[ozone] branch master updated: HDDS-8042. Display certificate issuer in cert list command. (#4429)

Wed, 22 Mar 2023 19:43:05 -0700 

This is an automated email from the ASF dual-hosted git repository.

sammichen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git


The following commit(s) were added to refs/heads/master by this push:
     new 209a2e785d HDDS-8042. Display certificate issuer in cert list command. 
(#4429)
209a2e785d is described below

commit 209a2e785dda659bb631da9dc5a7df811bbf7ddd
Author: Sammi Chen <[email protected]>
AuthorDate: Thu Mar 23 10:42:55 2023 +0800

    HDDS-8042. Display certificate issuer in cert list command. (#4429)
---
 .../apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java   | 15 +++++++++------
 .../dist/src/main/smoketest/security/admin-cert.robot     |  4 ++--
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git 
a/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java
 
b/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java
index 0ac5f9f6ba..3d63d007f6 100644
--- 
a/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java
+++ 
b/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java
@@ -65,7 +65,7 @@ public class ListSubcommand extends ScmCertSubcommand {
       description = "Filter certificate by the type: valid or revoked",
       defaultValue = "valid", showDefaultValue = Visibility.ALWAYS)
   private String type;
-  private static final String OUTPUT_FORMAT = "%-17s %-30s %-30s %-110s";
+  private static final String OUTPUT_FORMAT = "%-17s %-30s %-30s %-110s 
%-110s";
 
   private HddsProtos.NodeType parseCertRole(String r) {
     if (r.equalsIgnoreCase("om")) {
@@ -79,17 +79,20 @@ public class ListSubcommand extends ScmCertSubcommand {
 
   private void printCert(X509Certificate cert) {
     LOG.info(String.format(OUTPUT_FORMAT, cert.getSerialNumber(),
-        cert.getNotBefore(), cert.getNotAfter(), cert.getSubjectDN()));
+        cert.getNotBefore(), cert.getNotAfter(), cert.getSubjectDN(),
+        cert.getIssuerDN()));
   }
 
   @Override
   protected void execute(SCMSecurityProtocol client) throws IOException {
     boolean isRevoked = type.equalsIgnoreCase("revoked");
-    List<String> certPemList = client.listCertificate(
-        parseCertRole(role), startSerialId, count, isRevoked);
-    LOG.info("Total {} {} certificates: ", certPemList.size(), type);
+    HddsProtos.NodeType nodeType = parseCertRole(role);
+    List<String> certPemList = client.listCertificate(nodeType,
+        startSerialId, count, isRevoked);
+    LOG.info("Certificate list:(Type={}, BatchSize={}, CertCount={})",
+        type.toUpperCase(), count, certPemList.size());
     LOG.info(String.format(OUTPUT_FORMAT, "SerialNumber", "Valid From",
-        "Expiry", "Subject"));
+        "Expiry", "Subject", "Issuer"));
     for (String certPemStr : certPemList) {
       try {
         X509Certificate cert = CertificateCodec.getX509Certificate(certPemStr);
diff --git a/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot 
b/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot
index 1a214c924d..524345dd3e 100644
--- a/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot
+++ b/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot
@@ -32,11 +32,11 @@ Setup Test
 *** Test Cases ***
 List valid certificates
     ${output} =      Execute    ozone admin cert list
-                     Should Contain    ${output}    valid certificates
+                     Should Contain    ${output}    Type=VALID
 
 List revoked certificates
     ${output} =      Execute    ozone admin cert list -t revoked
-                     Should Contain    ${output}    Total 0 revoked 
certificates
+                     Should Contain    ${output}    Certificate 
list:(Type=REVOKED, BatchSize=20, CertCount=0)
 
 Info of the cert
     ${output} =      Execute   for id in $(ozone admin cert list -c 1|grep 
UTC|awk '{print $1}'); do ozone admin cert info $id; done


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to