From 6df2ca42b31e809289c4e8d022bd1b3f5d6d7dc8 Mon Sep 17 00:00:00 2001
From: kaiyou <dev@kaiyou.fr>
Date: Fri, 25 Nov 2022 16:43:48 +0100
Subject: [PATCH] Add the rootCA to CM for service accounts

---
 pkg/cluster/services.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkg/cluster/services.go b/pkg/cluster/services.go
index 55b48c2..c25d0c5 100644
--- a/pkg/cluster/services.go
+++ b/pkg/cluster/services.go
@@ -125,6 +125,7 @@ func (c *Cluster) startK8sMaster() {
 		"--tls-cert-file", c.masterCerts.ControllersTLS.CertPath(),
 		"--tls-private-key-file", c.masterCerts.ControllersTLS.KeyPath(),
 		"--service-account-private-key-file", c.masterCerts.APITokens.KeyPath(),
+		"--root-ca-file", c.pki.TLS.CertPath(),
 		"--use-service-account-credentials",
 	})
 	if err != nil {
-- 
GitLab