Merge pull request #53352 from medinatiger/etcd

Automatic merge from submit-queue (batch tested with PRs 53776, 53786, 53352, 51567). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Kubeadm: Add some validation for external etcd config **What this PR does / why we need it**: This PR add file existing check for etcd cert files. **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes # fixes https://github.com/kubernetes/kubeadm/issues/342 **Special notes for your reviewer**: Unlike issue https://github.com/kubernetes/kubeadm/issues/342 said, we already have etcd version check which include extensive validation including file format etc. This PR simply added some file existing check upfront for being more user friendly. **Release note**: ```release-note NONE ```
2025-07-22 11:21:47 +00:00 · 2017-10-12 19:27:37 -07:00 · 2017-10-12 19:27:37 -07:00 · 6ad426e8b1
commit 6ad426e8b1
parent a9264728d7 a25161a96a
2 changed files with 35 additions and 3 deletions
--- a/cmd/kubeadm/app/preflight/checks.go
+++ b/cmd/kubeadm/app/preflight/checks.go
@ -676,6 +676,15 @@ func RunInitMasterChecks(cfg *kubeadmapi.MasterConfiguration) error {
 		)
 	} else {
 		// Only check etcd version when external endpoints are specified
+		if cfg.Etcd.CAFile != "" {
+			checks = append(checks, FileExistingCheck{Path: cfg.Etcd.CAFile})
+		}
+		if cfg.Etcd.CertFile != "" {
+			checks = append(checks, FileExistingCheck{Path: cfg.Etcd.CertFile})
+		}
+		if cfg.Etcd.KeyFile != "" {
+			checks = append(checks, FileExistingCheck{Path: cfg.Etcd.KeyFile})
+		}
 		checks = append(checks,
 			ExternalEtcdVersionCheck{Etcd: cfg.Etcd},
 		)
--- a/cmd/kubeadm/app/preflight/checks_test.go
+++ b/cmd/kubeadm/app/preflight/checks_test.go
@ -174,24 +174,47 @@ func (pfct preflightCheckTest) Check() (warning, errors []error) {

 func TestRunInitMasterChecks(t *testing.T) {
 	var tests = []struct {
+		name     string
 		cfg      *kubeadmapi.MasterConfiguration
 		expected bool
 	}{
-		{
+		{name: "Test valid advertised address",
 			cfg: &kubeadmapi.MasterConfiguration{
 				API: kubeadmapi.API{AdvertiseAddress: "foo"},
 			},
 			expected: false,
 		},
+		{
+			name: "Test CA file exists if specfied",
+			cfg: &kubeadmapi.MasterConfiguration{
+				Etcd: kubeadmapi.Etcd{CAFile: "/foo"},
+			},
+			expected: false,
+		},
+		{
+			name: "Test Cert file exists if specfied",
+			cfg: &kubeadmapi.MasterConfiguration{
+				Etcd: kubeadmapi.Etcd{CertFile: "/foo"},
+			},
+			expected: false,
+		},
+		{
+			name: "Test Key file exists if specfied",
+			cfg: &kubeadmapi.MasterConfiguration{
+				Etcd: kubeadmapi.Etcd{CertFile: "/foo"},
+			},
+			expected: false,
+		},
 	}

 	for _, rt := range tests {
 		actual := RunInitMasterChecks(rt.cfg)
 		if (actual == nil) != rt.expected {
 			t.Errorf(
-				"failed RunInitMasterChecks:\n\texpected: %t\n\t  actual: %t",
+				"failed RunInitMasterChecks:\n\texpected: %t\n\t  actual: %t\n\t error: %v",
 				rt.expected,
-				(actual != nil),
+				(actual == nil),
+				actual,
 			)
 		}
 	}