Add GNMI client cert cname check support.#18709
Merged
qiluo-msft merged 14 commits intosonic-net:masterfrom Aug 22, 2024
Merged
Add GNMI client cert cname check support.#18709qiluo-msft merged 14 commits intosonic-net:masterfrom
qiluo-msft merged 14 commits intosonic-net:masterfrom
Conversation
Contributor
Author
|
Submodule PR: sonic-net/sonic-gnmi#241 |
Contributor
Author
|
/azpw Azure.sonic-buildimage |
liuh-80
changed the title
This was referenced Jun 5, 2024
liuh-80
changed the title
Contributor
Author
|
/azpw Azure.sonic-buildimage |
ganglyu
reviewed
Jul 2, 2024
ganglyu
approved these changes
Jul 2, 2024
qiluo-msft
reviewed
Jul 15, 2024
9 tasks
Contributor
Author
|
Manually cherry-pick not found conflict: #20792 |
Contributor
Author
|
Here is test case PR, also need cherry-pick later: sonic-net/sonic-mgmt#13133 |
mssonicbld
pushed a commit
to mssonicbld/sonic-buildimage
that referenced
this pull request
Nov 14, 2024
Add GNMI client cert cname list to yang model. #### Why I did it Allow gnmi service authentication client cert by cname. ### How I did it Add GNMI client cert cname list to yang model. #### How to verify it Pass all UT. ### Description for the changelog Add GNMI client cert cname list to yang model.
Collaborator
|
Cherry-pick PR to 202405: #20793 |
mssonicbld
pushed a commit
that referenced
this pull request
Nov 14, 2024
Add GNMI client cert cname list to yang model. #### Why I did it Allow gnmi service authentication client cert by cname. ### How I did it Add GNMI client cert cname list to yang model. #### How to verify it Pass all UT. ### Description for the changelog Add GNMI client cert cname list to yang model.
mssonicbld
added
Included in 202405 Branch
and removed
Created PR to 202405 Branch
labels
yxieca
pushed a commit
that referenced
this pull request
Nov 15, 2024
Add GNMI client cert cname list to yang model. #### Why I did it Allow gnmi service authentication client cert by cname. ### How I did it Add GNMI client cert cname list to yang model. #### How to verify it Pass all UT. ### Description for the changelog Add GNMI client cert cname list to yang model.
Contributor
|
hi @FengPan-Frank , the change is conflicting with 202412, I wonder if you could help with a manual cherry pick? |
10 tasks
r12f
added
Approved for msft-202412 Branch
Included in msft-202412 Branch
and removed
Cherry Pick Conflict_msft-202412
labels
tshalvi
pushed a commit
to tshalvi/sonic-buildimage
that referenced
this pull request
Aug 25, 2025
…t#1416) Add GNMI client cert cname list to yang model. Allow gnmi service authentication client cert by cname. Add GNMI client cert cname list to yang model. Pass all UT. Add GNMI client cert cname list to yang model. <!-- Please make sure you've read and understood our contributing guidelines: https://github.com/Azure/SONiC/blob/gh-pages/CONTRIBUTING.md ** Make sure all your commits include a signature generated with `git commit -s` ** If this is a bug fix, make sure your description includes "fixes #xxxx", or "closes #xxxx" or "resolves #xxxx" Please provide the following information: --> #### Why I did it ##### Work item tracking - Microsoft ADO **(number only)**: #### How I did it #### How to verify it <!-- If PR needs to be backported, then the PR must be tested against the base branch and the earliest backport release branch and provide tested image version on these two branches. For example, if the PR is requested for master, 202211 and 202012, then the requester needs to provide test results on master and 202012. --> #### Which release branch to backport (provide reason below if selected) <!-- - Note we only backport fixes to a release branch, *not* features! - Please also provide a reason for the backporting below. - e.g. - [x] 202006 --> - [ ] 201811 - [ ] 201911 - [ ] 202006 - [ ] 202012 - [ ] 202106 - [ ] 202111 - [ ] 202205 - [ ] 202211 #### Tested branch (Please provide the tested image version) <!-- - Please provide tested image version - e.g. - [x] 20201231.100 --> - [ ] <!-- image version 1 --> - [ ] <!-- image version 2 --> #### Description for the changelog <!-- Write a short (one line) summary that describes the changes in this pull request for inclusion in the changelog: --> <!-- Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU. --> #### Link to config_db schema for YANG module changes <!-- Provide a link to config_db schema for the table for which YANG model is defined Link should point to correct section on https://github.com/Azure/sonic-buildimage/blob/master/src/sonic-yang-models/doc/Configuration.md --> #### A picture of a cute animal (not mandatory but encouraged) Co-authored-by: Hua Liu <58683130+liuh-80@users.noreply.github.com>
tshalvi
pushed a commit
to tshalvi/sonic-buildimage
that referenced
this pull request
Aug 25, 2025
vmittal-msft
pushed a commit
to vmittal-msft/sonic-buildimage
that referenced
this pull request
Oct 20, 2025
…03 (sonic-net#1437) ```<br>* f6196a9 - (HEAD -> 202503) Merge branch '202412' of https://github.com/Azure/sonic-buildimage-msft into 202503 (2025-08-01) [Sonic Automation] * d94fe25 - (origin/202412, 202412) Add GNMI client cert cname check support. (sonic-net#18709) (sonic-net#1416) (2025-07-30) [Feng-msft] * 73466d4 - [action] [PR:21849] Improve GNMI_CLIENT_CERT table to support multiple roles. (sonic-net#1420) (2025-07-30) [mssonicbld]<br>```
vmittal-msft
pushed a commit
to vmittal-msft/sonic-buildimage
that referenced
this pull request
Oct 20, 2025
…03 (sonic-net#1447) ```<br>* c3ce9e119 - (HEAD -> 202503) Merge branch '202412' of https://github.com/Azure/sonic-buildimage-msft into 202503 (2025-08-02) [Sonic Automation] * e82f230 - (origin/202412, 202412) Revert "Add GNMI client cert cname check support. (sonic-net#18709)" (sonic-net#1438) (2025-08-01) [Feng-msft]<br>```
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add GNMI client cert cname list to yang model.
Why I did it
Allow gnmi service authentication client cert by cname.
Work item tracking
How I did it
Add GNMI client cert cname list to yang model.
How to verify it
Pass all UT.
Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
will updated with this PR image later.
Description for the changelog
Add GNMI client cert cname list to yang model.
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)