Implements the frontend logic for gNSI Authz#508
Open
kanchanavelusamy wants to merge 1 commit intosonic-net:masterfrom
Open
Implements the frontend logic for gNSI Authz#508kanchanavelusamy wants to merge 1 commit intosonic-net:masterfrom
kanchanavelusamy wants to merge 1 commit intosonic-net:masterfrom
Conversation
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
ae4161e to
d519d1a
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
d519d1a to
8a7d56f
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
8a7d56f to
5e3a66b
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
changed the title
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
5e3a66b to
9944637
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
9944637 to
a52ca5d
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
a52ca5d to
f8ca017
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
f8ca017 to
a3034e2
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
a3034e2 to
49328d3
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
49328d3 to
50b8f7c
Compare
Contributor
|
/azp run |
|
Azure Pipelines will not run the associated pipelines, because the pull request was updated after the run command was issued. Review the pull request again and issue a new run command. |
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Contributor
Author
rlucus
suggested changes
Nov 7, 2025
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
a4ac788 to
f8636d8
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
f8636d8 to
8ac5603
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
8ac5603 to
1a8eddf
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
1a8eddf to
ed64d07
Compare
Contributor
|
/azp run |
|
Azure Pipelines will not run the associated pipelines, because the pull request was updated after the run command was issued. Review the pull request again and issue a new run command. |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
ed64d07 to
a25b598
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
kanchanavelusamy
force-pushed
the
gnsi_authz_fe
branch
from
a25b598 to
60e080d
Compare
Contributor
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Contributor
Author
|
@ndas7: Due to the transformer code (#183, #184) not yet being merged into the master, the Azure build is failing, and we are unable to get code coverage reports through Azure. cc: @kishanps |
mssonicbld
added a commit
to mssonicbld/sonic-mgmt-common
that referenced
this pull request
Dec 4, 2025
This PR introduces the new YANG models for gNSI Authz, Certz, Pathz and Credentialz. And, updates the list to include the new models. **Dependency Chain for Merge** Please follow this merge order, 1. Current PR: sonic-mgmt-common #[183 ](sonic-net#183 be merged first) 2. Incremental PR: sonic-mgmt-common #[184](sonic-net#184) 3. Frontend: sonic-gnmi #[508](sonic-net/sonic-gnmi#508)
mssonicbld
added a commit
to sonic-net/sonic-mgmt-common
that referenced
this pull request
Dec 4, 2025
This PR introduces the new YANG models for gNSI Authz, Certz, Pathz and Credentialz. And, updates the list to include the new models. **Dependency Chain for Merge** Please follow this merge order, 1. Current PR: sonic-mgmt-common #[183 ](#183 be merged first) 2. Incremental PR: sonic-mgmt-common #[184](#184) 3. Frontend: sonic-gnmi #[508](sonic-net/sonic-gnmi#508)
rlucus
approved these changes
Jan 11, 2026
| import ( | ||
| "bytes" | ||
| "context" | ||
| "encoding/json" |
Contributor
There was a problem hiding this comment.
Order according to https://google.github.io/styleguide/go/decisions.html#import-grouping
| import ( | ||
| "fmt" | ||
| "github.com/Azure/sonic-mgmt-common/translib/db" | ||
| "github.com/go-redis/redis/v7" |
Contributor
There was a problem hiding this comment.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This commit enables support for policy-based authorization of gRPC requests in gNMI server and handles the Authz Rotate() RPC for secure policy updates.
Dependency Chain for Merge
Please follow this merge order,
gNSI Authz - UT Results
=== RUN TestGnsiAuthzRotation
=== RUN TestGnsiAuthzRotation/RotateOpenClose
=== RUN TestGnsiAuthzRotation/RotatePolicyEmptyRequest
=== RUN TestGnsiAuthzRotation/RotatePolicyEmptyUploadRequest
=== RUN TestGnsiAuthzRotation/RotatePolicyWrongJSON
=== RUN TestGnsiAuthzRotation/RotatePolicyNoVersion
=== RUN TestGnsiAuthzRotation/RotatePolicySuccess
=== RUN TestGnsiAuthzRotation/RotatePolicyNoFinalize
=== RUN TestGnsiAuthzRotation/RotateTheSamePolicyTwice
=== RUN TestGnsiAuthzRotation/RotateTheSamePolicyTwiceWithForceOverwrite
=== RUN TestGnsiAuthzRotation/ParallelRotationCalls
--- PASS: TestGnsiAuthzRotation (4.55s)
--- PASS: TestGnsiAuthzRotation/RotateOpenClose (0.04s)
--- PASS: TestGnsiAuthzRotation/RotatePolicyEmptyRequest (0.03s)
--- PASS: TestGnsiAuthzRotation/RotatePolicyEmptyUploadRequest (0.03s)
--- PASS: TestGnsiAuthzRotation/RotatePolicyWrongJSON (0.03s)
--- PASS: TestGnsiAuthzRotation/RotatePolicyNoVersion (0.03s)
--- PASS: TestGnsiAuthzRotation/RotatePolicySuccess (0.03s)
--- PASS: TestGnsiAuthzRotation/RotatePolicyNoFinalize (0.03s)
--- PASS: TestGnsiAuthzRotation/RotateTheSamePolicyTwice (0.05s)
--- PASS: TestGnsiAuthzRotation/RotateTheSamePolicyTwiceWithForceOverwrite (0.05s)
--- PASS: TestGnsiAuthzRotation/ParallelRotationCalls (0.05s)
Why I did it
How I did it
How to verify it
Which release branch to backport (provide reason below if selected)
Description for the changelog
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)