Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-56758

Unable to install cert-manager-operator without errors

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • 3
    • None
    • None
    • None
    • None
    • OAPE Sprint 272, OAPE Sprint 273
    • 2
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:

      Cert-manager-Operator pod produces errors related with Rolebindings in installation

      Version-Release number of selected component (if applicable):

          1.16.0

      How reproducible:

          5/5

      Steps to Reproduce:

          1. Install Cert-manager-operator from operator hub 
    2. Observe Cert-manager-operator logs
    3.

      Actual results:

      Expected results:

      Additional info:

      >
I0527 18:07:38.460719 1 event.go:377] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"cert-manager-operator", Name:"cert-manager-operator-controller-manager", UID:"dece4cd4-ce73-41d7-aef4-6ce2394a992b", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Warning' reason: 'RoleBindingCreateFailed' Failed to create RoleBinding.rbac.authorization.k8s.io/cert-manager-cert-manager-tokenrequest -n cert-manager: roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" not found
I0527 18:07:38.885813 1 event.go:377] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"cert-manager-operator", Name:"cert-manager-operator-controller-manager", UID:"dece4cd4-ce73-41d7-aef4-6ce2394a992b", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Warning' reason: 'RoleCreateFailed' Failed to create Role.rbac.authorization.k8s.io/cert-manager-tokenrequest -n cert-manager: roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" is forbidden: user "system:serviceaccount:cert-manager-operator:cert-manager-operator-controller-manager" (groups=["system:serviceaccounts" "system:serviceaccounts:cert-manager-operator" "system:authenticated"]) is attempting to grant RBAC permissions not currently held:
{APIGroups:[""], Resources:["serviceaccounts/token"], ResourceNames:["cert-manager"], Verbs:["create"]}
E0527 18:07:39.876094 1 base_controller.go:279] "Unhandled Error" err=<
cert-manager-controller-static-resources--StaticResources reconciliation failed: ["cert-manager-deployment/controller/cert-manager-cert-manager-tokenrequest-rb.yaml" (string): roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" not found, "cert-manager-deployment/controller/cert-manager-tokenrequest-role.yaml" (string): roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" is forbidden: user "system:serviceaccount:cert-manager-operator:cert-manager-operator-controller-manager" (groups=["system:serviceaccounts" "system:serviceaccounts:cert-manager-operator" "system:authenticated"]) is attempting to grant RBAC permissions not currently held:
{APIGroups:[""], Resources:["serviceaccounts/token"], ResourceNames:["cert-manager"], Verbs:["create"]}]

       

              rh-ee-yuewu Yuedong Wu
              rh-ee-ctartici Cansin Tartici
              None
              Swarup Ghosh
              Yuedong Wu Yuedong Wu
              None
              Votes:
              2 Vote for this issue
              Watchers:
              21 Start watching this issue

                Created:
                Updated:
                Resolved: