cert-manager Chart v0.11.0 installation fails because of deprecated arguments

Describe the bug:
Helm chart v0.11.0 installs a cert-manager deployment which fails to start because the deployment manifest contains the deprecated arguments

--default-acme-issuer-challenge-type
--default-acme-issuer-dns01-provider-name

Expected behaviour:
cert-manager Chart installs a deployment of cert-manager which doesn't crash loop on an error.

Steps to reproduce the bug:
Run the install steps here
https://docs.cert-manager.io/en/latest/getting-started/install/kubernetes.html#steps

Here's some debugging output:

$ kubectl get pods
NAME                                       READY   STATUS    RESTARTS   AGE
cert-manager-7dd448c7d8-nbmj2              0/1     Error     2          22s
cert-manager-cainjector-7c5667645b-t6h2t   1/1     Running   0          22s
cert-manager-webhook-59846cdfb6-j4w6g      1/1     Running   0          22s

$  kubectl logs cert-manager-7dd448c7d8-nbmj2
Error: unknown flag: --default-acme-issuer-challenge-type
Usage:
  cert-manager-controller [flags]

Flags:
      --acme-http01-solver-image string                     The docker image to use to solve ACME HTTP01 challenges. You most likely will not need to change this parameter unless you are testing a new feature or developing cert-manager. (default "quay.io/jetstack/cert-manager-acmesolver:v0.11.0")
      --acme-http01-solver-resource-limits-cpu string       Defines the resource limits CPU size when spawning new ACME HTTP01 challenge solver pods. (default "100m")
      --acme-http01-solver-resource-limits-memory string    Defines the resource limits Memory size when spawning new ACME HTTP01 challenge solver pods. (default "64Mi")
      --acme-http01-solver-resource-request-cpu string      Defines the resource request CPU size when spawning new ACME HTTP01 challenge solver pods. (default "10m")
      --acme-http01-solver-resource-request-memory string   Defines the resource request Memory size when spawning new ACME HTTP01 challenge solver pods. (default "64Mi")
      --add_dir_header                                      If true, adds the file directory to the header
      --alsologtostderr                                     log to standard error as well as files
      --auto-certificate-annotations strings                The annotation consumed by the ingress-shim controller to indicate a ingress is requesting a certificate (default [kubernetes.io/tls-acme])
      --cluster-issuer-ambient-credentials                  Whether a cluster-issuer may make use of ambient credentials for issuers. 'Ambient Credentials' are credentials drawn from the environment, metadata services, or local files which are not explicitly configured in the ClusterIssuer API object. When this flag is enabled, the following sources for credentials are also used: AWS - All sources the Go SDK defaults to, notably including any EC2 IAM roles available via instance metadata. (default true)
      --cluster-resource-namespace string                   Namespace to store resources owned by cluster scoped resources such as ClusterIssuer in. This must be specified if ClusterIssuers are enabled. (default "kube-system")
      --controllers strings                                 The set of controllers to enable. (default [issuers,clusterissuers,certificates,ingress-shim,orders,challenges,webhook-bootstrap,certificaterequests-issuer-acme,certificaterequests-issuer-ca,certificaterequests-issuer-selfsigned,certificaterequests-issuer-vault,certificaterequests-issuer-venafi,certificates])
      --default-issuer-group string                         Group of the Issuer to use when the tls is requested but issuer group is not specified on the ingress resource. (default "cert-manager.io")
      --default-issuer-kind string                          Kind of the Issuer to use when the tls is requested but issuer kind is not specified on the ingress resource. (default "Issuer")
      --default-issuer-name string                          Name of the Issuer to use when the tls is requested but issuer name is not specified on the ingress resource.
      --dns01-recursive-nameservers strings                 A list of comma seperated dns server endpoints used for DNS01 check requests. This should be a list containing IP address and port, for example 8.8.8.8:53,8.8.4.4:53
      --dns01-recursive-nameservers-only                    When true, cert-manager will only ever query the configured DNS resolvers to perform the ACME DNS01 self check. This is useful in DNS constrained environments, where access to authoritative nameservers is restricted. Enabling this option could cause the DNS01 self check to take longer due to caching performed by the recursive nameservers.
      --enable-certificate-owner-ref                        Whether to set the certificate resource as an owner of secret where the tls certificate is stored. When this flag is enabled, the secret will be automatically removed when the certificate resource is deleted.
      --feature-gates mapStringBool                         A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
