Add GNMI client cert cname check support. (#18709)#1416
Conversation
Add GNMI client cert cname list to yang model. Allow gnmi service authentication client cert by cname. Add GNMI client cert cname list to yang model. Pass all UT. Add GNMI client cert cname list to yang model.
|
/azp run Azure.sonic-buildimage-msft.PR |
|
Azure Pipelines successfully started running 1 pipeline(s). |
liuh-80
left a comment
liuh-80
left a comment
There was a problem hiding this comment.
There are 4 PRs you may also need cherry-pick if not there:
sonic-net/sonic-gnmi#366
sonic-net/sonic-buildimage#21363
https://github.com/sonic-net/sonic-buildimage/pull/21849/files
sonic-net/sonic-mgmt#13133
Thanks @liuh-80 for the info. For sonic-net/sonic-gnmi#366, this has been included in https://github.com/Azure/sonic-gnmi.msft/blob/202412/gnmi_server/clientCertAuth.go For sonic-net/sonic-buildimage#21363, this has been included in https://github.com/Azure/sonic-buildimage-msft/blob/202412/src/sonic-yang-models/yang-models/sonic-telemetry.yang For https://github.com/sonic-net/sonic-buildimage/pull/21849/files, auto cherrypick PR #1420 For sonic-net/sonic-mgmt#13133, manual cherrypick PR Azure/sonic-mgmt.msft#589 |
This reverts commit d94fe25.
…03 (#1437) ```<br>* f6196a9 - (HEAD -> 202503) Merge branch '202412' of https://github.com/Azure/sonic-buildimage-msft into 202503 (2025-08-01) [Sonic Automation] * d94fe25 - (origin/202412, 202412) Add GNMI client cert cname check support. (#18709) (#1416) (2025-07-30) [Feng-msft] * 73466d4 - [action] [PR:21849] Improve GNMI_CLIENT_CERT table to support multiple roles. (#1420) (2025-07-30) [mssonicbld]<br>```
|
Original PR: sonic-net/sonic-buildimage#18709 |
…tically (#22923) #### Why I did it src/sonic-sairedis ``` * e1c4ff4d - (HEAD -> 202505, origin/202505) Revert "[nvidia] Skip SAI discovery on ports (Azure#1416)" (Azure#1611) (16 hours ago) [mssonicbld] * 718b27c6 - Fix PR testing issue caused by deprecation of Ubuntu 20.04 (Azure#1609) (4 days ago) [mssonicbld] ``` #### How I did it #### How to verify it #### Description for the changelog
…tically (#22926) #### Why I did it src/sonic-sairedis ``` * 00aa7f59 - (HEAD -> master, origin/master, origin/HEAD) Enabled LLDP (#1601) (2 days ago) [honllum] * 28b72854 - Setup tc redirect for Loopback interface (#1604) (5 days ago) [AkeelAli] * 16f47b71 - Revert "[nvidia] Skip SAI discovery on ports (#1416)" (#1595) (6 days ago) [Stepan Blyshchak] * d7c1de86 - [TAM]: Fix TAM notification and vslib implementation (#1606) (6 days ago) [Ze Gan] * d24b313a - [vslib]: hostif enum capability query API support (#1586) (8 days ago) [Ravi Minnikanti(Marvell)] ``` #### How I did it #### How to verify it #### Description for the changelog
3 participants
Add GNMI client cert cname list to yang model.
Allow gnmi service authentication client cert by cname.
Add GNMI client cert cname list to yang model.
Pass all UT.
Add GNMI client cert cname list to yang model.
Why I did it
Work item tracking
How I did it
How to verify it
Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
Description for the changelog
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)