From db9f478132e74b6da769bdcd588bcbf18188fb32 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Berk=20Dehrio=C4=9Flu?= <bdehrioglu@yahoo.com>
Date: Fri, 9 Dec 2022 13:45:00 +0300
Subject: [PATCH] add bootstrap secret rotation if the secret itself missing

---
 bootstrap/kubeadm/internal/controllers/token.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/bootstrap/kubeadm/internal/controllers/token.go b/bootstrap/kubeadm/internal/controllers/token.go
index 9c61c7f9199e..7fc2be7586a3 100644
--- a/bootstrap/kubeadm/internal/controllers/token.go
+++ b/bootstrap/kubeadm/internal/controllers/token.go
@@ -22,6 +22,7 @@ import (
 
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	bootstrapapi "k8s.io/cluster-bootstrap/token/api"
 	bootstraputil "k8s.io/cluster-bootstrap/token/util"
@@ -101,6 +102,12 @@ func refreshToken(ctx context.Context, c client.Client, token string, ttl time.D
 func shouldRotate(ctx context.Context, c client.Client, token string, ttl time.Duration) (bool, error) {
 	secret, err := getToken(ctx, c, token)
 	if err != nil {
+		// If the secret is deleted before due to unknown reasons, machine pools cannot be scaled up.
+		// Since that, secret should be rotated if missing.
+		// Normally, it is not expected to reach this line.
+		if apierrors.IsNotFound(err) {
+			return true, nil
+		}
 		return false, err
 	}