                                                            AllAlpha=true|false (ALPHA - default=false)
                                                            ValidateCAA=true|false (ALPHA - default=false)
  -h, --help                                                help for cert-manager-controller
      --issuer-ambient-credentials                          Whether an issuer may make use of ambient credentials. 'Ambient Credentials' are credentials drawn from the environment, metadata services, or local files which are not explicitly configured in the Issuer API object. When this flag is enabled, the following sources for credentials are also used: AWS - All sources the Go SDK defaults to, notably including any EC2 IAM roles available via instance metadata.
      --leader-elect                                        If true, cert-manager will perform leader election between instances to ensure no more than one instance of cert-manager operates at a time (default true)
      --leader-election-lease-duration duration             The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. This is only applicable if leader election is enabled. (default 1m0s)
      --leader-election-namespace string                    Namespace used to perform leader election. Only used if leader election is enabled (default "kube-system")
      --leader-election-renew-deadline duration             The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration. This is only applicable if leader election is enabled. (default 40s)
      --leader-election-retry-period duration               The duration the clients should wait between attempting acquisition and renewal of a leadership. This is only applicable if leader election is enabled. (default 15s)
      --log-flush-frequency duration                        Maximum number of seconds between log flushes (default 5s)
      --log_backtrace_at traceLocation                      when logging hits line file:N, emit a stack trace (default :0)
      --log_dir string                                      If non-empty, write log files in this directory
      --log_file string                                     If non-empty, use this log file
      --log_file_max_size uint                              Defines the maximum size a log file can grow to. Unit is megabytes. If the value is 0, the maximum file size is unlimited. (default 1800)
      --logtostderr                                         log to standard error instead of files (default true)
      --master string                                       Optional apiserver host address to connect to. If not specified, autoconfiguration will be attempted.
      --max-concurrent-challenges int                       The maximum number of challenges that can be scheduled as 'processing' at once. (default 60)
      --namespace string                                    If set, this limits the scope of cert-manager to a single namespace and ClusterIssuers are disabled. If not specified, all namespaces will be watched
      --renew-before-expiry-duration duration               The default 'renew before expiry' time for Certificates. Once a certificate is within this duration until expiry, a new Certificate will be attempted to be issued. (default 720h0m0s)
      --skip_headers                                        If true, avoid header prefixes in the log messages
      --skip_log_headers                                    If true, avoid headers when opening log files
      --stderrthreshold severity                            logs at or above this threshold go to stderr (default 2)
  -v, --v Level                                             number for the log level verbosity (default 0)
      --vmodule moduleSpec                                  comma-separated list of pattern=N settings for file-filtered logging
      --webhook-ca-secret string                            The name of the Secret used to store the webhook's CA data. (default "cert-manager-webhook-ca")
      --webhook-dns-names strings                           Comma-separated list of DNS names that should be present on the webhook's serving certificate. (default [cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.cert-manager.svc,cert-manager-webhook.cert-manager.svc.cluster,cert-manager-webhook.cert-manager.svc.cluster.local])
      --webhook-namespace string                            The namespace the webhook component is running in, used for provisioning TLS certificates for the conversion webhook. (default "cert-manager")
      --webhook-serving-secret string                       The name of the Secret used to store the webhook's serving certificate. (default "cert-manager-webhook-tls")

F1106 16:31:38.911478       1 main.go:40] unknown flag: --default-acme-issuer-challenge-type

Removing the args

--default-acme-issuer-challenge-type
--default-acme-issuer-dns01-provider-name

from the deployment manifest fixes the problem.
Anything else we need to know?:

Environment details::

• Kubernetes version (e.g. v1.10.2): v1.13.11
• Cloud-provider/provisioner (e.g. GKE, kops AWS, etc): EKS
• cert-manager version (e.g. v0.4.0): v0.11.0
• Install method (e.g. helm or static manifests): helm

/kind bug