From e7ab44b023e39820bb8cd2e48e6eb7c534c71eba Mon Sep 17 00:00:00 2001
From: H V Girish <919439+hvgirish@users.noreply.github.com>
Date: Wed, 25 Aug 2021 21:34:24 +0800
Subject: [PATCH] Add user "etcd" to role "root" so that the default tls client
 works

---
 pkg/operator/acl.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkg/operator/acl.go b/pkg/operator/acl.go
index 27ec3799..86d77016 100644
--- a/pkg/operator/acl.go
+++ b/pkg/operator/acl.go
@@ -213,6 +213,14 @@ func (s *Operator) enableACL(ctx context.Context, config *etcd.ACLConfig) error
 		return err
 	}
 
+	if _, err := s.etcdClient.UserAddWithOptions(ctx, "etcd", "", &clientv3.UserAddOptions{NoPassword: true}); err != nil {
+			return err
+	}
+
+	if _, err := s.etcdClient.UserGrantRole(ctx, "etcd", "root"); err != nil {
+			return err
+	}
+
 	if _, err := s.etcdClient.AuthEnable(ctx); err != nil {
 		return err
 	}