cert-manager 0.10.1 broken with Kubernetes 1.20
Summary
When doing a fresh deploy with a 1.20 cluster certificates are not provisioned - cert manager has the following error:
sync.go:499] cert-manager/controller/certificates/certificates "msg"="error saving certificate" "error"="resourceVersion should not be set on objects to be created"
This appears to be caused by https://github.com/jetstack/cert-manager/issues/3615 and is resolved in newer cert-manager versions
Steps to reproduce
Install Gitlab Chart on k8s 1.20 cluster using the build in cert-manager and letsencrypt issuer
Configuration used
global:
edition: ce
hosts:
https: true
...
ingress:
configureCertmanager: true
enabled: true
tls:
enabled: true
...
certmanager:
# Disable CRD creation as it's already added by GKE
createCustomResource: false
certmanager-issuer:
email: ${cert_manager_email}
Current behavior
Cert-manager loops with the error above every 30 seconds
Expected behavior
Certificate is provisioned
Versions
- Chart: 4.10.4
- Platform:
- Cloud: GKE
- Kubernetes: (
kubectl version
)- Client: Terraform Kubernetes provider 1.13.2
- Server: v1.20.6-gke.1000
- Helm: (
helm version
)- Client: Terraform Helm provider 1.3.0
- Server: N/A
Relevant logs
Here is a complete try/retry loop for the main cert:
E0604 18:49:31.743370 1 sync.go:499] cert-manager/controller/certificates/certificates "msg"="error saving certificate" "error"="resourceVersion should not be set on objects to be created"
E0604 18:49:31.743601 1 controller.go:131] cert-manager/controller/certificates "msg"="re-queuing item due to error processing" "error"="resourceVersion should not be set on objects to be created" "key"="gitlab/gitlab-gitlab-tls"
I0604 18:49:31.822271 1 controller.go:129] cert-manager/controller/certificates "level"=0 "msg"="syncing item" "key"="gitlab/gitlab-gitlab-tls"
I0604 18:49:31.822432 1 controller.go:129] cert-manager/controller/orders "level"=0 "msg"="syncing item" "key"="gitlab/gitlab-gitlab-tls-4149932550"
I0604 18:49:31.823878 1 controller.go:135] cert-manager/controller/orders "level"=0 "msg"="finished processing work item" "key"="gitlab/gitlab-gitlab-tls-4149932550"
I0604 18:49:31.823906 1 controller.go:129] cert-manager/controller/orders "level"=0 "msg"="syncing item" "key"="gitlab/gitlab-registry-tls-1977550111"
I0604 18:49:31.824098 1 controller.go:129] cert-manager/controller/certificates "level"=0 "msg"="syncing item" "key"="gitlab/gitlab-registry-tls"
I0604 18:49:31.825209 1 controller.go:135] cert-manager/controller/orders "level"=0 "msg"="finished processing work item" "key"="gitlab/gitlab-registry-tls-1977550111"
E0604 18:49:31.832602 1 sync.go:499] cert-manager/controller/certificates/certificates "msg"="error saving certificate" "error"="resourceVersion should not be set on objects to be created"