[helm/v2-alpha] Missing name substitution in the cert-manager resources

[robinlioret]

What broke? What's expected?

In the chart templates, we have three cert-manager resources: two Certificates and a Issuer.
The certificates are referring to the issuer using this template:

    issuerRef:
        kind: Issuer
        name: {{ include "chart.name" . }}-selfsigned-issuer

While the issuer is named using this one, no template but hardcoded project name:

metadata:
    labels:
        app.kubernetes.io/managed-by: {{ .Release.Service }}
        app.kubernetes.io/name: test-project
    name: test-project-selfsigned-issuer
    namespace: {{ .Release.Namespace }}

This lead to broken deployment when the chart is renamed.

I renamed the chart to chart to prevent weird names in the Github release (like project/project/project which are hard to differentiate from the other artifacts.

It is expected to have a consistent naming between the certificates and the issuer

Note

This inconsistency is also present with the cert manager annotations in the webhook refering to the certificate name: cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/test-project-serving-cert

Reproducing this issue

To reproduce the issue, create a new project:

mkdir test-project && cd test-project
kubebuilder init --domain=sample.sh --owner "Tomtom" --repo "github.com/sample/project"
kubebuilder create api --version v1 --kind TestRes --controller --namespaced=false --resource
kubebuilder create webhook --version v1 --kind TestRes --defaulting --programmatic-validation
kubebuilder edit --plugins=helm/v2-alpha

# Rename and regenerate the chart
sed -iE 's/name: .*/name: chart/g' dist/chart/Chart.yaml
kubebuilder edit --plugins=helm/v2-alpha

# Render the chart locally and get only the reference / naming of the issuer
cd dist/chart
helm template . | grep selfsigned-issuer

You should end up with this output:

        name: chart-selfsigned-issuer
        name: chart-selfsigned-issuer
# Source: chart/templates/cert-manager/selfsigned-issuer.yaml
    name: test-project-selfsigned-issuer

Where we clearly see the inconsistency between the chart-selfsigned-issuer (from the certificates) and test-project-selfsigned-issuer (from the issuer)

KubeBuilder (CLI) Version

4.10.0

PROJECT version

3

Plugin versions

layout:
- go.kubebuilder.io/v4
plugins:
  helm.kubebuilder.io/v2-alpha:
    manifests: dist/install.yaml
    output: dist

Other versions

go version go1.25.3 linux/amd64

github.com/onsi/ginkgo/v2 v2.22.0
github.com/onsi/gomega v1.36.1
k8s.io/apimachinery v0.34.1
k8s.io/client-go v0.34.1
sigs.k8s.io/controller-runtime v0.22.4

Extra Labels

No response

[abdulrahman11a]

@robinlioret

I would like to work on this issue and submit a fix for the naming inconsistency between the cert-manager Certificates and the Issuer. Could you please assign this issue to me?

Thanks