mattmattox/kick-cert-manager.yaml

## kick-cert-manager.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: log-watcher-sa
  namespace: cert-manager
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: log-watcher-cluster-role
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "list", "watch", "delete"]
- apiGroups: [""]
  resources: ["pods/log"]
  verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: log-watcher-cluster-role-binding
subjects:
- kind: ServiceAccount
  name: log-watcher-sa
  namespace: cert-manager
roleRef:
  kind: ClusterRole
  name: log-watcher-cluster-role
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: log-watcher
  labels:
    app: log-watcher
spec:
  replicas: 1
  selector:
    matchLabels:
      app: log-watcher
  template:
    metadata:
      labels:
        app: log-watcher
    spec:
      serviceAccountName: log-watcher-sa
      containers:
      - name: log-watcher
        image: supporttools/kube-builder
        command: ["/bin/sh", "-c"]
        args:
        - >
          while true;
          do
            pod_list=$(kubectl -n cert-manager get pods -l app.kubernetes.io/component=controller,app.kubernetes.io/instance=cert-manager -o name);
            for pod in $pod_list;
            do
              if kubectl -n cert-manager logs $pod | grep -q "streamwatcher.go:111] Unexpected EOF during watch stream event decoding: unexpected EOF";
              then
                kubectl -n cert-manager delete $pod;
              fi;
            done;
            sleep 60;
          done;
---
	---
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: log-watcher-sa
	namespace: cert-manager
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRole
	metadata:
	name: log-watcher-cluster-role
	rules:
	- apiGroups: [""]
	resources: ["pods"]
	verbs: ["get", "list", "watch", "delete"]
	- apiGroups: [""]
	resources: ["pods/log"]
	verbs: ["get", "list", "watch"]
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: log-watcher-cluster-role-binding
	subjects:
	- kind: ServiceAccount
	name: log-watcher-sa
	namespace: cert-manager
	roleRef:
	kind: ClusterRole
	name: log-watcher-cluster-role
	apiGroup: rbac.authorization.k8s.io
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: log-watcher
	labels:
	app: log-watcher
	spec:
	replicas: 1
	selector:
	matchLabels:
	app: log-watcher
	template:
	metadata:
	labels:
	app: log-watcher
	spec:
	serviceAccountName: log-watcher-sa
	containers:
	- name: log-watcher
	image: supporttools/kube-builder
	command: ["/bin/sh", "-c"]
	args:
	- >
	while true;
	do
	pod_list=$(kubectl -n cert-manager get pods -l app.kubernetes.io/component=controller,app.kubernetes.io/instance=cert-manager -o name);
	for pod in $pod_list;
	do
	if kubectl -n cert-manager logs $pod \| grep -q "streamwatcher.go:111] Unexpected EOF during watch stream event decoding: unexpected EOF";
	then
	kubectl -n cert-manager delete $pod;
	fi;
	done;
	sleep 60;
	done;
	---