From: Patrick Donnelly Date: Mon, 7 Jul 2025 18:55:57 +0000 (-0400) Subject: auth: improve programmability of key dumps X-Git-Tag: testing/wip-pdonnell-testing-20260126.152838~54 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=95aa2ad2eab668690e76e6469fc43e6b806acae7;p=ceph-ci.git auth: improve programmability of key dumps Notably: - improve names (avoid repeated "keys") - output type_str Signed-off-by: Patrick Donnelly --- diff --git a/src/auth/Auth.h b/src/auth/Auth.h index e30c8906767..bfc9635c443 100644 --- a/src/auth/Auth.h +++ b/src/auth/Auth.h @@ -81,8 +81,15 @@ struct EntityAuth { } void dump(ceph::Formatter *f) const { f->dump_object("key", key); - encode_json("caps", caps, f); f->dump_object("pending_key", pending_key); + f->open_array_section("caps"); + for (auto const& [entity, cap] : caps) { + f->open_object_section("cap"); + f->dump_string("service_name", entity); + f->dump_string("access_spec", cap.to_str()); + f->close_section(); + } + f->close_section(); } static std::list generate_test_instances() { std::list ls; @@ -362,7 +369,15 @@ struct RotatingSecrets { void dump(); void dump(ceph::Formatter *f) const { - encode_json("secrets", secrets, f); + f->dump_int("max_ver", max_ver); + f->open_array_section("keys"); + for (const auto& [id, key] : secrets) { + f->open_object_section("secret"); + f->dump_int("id", id); + f->dump_object("expiring_key", key); + f->close_section(); + } + f->close_section(); } static std::list generate_test_instances() { std::list ls; diff --git a/src/auth/Crypto.cc b/src/auth/Crypto.cc index da21fdad48d..5a4f73b57a7 100644 --- a/src/auth/Crypto.cc +++ b/src/auth/Crypto.cc @@ -11,21 +11,19 @@ * */ -#include -#include -#include -#include - -#include -#include #include "Crypto.h" #include "include/ceph_assert.h" +#include "include/ceph_fs.h" +#include "include/compat.h" + #include "common/Clock.h" +#include "common/Formatter.h" #include "common/armor.h" #include "common/ceph_context.h" #include "common/ceph_crypto.h" +#include "common/debug.h" #include "common/hex.h" #include "common/safe_io.h" #include "include/ceph_fs.h" @@ -36,6 +34,14 @@ #include #include +#include +#include + +#include +#include +#include +#include +#include #define dout_subsys ceph_subsys_auth @@ -995,8 +1001,8 @@ void CryptoKey::decode(bufferlist::const_iterator& bl) void CryptoKey::dump(Formatter *f) const { f->dump_int("type", type); + f->dump_string("type_str", CryptoManager::get_key_type_name(type)); f->dump_stream("created") << created; - f->dump_int("secret.length", secret.length()); } std::list CryptoKey::generate_test_instances() diff --git a/src/auth/cephx/CephxKeyServer.h b/src/auth/cephx/CephxKeyServer.h index 4ee769ce7ec..a4ea05e45a8 100644 --- a/src/auth/cephx/CephxKeyServer.h +++ b/src/auth/cephx/CephxKeyServer.h @@ -84,8 +84,23 @@ struct KeyServerData { void dump(ceph::Formatter *f) const { f->dump_unsigned("version", version); f->dump_unsigned("rotating_version", rotating_ver); - encode_json("secrets", secrets, f); - encode_json("rotating_secrets", rotating_secrets, f); + f->open_array_section("secrets"); + for (auto const& [name, auth] : secrets) { + f->open_object_section("secret"); + f->dump_object("entity", name); + f->dump_object("auth", auth); + f->close_section(); + } + f->close_section(); + f->open_array_section("rotating_secrets"); + for (auto const& [entity_type, secrets] : rotating_secrets) { + f->open_object_section("rotating_secret"); + auto name = EntityName(entity_type); + f->dump_object("entity", name); + f->dump_object("secrets", secrets); + f->close_section(); + } + f->close_section(); } static std::list generate_test_instances() { std::list ls;