Skip to content

doc: describe how to use certificate authentication for the StatPerf …#4164

Merged
rahulguptajss merged 1 commit intomainfrom
cbg-cert
Feb 25, 2026
Merged

doc: describe how to use certificate authentication for the StatPerf …#4164
rahulguptajss merged 1 commit intomainfrom
cbg-cert

Conversation

@cgrinds
Copy link
Collaborator

@cgrinds cgrinds commented Feb 24, 2026

…collector

Thanks to Esteban for reporting!

Copilot AI review requested due to automatic review settings February 24, 2026 17:12
@cla-bot cla-bot bot added the cla-signed label Feb 24, 2026
Copilot AI reviewed Feb 24, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the ONTAP cluster preparation documentation to include guidance for using non-password authentication when configuring the StatPerf collector.

Changes:

  • Adds additional security login create commands intended for certificate-based authentication for StatPerf.
  • Introduces an SSH publickey login entry alongside the existing password-based SSH/HTTP entries in the StatPerf least-privilege section.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

docs/prepare-cdot-clusters.md
Comment on lines +262 to +263
# If you also want to use certificate authentication for the StatPerf collector, run these commands as well
security login create -user-or-group-name harvest2 -application ssh -authentication-method publickey -role harvest2-role
Copy link

Copilot AI Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This section says “certificate authentication” but the added SSH command uses -authentication-method publickey (SSH key auth), and StatPerf itself calls the REST private CLI endpoint (api/private/cli) rather than using SSH. To avoid misleading readers, either (a) remove the SSH publickey login if it’s not required for StatPerf, or (b) explain why an SSH login is still needed for authorization and reword the comment to distinguish SSH key auth from HTTP client-certificate auth. Also consider mirroring the earlier pattern used in this doc (“Use this for password auth” vs “Or this for certificate auth”) instead of “run these commands as well,” which reads like both are required.

Suggested change
# If you also want to use certificate authentication for the StatPerf collector, run these commands as well
security login create -user-or-group-name harvest2 -application ssh -authentication-method publickey -role harvest2-role
# Or, if you want to use HTTP client-certificate authentication for the StatPerf collector:

Copilot uses AI. Check for mistakes.
@rahulguptajss rahulguptajss merged commit fc87abb into main Feb 25, 2026
14 checks passed
@rahulguptajss rahulguptajss deleted the cbg-cert branch February 25, 2026 04:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@rahulguptajss rahulguptajss rahulguptajss approved these changes

@Hardikl Hardikl Awaiting requested review from Hardikl Hardikl is a code owner

Assignees

No one assigned

Labels

cla-signed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cgrinds @rahulguptajss