From 63b6ece7b9fa87275bd41cf7b89915cc1f79f16a Mon Sep 17 00:00:00 2001
From: Sebastiaan van Steenis <mail@superseb.nl>
Date: Wed, 10 Jul 2019 20:40:42 +0200
Subject: [PATCH] Check if certificates are present in state

Problem: If certificates are empty in cluster state (or missing rkestate file), RKE and Rancher would throw NPE.

Solution: Check if certificates are present or error out (for now this situation needs manual intervention)
---
 cluster/reconcile.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cluster/reconcile.go b/cluster/reconcile.go
index 5773fdbc..cd1ccf21 100644
--- a/cluster/reconcile.go
+++ b/cluster/reconcile.go
@@ -25,6 +25,7 @@ const (
 )
 
 func ReconcileCluster(ctx context.Context, kubeCluster, currentCluster *Cluster, flags ExternalFlags, svcOptions *v3.KubernetesServicesOptions) error {
+	logrus.Debugf("[reconcile] currentCluster: %+v\n", currentCluster)
 	log.Infof(ctx, "[reconcile] Reconciling cluster state")
 	kubeCluster.UpdateWorkersOnly = flags.UpdateOnly
 	if currentCluster == nil {
@@ -32,6 +33,10 @@ func ReconcileCluster(ctx context.Context, kubeCluster, currentCluster *Cluster,
 		kubeCluster.UpdateWorkersOnly = false
 		return nil
 	}
+	// If certificates are not present, this is broken state and should error out
+	if len(currentCluster.Certificates) == 0 {
+		return fmt.Errorf("Certificates are not present in cluster state, recover rkestate file or certificate information in cluster state")
+	}
 
 	kubeClient, err := k8s.NewClient(kubeCluster.LocalKubeConfigPath, kubeCluster.K8sWrapTransport)
 	if err != nil {