From d2e54b6b5a8b947bba5767e3c4e09c183a056695 Mon Sep 17 00:00:00 2001
From: Chris Lu <chris.lu@gmail.com>
Date: Tue, 17 Mar 2026 19:00:24 -0700
Subject: [PATCH] Stop [grpc.volume].ca from overriding [grpc].ca matching Go

Go reads the gRPC CA file only from config.GetString("grpc.ca"), i.e.
the [grpc] section. The [grpc.volume] section only provides cert and
key. Rust was also reading ca from [grpc.volume] which would silently
override the [grpc].ca value when both were present.
---
 seaweed-volume/src/config.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/seaweed-volume/src/config.rs b/seaweed-volume/src/config.rs
index a2361b4ff..ce50b1374 100644
--- a/seaweed-volume/src/config.rs
+++ b/seaweed-volume/src/config.rs
@@ -989,7 +989,7 @@ pub fn parse_security_config(path: &str) -> SecurityConfig {
                 Section::GrpcVolume => match key {
                     "cert" => cfg.grpc_cert_file = value.to_string(),
                     "key" => cfg.grpc_key_file = value.to_string(),
-                    "ca" => cfg.grpc_ca_file = value.to_string(),
+                    // Go only reads CA from [grpc], not [grpc.volume]
                     "allowed_commonNames" => {
                         cfg.grpc_volume_allowed_common_names =
                             value.split(',').map(|name| name.to_string()).collect();