From b30485cc03cc2a29c48f04ec7fd71aae406575cd Mon Sep 17 00:00:00 2001
From: Clayton Coleman <ccoleman@redhat.com>
Date: Sun, 4 Feb 2018 01:24:56 -0500
Subject: [PATCH] When using the bootstrap cert, update the store

Otherwise, the certificate store will return nil the first time a store
cert is accessed. When background rotation is being used, prevents the
client from being nil.

Kubernetes-commit: b81f4745546340f08abd3f877c585aac9581d0f0
---
 util/certificate/certificate_manager.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/util/certificate/certificate_manager.go b/util/certificate/certificate_manager.go
index a2d1feaf..e189c847 100644
--- a/util/certificate/certificate_manager.go
+++ b/util/certificate/certificate_manager.go
@@ -268,6 +268,13 @@ func getCurrentCertificateOrBootstrap(
 		return nil, false, fmt.Errorf("unable to parse certificate data: %v", err)
 	}
 	bootstrapCert.Leaf = certs[0]
+
+	if _, err := store.Update(bootstrapCertificatePEM, bootstrapKeyPEM); err != nil {
+		utilruntime.HandleError(fmt.Errorf("Unable to set the cert/key pair to the bootstrap certificate: %v", err))
+	} else {
+		glog.V(4).Infof("Updated the store to contain the initial bootstrap certificate")
+	}
+
 	return &bootstrapCert, true, nil
 }