Merge pull request #2190 from fluent/follow-change-for-out-forward-ce…

…rt-path out_forward: Separate parameter names for certificates
fluent · Nov 27, 2018 · f73dcf9 · f73dcf9
2 parents b8e32fc + cdfc438
commit f73dcf9
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 8 deletions.
diff --git a/lib/fluent/plugin/out_forward.rb b/lib/fluent/plugin/out_forward.rb
@@ -95,7 +95,8 @@ class ConnectionClosedError < Error; end
     config_param :tls_verify_hostname, :bool, default: true
     desc 'The additional CA certificate path for TLS.'
     config_param :tls_ca_cert_path, :array, value_type: :string, default: nil
-    config_param :tls_cert_path, :array, value_type: :string, default: nil, deprecated: "Use tls_ca_cert_path instead"
+    desc 'The additional certificate path for TLS.'
+    config_param :tls_cert_path, :array, value_type: :string, default: nil
 
     config_section :security, required: false, multi: false do
       desc 'The hostname'
@@ -170,7 +171,7 @@ def configure(conf)
       end
 
       if @transport == :tls
-        # for backward compatibility
+        # socket helper adds CA cert or signed certificate to same cert store internally so unify it in this place.
         if @tls_cert_path && !@tls_cert_path.empty?
           @tls_ca_cert_path = @tls_cert_path
         end

diff --git a/test/plugin/test_out_forward.rb b/test/plugin/test_out_forward.rb
@@ -157,25 +157,24 @@ def read_ack_from_sock(sock, unpacker)
     assert{ logs.any?{|log| log.include?(expected_log) && log.include?(expected_detail) } }
   end
 
-  test 'configure tls_cert_path is deprecated' do
+  data('CA cert'     => 'tls_ca_cert_path',
+       'non CA cert' => 'tls_cert_path')
+  test 'configure tls_cert_path/tls_ca_cert_path' do |param|
     dummy_cert_path = File.join(TMP_DIR, "dummy_cert.pem")
     FileUtils.touch(dummy_cert_path)
     conf = %[
       send_timeout 5
       transport tls
       tls_insecure_mode true
-      tls_cert_path #{dummy_cert_path}
+      #{param} #{dummy_cert_path}
       <server>
         host #{TARGET_HOST}
         port #{TARGET_PORT}
       </server>
     ]
 
     @d = d = create_driver(conf)
-    expected_log = "'tls_cert_path' parameter is deprecated: Use tls_ca_cert_path instead"
-    logs = d.logs
-    assert{ logs.any?{|log| log.include?(expected_log) } }
-    assert_equal([dummy_cert_path], d.instance.tls_cert_path)
+    # In the plugin, tls_ca_cert_path is used for both cases
     assert_equal([dummy_cert_path], d.instance.tls_ca_cert_path)
   end