Closed andsens closed 3 months ago
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
/remove-lifecycle stale
Might send a PR if I get the time.
/kind feature
Big thumbs up for already tightening the rather loose policy that cert-manager suggests in their guide by restricting the hosted zone. I have a suggestion for tighten it even further. Split up the
ChangeResourceRecordSets
andListResourceRecordSets
and restrict any changes to TXT records on_acme-challenge.*
subdomains.I modified the policy kops created with the suggested change and it works like a charm :-)