 4y |
component/api/java
kind/enhancement
internal-contributor
|
recv
|
|||
| 99 | |
Unit tests exist for each class | 4y | 4y | 4y |
component/api/java
kind/enhancement
|
recv
|
||||
| 65 | |
Code climate issues have been resolved | 5y | 17d | 5y |
kind/technical-debt
component/conjur-sdk
|
recv
|
||||
| 55 | |
Add unit tests | 5y | 17d | 5y |
good-first-issue
|
recv
|
||||
| 35 | |
Add API use-case ex in Docker to docs |
| 6y | 17d | 6y |
kind/documentation
component/api/java
kind/developer-experience
good-first-issue
defined
|
assigned recv
|
|||
| 33 |  |
Is javadoc published anywhere on the web? | 6y | 17d | 6y |
kind/documentation
kind/developer-experience
|
recv
|
||||
| 251 |  |
Default not supported for `gopass` | 1y | 1y | 1y |
kind/enhancement
|
recv
|
||||
| 153 | |
Multiple `-e` environments can be supported | 5y | 5y | 5y |
kind/enhancement
component/summon
|
recv
|
||||
| 152 | |
Clean up empty tempdirs | 5y | 2mo | 5y |
kind/bug
kind/cleanup
component/summon
good-first-issue
|
recv
|
||||
| 151 | |
Add more information about `!file` handling | 5y | 2mo | 5y |
kind/documentation
kind/enhancement
component/summon
good-first-issue
|
recv
|
||||
| 135 | |
Zeroize all vars right after start of child process | 5y | 13d | 5y |
kind/enhancement
component/summon
kind/security
|
recv
|
||||
| 17 | |
Ensure documentation is accurate | 5y | 5y | 5y |
triage/needs-info
kind/technical-debt
component/summon
kind/documentation
|
recv
|
||||
| 48 | |
Tests exist for `main.go` | 4y | 4y | 4y |
kind/technical-debt
kind/enhancement
component/summon
|
recv
|
||||
| 44 |  |
Ability to specify versions of secrets to retrieve | 4y | 4y | 4y | |
kind/enhancement
component/summon
contributor
has-idea
|
recv
|
|||
| 17 |  |
Option to base64 encode secrets values | 5y | 5y | 5y |
recv
|
|||||
| 22 |  |
Apple silicon is not supported for this provider |
|
2y | 2y | 2y |
kind/enhancement
contributor
|
recv
|
|||
| 327 | |
Document client errors | 4y | 11d | 4y | |
kind/documentation
triage/needs-info
stale
|
recv
|
|||
| 310 | |
Kubernetes test automation and demo materials are revised | 4y | 11d | 4y | |
component/k8s
kind/technical-debt
Epic
stale
|
recv
|
|||
| 305 | |
Add get-conjur-cert.sh and test-helm scripts to release artifacts | 4y | 10d | 4y | |
component/k8s
kind/enhancement
stale
|
recv
|
|||
| 291 | |
The Namespace prep helm test uses validator Host ID to validate the Kubernetes authenticator is functional | 4y | 10d | 4y | |
component/k8s
kind/enhancement
stale
|
recv
|
|||
| 290 | |
The Namespace helm test queries the /info endpoint for validation | 4y | 10d | 4y | |
component/k8s
kind/enhancement
stale
|
recv
|
|||
| 289 | |
There is an initial framework for the Namespace prep Helm test | 4y | 10d | 4y | |
component/k8s
kind/enhancement
stale
|
recv
|
|||
| 228 | |
There is a helm test for the cluster prep helm chart | 4y | 10d | 4y | |
component/k8s
Epic
kind/user-story
stale
|
recv
|
|||
| 222 | |
Enable cloud provided authentication methods in sidecar | 4y | 10d | 4y | |
component/k8s
kind/enhancement
internal-contributor
stale
|
recv
|
|||
| 172 | |
Enable use of system CA store for Conjur's SSL certificate verification |
|
4y | 9d | 4y | |
component/k8s
kind/bug
stale
|
recv
|
||
| 54 | |
Consider setting automation to work with latests scripts/DAP/Conjur | 5y | 8d | 5y | |
component/k8s
kind/technical-debt
component/authenticators
kind/infrastructure
stale
|
recv
|
|||
| 9 | |
Authenticator gets pod name / namespace using Kubernetes API | 6y | 4y | 6y |
rnd-boost
|
open-milestone recv
|
||||
| 549 | |
Secrets rotation improvements |
|
|
3mo | 2mo | 2mo | |
kind/enhancement
|
assigned assignee-updated commented recv
|
|
| 530 |  |
retryCountLimit not evaluated in helm deployment | 2y | 2y | 2y |
kind/bug
|
recv
|
||||
| 270 | |
Tests automate fetching version from values.yml instead of hardcoding it |
|
4y | 4y | 4y |
