Commit Graph

6880 Commits

Author SHA1 Message Date
xumia
078608e7f0
Add the original docker tag without username (#12472)
Why I did it
Add the original docker tag without username to support some of the docker file not changed build broken issue.
The username suffix only required when the native build feature enabled, but if not enabled, the docker file not necessary to change, the build should be succeeded.
It is to support cisco 202205 build.
2022-10-25 15:31:18 +08:00
SuvarnaMeenakshi
a0661e2dcb
[sonic-host-services]: Advance submodule (#12195)
#### Why I did it
Update sonic-host-services submodule to include below commits:
```
bc8698d Merge pull request #21 from abdosi/feature
557a110 Fix the issue where if dest port is not specified in ACL rule than for multi-asic where we create NAT rule to forward traffic from Namespace to host fail with exception.
6e45acc (master) Merge pull request #14 from abdosi/feature
4d6cad7 Merge remote-tracking branch 'upstream/master' into feature
bceb13e Install libyang to azure pipeline (#20)
82299f5 Merge pull request #13 from SuvarnaMeenakshi/cacl_fabricns
15d3bf4 Merge branch 'master' into cacl_fabricns
de54082 Merge pull request #16 from ZhaohuiS/feature/caclmgrd_external_client_warning_log
b4b368d Add warning log if destination port is not defined
d4bb96d Merge branch 'master' into cacl_fabricns
35c76cb Add unit-test and fix typo.
17d44c2 Made Changes to be Python 3.7 compatible
978afb5 Aligning Code
1fbf8fb Merge remote-tracking branch 'upstream/master' into feature
7b8c7d1 Added UT for the changes
91c4c42 Merge pull request #9 from ZhaohuiS/feature/caclmgrd_external_client
7c0b56a Add 4 test cases for external_client_acl, including single port and port range for ipv4 and ipv6
b71e507 Merge remote-tracking branch 'origin/master' into HEAD
d992dc0 Merge branch 'master' into feature/caclmgrd_external_client
bd7b172 DST_PORT is configuralbe in json config file for EXTERNAL_CLIENT_ACL
f9af7ae [CLI] Move hostname, mgmt interface/vrf config to hostcfgd (#2)
70ce6a3 Merge pull request #10 from sujinmkang/cold_reset
29be8d2 Added Support to render Feature Table using Device running metadata. Also added support to render 'has_asic_scope' field of Feature Table.
3437e35 [caclmgrd][chassis]: Add ip tables rules to accept internal docker traffic from fabric asic namespaces.
8720561 Fix and add hardware reboot cause determination tests
0dcc7fe remove the empty bracket if no hardware reboot cause minor
e47d831 fix the wrong expected result comparision
ef86b53 Fix startswith Attribute error
8a630bb fix mock patch
8543ddf update the reboot cause logic and update the unit test
53ad7cd fix the mock patch function
7c8003d fix the reboot-cause regix for test
