PWX-31462: use caFile option if trustedCAFile is not provided (portwo…

…rx#119) caFile option has been removed in etcd 3.4. So, pass caFile as trustedCAFile to avoid breaking clients. Signed-off-by: Neelesh Thakur <[email protected]>
pureneelesh · May 30, 2023 · 95c2c07 · 95c2c07
1 parent da7b540
commit 95c2c07
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/etcd/common/common.go b/etcd/common/common.go
@@ -14,9 +14,9 @@ import (
 	"sync"
 	"time"
 
+	"github.com/portworx/kvdb"
 	"go.etcd.io/etcd/pkg/transport"
 	"go.etcd.io/etcd/version"
-	"github.com/portworx/kvdb"
 )
 
 const (
@@ -103,6 +103,7 @@ func (ec *etcdCommon) GetAuthInfoFromOptions() (transport.TLSInfo, string, strin
 	var (
 		username       string
 		password       string
+		caFile         string
 		certFile       string
 		keyFile        string
 		trustedCAFile  string
@@ -115,6 +116,8 @@ func (ec *etcdCommon) GetAuthInfoFromOptions() (transport.TLSInfo, string, strin
 		username = ec.options[kvdb.UsernameKey]
 		// Check if password provided
 		password = ec.options[kvdb.PasswordKey]
+		// Check if CA file provided
+		caFile = ec.options[kvdb.CAFileKey]
 		// Check if certificate file provided
 		certFile = ec.options[kvdb.CertFileKey]
 		// Check if certificate key is provided
@@ -132,6 +135,9 @@ func (ec *etcdCommon) GetAuthInfoFromOptions() (transport.TLSInfo, string, strin
 			}
 		}
 	}
+	if trustedCAFile == "" && caFile != "" {
+		trustedCAFile = caFile
+	}
 	t := transport.TLSInfo{
 		CertFile:       certFile,
 		KeyFile:        keyFile,