Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bitnami/cert-manager cannot get resource "leases" in API group "coordination.k8s.io" #6930

Closed
Dryymoon opened this issue Jul 12, 2021 · 5 comments
Closed

bitnami/cert-manager cannot get resource "leases" in API group "coordination.k8s.io" #6930

Dryymoon opened this issue Jul 12, 2021 · 5 comments
Labels
stale 15 days without activity

Comments

@Dryymoon
Copy link

Dryymoon commented Jul 12, 2021
edited
Loading

Which chart:
bitnami/cert-manager
version: cert-manager-0.1.4

Describe the bug
any certificate not issued and cert-manager-controller print this error:

leaderelection.go:325] error retrieving resource lock kube-system/cert-manager-controller: leases.coordination.k8s.io "cert-manager-controller" is forbidden: User "system:serviceaccount:cert-manager:cert-manager-controller" cannot get resource "leases" in API group "coordination.k8s.io" in the namespace "kube-system"

To Reproduce
Steps to reproduce the behavior:

  1. Install cert-manager
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install \
  cert-manager bitnami/cert-manager \
  --namespace cert-manager \
  --create-namespace \
  --set installCRDs=true
  1. Install any service with ingress which configured to request certificates via cert manager
  2. Certificates not issued.

Expected behavior
Certificates issued.

Version of Helm and Kubernetes:

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.2", GitCommit:"52c56ce7a8272c798dbc29846288d7cd9fbae032", GitTreeState:"clean", BuildDate:"2020-04-16T11:56:40Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"w
indows/amd64"}
Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.8", GitCommit:"5575935422cc1cf5169dfc8847cb587aa47bac5a", GitTreeState:"clean", BuildDate:"2021-06-16T12:53:07Z", GoVersion:"go1.15.13", Compiler:"gc", Platform:"
linux/amd64"}

 helm version
version.BuildInfo{Version:"v3.2.1", GitCommit:"fe51cd1e31e6a202cba7dead9552a6d418ded79a", GitTreeState:"clean", GoVersion:"go1.13.10"}

Extra
Maybe this will help
open-telemetry/opentelemetry-operator#149
https://github.com/open-telemetry/opentelemetry-operator/pull/151/files
@alemorcuq
Copy link
Contributor

Thanks for reporting this, @Dryymoon. Have you tried if adding that rule to the role fixes the issue for you?

@Dryymoon
Copy link
Author

I`m not tried to add rule.
I tried another helm chart "jetstack/cert-manager" which has necessary changes and works fine.

@alemorcuq
Copy link
Contributor

Are you interested on contributing with a PR, @Dryymoon ?

@github-actions
Copy link

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

@github-actions github-actions bot added the stale 15 days without activity label Jul 31, 2021
@alemorcuq
Copy link
Contributor

alemorcuq commented Aug 2, 2021
edited
Loading

Fixed in #7035

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale 15 days without activity
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Dryymoon @alemorcuq