// the find
kelseyhightower/kube-cert-manager
Manage Lets Encrypt certificates for a Kubernetes cluster.
kube-cert-manager is a Kubernetes controller from 2017 that automated Let's Encrypt TLS certificate provisioning using ThirdPartyResources and DNS-01 ACME challenges. It's a historical artifact — the Kubernetes API it depends on (ThirdPartyResources) was removed in Kubernetes 1.8, and cert-manager has been the standard replacement for years.
The DNS-01 exec plugin architecture was genuinely clean — external DNS providers were just executables on a defined interface, no code changes needed to add a new one. The watch/reconcile loop implementation is a solid reference for anyone learning how to write a Kubernetes controller from scratch before controller-runtime existed. Documentation is unusually complete for a 2017 project: separate guides for create, delete, consume, and deployment.
ThirdPartyResources were removed in Kubernetes 1.8 (released September 2017), so this controller cannot run on any Kubernetes version from the last seven-plus years. The repo has been dead since January 2018 with no migration path to CRDs. The README doesn't mention any of this — someone discovering it today would waste time before realizing it's a museum piece. cert-manager does everything this did, plus HTTP-01 challenges, multiple ACME providers, and active maintenance.