diff --git a/test/e2e/suite/secrettemplate/BUILD.bazel b/test/e2e/suite/secrettemplate/BUILD.bazel
index 2f66814f2..09c6e6b0a 100644
--- a/test/e2e/suite/secrettemplate/BUILD.bazel
+++ b/test/e2e/suite/secrettemplate/BUILD.bazel
@@ -6,10 +6,8 @@ go_library(
     importpath = "github.com/jetstack/cert-manager/test/e2e/suite/secrettemplate",
     visibility = ["//visibility:public"],
     deps = [
-        "//internal/controller/feature:go_default_library",
         "//pkg/apis/certmanager/v1:go_default_library",
         "//pkg/apis/meta/v1:go_default_library",
-        "//pkg/util/feature:go_default_library",
         "//test/e2e/framework:go_default_library",
         "//test/e2e/util:go_default_library",
         "//test/unit/gen:go_default_library",
diff --git a/test/e2e/suite/secrettemplate/secrettemplate.go b/test/e2e/suite/secrettemplate/secrettemplate.go
index fcb799b29..5e84b2cd5 100644
--- a/test/e2e/suite/secrettemplate/secrettemplate.go
+++ b/test/e2e/suite/secrettemplate/secrettemplate.go
@@ -29,10 +29,8 @@ import (
 	"k8s.io/utils/pointer"
 	"sigs.k8s.io/structured-merge-diff/v4/fieldpath"
 
-	"github.com/jetstack/cert-manager/internal/controller/feature"
 	cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
 	cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
-	utilfeature "github.com/jetstack/cert-manager/pkg/util/feature"
 	"github.com/jetstack/cert-manager/test/e2e/framework"
 	e2eutil "github.com/jetstack/cert-manager/test/e2e/util"
 	"github.com/jetstack/cert-manager/test/unit/gen"
@@ -49,18 +47,6 @@ const (
 var _ = framework.CertManagerDescribe("Certificate SecretTemplate", func() {
 	f := framework.NewDefaultFramework("certificates-secret-template")
 
-	// Only run tests if the SecretTemplate feature is enabled. Skip otherwise.
-	it := func(name string, testfn func()) {
-		It(name, func() {
-			if !utilfeature.DefaultFeatureGate.Enabled(feature.ExperimentalSecretApplySecretTemplateControllerMinKubernetesVTODO) {
-				framework.Skipf("skipping Certificates SecretTemplate controller test since FEATURE_GATE %s is not enabled",
-					feature.ExperimentalSecretApplySecretTemplateControllerMinKubernetesVTODO)
-				return
-			}
-			testfn()
-		})
-	}
-
 	BeforeEach(func() {
 		By("creating a self-signing issuer")
 		issuer := gen.Issuer(issuerName,
@@ -78,7 +64,7 @@ var _ = framework.CertManagerDescribe("Certificate SecretTemplate", func() {
 		Expect(f.CertManagerClientSet.CertmanagerV1().Issuers(f.Namespace.Name).Delete(context.Background(), issuerName, metav1.DeleteOptions{})).NotTo(HaveOccurred())
 	})
 
-	it("should not remove Annotations and Labels which have been added by a third party and not present in the SecretTemplate", func() {
+	It("should not remove Annotations and Labels which have been added by a third party and not present in the SecretTemplate", func() {
 		createCertificate(f, &cmapi.CertificateSecretTemplate{Annotations: map[string]string{"foo": "bar"}, Labels: map[string]string{"abc": "123"}})
 
 		secret, err := f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Get(context.Background(), secretName, metav1.GetOptions{})
@@ -118,7 +104,7 @@ var _ = framework.CertManagerDescribe("Certificate SecretTemplate", func() {
 		}, "5s", "1s").Should(HaveKeyWithValue("abc", "123"))
 	})
 
-	it("should add Annotations and Labels to the Secret when the Certificate's SecretTemplate is updated, then remove Annotations and Labels when removed from the SecretTemplate", func() {
+	It("should add Annotations and Labels to the Secret when the Certificate's SecretTemplate is updated, then remove Annotations and Labels when removed from the SecretTemplate", func() {
 		crt := createCertificate(f, &cmapi.CertificateSecretTemplate{
 			Annotations: map[string]string{"foo": "bar", "bar": "foo"},
 			Labels:      map[string]string{"abc": "123", "def": "456"},
@@ -184,7 +170,7 @@ var _ = framework.CertManagerDescribe("Certificate SecretTemplate", func() {
 		Expect(secret.Labels).ToNot(HaveKey("another"))
 	})
 
