dmahmalat / cert-manager-webhook-google-domains Goto Github PK
View Code? Open in Web Editor NEWAllow cert-manager to solve DNS challenges using Google Domains DNS
License: Apache License 2.0
cert-manager-webhook-google-domains's People
Contributors
Stargazers
Watchers
cert-manager-webhook-google-domains's Issues
Forbidden on Challenge Resource
This is the error I get. When it reaches the challenges stage. I'm new to cert-manager and kubernetes. It is likely I just have something misconfigured.
google-domains.acmedns.odetopeaches.com is forbidden: User "system:serviceaccount:cert-manager:cert-manager" cannot create resource "google-domains" in API group "acmedns.odetopeaches.com" at the cluster scope
FlowSchema and PriorityLevelConfiguration not found
Tried to provision a cert but it didn't work and the only thing in the logs is this.
W0526 17:38:30.711418 1 reflector.go:424] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:169: failed to list *v1beta3.FlowSchema: the server could not find the requested resource
E0526 17:38:30.711477 1 reflector.go:140] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:169: Failed to watch *v1beta3.FlowSchema: failed to list *v1beta3.FlowSchema: the server could not find the requested resource
W0526 17:38:45.231383 1 reflector.go:424] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:169: failed to list *v1beta3.PriorityLevelConfiguration: the server could not find the requested resource
E0526 17:38:45.231430 1 reflector.go:140] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:169: Failed to watch *v1beta3.PriorityLevelConfiguration: failed to list *v1beta3.PriorityLevelConfiguration: the server could not find the requested resource
Running on GKE 1.25.
What namespace are you running everything in?
I have cert manager installed in the cert-manager namespace.
I install this via: helm uninstall my-release dmahmalat/cert-manager-webhook-google-domains -n default and I guess it goes into the default namespace
Then my issuer secret is in the cert-manager namespace.
My issuer doesn't have a namespace.
When I install a certificate from the default namespace I get this in the cert-manager pod.
E0403 01:34:07.619223 1 controller.go:167] cert-manager/challenges "msg"="re-queuing item due to error processing" "error"="unable to get secret cert-manager; unable to get secret cert-domain-tls-key-example.com/cert-manager; secrets \"cert-domain-tls-key-example.com\" is forbidden: User \"system:serviceaccount:default:my-release-cert-manager-webhook-google-domains\" cannot get resource \"secrets\" in API group \"\" in the namespace \"cert-manager\"" "key"="default/example-com-dphgr-1778196375-4263164308"
Are you by chance running cert-manager in the default namespace? Just trying to get this working.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.