kind/technical-debt
component/k8s
|
recv
|
|||
| 138 | |
Enhancement: Remove use of downward API from manifest |
| 4y | 4y | 4y |
assigned recv
|
||||
| 171 | |
Close ports for the conjur follower | 4y | 4y | 4y |
recv
|
|||||
| 117 | |
Unbound variable error on stop | 5y | 5y | 5y |
recv
|
|||||
| 116 | |
Repo needs a CHANGELOG | 5y | 5y | 5y |
kind/documentation
component/k8s
|
recv
|
||||
| 99 | |
Don't use separate yamls for OC and K8s where possible | 5y | 5y | 5y |
triage/scoping
kind/technical-debt
kind/enhancement
component/k8s
kind/cleanup
triage/needs-epic
kind/developer-experience
good-first-issue
|
recv
|
||||
| 55 | |
Tests include coverage of master deployment to both GKE and OpenShift | 6y | 6y | 6y |
component/openshift
kind/enhancement
component/k8s
kind/cleanup
triage/needs-epic
severity/low
kind/developer-experience
|
recv
|
||||
| 31 |  |
the check dep script is checking for OSHIFT_CONJUR_ADMIN_USERNAME but the scripts are using OPSHIFT_CLUSTER_ADMIN_USERNAME | 6y | 6y | 6y |
recv
|
|||||
| 18 | |
data key should be stored as a secret | 6y | 17d | 6y |
ready
good-first-issue
|
recv
|
||||
| 135 | |
Add validator host ID to allow authn-k8s config to be validated | 4y | 4y | 4y |
kind/enhancement
component/demos
|
recv
|
||||
| 130 | |
Automated tests only run against annotation-based identities | 4y | 4y | 4y |
kind/enhancement
component/demos
|
recv
|
||||
| 115 | |
Add DeploymentConfigs as app identity in Jenkins OpenShift CI | 4y | 4y | 4y |
kind/enhancement
component/demos
|
recv
|
||||
| 113 | |
Replace use of sed for yaml templating with Yaml.sh or helm charts | 4y | 4y | 4y |
kind/enhancement
component/demos
|
recv
|
||||
| 38 | |
Automated tests validate demos against Conjur OSS | 6y | 6y | 6y |
component/k8s
kind/technical-debt
component/demos
component/pipeline
|
recv
|
||||
| 32 | |
Scripts check conditions rather than sleeping | 6y | 6y | 6y |
component/k8s
kind/technical-debt
component/demos
|
recv
|
||||
| 91 | |
Users can determine buildpack version from Cloud Foundry | 4y | 4y | 4y |
component/pcf
kind/enhancement
|
recv
|
||||
| 82 | |
The secrets.yml check in the supply script uses different logic than the `conjur-env` binary to find the secrets.yml | 4y | 4y | 4y |
component/pcf
kind/bug
internal-contributor
|
recv
|
||||
| 36 | |
Demo has a CI pipeline for the local flow | 6y | 6y | 6y |
component/pcf
infra/pipelines
|
recv
|
||||
| 35 | |
Demo has a CI pipeline for the tile | 6y | 6y | 6y |
component/pcf
selected
infra/pipelines
|
recv
|
||||
| 187 |  |
Consider using true/false for all booleans in docs | 2y | 2wk | 2y |
good first issue
good-first-issue
contributor
|
recv
|
||||
| 49 | |
Add other ways to specify Conjur / DAP identity in `cyberark.conjur.conjur_variable` | 4y | 4y | 4y |
component/ansible
kind/enhancement
|
recv
|
||||
| 47 | |
The UX of configuring the lookup plugin and role has been evaluated | 4y | 4y | 4y |
recv
|
|||||
| 46 | |
Roles are tested with Molecule | 4y | 4y | 4y |
component/ansible
kind/enhancement
|
recv
|
||||
| 45 | |
The log output of the conjur-role without "no_log" set to true has been reviewed | 4y | 4y | 4y |
component/ansible
kind/enhancement
kind/XA
|
recv
|
||||
| 43 | |
Documentation is clear that input variable path should not be urlencoded | 4y | 4y | 4y |
component/ansible
source/salesforce
kind/documentation
|
recv
|
||||
| 42 | |
Expand Ansible Collection to include Conjur Role | 4y | 4y | 4y |
component/ansible
kind/enhancement
Epic
|
recv
|
||||
| 258 | |
Error with self signed certificate | 2y | 2y | 2y | |
kind/bug
|
recv
|
|||
| 132 | |
Add an ability to update Conjur secret |
2
|
1y | 1y | 1y |
kind/enhancement
|
recv
|
|||
| 53 | |
Add Windows instructions to README | 5y | 5y | 5y |
component/terraform
kind/enhancement
|
recv
|
||||
| 7 previously listed items omitted: #1753 #1718 #260 #149 #289 #93 #191 | |||||||||||