{"id":37101831,"url":"https://github.com/liquidweb/kube-cert-manager","last_synced_at":"2026-01-14T12:21:25.706Z","repository":{"id":57586047,"uuid":"102641139","full_name":"liquidweb/kube-cert-manager","owner":"liquidweb","description":"Manage Lets Encrypt certificates for a Kubernetes cluster.","archived":false,"fork":true,"pushed_at":"2019-10-21T18:56:21.000Z","size":22161,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-10-20T17:50:26.526Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"PalmStoneGames/kube-cert-manager","license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/liquidweb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-09-06T17:59:08.000Z","updated_at":"2019-11-22T20:28:28.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/liquidweb/kube-cert-manager","commit_stats":null,"previous_names":[],"tags_count":23,"template":false,"template_full_name":null,"purl":"pkg:github/liquidweb/kube-cert-manager","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liquidweb%2Fkube-cert-manager","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liquidweb%2Fkube-cert-manager/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liquidweb%2Fkube-cert-manager/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liquidweb%2Fkube-cert-manager/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/liquidweb","download_url":"https://codeload.github.com/liquidweb/kube-cert-manager/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liquidweb%2Fkube-cert-manager/sbom","scorecard":{"id":592179,"data":{"date":"2025-08-11","repo":{"name":"github.com/liquidweb/kube-cert-manager","commit":"c0d3d0451532747d9d056e07403173090e28f2bc"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: Dockerfile:1","Warn: downloadThenRun not pinned by hash: Dockerfile:5","Info:   0 out of   1 containerImage dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T22:14:00.105Z","repository_id":57586047,"created_at":"2025-08-20T22:14:00.105Z","updated_at":"2025-08-20T22:14:00.105Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28420512,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T10:47:48.104Z","status":"ssl_error","status_checked_at":"2026-01-14T10:46:19.031Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-14T12:21:25.005Z","updated_at":"2026-01-14T12:21:25.668Z","avatar_url":"https://github.com/liquidweb.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Kubernetes Certificate Manager\n\nThis project is loosely based on https://github.com/kelseyhightower/kube-cert-manager\nIt took over most of its documentation, license, as well as the general approach to how things work.\n\nThe code itself however, was entirely reimplemented to use xenolf/lego as the basis, instead of reimplementing an ACME client and DNS plugins.\n\n## Version\n\nPlease note: This is the documentation for the currently in development version of kcm, please refer to [v0.4.0](https://github.com/PalmStoneGames/kube-cert-manager/tree/v0.4.0) for documentation for the latest stable version\n\n## Special note for upgrading from earlier versions\n\nIf you are upgrading from a version before 0.5.0 then note that the default way to identify Ingress resources \nto be managed by the certificate manager has changed, from the `enabled` annotation, to the `class` label.\n[Backwards compatible behaviour is available](docs/ingress.md) by setting the `-class` [argument](docs/deployment-arguments.md) to a blank value.\n\n## Features\n\n* Manage Kubernetes TLS secrets backed by Let's Encrypt issued certificates.\n* Manage [Let's Encrypt](https://letsencrypt.org) issued certificates based on Kubernetes ThirdParty Resources.\n* Manage [Let's Encrypt](https://letsencrypt.org) issued certificates based on Kubernetes Ingress Resources.\n* Domain validation using ACME HTTP-01, SNI-TLS-01 or DNS-01 challenges.\n* Support for multiple challenge providers.\n* Support for subject alternative names in requested certificates.\n\n## Project Goals\n\n* Demonstrate how to build custom Kubernetes controllers.\n* Demonstrate how to use Kubernetes [Third Party Resources](https://github.com/kubernetes/kubernetes/blob/release-1.3/docs/design/extending-api.md).\n* Demonstrate how to interact with the Kubernetes API (watches, reconciliation, etc).\n* Demonstrate how to write great documentation for Kubernetes add-ons and extensions.\n* Promote the usage of Let's Encrypt for securing web applications running on Kubernetes.\n\n## Requirements\n\n* Kubernetes 1.3+\n* At least one configured [challenge provider](docs/providers.md)\n* A Kubectl with the same 1.x version as your cluster (ie. kubectl 1.3.x for a 1.3 cluster, and kubectl 1.4.x for a 1.4 cluster)\n\n## Usage\n\n* [Deployment Guide](docs/deployment-guide.md)\n* [Creating a Certificate](docs/create-a-certificate.md)\n* [Deleting a Certificate](docs/delete-a-certificate.md)\n* [Consuming Certificates](docs/consume-certificates.md)\n- [Managing Certificates for Ingress Resources](docs/ingress.md)\n- [Garbage Collection of Secrets](docs/garbage-collection.md)\n* [Secure Deployment using RBAC](docs/secure-deployment.md)\n\n## Documentation\n\n* [Deployment Arguments](docs/deployment-arguments.md)\n* [Certificate Third Party Resources](docs/certificate-third-party-resource.md)\n* [Certificate Resources](docs/certificate-resources.md)\n* [Challenge Providers](docs/providers.md)\n* [Building Container Image with AWS CodeBuild](codebuild/README.md)\n\n## Development Setup\n\n* [Dev Setup Readme](dev-setup/README.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fliquidweb%2Fkube-cert-manager","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fliquidweb%2Fkube-cert-manager","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fliquidweb%2Fkube-cert-manager/lists"}