1ba611f fix typo
25379d3 Add unit test case
a56133b Add hardware reboot cause as actual reboot cause for soft reboot failed
c7d3833 Support Restapi/gnmi control plane acls
f6ea036 caclmgrd: Don't block traffic to mgmt by default
a712fc4 Update test cases
adc058b caclmgrd: Don't block traffic to mgmt by default
06ff918 Merge pull request #7 from bluecmd/patch-1
e3e23bc ci: Rename sonic-buildimage repository
e83a858 Merge pull request #4 from kamelnetworks/acl-ip2me-test
f5a2e50 [caclmgrd]: Tests for IP2ME rules generation
```
2022-10-24 14:42:18 -07:00
Jing Zhang
c20707f52a
[master][sonic-linkmgrd] submodule update (#12132)
79edf66 Longxiang Lyu Wed Aug 17 08:12:37 2022 +0800 Fix azure pipeline (#118)
8e0f2c6 Longxiang Lyu Wed Aug 17 08:36:07 2022 +0800 Update linkmgr health after getting default route update (#117)
b14ffb8 Jing Zhang Wed Aug 17 15:44:37 2022 -0700 [active-active] post mux metrics events (#123)
a30dbb3 Jing Zhang Thu Aug 18 18:16:04 2022 -0700 Update handleMuxConfigNotification logic (#125)
e14aaba Jing Zhang Tue Aug 23 10:02:17 2022 -0700 [active-active] Remove unnecessary mux wait timeout logs (#122)
cc83717 Longxiang Lyu Fri Sep 2 02:17:53 2022 +0800 Fix mux config (#128)
5429281 Mai Bui Thu Sep 1 17:44:04 2022 -0400 [linkmgrd] Replace memset function in link_prober (#126)
b5aaec1 Jing Zhang Fri Sep 9 14:01:03 2022 -0700 [active-active] shutdown link prober when starting as isolated (#130)
75f02cf Jing Zhang Tue Sep 13 10:34:32 2022 -0700 [active-standby] update warmboot reconciliation logic (#129)
a5a9f90 Hua Liu Fri Sep 16 09:54:32 2022 +0800 Install libyang to azure pipeline (#132)
6fe4f0f Jing Zhang Tue Sep 20 10:10:16 2022 -0700 [Active-Active] flaky LinkmgrdBootupSequence unit tests (#134)
ea68e8c Jing Zhang Wed Sep 21 10:52:18 2022 -0700 Post switchover reasons to STATE DB (#131)
60c35b5 Jing Zhang Thu Sep 22 13:00:41 2022 -0700 [Active-Active] server side admin forwarding state sync up (#133)
08e1be5 Jing Zhang Mon Sep 26 10:59:27 2022 -0700 [Active-Active] avoid being stuck in unknown after process init (#136)
2579988 Jing Zhang Mon Oct 3 09:40:55 2022 -0700 [Active-Standby] fix syslog flood caused by unkown -> standby switchovers (#137)
7e9f670 Jing Zhang Wed Oct 5 10:03:45 2022 -0700 [Active-Active] Retry config mux mode standby (#139)
23feb3b Jing Zhang Wed Oct 5 15:22:58 2022 -0700 [Active-Active] Post link prober stats to state db (#140)
e650098 Jing Zhang Fri Oct 7 15:27:17 2022 -0700 [Active-Active] Update default route shutdown heartbeat logic (#141)
d0653e7 Jing Zhang Tue Oct 11 10:22:02 2022 -0700 [Active-Standby] avoid posting mux metrics event when receiving unsolicited mux state notification (#142)

dcf6460 Longxiang Lyu Fri Oct 21 12:15:42 2022 +0800 [active-active] Add support to send/handle mux probe request (#147)
fdf42ed Longxiang Lyu Fri Oct 21 10:34:47 2022 +0800 Fix link prober state event report twice issue (#149)
5fd19a3 Longxiang Lyu Mon Oct 17 09:20:27 2022 +0800 [active-active] Fix config reload (#145)

sign-off: Jing Zhang zhangjing@microsoft.com
2022-10-24 10:07:52 -07:00
Hua Liu
fff6808b9c
[openssh] Update openssh make file, add missing dependency to libnl. (#12327)
Update openssh make file, add missing dependency to libnl.

#### Why I did it
Openssh indirectly depends on libnl.
Another PR #12447 need add new patch to openssh, after adding new patch to openssh, PR build failed with libnl missing error.

#### How I did it
Update openssh make file, add missing dependency to libnl.

#### How to verify it
Pass all test case

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
- [ ] 202111
- [ ] 202205

#### Description for the changelog
Update openssh make file, add missing dependency to libnl.

#### Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.

#### Link to config_db schema for YANG module changes
<!--
Provide a link to config_db schema for the table for which YANG model
is defined
Link should point to correct section on https://github.com/Azure/sonic-buildimage/blob/master/src/sonic-yang-models/doc/Configuration.md
-->

#### A picture of a cute animal (not mandatory but encouraged)
2022-10-24 13:03:52 +08:00
Vivek
2041e76ee9
[submodule] update sonic-utilities pointer (#12462)
aedc05ecf [QoS] Support dynamic headroom calculation for Barefoot platforms (#2306)
7f4da26f2 [app_ext] [auto-ts] Add available_mem_threshold option (#2423)
b25070176 YANG Validation for ConfigDB Updates: Fix Decorator Bug (#2405)
f62d1e596 [watermarkstat] Add new warning message for the 'q_shared_multi' counters (#2408)
25fda264e [chassis]Add fabric counter cli commands (#1860)
ae97e597e Update sonic command doc to add CLIs relative to SONiC fips (#2377)
abd5eba49 [generate_dump]: Enhance show techsupport for cisco-8000 platform (#2403)
ee15b74a2 Include configuring laser frequency and tx power (#2437)
70be50cdc Add a subcommand to display a hexdump of transceiver EEPROM page (#2379)
c246801ba Filter port invalid MTU configuration (#2378)
362ec9bd7 [show] vnet advertised-route command (#2390)
2372e2983 [show priority-group drop counters] Remove backup with cached PG drop counters after 'config reload' (#2386)

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
2022-10-23 09:59:54 +03:00
Stephen Sun
8c73e68468
Remove \n from the end of fs_path in ONIEUpdater (#12465)
This fixes the following error

```
admin@sonic:~$ sudo fwutil show status
mount: /mnt/onie-fs: special device /dev/sda2
 does not exist.
Error: Command '['mount', '-n', '-r', '-t', 'ext4', '/dev/sda2\n', '/mnt/onie-fs']' returned non-zero exit status 32.. Aborting...
Aborted!
admin@sonic:~$ sudo vi /usr/local/lib/python3.9/dist-packages/sonic_platform/

```
Seems like #11877 the rstrip('\n') was removed. Probably by mistake.

Signed-off-by: Stephen Sun <stephens@nvidia.com>
2022-10-23 09:59:20 +03:00
Samuel Angebault
f39c2adc04
Fix extraction of platform.tar.gz for firsttime (#11935) 2022-10-21 18:27:32 -07:00
Samuel Angebault
9cdd78788f
Add support for UpperlakeElite (#12280)
Signed-off-by: Samuel Angebault <staphylo@arista.com>

Signed-off-by: Samuel Angebault <staphylo@arista.com>
2022-10-21 18:26:43 -07:00
kellyyeh
f4046c1417
Add dhcp6relay dualtor option (#12459) 2022-10-21 10:33:10 -07:00
Ye Jianquan
d7b9c64757
Fix the issue that test plan can't be canceled by KVM dump stage (#12469)
Why I did it
Fix the issue that test plan can't be canceled by KVM dump stage

How I did it
Fix the issue that test plan can't be canceled by KVM dump stage
2022-10-22 01:04:17 +08:00
Mai Bui
66012b4a28
[bullseye] Update libswsscommon deps (#12463)
Signed-off-by: maipbui <maibui@microsoft.com>
#### Why I did it
When updating the container from Buster to Bullseye in azure pipelines in sonic-utilities repo, the build checker failed due to missing one of the dependencies in libswsscommon
```
+ sudo dpkg -i libswsscommon_1.0.0_amd64.deb
Selecting previously unselected package libswsscommon.
(Reading database ... 196324 files and directories currently installed.)
Preparing to unpack libswsscommon_1.0.0_amd64.deb ...
Unpacking libswsscommon (1.0.0) ...
dpkg: dependency problems prevent configuration of libswsscommon:
 libswsscommon depends on libboost-serialization1.71.0; however:
  Package libboost-serialization1.71.0 is not installed.

dpkg: error processing package libswsscommon (--install):
 dependency problems - leaving unconfigured
Processing triggers for libc-bin (2.31-13+deb11u4) ...
Errors were encountered while processing:
 libswsscommon
```
#### How I did it
Update the libboost-serialization dependency to a specific version that >= 1.71
#### How to verify it
Verified locally, build sonic-utilities successfully with this version
2022-10-21 10:09:28 -04:00
andywongarista
35874895f2
Fix sensord service install (#12376)
Why I did it
#4021 describes an issue that is still being observed on master image whereby sensord does not start in pmon due to missing service.

How I did it
Updated the lm-sensors install patch with a case for systemd

How to verify it
Verified that sensord is up in pmon after boot

Co-authored-by: Boyang Yu <byu@arista.com>
2022-10-21 14:25:24 +08:00
Lawrence Lee
37ad8befc1
[tunnel_pkt_handler]: Skip nonexistent intfs (#12424)
- Skip the interface status check if the interface does not exist. In the future, when the interface is created/comes up this check will be triggered again.

Signed-off-by: Lawrence Lee <lawlee@microsoft.com>
2022-10-20 09:29:57 -07:00
Samuel Angebault
cf20aea1c4
[Arista] Update platform driver library (#12450)
fix linecard provisioning issue (500 error)
fix some value types for get_system_eeprom_info API
refactor code to leverage pci topology (enabling dynamic Pcie plugin)
refactor asic declaration logic to new style
misc fixes
2022-10-20 23:15:48 +08:00
Zain Budhwani
e57cd472fb
Add YANG models for structured events (#12290)
Add YANG models for structured events and unit tests. YANG events include bgp, common, dhcp-relay, swss, syncd, and host.
2022-10-20 08:13:08 -07:00
Sudharsan Dhamal Gopalarathnam
2f490626a9
[FRR]Adding patch to fix enhanced capability turned on for interface (#12453)
Fixing issue FRRouting/frr#11108
For interface based peers with peer-groups, "no neighbor capability extended-nexthop" gets added by default. This will result in IPv4 routes not having ipv6 next hops.

- How I did it
Porting the commit FRRouting/frr@8e89adc to FRR 8.2.2 which fixes the issue

- How to verify it
Load FRR and verify if the "no neighbor capability extended-nexthop" not gets added for interfaces associated with peer-groups
2022-10-20 09:50:53 +03:00
Vivek
a68ce12dd6
[Mellanox] [SKU] Added Mellanox-SN4700-A96C8V8 SKU (#12347)
- Why I did it
A new SKU for MSN4700 Platform i.e. Mellanox-SN4700-V16A96

Requirements:

Breakout:
Port 1-24: 4x25G(4)[10G,1G]
Port 25-28: 2x100G[200G,50G,40G,25G,10G,1G]
Port 29-32: 2x200G[100G,50G,40G,25G,10G,1G]
Downlinks: 96 (1-24) + 4 (25-28)
Uplinks: 4 (29-32)
Shared Headroom: Enabled
Over Subscribe Ratio: 1:4
Default Topology: T0
Default Cable Length for T1: 5m
VxLAN source port range set: No
Static Policy Based Hashing Supported: No

Additional Details:
QoS params: The default ones defined in qos_config.j2 will be applied
Small Packet Percentage: Used 50% for traditional buffer model Note: For dynamic model, the value defined in LOSSLESS_TRAFFIC_PATTERN|AZURE|small_packet_percentage is used
SKU was drafted under the assumption that the downlink ports uses xcvr's that will only support the first 4 lanes of the physical port they are connected to. Hence for the ports 1-24, the last four lanes are not used
Cable Lengths used for generating buffer_defaults_{t0,t1}.j2 values

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
2022-10-20 09:50:07 +03:00
Dror Prital
5a9a25ee7d
[submodule] Advance sonic-platform-common pointer (#11965)
- Why I did it
Update sonic-platform-common submodule pointer to include the following:

Read CMIS data path state duration (#312)
Remove shell=True (#313)
[credo][ycable] remove mux-toggle inprogress flags for some API's (#311)
[Cdb fw upgrade (#308)
[Credo][Ycable] enhancement and error exception for some APIs (#303)
[ycable] add definitions of some new API's for Y-Cable infrastructure (#301)
Install libyang to azure pipeline (#310)
Update the return of update_firmware for the image not exist case (#306)
[CMIS] 'get_transceiver_info' should return 'None' when CMIS cable EEPROM is not ready (#305)
uplift code coverage 80% (#307)
[sonic-pcie] Add UT for pcie_common.py (#293)
[CMIS] Catch Exception to avoid CMIS code crash (#299)
[Credo][Ycable] fix incorrect uart statistics (#296)
Add PSU input voltage and input current (#295)

- How I did it
Advance sonic-platform-common pointer

Signed-off-by: dprital <drorp@nvidia.com>
2022-10-20 09:49:02 +03:00
Dror Prital
13111d949b
[submodule] Advance sonic-sairedis pointer (#12147)
- Why I did it
Update sonic-sairedis submodule pointer to include the following:

2585a1f [Support gearbox SAI_PORT_ATTR_PORT_SERDES_ID on vs (#1082)
fd9bc84 [SAI NAT aging notification (#987)
3fa8f34 [[doc]: Update README.md (#1122)
157e573 [[lgtm] Fix libyang missing in lgtm validation issue (#1135)
af80caa Add Voqs to Virtual Switch (#1061)
f9008ad [fastboot] fastboot enhancement: Use warm-boot infrastructure for fast-boot (#1100)

- How I did it
Advance sonic-sairedis pointer

Signed-off-by: dprital <drorp@nvidia.com>
2022-10-20 09:48:22 +03:00
Mariusz Stachura
bdebcffa5c
[Barefoot] Add xon_offset to pg_profile_lookup.ini (#12073)
- Why I did it
Barefoot uses hysteresis, instead of 'xon-threshold'. 'xon' is only
supported in static mode, so there is a need to add this attribute
to every mode in PG profile init file

- How I did it
'xon_offset' was added to pg_profile_lookup.ini

- How to verify it
Install and basic sanity tests including traffic.
Checked with:
pfcwd/test_pfc_config.py pfcwd/test_pfcwd_all_port_storm.py
pfcwd/test_pfcwd_function.py pfcwd/test_pfcwd_war_reboot.py
pfc_asym/test_pfc_asym.py

Signed-off-by: Mariusz Stachura <mariusz.stachura@intel.com>

Signed-off-by: Mariusz Stachura <mariusz.stachura@intel.com>
2022-10-20 14:01:30 +08:00
Liu Shilong
1dec49005b
[ci] Fix test job issue on checkout step (#12445) 2022-10-20 13:06:10 +08:00
Liu Shilong
357c1eaa1b
[action] Update automerge version, change log level and change auto cherry-pick branch name. (#12455) 2022-10-20 13:03:39 +08:00
Liu Shilong
010f9203f2
[submodule] Update sonic-mgmt-framework HEAD pointer. (#12434) 2022-10-20 13:00:40 +08:00
Zain Budhwani
7c5e4e2b87
Revert syslog change in dhcp_mon disparity (#12425)
Why I did it
Revert change in syslog such that it does not utilize c++ string

How I did it
Code change

How to verify it
Which release branch to backport (provide reason below if selected)
 201811
 201911
 202006
 202012
 202106
 202111
 202205
Description for the changelog
Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)
2022-10-20 10:23:11 +08:00
kellyyeh
041d50224e
Advance dhcprelay submodule head (#12214) 2022-10-19 14:18:43 -07:00
Mariusz Stachura
9f88d03c2b
[QoS] Support dynamic headroom calculation for Barefoot platforms (#11708)
Signed-off-by: Mariusz Stachura <mariusz.stachura@intel.com>

What I did
Adding the dynamic headroom calculation support for Barefoot platforms.

Why I did it
Enabling dynamic mode for barefoot case.

How I verified it
The community tests are adjusted and pass.
2022-10-19 09:36:56 -07:00
Mai Bui
6f67a3ac6a
[device/quanta] Mitigation for security vulnerability (#11867)
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [https://github.com/sonic-net/sonic-buildimage/pull/12065](https://github.com/sonic-net/sonic-buildimage/pull/12065)
#### Why I did it
`shell=True` is dangerous because this call will spawn the command using a shell process
`os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content.
#### How I did it
`os` - use with `subprocess`
Use `shell=False` with shell features
- redirection: [https://stackoverflow.com/questions/4965159/how-to-redirect-output-with-subprocess-in-python/6482200#6482200?newreg=53afb91b3ebd47c5930be627fcdf2930](https://stackoverflow.com/questions/4965159/how-to-redirect-output-with-subprocess-in-python/6482200#6482200?newreg=53afb91b3ebd47c5930be627fcdf2930)
- `|` operator: [https://docs.python.org/2/library/subprocess.html#replacing-shell-pipeline](https://docs.python.org/2/library/subprocess.html#replacing-shell-pipeline)
2022-10-19 10:05:36 -04:00
Ye Jianquan
ef0559c030
[TestbedV2]Migrate t0 and t1-lag to TestbedV2 (#12383)
co-authorized by: jianquanye@microsoft.com

Migrate the t0 and t1-lag test jobs in buildimage repo to TestbedV2.

Why I did it
Migrate the t0 and t1-lag test jobs in buildimage repo to TestbedV2.

How I did it
Migrate the t0 and t1-lag test jobs in buildimage repo to TestbedV2.
2022-10-19 13:33:17 +08:00
Ye Jianquan
2bf2e02719
Enable to cancel pipeline jobs during checkout code and tests (#12436)
co-authorized by: jianquanye@microsoft.com

Why I did it
Now, checkout code step and KVM test job can't be cancelled even though the whole build is cancelled.
That's because by using Azure Pipeline Conditions, we customized the running condition, and we need to react to the Cancel action explicitly by asserting 'succeeded'
https://learn.microsoft.com/en-us/azure/devops/pipelines/process/expressions?view=azure-devops#succeeded
https://learn.microsoft.com/en-us/azure/devops/pipelines/process/conditions?view=azure-devops&tabs=yaml#ive-got-a-conditional-step-that-runs-even-when-a-job-is-canceled-how-do-i-manage-to-cancel-all-jobs-at-once

How I did it
Assert 'succeeded' condition explicitly.

How to verify it
Verified by cancelling and rerunning the azure pipeline.
2022-10-19 12:26:50 +08:00
andywongarista
34b6cc0de2
[Arista] Fix content of platform.json for DCS-7050CX3-32S (#12082)
* Fix platform.json for 7050cx3

* Add platform_components.json

* Mark thermals as not controllable
2022-10-18 18:38:28 -07:00
vmittal-msft
cca17ce104
Updated config files to disable DLR_INIT capability (#12401) 2022-10-18 10:13:07 -07:00
Vivek
bc8ee7a105
[Mellanox] [SKU] Mellanox-SN4700-V48C32 SKU added (#12250)
A new SKU for MSN4700 Platform i.e. Mellanox-SN4700-V48C32

Requirements:
Breakout:
Port 1-24: 2x200G
Port 25-32: 4x100G
Downlinks: 48 (1-24)
Uplinks: 32 (25-32)
Shared Headroom: Enabled
Over Subscribe Ratio: 1:8
Default Topology: T1
Default Cable Length for T1: 300m
VxLAN source port range set: No
Static Policy Based Hashing Supported: No
Additional Details:
QoS params: The default ones defined in qos_config.j2 will be applied
Small Packet Percentage: Used 50% for traditional buffer model Note: For dynamic model, the value defined in LOSSLESS_TRAFFIC_PATTERN|AZURE|small_packet_percentage is used
Cable Lengths used for generating buffer_defaults_{t0,t1}.j2 values

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
2022-10-18 12:11:02 +03:00
Liu Shilong
05b1e06012
[action] Add debug info for automerge github action. (#12389) 2022-10-18 13:53:29 +08:00
Xin Wang
a07aaca831
[docker-sonic-mgmt] Cleanup and upgrade some packages (#12218)
Why I did it
The Dockerfile of docker-sonic-mgmt became a little bit messy over time. Some packages are also a little bit too old. It would be better to do some cleanup and upgrade some important packages.

How I did it
Updated the dockerfile template for building docker-sonic-mgmt.

How to verify it
Locally built the docker-sonic-mgmt image and used it to run some test scripts.

Description for the changelog:
The build-essential package contains gcc and make. It's unnecessary to install them again.
The python-is-python2 package is included in the python package for Ubuntu 20.04. It's unnecessary to install it again.
Sort the apt and pip packages by alphabetic order.
Cleanup get-pip.py after installation.
Cleanup the python-scapy deb package after installation.
Ensure that the python pip, setuptools and wheel packages are up to date.
Install pytest-ansible from pip instead of from source code.
While installing docker-ce-cli, it's unnecessary to install curl and software-properties-common again.
Merged some pip install steps into one step.
Upgrade ansible from 2.8.12 to 2.9.27 for env-python3.
Upgrade pytest to 7.1.3 for env-python3.
Add ncclient package to evn-python3.
2022-10-18 10:02:30 +08:00
vmittal-msft
dc2cc9d507
Updated BRCM SAI to version 7.1.10.4 (#12423) 2022-10-17 15:22:53 -07:00
cytsao1
9ef8464964
[pmon] Add smartmontools to pmon docker (#11837)
* Add smartmontools to pmon docker

* Set smartmontools to install version 7.2-1 in pmon to match host; clean up smartmontools build files

* Add comments on smartmontools version for both host and pmon
2022-10-17 13:26:31 -07:00
Sambath Kumar Balasubramanian
7ba1d25757
Add 36 port 100g sku for x86_64-arista_7800r3a_36d series of linecards. (#11813)
Add 36 port 100g sku for x86_64-arista_7800r3a_36d series of linecards.
2022-10-17 11:15:19 -07:00
Renuka Manavalan
a750930ba9
* 176c385 (HEAD, origin/master, origin/HEAD, master) Streaming events URL support "not to use cac (#12394)
he" (#45)
* 4f45e3a Update gnmi_cli (#5) (#44)
2022-10-17 09:01:38 -07:00
lixiaoyuner
51eac0b335
Add k8s master table yang model (#12331)
* Add k8s master table yang model

Signed-off-by: Yun Li <yunli1@microsoft.com>
2022-10-17 15:58:09 +08:00
pettershao-ragilenetworks
094646c6bc
[yang]Update port yang model, change MTU range to [68,9216] (#12223)
What I did
Filter port invalid MTU configuration

How I did it
Adjust the MTU value to the range of [68,9216]

How to verify it
Use "config interface mtu Ethernet1 40" command to configure the port MTU. The following error will occur in SWSS.
2022-10-17 08:02:31 +08:00
Ying Xie
e2ae965fdd
[FRR] import FRR patch: zebra: Note when the netlink DUMP command is interrupted (#12412)
Why I did it
There is an outstanding FRR issue #12380. This seems to be a known issue but without good fix so far. The root cause is around zebra and kernel netlink interaction. The failure was previously not noticed by zebra.

How I did it
Port the patch that would make the issue obvious.

Signed-off-by: Ying Xie ying.xie@microsoft.com
2022-10-16 09:37:45 -07:00
Prince Sunny
1f2ee7b729
add Restapi Yang model (#12379)
#### Why I did it

Reverting PR https://github.com/sonic-net/sonic-buildimage/pull/12374

Fix build issues

This PR fixed https://github.com/sonic-net/sonic-buildimage/issues/10548
2022-10-14 22:27:06 -07:00
Sudharsan Dhamal Gopalarathnam
629343e0b7
[Mellanox]Adding SKU Mellanox-SN2700-D44C10 (#12396)
#### Why I did it
To add new SKU Mellanox-SN2700-D44C10 with following requirements:

| Port configuration | Value |
| ------  |--------- |
 | Breakout mode for each port  |**Defined in port mapping** |
| Speed of the port |  **Defined in Port mapping** |
| Auto-negotiation enable/disable | **No setting required** |
| FEC mode | **No setting required** |
|Type of transceiver used | **Not needed**|

 Buffer configuration | Value
------  |---------
 Shared headroom | **Enabled**
 Shared headroom pool factor  |  **2**
 Dynamic Buffer | **Disable**
 In static buffer scenario how many uplinks and downlinks? | **44 x50G and 2x100G Downlinks 8x100G uplinks**
 2km cable support required? | **No**

