Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-56758

Unable to install cert-manager-operator without errors

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • 3
    • None
    • None
    • None
    • None
    • OAPE Sprint 272, OAPE Sprint 273
    • 2
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:

      Cert-manager-Operator pod produces errors related with Rolebindings in installation    

      Version-Release number of selected component (if applicable):

          1.16.0

      How reproducible:

          5/5

      Steps to Reproduce:

          1. Install Cert-manager-operator from operator hub 
          2. Observe Cert-manager-operator logs
          3.
          

      Actual results:

          

      Expected results:

          

      Additional info:

      >
      I0527 18:07:38.460719 1 event.go:377] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"cert-manager-operator", Name:"cert-manager-operator-controller-manager", UID:"dece4cd4-ce73-41d7-aef4-6ce2394a992b", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Warning' reason: 'RoleBindingCreateFailed' Failed to create RoleBinding.rbac.authorization.k8s.io/cert-manager-cert-manager-tokenrequest -n cert-manager: roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" not found
      I0527 18:07:38.885813 1 event.go:377] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"cert-manager-operator", Name:"cert-manager-operator-controller-manager", UID:"dece4cd4-ce73-41d7-aef4-6ce2394a992b", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Warning' reason: 'RoleCreateFailed' Failed to create Role.rbac.authorization.k8s.io/cert-manager-tokenrequest -n cert-manager: roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" is forbidden: user "system:serviceaccount:cert-manager-operator:cert-manager-operator-controller-manager" (groups=["system:serviceaccounts" "system:serviceaccounts:cert-manager-operator" "system:authenticated"]) is attempting to grant RBAC permissions not currently held:
      {APIGroups:[""], Resources:["serviceaccounts/token"], ResourceNames:["cert-manager"], Verbs:["create"]}
      E0527 18:07:39.876094 1 base_controller.go:279] "Unhandled Error" err=<
      cert-manager-controller-static-resources--StaticResources reconciliation failed: ["cert-manager-deployment/controller/cert-manager-cert-manager-tokenrequest-rb.yaml" (string): roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" not found, "cert-manager-deployment/controller/cert-manager-tokenrequest-role.yaml" (string): roles.rbac.authorization.k8s.io "cert-manager-tokenrequest" is forbidden: user "system:serviceaccount:cert-manager-operator:cert-manager-operator-controller-manager" (groups=["system:serviceaccounts" "system:serviceaccounts:cert-manager-operator" "system:authenticated"]) is attempting to grant RBAC permissions not currently held:
      {APIGroups:[""], Resources:["serviceaccounts/token"], ResourceNames:["cert-manager"], Verbs:["create"]}]

       

              rh-ee-yuewu Yuedong Wu
              rh-ee-ctartici Cansin Tartici
              None
              Swarup Ghosh
              Yuedong Wu Yuedong Wu
              None
              Votes:
              2 Vote for this issue
              Watchers:
              21 Start watching this issue

                Created:
                Updated:
                Resolved: