From f3054124edeb8c84c32c8c0f20d0d7e1a0c1725f Mon Sep 17 00:00:00 2001
From: bingwang-ms <66248323+bingwang-ms@users.noreply.github.com>
Date: Wed, 29 Mar 2023 18:24:31 -0700
Subject: [PATCH] Update check of IP_TYPE from ACL Yang model (#13810)

Why I did it
This PR is to update the check of IP_TYPE from sonic-acl.yang.
It's because if the ACL rule is added by loading a json file with acl-loader, there is no IP_TYPE for ACL rule. If such rule exists in ACL_RULE table, the GCU (generic config updater) refuses to update any ACL rules because the existing one is invalid.
This PR updates the yang model for ACL. If the IP_TYPE leaf doesn't exist, then we don't check the field.

How I did it
Accept the rule if IP_TYPE is absent.

How to verify it
The change is verified by UT.
---
 .../tests/yang_model_tests/tests/acl.json     |  3 ++
 .../yang_model_tests/tests_config/acl.json    | 53 +++++++++++++++++++
 .../yang-templates/sonic-acl.yang.j2          |  8 +--
 3 files changed, 60 insertions(+), 4 deletions(-)

diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json
index 3bfb0611fb..a3d2110479 100644
--- a/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json
+++ b/src/sonic-yang-models/tests/yang_model_tests/tests/acl.json
@@ -31,6 +31,9 @@
         "eStrKey" : "When",
         "eStr": ["IP_TYPE"]
     },
+    "ACL_RULE_WITHOUT_IP_TYPE": {
+        "desc": "Configure ACL_RULE without IP_TYPE."
+    },
     "ACL_RULE_ARP_TYPE_DST_IPV6_MISMATCH": {
         "desc": "Configure IP_TYPE as ARP and DST_IPV6 in ACL_RULE.",
         "eStrKey" : "When",
diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json
index 6c3d3ad3ec..ce5a9839d0 100644
--- a/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json
+++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/acl.json
@@ -158,6 +158,59 @@
             }
         }
     },
+    "ACL_RULE_WITHOUT_IP_TYPE": {
+        "sonic-acl:sonic-acl": {
+            "sonic-acl:ACL_RULE": {
+                "ACL_RULE_LIST": [
+                    {
+                        "ACL_TABLE_NAME": "NO-NSW-PACL-V4",
+                        "PACKET_ACTION": "FORWARD",
+                        "PRIORITY": 999980,
+                        "RULE_NAME": "Rule_20",
+                        "SRC_IPV6": "2001::1/64"
+                    }
+                ]
+            },
+            "sonic-acl:ACL_TABLE": {
+                "ACL_TABLE_LIST": [
+                    {
+                        "ACL_TABLE_NAME": "NO-NSW-PACL-V4",
+                        "policy_desc": "Filter IPv4",
+                        "ports": [
+                            "Ethernet0",
+                            "Ethernet1"
+                        ],
+                        "stage": "EGRESS",
+                        "type": "L3"
+                    }
+                ]
+            }
+        },
+        "sonic-port:sonic-port": {
+            "sonic-port:PORT": {
+                "PORT_LIST": [
+                    {
+                        "admin_status": "up",
+                        "alias": "eth0",
+                        "description": "Ethernet0",
+                        "lanes": "0,1,2,3",
+                        "mtu": 9000,
+                        "name": "Ethernet0",
+                        "speed": 25000
+                    },
+                    {
+                        "admin_status": "up",
+                        "alias": "eth1",
+                        "description": "Ethernet1",
+                        "lanes": "4,5,6,7",
+                        "mtu": 9000,
+                        "name": "Ethernet1",
+                        "speed": 25000
+                    }
+                ]
+            }
+        }
+    },
     "ACL_RULE_UNDEFINED_PACKET_ACTION": {
         "sonic-acl:sonic-acl": {
             "sonic-acl:ACL_RULE": {
diff --git a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2 b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2
index e9461be2ce..ccbb163930 100644
--- a/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2
+++ b/src/sonic-yang-models/yang-templates/sonic-acl.yang.j2
@@ -106,7 +106,7 @@ module sonic-acl {
 						}
 					}
 					case ip4_prefix {
-						when "boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV4' or .='IPv4ANY' or .='ARP'])";
+						when "not(IP_TYPE) or boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV4' or .='IPv4ANY' or .='ARP'])";
 						leaf SRC_IP {
 							type inet:ipv4-prefix;
 						}
@@ -117,7 +117,7 @@ module sonic-acl {
 					}
 
 					case ip6_prefix {
-						when "boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV6' or .='IPv6ANY'])";
+						when "not(IP_TYPE) or boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV6' or .='IPv6ANY'])";
 						leaf SRC_IPV6 {
 							type inet:ipv6-prefix;
 						}
@@ -199,7 +199,7 @@ module sonic-acl {
 				choice icmp {
 
 					case icmp4 {
-						when "boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV4' or .='IPv4ANY' or .='ARP'])";
+						when "not(IP_TYPE) or boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV4' or .='IPv4ANY' or .='ARP'])";
 						leaf ICMP_TYPE {
 							type uint8 {
 								range 1..44;
@@ -214,7 +214,7 @@ module sonic-acl {
 					}
 
 					case icmp6 {
-						when "boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV6' or .='IPv6ANY'])";
+						when "not(IP_TYPE) or boolean(IP_TYPE[.='ANY' or .='IP' or .='IPV6' or .='IPv6ANY'])";
 						leaf ICMPV6_TYPE {
 							type uint8 {
 								range 1..44;