Switch configuration | Value
------  |---------
 Warmboot enabled? | **yes**
 Should warmboot be added to SAI profile when enabled? | **yes**
 Is VxLAN source port range set? | **No**
 Should Vxlan source port range be added to SAI profile when set. | **No**
 Is Static Policy Based Hashing enabled? | **No**

Port Mapping

| Ports  | Mode      |
| ------  |--------- |
| 1,2      | 1x100G |
|  3-6    | 2x50G   | 
| 7-10   | 1x100G |
| 11-22 | 2x50G   |
| 23-26 | 1x100G | 
| 27-32 | 2x50G   |

Number of Uplinks / Downlinks:
TO topology: **44 x50G and 2x100G Downlinks 8x100G uplinks**.

#### How I did it
Defined the SKU as per requirements

#### How to verify it
Load the SKU and verify if all links come up and traffic passes.
2022-10-14 22:12:28 -07:00
Mai Bui
92d25be08f
[inventec] Replace os.system and remove subprocess with shell=True (#12108)
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [https://github.com/sonic-net/sonic-buildimage/pull/12065](https://github.com/sonic-net/sonic-buildimage/pull/12065)
#### Why I did it
1. `getstatusoutput` is used without a static string and it uses `shell=True`
2. `subprocess()` - when using with `shell=True` is dangerous. Using subprocess function without a static string can lead to command injection.
3. `os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content.
#### How I did it
1. use `getstatusoutput` without shell=True
2. `subprocess()` - use `shell=False` instead. use an array string. Ref: [https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation](https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation)
3. `os` - use with `subprocess`
2022-10-14 10:21:44 -04:00
Mai Bui
ea101a90d5
[device/delta] Mitigation for command injection vulnerability (#11865)
#### Why I did it
`os` execution functions are not secure against maliciously constructed input.
#### How I did it
Use `subprocess` module
2022-10-13 21:11:51 -07:00
Bohan Yang
fad4034000
Add 36 port 400g SKU for x86_64-arista_7800r3a_36d series of Linecards. (#11872)
Add 36 port 400g SKU for x86_64-arista_7800r3a_36d series of Linecards.
2022-10-13 20:36:44 -07:00
tjchadaga
0c68a43712
Add yang model definition for VOQ_INBAND_INTERFACE (#12306) 2022-10-13 10:18:53 -07:00
Praveen Chaudhary
56d2c81f26
[sonic-dhcp-server.yang]: yang model for dhcp_server table. (#12175)
changes:
  -- yang model for dhcp_server table.
  -- tests.

Why I did it
yang model for dhcp_server table.

How I did it

-- yang model for dhcp_server table.
-- yang model tests.

How to verify it

-- yang model build time tests.
2022-10-13 10:14:11 -07:00
Praveen Chaudhary
86fec08928
[sonic-mpls-tc-map.yang]: yang model for mpls_tc_to_tc_map table. (#12176)
changes:
  -- yang model for mpls_tc_to_tc_map table.
  -- tests.

#### Why I did it
yang model for mpls_tc_to_tc_map table.

#### How I did it
-- yang model for mpls_tc_to_tc_map table.
-- yang model tests.

#### How to verify it
-- yang model build time tests.
2022-10-13 10:12:35 -07:00
Ying Xie
bc684fef0b
[BGP] starting BGP service after swss (#12381)
Why I did it
BGP service has always been starting after interface-config. However, recently we discovered an issue where some BGP sessions are unable to establish due to BGP daemon not able to read the interface IP.

This issue was clearly observed after upgrading to FRR 8.2.2. See more details in #12380.

How I did it
Delaying starting BGP seems to be a workaround for this issue.

However, caution is that this delay might impact warm reboot timing and other timing sequences.

This workaround is reducing the probability of hitting the issue by close to 100X. However, this workaround is not bulletproof as test shows. It is still preferrable to have a proper FRR fix and revert this change in the future.

How to verify it
Continuously issuing config reload and check BGP session status afterwards.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-10-13 09:24:06 -07:00