Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support credential export/import #75

Merged
merged 1 commit into from
Jul 26, 2018
Merged

support credential export/import #75

merged 1 commit into from
Jul 26, 2018

Conversation

immarvin
Copy link
Contributor

@immarvin immarvin commented Jul 19, 2018
edited
Loading

this PR is for feature request #66:

  1. add a new object type credential
  2. the credential object contain the xcatd SSL CA certificate, private key, root's client SSL credential and server side SSL certificate
[root@c910f03c05k21 inventory]# xcat-inventory export -t credential
{
    "credential": {
        "credential": {
            "CA": {
                "certificate": "/etc/xcat/ca/ca-cert.pem",
                "private_key": "/etc/xcat/ca/private/ca-key.pem"
            },
            "client": {
                "root": "/root/.xcat/client-cred.pem"
            },
            "server": "/etc/xcat/cert/server-cred.pem"
        }
    },
    "schema_version": "1.0"
}
#Version 2.14.3 (git commit d74f1eed53ef385d80a9013d46c2a7cff1de06e4, built Wed Jul 18 06:15:52 EDT 2018)
  1. xcat-inventory export -d can be used to export the definition file and the credential files to destination directory
  2. xcat-inventory import -d is used to import the credential files to the correct place

UT:

export:

[root@c910f03c05k21 inventory]# xcat-inventory export -t credential -d /tmp/credential/
The credential objects has been exported to directory /tmp/credential/
[root@c910f03c05k21 inventory]# tree -a /tmp/credential/
/tmp/credential/
└── credential
    ├── definition.json
    ├── etc
    │   └── xcat
    │       ├── ca
    │       │   ├── ca-cert.pem
    │       │   └── private
    │       │       └── ca-key.pem
    │       └── cert
    │           └── server-cred.pem
    └── root
        └── .xcat
            └── client-key.pem

8 directories, 5 files

import:

[root@c910f03c05k21 inventory]# xcat-inventory import  -d /tmp/credential/
Inventory import successfully!
Warning: the /etc/xcat/ca/ca-cert.pem already exists, will be overwritten
Warning: the /etc/xcat/ca/private/ca-key.pem already exists, will be overwritten
Warning: the /root/.xcat/client-key.pem already exists, will be overwritten
Warning: the /etc/xcat/cert/server-cred.pem already exists, will be overwritten
The object credential has been imported

@immarvin immarvin changed the title support credential export/import support credential export/import[DO NOT MERGE] Jul 19, 2018
@immarvin immarvin changed the title support credential export/import[DO NOT MERGE] support credential export/import Jul 26, 2018
@robin2008 robin2008 merged commit 1ad0f08 into xcat2:master Jul 26, 2018
@immarvin immarvin mentioned this pull request Jul 26, 2018
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robin2008 robin2008 robin2008 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@immarvin @robin2008