Skip to content

Commit

Permalink
Merge pull request #7853 from k8s-infra-cherrypick-robot/cherry-pick-…
Browse files Browse the repository at this point in the history 
…7717-to-release-1.3

[release-1.3] 🐛 Fix to enable bootstrap secret rotation if the secret itself missing
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot committed Jan 5, 2023
2 parents 0e710c0 + dc19b22 commit 5936323
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions bootstrap/kubeadm/internal/controllers/token.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (

"github.com/pkg/errors"
corev1 "k8s.io/api/core/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
bootstrapapi "k8s.io/cluster-bootstrap/token/api"
bootstraputil "k8s.io/cluster-bootstrap/token/util"
Expand Down Expand Up @@ -101,6 +102,12 @@ func refreshToken(ctx context.Context, c client.Client, token string, ttl time.D
func shouldRotate(ctx context.Context, c client.Client, token string, ttl time.Duration) (bool, error) {
secret, err := getToken(ctx, c, token)
if err != nil {
// If the secret is deleted before due to unknown reasons, machine pools cannot be scaled up.
// Since that, secret should be rotated if missing.
// Normally, it is not expected to reach this line.
if apierrors.IsNotFound(err) {
return true, nil
}
return false, err
}

Expand Down

0 comments on commit 5936323

Please sign in to comment.