Skip to content

Commit

Permalink
Merge pull request #2946 from benmoss/fix-external-etcd-panic
Browse files Browse the repository at this point in the history
🐛 Fix NPE on external etcd with undefined secrets
  • Loading branch information
k8s-ci-robot authored Apr 22, 2020
2 parents 92e71e1 + 515b651 commit 29dd8f3
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions util/secret/certificates.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,11 +96,13 @@ func NewCertificatesForInitialControlPlane(config *v1beta1.ClusterConfiguration)
etcdCert = &Certificate{
Purpose: EtcdCA,
CertFile: config.Etcd.External.CAFile,
External: true,
}
apiserverEtcdClientCert := &Certificate{
Purpose: APIServerEtcdClient,
CertFile: config.Etcd.External.CertFile,
KeyFile: config.Etcd.External.KeyFile,
External: true,
}
certificates = append(certificates, apiserverEtcdClientCert)
}
Expand Down Expand Up @@ -171,6 +173,9 @@ func (c Certificates) Lookup(ctx context.Context, ctrlclient client.Client, clus
}
if err := ctrlclient.Get(ctx, key, s); err != nil {
if apierrors.IsNotFound(err) {
if certificate.External {
return errors.WithMessage(err, "external certificate not found")
}
continue
}
return errors.WithStack(err)
Expand Down Expand Up @@ -266,6 +271,7 @@ func (c Certificates) LookupOrGenerate(ctx context.Context, ctrlclient client.Cl
// Certificate represents a single certificate CA.
type Certificate struct {
Generated bool
External bool
Purpose Purpose
KeyPair *certs.KeyPair
CertFile, KeyFile string
Expand Down

0 comments on commit 29dd8f3

Please sign in to comment.