From 8bf5d8a2122261db2f4ef976e0a41a1de3654388 Mon Sep 17 00:00:00 2001 From: fabriziopandini Date: Tue, 13 Dec 2022 20:37:37 +0100 Subject: [PATCH] KCP should avoid to reconcile certificates too early --- controlplane/kubeadm/internal/controllers/controller.go | 5 +++++ controlplane/kubeadm/internal/controllers/controller_test.go | 4 +++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/controlplane/kubeadm/internal/controllers/controller.go b/controlplane/kubeadm/internal/controllers/controller.go index 072ce2f9662c..838dbf0cac94 100644 --- a/controlplane/kubeadm/internal/controllers/controller.go +++ b/controlplane/kubeadm/internal/controllers/controller.go @@ -621,6 +621,11 @@ func (r *KubeadmControlPlaneReconciler) reconcileCertificateExpiries(ctx context return ctrl.Result{}, nil } + // Return if KCP is not yet initialized (no API server to contact for checking certificate expiration). + if !controlPlane.KCP.Status.Initialized { + return ctrl.Result{}, nil + } + // Ignore machines which are being deleted. machines := controlPlane.Machines.Filter(collections.Not(collections.HasDeletionTimestamp)) diff --git a/controlplane/kubeadm/internal/controllers/controller_test.go b/controlplane/kubeadm/internal/controllers/controller_test.go index c2b42f855a8d..3ec316110214 100644 --- a/controlplane/kubeadm/internal/controllers/controller_test.go +++ b/controlplane/kubeadm/internal/controllers/controller_test.go @@ -918,7 +918,9 @@ func TestReconcileCertificateExpiries(t *testing.T) { detectedExpiry := time.Now().Add(25 * 24 * time.Hour) cluster := newCluster(&types.NamespacedName{Name: "foo", Namespace: metav1.NamespaceDefault}) - kcp := &controlplanev1.KubeadmControlPlane{} + kcp := &controlplanev1.KubeadmControlPlane{ + Status: controlplanev1.KubeadmControlPlaneStatus{Initialized: true}, + } machineWithoutExpiryAnnotation := &clusterv1.Machine{ ObjectMeta: metav1.ObjectMeta{ Name: "machineWithoutExpiryAnnotation",