{"id":13819767,"url":"https://github.com/cert-manager/trust-manager","last_synced_at":"2026-04-19T17:07:20.175Z","repository":{"id":37037338,"uuid":"384767370","full_name":"cert-manager/trust-manager","owner":"cert-manager","description":"trust-manager is an operator for distributing trust bundles across a Kubernetes cluster.","archived":false,"fork":false,"pushed_at":"2026-02-15T00:48:25.000Z","size":2788,"stargazers_count":359,"open_issues_count":49,"forks_count":102,"subscribers_count":7,"default_branch":"main","last_synced_at":"2026-02-15T01:42:27.777Z","etag":null,"topics":["go","golang","hacktoberfest","kubernetes","security","tls"],"latest_commit_sha":null,"homepage":"https://cert-manager.io/docs/projects/trust-manager/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cert-manager.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-07-10T18:41:48.000Z","updated_at":"2026-02-15T00:48:29.000Z","dependencies_parsed_at":"2023-12-28T15:02:06.674Z","dependency_job_id":"a20a0a68-b117-497b-9022-f3a89910890c","html_url":"https://github.com/cert-manager/trust-manager","commit_stats":{"total_commits":566,"total_committers":43,"mean_commits":"13.162790697674419","dds":0.8021201413427562,"last_synced_commit":"c8d2a2517c8c3f3c5653be529b53677fb0d0c3bd"},"previous_names":["cert-manager/trust"],"tags_count":39,"template":false,"template_full_name":null,"purl":"pkg:github/cert-manager/trust-manager","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cert-manager%2Ftrust-manager","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cert-manager%2Ftrust-manager/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cert-manager%2Ftrust-manager/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cert-manager%2Ftrust-manager/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cert-manager","download_url":"https://codeload.github.com/cert-manager/trust-manager/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cert-manager%2Ftrust-manager/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29667088,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-20T19:49:36.704Z","status":"ssl_error","status_checked_at":"2026-02-20T19:44:05.372Z","response_time":59,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["go","golang","hacktoberfest","kubernetes","security","tls"],"created_at":"2024-08-04T08:00:52.788Z","updated_at":"2026-02-20T22:24:58.877Z","avatar_url":"https://github.com/cert-manager.png","language":"Go","funding_links":[],"categories":["security","Go","Security \u0026 Compliance"],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://raw.githubusercontent.com/cert-manager/cert-manager/d53c0b9270f8cd90d908460d69502694e1838f5f/logo/logo-small.png\" height=\"256\" width=\"256\" alt=\"cert-manager project logo\" /\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://godoc.org/github.com/cert-manager/trust-manager\"\u003e\u003cimg src=\"https://godoc.org/github.com/cert-manager/trust-manager?status.svg\" alt=\"cert-manager/trust-manager godoc\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://goreportcard.com/report/github.com/cert-manager/trust-manager\"\u003e\u003cimg alt=\"Go Report Card\" src=\"https://goreportcard.com/badge/github.com/cert-manager/trust-manager\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://artifacthub.io/packages/search?repo=cert-manager\"\u003e\u003cimg alt=\"Artifact Hub\" src=\"https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cert-manager\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n# trust-manager\n\ntrust-manager is the easiest way to manage trust bundles in Kubernetes and OpenShift clusters!\n\nIt takes a list of trusted certificate sources and combines them into a bundle which you can trust directly\nin your applications.\n\nSupported sources include a public trust bundle similar to what you get from your Operating System.\n\ntrust-manager documentation is available on the cert-manager website, including:\n\n- [Installation instructions](https://cert-manager.io/docs/trust/trust-manager/installation/)\n- [Usage guidance](https://cert-manager.io/docs/trust/trust-manager/)\n- [API reference documentation](https://cert-manager.io/docs/trust/trust-manager/api-reference/)\n\n## Developing trust-manager\n\ntrust-manager uses [makefile-modules](https://github.com/cert-manager/makefile-modules/), meaning that any changes to files under `make/_shared` need to be made in that repo and synchronized here using `make upgrade-klone`.\n\nThe easiest way to get started is to run the trust-manager smoke tests locally.\n\nUse `make test-smoke`, which creates a [Kind cluster](https://kind.sigs.k8s.io/) using Docker and installs trust-manager (and cert-manager) before running the tests.\n\nTo create a cluster without running the smoke tests, use `make test-smoke-deps`.\n\nTo use or inspect the cluster, the `KUBECONFIG` file needs to be made available:\n\n```console\nexport KUBECONFIG=$(pwd)/_bin/scratch/kube.config\n```\n\n### Testing\n\ntrust-manager has various categories of tests. All categories are run against every PR, along with other checks.\n\n- `make test-unit` - Runs simpler, faster tests which test specific functions\n- `make test-integration` - Runs heavier tests with a simplified control-plane which tests how different pieces work together\n- `make test-smoke` - Runs end-to-end tests in a dedicated Kubernetes cluster\n\n## Example Bundle\n\nThe simplest useful Bundle uses default CAs. This default CA package is based on Debian's `ca-certificates` package, and so matches what you'd expect to see in a Debian container or VM.\n\n```yaml\napiVersion: trust.cert-manager.io/v1alpha1\nkind: Bundle\nmetadata:\n  name: trust-manager-bundle\nspec:\n  sources:\n  - useDefaultCAs: true\n  target:\n    configMap:\n      key: \"bundle.pem\"\n```\n\nThis Bundle will lead to a ConfigMap called `trust-manager-bundle` containing the default CAs being created in all namespaces, ready to be mounted\nand used by your applications.\n\nYour ConfigMap will automatically be updated if you change your bundle, too - so to update it, simply update your Bundle!\n\nFor more details see the [trust-manager documentation](https://cert-manager.io/docs/trust/trust-manager/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcert-manager%2Ftrust-manager","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcert-manager%2Ftrust-manager","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcert-manager%2Ftrust-manager/lists"}