Additional formats won't generate

[atillaqb]

Hello!

apiVersion: trust.cert-manager.io/v1alpha1
kind: Bundle
metadata:
  name: rootca
spec:
  sources:
  - useDefaultCAs: true
  - secret:
      name: "fullchain-rootca"
      key: "fullchainRootCA.crt"
  target:
    configMap:
      key: "bundle-certs.pem"
    additionalFormats:
      jks:
        key: "bundle-certs.jks"
      pkcs12:
        key: bundle-certs.p12
        password: '123'
    namespaceSelector: {}

I provided this bundle, but in resulting configmap there is no pkcs12 (I tried without password, with blank password ('') and with test 123 pass) there is only bundle-certs.pem content. I've tried latest v0.10.0 version of application. Kubernetes 1.29

[erikgb]

Hi @atillaqb! Anything interesting in the trust-manager pod log? And how does the status of your Bundle resource look like?

[atillaqb]

I found issue. By default, additional formats works only when you are using secret as a target. I think it should be reflected in official documentation.

[erikgb]

I found issue. By default, additional formats works only when you are using secret as a target. I think it should be reflected in official documentation.

How come? If that's the case, it's a bug. But I think this is unlikely. Are you by any chance using Octant to check your resources, ref. https://kubernetes.slack.com/archives/C4NV3DWUC/p1716453848338929?thread_ts=1716409603.775449&cid=C4NV3DWUC?

I was inspecting the configMap using octant and the summary screen only displays the contents within the ConfigMap.Data, while the two binaries are within ConfigMap.BinaryData so they don't appear, but they were indeed there.

[FracKenA]

I am also experiencing this. Can we reopen this as a bug, instead of duplicating it into another issue?

[erikgb]

I am also experiencing this. Can we reopen this as a bug, instead of duplicating it into another issue?

I'll be happy to reopen if this is a true bug. Can you please provide more details on what"s not working for you?