From b81f4745546340f08abd3f877c585aac9581d0f0 Mon Sep 17 00:00:00 2001
From: Clayton Coleman <ccoleman@redhat.com>
Date: Sun, 4 Feb 2018 01:24:56 -0500
Subject: [PATCH] When using the bootstrap cert, update the store

Otherwise, the certificate store will return nil the first time a store
cert is accessed. When background rotation is being used, prevents the
client from being nil.
---
 .../client-go/util/certificate/certificate_manager.go      | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/staging/src/k8s.io/client-go/util/certificate/certificate_manager.go b/staging/src/k8s.io/client-go/util/certificate/certificate_manager.go
index 68d90aa7ea1..8c3e9901972 100644
--- a/staging/src/k8s.io/client-go/util/certificate/certificate_manager.go
+++ b/staging/src/k8s.io/client-go/util/certificate/certificate_manager.go
@@ -268,6 +268,13 @@ func getCurrentCertificateOrBootstrap(
 		return nil, false, fmt.Errorf("unable to parse certificate data: %v", err)
 	}
 	bootstrapCert.Leaf = certs[0]
+
+	if _, err := store.Update(bootstrapCertificatePEM, bootstrapKeyPEM); err != nil {
+		utilruntime.HandleError(fmt.Errorf("Unable to set the cert/key pair to the bootstrap certificate: %v", err))
+	} else {
+		glog.V(4).Infof("Updated the store to contain the initial bootstrap certificate")
+	}
+
 	return &bootstrapCert, true, nil
 }