From 94dee8cd58bc08745ce73ebc2d4d51402a975113 Mon Sep 17 00:00:00 2001 From: ganglyu Date: Wed, 8 Feb 2023 15:07:56 +0800 Subject: [PATCH 1/2] Add yang models for GNMI --- src/sonic-yang-models/setup.py | 2 + .../tests/files/sample_config_db.json | 12 +++ .../tests/yang_model_tests/tests/gnmi.json | 17 ++++ .../yang_model_tests/tests_config/gnmi.json | 66 ++++++++++++++++ .../yang-models/sonic-gnmi.yang | 78 +++++++++++++++++++ 5 files changed, 175 insertions(+) create mode 100644 src/sonic-yang-models/tests/yang_model_tests/tests/gnmi.json create mode 100644 src/sonic-yang-models/tests/yang_model_tests/tests_config/gnmi.json create mode 100644 src/sonic-yang-models/yang-models/sonic-gnmi.yang diff --git a/src/sonic-yang-models/setup.py b/src/sonic-yang-models/setup.py index 2afc3c85f0ac..60043cf998fe 100644 --- a/src/sonic-yang-models/setup.py +++ b/src/sonic-yang-models/setup.py @@ -148,6 +148,7 @@ def run(self): './yang-models/sonic-system-tacacs.yang', './yang-models/sonic-system-radius.yang', './yang-models/sonic-telemetry.yang', + './yang-models/sonic-gnmi.yang', './yang-models/sonic-tunnel.yang', './yang-models/sonic-types.yang', './yang-models/sonic-versions.yang', @@ -226,6 +227,7 @@ def run(self): './cvlyang-models/sonic-system-aaa.yang', './cvlyang-models/sonic-system-tacacs.yang', './cvlyang-models/sonic-telemetry.yang', + './cvlyang-models/sonic-gnmi.yang', './cvlyang-models/sonic-types.yang', './cvlyang-models/sonic-versions.yang', './cvlyang-models/sonic-vlan.yang', diff --git a/src/sonic-yang-models/tests/files/sample_config_db.json b/src/sonic-yang-models/tests/files/sample_config_db.json index f9945175cf48..6a536863e3fb 100644 --- a/src/sonic-yang-models/tests/files/sample_config_db.json +++ b/src/sonic-yang-models/tests/files/sample_config_db.json @@ -1183,6 +1183,18 @@ "port": "50051" } }, + "GNMI": { + "certs": { + "ca_crt": "/etc/sonic/telemetry/dsmsroot.cer", + "server_crt": "/etc/sonic/telemetry/streamingtelemetryserver.cer", + "server_key": "/etc/sonic/telemetry/streamingtelemetryserver.key" + }, + "gnmi": { + "client_auth": "true", + "log_level": "2", + "port": "50052" + } + }, "TUNNEL": { "MuxTunnel0": { "dscp_mode": "uniform", diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/gnmi.json b/src/sonic-yang-models/tests/yang_model_tests/tests/gnmi.json new file mode 100644 index 000000000000..5938290f8a96 --- /dev/null +++ b/src/sonic-yang-models/tests/yang_model_tests/tests/gnmi.json @@ -0,0 +1,17 @@ +{ + "GNMI_TABLE_WITH_INCORRECT_CERT": { + "desc": "TABLE_WITH_INCORRECT_CERT failure.", + "eStrKey": "Pattern" + }, + "GNMI_TABLE_WITH_INCORRECT_CLIENT_AUTH": { + "desc": "TABLE_WITH_INCORRECT_CLIENT_AUTH failure", + "eStrKey": "InvalidValue" + }, + "GNMI_TABLE_WITH_INCORRECT_PORT": { + "desc": "TABLE_WITH_INCORRECT_PORT failure.", + "eStrKey": "InvalidValue" + }, + "GNMI_TABLE_WITH_VALID_CONFIG": { + "desc": "TABLE WITH VALID CONFIG." + } +} diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/gnmi.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/gnmi.json new file mode 100644 index 000000000000..9cd420569967 --- /dev/null +++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/gnmi.json @@ -0,0 +1,66 @@ +{ + "GNMI_TABLE_WITH_INCORRECT_CERT": { + "sonic-gnmi:sonic-gnmi": { + "sonic-gnmi:GNMI": { + "certs": { + "ca_crt": "abcd.config", + "server_crt": "a/b/c", + "server_key": "123" + }, + "gnmi": { + "client_auth": "true", + "log_level": "2", + "port": "50051" + } + } + } + }, + "GNMI_TABLE_WITH_INCORRECT_CLIENT_AUTH": { + "sonic-gnmi:sonic-gnmi": { + "sonic-gnmi:GNMI": { + "certs": { + "ca_crt": "/etc/sonic/telemetry/dsmsroot.cer", + "server_crt": "/etc/sonic/telemetry/streamingtelemetryserver.cer", + "server_key": "/etc/sonic/telemetry/streamingtelemetryserver.key" + }, + "gnmi": { + "client_auth": "up", + "log_level": "2", + "port": "50051" + } + } + } + }, + "GNMI_TABLE_WITH_INCORRECT_PORT": { + "sonic-gnmi:sonic-gnmi": { + "sonic-gnmi:GNMI": { + "certs": { + "ca_crt": "/etc/sonic/telemetry/dsmsroot.cer", + "server_crt": "/etc/sonic/telemetry/streamingtelemetryserver.cer", + "server_key": "/etc/sonic/telemetry/streamingtelemetryserver.key" + }, + "gnmi": { + "client_auth": "true", + "log_level": "2", + "port": "abc" + } + } + } + }, + "GNMI_TABLE_WITH_VALID_CONFIG": { + "sonic-gnmi:sonic-gnmi": { + "sonic-gnmi:GNMI": { + "certs": { + "ca_crt": "/etc/sonic/telemetry/dsmsroot.cer", + "server_crt": "/etc/sonic/telemetry/streamingtelemetryserver.cer", + "server_key": "/etc/sonic/telemetry/streamingtelemetryserver.key" + }, + "gnmi": { + "client_auth": "true", + "log_level": "2", + "port": "50051" + } + } + } + } +} diff --git a/src/sonic-yang-models/yang-models/sonic-gnmi.yang b/src/sonic-yang-models/yang-models/sonic-gnmi.yang new file mode 100644 index 000000000000..1d6b228266b8 --- /dev/null +++ b/src/sonic-yang-models/yang-models/sonic-gnmi.yang @@ -0,0 +1,78 @@ +module sonic-gnmi { + + yang-version 1.1; + + namespace "http://github.com/sonic-net/sonic-gnmi"; + prefix gnmi; + + import ietf-inet-types { + prefix inet; + } + + organization + "SONiC"; + + contact + "SONiC"; + + description "GNMI YANG Module for SONiC OS"; + + revision 2023-02-10 { + description "First Revision"; + } + + container sonic-gnmi { + + container GNMI { + + description "GNMI TABLE part of config_db.json"; + + container certs { + + leaf ca_crt { + type string { + pattern '(/[a-zA-Z0-9_-]+)*/([a-zA-Z0-9_-]+).cer'; + } + description "Local path for ca_crt."; + } + + leaf server_crt { + type string { + pattern '(/[a-zA-Z0-9_-]+)*/([a-zA-Z0-9_-]+).cer'; + } + description "Local path for server_crt."; + } + + leaf server_key { + type string { + pattern '(/[a-zA-Z0-9_-]+)*/([a-zA-Z0-9_-]+).key'; + } + description "Local path for server_key."; + } + + } + + container gnmi { + + leaf client_auth { + type boolean; + description "Flag for requiring client auth."; + } + + leaf log_level { + type uint8 { + range 0..100; + } + description "Log level for gnmi."; + } + + leaf port { + type inet:port-number; + description "Port gnmi runs on."; + } + + } + + } + } +} From 992049f5ee183b6ca0c18d2a9374358c6325729c Mon Sep 17 00:00:00 2001 From: ganglyu Date: Wed, 8 Feb 2023 15:20:10 +0800 Subject: [PATCH 2/2] Remove telemetry and use new port --- .../tests/files/sample_config_db.json | 6 ++--- .../yang_model_tests/tests_config/gnmi.json | 24 +++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/src/sonic-yang-models/tests/files/sample_config_db.json b/src/sonic-yang-models/tests/files/sample_config_db.json index 6a536863e3fb..d4ab7d9021f9 100644 --- a/src/sonic-yang-models/tests/files/sample_config_db.json +++ b/src/sonic-yang-models/tests/files/sample_config_db.json @@ -1185,9 +1185,9 @@ }, "GNMI": { "certs": { - "ca_crt": "/etc/sonic/telemetry/dsmsroot.cer", - "server_crt": "/etc/sonic/telemetry/streamingtelemetryserver.cer", - "server_key": "/etc/sonic/telemetry/streamingtelemetryserver.key" + "ca_crt": "/etc/sonic/credentials/dsmsroot.cer", + "server_crt": "/etc/sonic/credentials/server.cer", + "server_key": "/etc/sonic/credentials/server.key" }, "gnmi": { "client_auth": "true", diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/gnmi.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/gnmi.json index 9cd420569967..db121ae3944c 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests_config/gnmi.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/gnmi.json @@ -10,7 +10,7 @@ "gnmi": { "client_auth": "true", "log_level": "2", - "port": "50051" + "port": "50052" } } } @@ -19,14 +19,14 @@ "sonic-gnmi:sonic-gnmi": { "sonic-gnmi:GNMI": { "certs": { - "ca_crt": "/etc/sonic/telemetry/dsmsroot.cer", - "server_crt": "/etc/sonic/telemetry/streamingtelemetryserver.cer", - "server_key": "/etc/sonic/telemetry/streamingtelemetryserver.key" + "ca_crt": "/etc/sonic/credentials/dsmsroot.cer", + "server_crt": "/etc/sonic/credentials/server.cer", + "server_key": "/etc/sonic/credentials/server.key" }, "gnmi": { "client_auth": "up", "log_level": "2", - "port": "50051" + "port": "50052" } } } @@ -35,9 +35,9 @@ "sonic-gnmi:sonic-gnmi": { "sonic-gnmi:GNMI": { "certs": { - "ca_crt": "/etc/sonic/telemetry/dsmsroot.cer", - "server_crt": "/etc/sonic/telemetry/streamingtelemetryserver.cer", - "server_key": "/etc/sonic/telemetry/streamingtelemetryserver.key" + "ca_crt": "/etc/sonic/credentials/dsmsroot.cer", + "server_crt": "/etc/sonic/credentials/server.cer", + "server_key": "/etc/sonic/credentials/server.key" }, "gnmi": { "client_auth": "true", @@ -51,14 +51,14 @@ "sonic-gnmi:sonic-gnmi": { "sonic-gnmi:GNMI": { "certs": { - "ca_crt": "/etc/sonic/telemetry/dsmsroot.cer", - "server_crt": "/etc/sonic/telemetry/streamingtelemetryserver.cer", - "server_key": "/etc/sonic/telemetry/streamingtelemetryserver.key" + "ca_crt": "/etc/sonic/credentials/dsmsroot.cer", + "server_crt": "/etc/sonic/credentials/server.cer", + "server_key": "/etc/sonic/credentials/server.key" }, "gnmi": { "client_auth": "true", "log_level": "2", - "port": "50051" + "port": "50052" } } }