From 6afd0387c5dbf50f00b817addddb9845f1292121 Mon Sep 17 00:00:00 2001
From: ahreehong <46465244+ahreehong@users.noreply.github.com>
Date: Wed, 31 Jul 2024 11:10:48 -0700
Subject: [PATCH] Add nil pointer check for client cert key pairs (#62)

---
 controllers/certs.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/controllers/certs.go b/controllers/certs.go
index afe6928..6e8722b 100644
--- a/controllers/certs.go
+++ b/controllers/certs.go
@@ -169,6 +169,9 @@ func (r *EtcdadmClusterReconciler) getClientCerts(ctx context.Context, cluster *
 		return tls.Certificate{}, err
 	}
 	if clientCertKey := clientCert.GetByPurpose(secret.APIServerEtcdClient); clientCertKey != nil {
+		if clientCertKey.KeyPair == nil {
+			return tls.Certificate{}, fmt.Errorf("client cert key pair not found for cluster")
+		}
 		return tls.X509KeyPair(clientCertKey.KeyPair.Cert, clientCertKey.KeyPair.Key)
 	}
 	return tls.Certificate{}, fmt.Errorf("nil returned from getting etcd CA certificate by purpose %s", secret.APIServerEtcdClient)