DAOS-18783 test: ftest coverage for per-pool node authentication#18335
DAOS-18783 test: ftest coverage for per-pool node authentication#18335mjmac wants to merge 5 commits into
Conversation
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
from
6cf98a9 to
e3e2d3b
Compare
|
Ticket title is 'Enable certificate-based client authentication' |
|
Test stage Functional on EL 9 completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-18335/2/execution/node/1119/log |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
from
e3e2d3b to
f8ab6ef
Compare
|
Test stage Functional on EL 9 completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-18335/3/execution/node/985/log |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
3 times, most recently
from
82f7ac0 to
34b0f69
Compare
|
Test stage Functional on EL 9 completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-18335/8/execution/node/1098/log |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
from
34b0f69 to
852168e
Compare
|
Test stage NLT completed with status UNSTABLE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net/job/daos-stack/job/daos//view/change-requests/job/PR-18335/9/testReport/ |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
2 times, most recently
from
6994ff3 to
957a12e
Compare
|
Test stage Functional on EL 9 completed with status UNSTABLE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net/job/daos-stack/job/daos//view/change-requests/job/PR-18335/12/testReport/ |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
from
957a12e to
5059f6f
Compare
|
Test stage NLT completed with status UNSTABLE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net/job/daos-stack/job/daos//view/change-requests/job/PR-18335/13/testReport/ |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
from
5059f6f to
a613864
Compare
|
Test stage Functional on EL 9 completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-18335/14/execution/node/1010/log |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
2 times, most recently
from
91cbde4 to
730c3bb
Compare
|
Test stage Functional on EL 9 completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-18335/16/execution/node/960/log |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
2 times, most recently
from
8e0540d to
8005c57
Compare
|
Test stage Unit Test completed with status UNSTABLE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net/job/daos-stack/job/daos//view/change-requests/job/PR-18335/18/testReport/ |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
3 times, most recently
from
1e53e2b to
8a7c057
Compare
|
Test stage Functional on EL 9 completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-18335/21/execution/node/1010/log |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
from
8a7c057 to
f5f18b8
Compare
|
Test stage Functional on EL 9 completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-18335/22/execution/node/1009/log |
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
from
f5f18b8 to
db5c0e3
Compare
|
Test stage NLT completed with status UNSTABLE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net/job/daos-stack/job/daos//view/change-requests/job/PR-18335/23/testReport/ |
mjmac
changed the title
OK, thanks. Yeah, I had that as a temp hack. It's removed now. |
|
Test stage Functional on EL 9 completed with status FAILURE. https://jenkins-3.daos.hpc.amslabs.hpecorp.net//job/daos-stack/job/daos/view/change-requests/job/PR-18335/23/execution/node/982/log |
Reserve property storage on the pool for the per-pool CA bundle and the per-CN revocation watermarks. The byteval length cap bounds decode-time allocation. Bump DAOS_POOL_GLOBAL_VERSION to 5 and gate the new wire format on v5 so older engines never see byteval entries on a 2.8.0-era pool. Signed-off-by: Michael MacDonald <github@macdonald.cx>
Attach a per-pool node certificate and proof-of-possession to pool connect credential requests. Bump the pool connect RPC to v8 to carry the new fields; v7 peers continue to interoperate. Signed-off-by: Michael MacDonald <github@macdonald.cx>
Verify the per-pool node certificate and proof-of-possession when a client connects to a pool that has a CA installed. Pools without a CA continue to behave exactly as before. Signed-off-by: Michael MacDonald <github@macdonald.cx>
Add dmg subcommands and Control API for managing per-pool CAs and client certificates. Signed-off-by: Michael MacDonald <github@macdonald.cx>
Add ftest scenarios for the node-cert lifecycle (set-cert, get-cert, add-client, delete-cert) and for revocation (revoke-client must evict active handles and prevent reconnect with the old cert). Features: pool_cert Signed-off-by: Michael MacDonald <github@macdonald.cx>
mjmac
force-pushed
the
mjmac/DAOS-18783-pr5-ftest
branch
from
db5c0e3 to
cd910c7
Compare
3 participants
Add ftest scenarios for the node-cert lifecycle (set-cert, get-cert,
add-client, delete-cert) and for revocation (revoke-client must evict
active handles and prevent reconnect with the old cert).
Features: pool_cert
Signed-off-by: Michael MacDonald github@macdonald.cx