-	it("should update the values of keys that have been modified in the SecretTemplate", func() {
+	It("should update the values of keys that have been modified in the SecretTemplate", func() {
 		crt := createCertificate(f, &cmapi.CertificateSecretTemplate{
 			Annotations: map[string]string{"foo": "bar", "bar": "foo"},
 			Labels:      map[string]string{"abc": "123", "def": "456"},
@@ -219,7 +205,7 @@ var _ = framework.CertManagerDescribe("Certificate SecretTemplate", func() {
 		Expect(secret.Labels).To(HaveKeyWithValue("def", "555"))
 	})
 
-	it("should add cert-manager manager to existing Annotation and Labels fields which are added to SecretTemplate, should not be removed if they are removed by the third party", func() {
+	It("should add cert-manager manager to existing Annotation and Labels fields which are added to SecretTemplate, should not be removed if they are removed by the third party", func() {
 		By("Secret Annotations and Labels should not be removed if the field still hold a field manager")
 
 		crt := createCertificate(f, nil)
@@ -359,7 +345,7 @@ var _ = framework.CertManagerDescribe("Certificate SecretTemplate", func() {
 		Expect(secret.Labels).To(HaveKeyWithValue("foo", "bar"))
 	})
 
-	it("if data keys are added to the Secret, they should not be removed", func() {
+	It("if data keys are added to the Secret, they should not be removed", func() {
 		createCertificate(f, &cmapi.CertificateSecretTemplate{
 			Annotations: map[string]string{"abc": "123"},
 			Labels:      map[string]string{"foo": "bar"},
@@ -378,7 +364,7 @@ var _ = framework.CertManagerDescribe("Certificate SecretTemplate", func() {
 		}, "5s", "1s").Should(HaveKeyWithValue("random-key", []byte("hello-world")))
 	})
 
-	it("if values are modified on the Certificate's SecretTemplate, than those values should be reflected on the Secret", func() {
+	It("if values are modified on the Certificate's SecretTemplate, than those values should be reflected on the Secret", func() {
 		crt := createCertificate(f, &cmapi.CertificateSecretTemplate{
 			Annotations: map[string]string{"abc": "123"},
 			Labels:      map[string]string{"foo": "bar"},
@@ -402,7 +388,7 @@ var _ = framework.CertManagerDescribe("Certificate SecretTemplate", func() {
 		}, "5s", "1s").Should(HaveKeyWithValue("foo", "foo"))
 	})
 
-	it("deleting a Certificate's SecretTemplate should remove all keys it defined", func() {
+	It("deleting a Certificate's SecretTemplate should remove all keys it defined", func() {
 		crt := createCertificate(f, &cmapi.CertificateSecretTemplate{
 			Annotations: map[string]string{"abc": "123", "def": "456"},
 			Labels:      map[string]string{"foo": "bar", "label": "hello-world"},
diff --git a/test/internal/apiserver/BUILD.bazel b/test/internal/apiserver/BUILD.bazel
index e545a20c3..ae066b0b3 100644
--- a/test/internal/apiserver/BUILD.bazel
+++ b/test/internal/apiserver/BUILD.bazel
@@ -16,6 +16,7 @@ go_library(
     deps = [
         "//internal/test/paths:go_default_library",
         "//test/internal/util:go_default_library",
+        "@io_k8s_client_go//rest:go_default_library",
         "@io_k8s_sigs_controller_runtime//pkg/envtest:go_default_library",
     ],
 )
diff --git a/test/internal/apiserver/apiserver.go b/test/internal/apiserver/apiserver.go
index 2ae36ec9f..6d6233007 100644
--- a/test/internal/apiserver/apiserver.go
+++ b/test/internal/apiserver/apiserver.go
@@ -19,6 +19,7 @@ package apiserver
 import (
 	"testing"
 
+	"k8s.io/client-go/rest"
 	"sigs.k8s.io/controller-runtime/pkg/envtest"
 )
 
@@ -42,6 +43,9 @@ func RunBareControlPlane(t *testing.T) (*envtest.Environment, StopFunc) {
 		t.Fatalf("failed to start control plane: %v", err)
 	}
 
+	// Ensure we set a User Agent for the API server client.
+	env.Config.UserAgent = rest.DefaultKubernetesUserAgent()
+
 	return env, func() {
 		if err := env.Stop(); err != nil {
 			t.Fatalf("failed to shut down control plane: %v", err)
diff --git a/test/unit/coreclients/secrets.go b/test/unit/coreclients/secrets.go
index 169d41ba2..8dda76c44 100644
--- a/test/unit/coreclients/secrets.go
+++ b/test/unit/coreclients/secrets.go
@@ -47,10 +47,10 @@ func NewFakeSecretsGetterFrom(f *FakeSecretsGetter, mods ...FakeSecretsGetterMod
 	return f
 }
 
