func()

in kafka/common.go [447:489]

• 40 lines of code
• 12 McCabe index (conditional complexity)

func (kp *keyPair) reloadIfChanged() error {
	kp.mu.Lock()
	defer kp.mu.Unlock()

	if kp.certPath != "" && kp.keyPath != "" {
		certInfo, err := os.Stat(kp.certPath)
		if err != nil {
			return fmt.Errorf("unable to stat certificate file: %w", err)
		}
		if kp.certModTS.Before(certInfo.ModTime()) {
			if certInfo.Size() < 1 {
				return nil
			}
			cert, err := tls.LoadX509KeyPair(kp.certPath, kp.keyPath)
			if err != nil {
				return fmt.Errorf("failed to load new certificate: %w", err)
			}
			kp.config.Certificates = []tls.Certificate{cert}
			kp.certModTS = certInfo.ModTime()
		}
	}

	caInfo, err := os.Stat(kp.caPath)
	if err != nil {
		return fmt.Errorf("unable to stat CA certificate file: %w", err)
	}
	if kp.caModTS.Before(caInfo.ModTime()) {
		caCert, err := os.ReadFile(kp.caPath)
		if err != nil {
			return fmt.Errorf("failed to read CA certificate: %w", err)
		}
		if len(caCert) == 0 {
			return nil
		}
		kp.config.RootCAs = x509.NewCertPool()
		if !kp.config.RootCAs.AppendCertsFromPEM(caCert) {
			return fmt.Errorf("failed to append CA cert: %w", err)
		}
		kp.caModTS = caInfo.ModTime()
	}

	return nil
}