-
Bug
-
Resolution: Done
-
Critical
-
None
-
4.16, 4.17, 4.18
-
Quality / Stability / Reliability
-
False
-
-
3
-
None
-
None
-
None
-
None
-
OAPE Sprint 272, OAPE Sprint 273
-
2
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
Cert-manager-Operator pod produces errors related with Rolebindings in installation
Version-Release number of selected component (if applicable):
1.16.0
How reproducible:
5/5
Steps to Reproduce:
1. Install Cert-manager-operator from operator hub 2. Observe Cert-manager-operator logs 3.
Actual results:
Expected results:
Additional info:
> I0527 18:07:38.460719 1 event.go:377] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"cert-manager-operator", Name:"cert-manager-operator-controller-manager", UID:"dece4cd4-ce73-41d7-aef4-6ce2394a992b", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Warning' reason: 'RoleBindingCreateFailed' Failed to create RoleBinding.rbac.authorization.k8s.io/cert-manager-cert-manager-tokenrequest -n cert-manager: roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" not found I0527 18:07:38.885813 1 event.go:377] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"cert-manager-operator", Name:"cert-manager-operator-controller-manager", UID:"dece4cd4-ce73-41d7-aef4-6ce2394a992b", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Warning' reason: 'RoleCreateFailed' Failed to create Role.rbac.authorization.k8s.io/cert-manager-tokenrequest -n cert-manager: roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" is forbidden: user "system:serviceaccount:cert-manager-operator:cert-manager-operator-controller-manager" (groups=["system:serviceaccounts" "system:serviceaccounts:cert-manager-operator" "system:authenticated"]) is attempting to grant RBAC permissions not currently held: {APIGroups:[""], Resources:["serviceaccounts/token"], ResourceNames:["cert-manager"], Verbs:["create"]} E0527 18:07:39.876094 1 base_controller.go:279] "Unhandled Error" err=< cert-manager-controller-static-resources--StaticResources reconciliation failed: ["cert-manager-deployment/controller/cert-manager-cert-manager-tokenrequest-rb.yaml" (string): roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" not found, "cert-manager-deployment/controller/cert-manager-tokenrequest-role.yaml" (string): roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" is forbidden: user "system:serviceaccount:cert-manager-operator:cert-manager-operator-controller-manager" (groups=["system:serviceaccounts" "system:serviceaccounts:cert-manager-operator" "system:authenticated"]) is attempting to grant RBAC permissions not currently held: {APIGroups:[""], Resources:["serviceaccounts/token"], ResourceNames:["cert-manager"], Verbs:["create"]}]