Verified on 4.8.0-0.nightly-2021-03-16-111809. Watched `oc get nodes` and `oc get mcp` then ran `oc patch secret -p='{"metadata": {"annotations": {"auth.openshift.io/certificate-not-after": null}}}' kube-apiserver-to-kubelet-signer -n openshift-kube-apiserver-operator`. Observed node nodes stayed ready and control + compute machine config pools quickly went from Updating to Updated (under 30 seconds).
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438