-func NewFakeSecretsGetter() *FakeSecretsGetter {
-	return &FakeSecretsGetter{
+func NewFakeSecretsGetter(mods ...FakeSecretsGetterModifier) *FakeSecretsGetter {
+	return NewFakeSecretsGetterFrom(&FakeSecretsGetter{
 		c: &fakeSecretClient{},
-	}
+	}, mods...)
 }
 
 // SetFakeSecretsGetterCreate is a modifier that can be used to set secret and
@@ -75,10 +75,20 @@ func SetFakeSecretsGetterGet(s *corev1.Secret, err error) FakeSecretsGetterModif
 	}
 }
 
+// SetFakeSecretsGetterApplyFn is a function that can be used to inject code
+// when the FakeSecretsGetter is Applied.
+func SetFakeSecretsGetterApplyFn(fn ApplyFn) FakeSecretsGetterModifier {
+	return func(f *FakeSecretsGetter) {
+		f.c.ApplyFn = fn
+	}
+}
+
 func (f *FakeSecretsGetter) Secrets(string) typedcorev1.SecretInterface {
 	return f.c
 }
 
+type ApplyFn func(context.Context, *applyconfigurationscorev1.SecretApplyConfiguration, metav1.ApplyOptions) (*corev1.Secret, error)
+
 type fakeSecretClient struct {
 	CreateFn           func() (*corev1.Secret, error)
 	UpdateFn           func() (*corev1.Secret, error)
@@ -88,7 +98,7 @@ type fakeSecretClient struct {
 	ListFn             func() (*corev1.SecretList, error)
 	WatchFn            func() (watch.Interface, error)
 	PatchFn            func() (*corev1.Secret, error)
-	ApplyFn            func() (*corev1.Secret, error)
+	ApplyFn            ApplyFn
 	// Currently there is no need to mock this interface
 	typedcorev1.SecretExpansion
 }
@@ -125,6 +135,6 @@ func (f *fakeSecretClient) Patch(context.Context, string, types.PatchType, []byt
 	return f.PatchFn()
 }
 
-func (f *fakeSecretClient) Apply(context.Context, *applyconfigurationscorev1.SecretApplyConfiguration, metav1.ApplyOptions) (*corev1.Secret, error) {
-	return f.ApplyFn()
+func (f *fakeSecretClient) Apply(ctx context.Context, cnf *applyconfigurationscorev1.SecretApplyConfiguration, opts metav1.ApplyOptions) (*corev1.Secret, error) {
+	return f.ApplyFn(ctx, cnf, opts)
 }
diff --git a/test/unit/listers/secret.go b/test/unit/listers/secret.go
index d4d26fe8a..f8693599f 100644
--- a/test/unit/listers/secret.go
+++ b/test/unit/listers/secret.go
@@ -38,8 +38,8 @@ type FakeSecretNamespaceLister struct {
 	GetFn  func(name string) (ret *corev1.Secret, err error)
 }
 
-func NewFakeSecretLister() *FakeSecretLister {
-	return &FakeSecretLister{
+func NewFakeSecretLister(mods ...FakeSecretListerModifier) *FakeSecretLister {
+	return FakeSecretListerFrom(&FakeSecretLister{
 		ListFn: func(selector labels.Selector) (ret []*corev1.Secret, err error) {
 			return nil, nil
 		},
@@ -47,18 +47,18 @@ func NewFakeSecretLister() *FakeSecretLister {
 		SecretsFn: func(namespace string) clientcorev1.SecretNamespaceLister {
 			return nil
 		},
-	}
+	}, mods...)
 }
 
-func NewFakeSecretNamespaceLister() *FakeSecretNamespaceLister {
-	return &FakeSecretNamespaceLister{
+func NewFakeSecretNamespaceLister(mods ...FakeSecretNamespaceListerModifier) *FakeSecretNamespaceLister {
+	return FakeSecretNamespaceListerFrom(&FakeSecretNamespaceLister{
 		ListFn: func(selector labels.Selector) (ret []*corev1.Secret, err error) {
 			return nil, nil
 		},
 		GetFn: func(name string) (ret *corev1.Secret, err error) {
 			return nil, nil
 		},
-	}
+	}, mods...)
 }
 
 func (f *FakeSecretLister) List(selector labels.Selector) (ret []*corev1.Secret, err error) {