papdaniel opened a new issue, #1221: URL: https://github.com/apache/apisix-ingress-controller/issues/1221
### Issue description I use cert manager to generate certificates and create the `Certificate` and `ApisixTls` resources at the same time. Cert-manager needs some time to request the certificate, so when apisix-ingress-controller tries to find the cert secret it doesn't exist yet. The problem is apisix-ingress-controller won't retry to find the secret, so we are stucked. I know it is documented [here](https://apisix.apache.org/blog/2021/10/22/cert-manager-in-ingress/) that the secret should exist when we create the ApisixTls resource, but with a retry mechanism it would be much more relieable. ### Environment - your apisix-ingress-controller version (output of apisix-ingress-controller version --long): ``` Version: 1.4.1 Git SHA: no-git-module Go Version: go1.16.15 Building OS/Arch: linux/amd64 Running OS/Arch: linux/amd64 ``` - your Kubernetes cluster version (output of kubectl version): ``` Client Version: version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.1", GitCommit:"3ddd0f45aa91e2f30c70734b175631bec5b5825a", GitTreeState:"clean", BuildDate:"2022-05-24T12:26:19Z", GoVersion:"go1.18.2", Compiler:"gc", Platform:"linux/amd64"} Kustomize Version: v4.5.4 Server Version: version.Info{Major:"1", Minor:"22+", GitVersion:"v1.22.11-eks-18ef993", GitCommit:"b9628d6d3867ffd84c704af0befd31c7451cdc37", GitTreeState:"clean", BuildDate:"2022-07-06T18:06:23Z", GoVersion:"go1.16.15", Compiler:"gc", Platform:"linux/amd64"} ``` ### Minimal test code / Steps to reproduce Install cert-manager and apisix-ingress-controller, and create the following: ``` apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: test namespace: default spec: dnsNames: - '*.test.example.com' issuerRef: group: cert-manager.io kind: ClusterIssuer name: letsencrypt-prod secretName: test-wildcard --- apiVersion: apisix.apache.org/v2beta3 kind: ApisixTls metadata: name: test namespace: default spec: hosts: - '*.test.example.com' secret: name: test-wildcard namespace: default ``` ### Actual result ``` status: conditions: - lastTransitionTime: "2022-08-04T13:23:20Z" message: secret "test-wildcard" not found observedGeneration: 1 reason: ResourceSyncAborted status: "False" type: ResourcesAvailable ``` ### Error log - ### Expected result _No response_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
