From: Adam King Date: Wed, 31 Jan 2024 15:15:00 +0000 (-0500) Subject: mgr/cephadm: add cert-store ls commands X-Git-Tag: v19.1.1~104^2~15 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=80303c1c1a80966aacd8cd0bb686dfbaf401c0de;p=ceph.git mgr/cephadm: add cert-store ls commands To see what certs cephadm has stored in its internal cert store Signed-off-by: Adam King (cherry picked from commit 16417abe39e6a1c009c373b77c734ceae915b2a4) --- diff --git a/src/pybind/mgr/cephadm/module.py b/src/pybind/mgr/cephadm/module.py index 207000671616..057d56eca3a9 100644 --- a/src/pybind/mgr/cephadm/module.py +++ b/src/pybind/mgr/cephadm/module.py @@ -3131,6 +3131,14 @@ Then run the following: 'password': password, 'certificate': self.http_server.service_discovery.ssl_certs.get_root_cert()} + @handle_orch_error + def cert_store_cert_ls(self) -> Dict[str, Any]: + return self.cert_key_store.cert_ls() + + @handle_orch_error + def cert_store_key_ls(self) -> Dict[str, Any]: + return self.cert_key_store.key_ls() + @handle_orch_error def apply_mon(self, spec: ServiceSpec) -> str: return self._apply(spec) diff --git a/src/pybind/mgr/orchestrator/_interface.py b/src/pybind/mgr/orchestrator/_interface.py index b080845dac86..a1e099ef5c81 100644 --- a/src/pybind/mgr/orchestrator/_interface.py +++ b/src/pybind/mgr/orchestrator/_interface.py @@ -557,6 +557,12 @@ class Orchestrator(object): """ raise NotImplementedError() + def cert_store_cert_ls(self) -> OrchResult[Dict[str, Any]]: + raise NotImplementedError() + + def cert_store_key_ls(self) -> OrchResult[Dict[str, Any]]: + raise NotImplementedError() + @handle_orch_error def apply(self, specs: Sequence["GenericSpec"], no_overwrite: bool = False) -> List[str]: """ diff --git a/src/pybind/mgr/orchestrator/module.py b/src/pybind/mgr/orchestrator/module.py index 4c08ace4dbda..9dcab2e625d2 100644 --- a/src/pybind/mgr/orchestrator/module.py +++ b/src/pybind/mgr/orchestrator/module.py @@ -1129,6 +1129,37 @@ class OrchestratorCli(OrchestratorClientMixin, MgrModule, return HandleCommandResult(stdout=table.get_string()) + def _process_cert_store_json(self, d: Dict[str, Any], level: int = 0) -> str: + result_str = '' + indent = ' ' * level + for k, v in d.items(): + if isinstance(v, dict): + result_str += f'{indent}{k}\n' + result_str += self._process_cert_store_json(v, level + 1) + else: + result_str += f'{indent}{k} - {v}\n' + return result_str + + @_cli_read_command('orch cert-store cert ls') + def _cert_store_cert_ls(self, format: Format = Format.plain) -> HandleCommandResult: + completion = self.cert_store_cert_ls() + cert_ls = raise_if_exception(completion) + if format != Format.plain: + return HandleCommandResult(stdout=to_format(cert_ls, format, many=False, cls=None)) + else: + result_str = self._process_cert_store_json(cert_ls, 0) + return HandleCommandResult(stdout=result_str) + + @_cli_read_command('orch cert-store key ls') + def _cert_store_key_ls(self, format: Format = Format.plain) -> HandleCommandResult: + completion = self.cert_store_key_ls() + key_ls = raise_if_exception(completion) + if format != Format.plain: + return HandleCommandResult(stdout=to_format(key_ls, format, many=False, cls=None)) + else: + result_str = self._process_cert_store_json(key_ls, 0) + return HandleCommandResult(stdout=result_str) + def _get_credentials(self, username: Optional[str] = None, password: Optional[str] = None, inbuf: Optional[str] = None) -> Tuple[str, str]: _username = username