Skip to content

Commit

Permalink
port restapi yang model
Browse files Browse the repository at this point in the history
  • Loading branch information
@arlakshm
arlakshm committed Apr 14, 2024
1 parent a769fed commit 91e0e14
Show file tree
Hide file tree
Showing 6 changed files with 186 additions and 1 deletion.
22 changes: 21 additions & 1 deletion src/sonic-yang-models/doc/Configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,8 @@ Table of Contents
* [Scheduler](#scheduler)
* [Port QoS Map](#port-qos-map)
* [Queue](#queue)
* [Sflow](#sflow)
* [Sflow](#sflow)
* [Restapi](#restapi)
* [Tacplus Server](#tacplus-server)
* [TC to Priority group map](#tc-to-priority-group-map)
* [TC to Queue map](#tc-to-queue-map)
Expand Down Expand Up @@ -1509,6 +1510,25 @@ name as object key and member list as attribute.
}
```

### Restapi
```
{
"RESTAPI": {
"certs": {
"ca_crt": "/etc/sonic/credentials/ame_root.pem",
"server_key": "/etc/sonic/credentials/restapiserver.key",
"server_crt": "/etc/sonic/credentials/restapiserver.crt",
"client_crt_cname": "client.sonic.net"
},
"config": {
"client_auth": "true",
"log_level": "trace",
"allow_insecure": "false"
}
}
```

### Sflow

The below are the tables and their schema for SFLOW feature
Expand Down
1 change: 1 addition & 0 deletions src/sonic-yang-models/setup.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,7 @@ def run(self):
'./yang-models/sonic-policer.yang',
'./yang-models/sonic-portchannel.yang',
'./yang-models/sonic-pfcwd.yang',
'./yang-models/sonic-restapi.yang',
'./yang-models/sonic-route-common.yang',
'./yang-models/sonic-route-map.yang',
'./yang-models/sonic-routing-policy-sets.yang',
Expand Down
13 changes: 13 additions & 0 deletions src/sonic-yang-models/tests/files/sample_config_db.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1122,6 +1122,19 @@
"lanes": "1"
}
},
"RESTAPI": {
"certs": {
"ca_crt": "/etc/sonic/credentials/ame_root.pem",
"server_key": "/etc/sonic/credentials/restapiserver.key",
"server_crt": "/etc/sonic/credentials/restapiserver.crt",
"client_crt_cname": "client.sonic.net"
},
"config": {
"client_auth": "true",
"log_level": "trace",
"allow_insecure": "false"
}
},
"FLEX_COUNTER_TABLE": {
"PFCWD": {
"FLEX_COUNTER_STATUS": "enable"
Expand Down
16 changes: 16 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests/restapi.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"RESTAPI_TABLE_WITH_INCORRECT_CERT": {
"desc": "RESTAPI TABLE_WITH_INCORRECT_CERT failure.",
"eStr": ["Value", "does not satisfy the constraint"]
},
"RESTAPI_TABLE_WITH_INCORRECT_CLIENT": {
"desc": "RESTAPI TABLE_WITH_INCORRECT_CLIENT failure.",
"eStr": ["Value", "does not satisfy the constraint"]
},
"RESTAPI_TABLE_WITH_VALID_CONFIG": {
"desc": "RESTAPI TABLE WITH VALID CONFIG."
},
"RESTAPI_TABLE_WITH_MULTIPLE_CERTS": {
"desc": "RESTAPI TABLE WITH MULTIPLE CERTS."
}
}
50 changes: 50 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests_config/restapi.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
{
"RESTAPI_TABLE_WITH_INCORRECT_CERT": {
"sonic-restapi:sonic-restapi": {
"sonic-restapi:RESTAPI": {
"certs": {
"ca_crt": "/etc/sonic/credentials/ame_root.pem",
"server_crt": "a/b/c",
"server_key": "/etc/sonic/credentials/restapiserver.key",
"client_crt_cname": "client"
}
}
}
},
"RESTAPI_TABLE_WITH_INCORRECT_CLIENT": {
"sonic-restapi:sonic-restapi": {
"sonic-restapi:RESTAPI": {
"certs": {
"ca_crt": "/etc/sonic/credentials/ame_root.pem",
"server_crt": "/etc/sonic/credentials/restapiserver.crt",
"server_key": "/etc/sonic/credentials/restapiserver.key",
"client_crt_cname": "/client"
}
}
}
},
"RESTAPI_TABLE_WITH_VALID_CONFIG": {
"sonic-restapi:sonic-restapi": {
"sonic-restapi:RESTAPI": {
"certs": {
"ca_crt": "/etc/sonic/credentials/ame_root.pem",
"server_crt": "/etc/sonic/credentials/restapiserver.crt",
"server_key": "/etc/sonic/credentials/restapiserver.key",
"client_crt_cname": "client.sonic.net"
}
}
}
},
"RESTAPI_TABLE_WITH_MULTIPLE_CERTS": {
"sonic-restapi:sonic-restapi": {
"sonic-restapi:RESTAPI": {
"certs": {
"ca_crt": "/etc/sonic/credentials/ame_root.pem",
"server_crt": "/etc/sonic/credentials/restapiserver.crt",
"server_key": "/etc/sonic/credentials/restapiserver.key",
"client_crt_cname": "client.sonic.net,clientds.prod.net"
}
}
}
}
}
85 changes: 85 additions & 0 deletions src/sonic-yang-models/yang-models/sonic-restapi.yang
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
module sonic-restapi {

yang-version 1.1;

namespace "http://github.com/sonic-net/sonic-restapi";
prefix restapi;

import ietf-inet-types {
prefix inet;
}

organization
"SONiC";

contact
"SONiC";

description "RESTAPI YANG Module for SONiC OS";

revision 2022-10-05 {
description "First Revision";
}

container sonic-restapi {

container RESTAPI {

description "RESTAPI TABLE part of config_db.json";

container certs {

leaf ca_crt {
type string {
pattern '(/[a-zA-Z0-9_-]+)*/([a-zA-Z0-9_-]+).([a-z]+)';
}
description "Local path for ca_crt.";
}

leaf server_crt {
type string {
pattern '(/[a-zA-Z0-9_-]+)*/([a-zA-Z0-9_-]+).crt';
}
description "Local path for server_crt.";
}

leaf client_crt_cname {
type string {
pattern '([a-zA-Z0-9_\-\.]+,)*([a-zA-Z0-9_\-\.]+)';
}
description "Client cert name.";
}

leaf server_key {
type string {
pattern '(/[a-zA-Z0-9_-]+)*/([a-zA-Z0-9_-]+).key';
}
description "Local path for server_key.";
}

}

container config {

leaf client_auth {
type boolean;
default true;
description "Enable client authentication";
}

leaf log_level {
type string {
pattern "trace|info";
}
description "container log level for restapi";
}

leaf allow_insecure {
type boolean;
default false;
description "Allow insecure connection";
}
}
}
}
}

0 comments on commit 91e0e14

Please sign in to comment.