Commit Graph

6862 Commits

Author SHA1 Message Date
Dror Prital
13111d949b
[submodule] Advance sonic-sairedis pointer (#12147)
- Why I did it
Update sonic-sairedis submodule pointer to include the following:

2585a1f [Support gearbox SAI_PORT_ATTR_PORT_SERDES_ID on vs (#1082)
fd9bc84 [SAI NAT aging notification (#987)
3fa8f34 [[doc]: Update README.md (#1122)
157e573 [[lgtm] Fix libyang missing in lgtm validation issue (#1135)
af80caa Add Voqs to Virtual Switch (#1061)
f9008ad [fastboot] fastboot enhancement: Use warm-boot infrastructure for fast-boot (#1100)

- How I did it
Advance sonic-sairedis pointer

Signed-off-by: dprital <drorp@nvidia.com>
2022-10-20 09:48:22 +03:00
Mariusz Stachura
bdebcffa5c
[Barefoot] Add xon_offset to pg_profile_lookup.ini (#12073)
- Why I did it
Barefoot uses hysteresis, instead of 'xon-threshold'. 'xon' is only
supported in static mode, so there is a need to add this attribute
to every mode in PG profile init file

- How I did it
'xon_offset' was added to pg_profile_lookup.ini

- How to verify it
Install and basic sanity tests including traffic.
Checked with:
pfcwd/test_pfc_config.py pfcwd/test_pfcwd_all_port_storm.py
pfcwd/test_pfcwd_function.py pfcwd/test_pfcwd_war_reboot.py
pfc_asym/test_pfc_asym.py

Signed-off-by: Mariusz Stachura <mariusz.stachura@intel.com>

Signed-off-by: Mariusz Stachura <mariusz.stachura@intel.com>
2022-10-20 14:01:30 +08:00
Liu Shilong
1dec49005b
[ci] Fix test job issue on checkout step (#12445) 2022-10-20 13:06:10 +08:00
Liu Shilong
357c1eaa1b
[action] Update automerge version, change log level and change auto cherry-pick branch name. (#12455) 2022-10-20 13:03:39 +08:00
Liu Shilong
010f9203f2
[submodule] Update sonic-mgmt-framework HEAD pointer. (#12434) 2022-10-20 13:00:40 +08:00
Zain Budhwani
7c5e4e2b87
Revert syslog change in dhcp_mon disparity (#12425)
Why I did it
Revert change in syslog such that it does not utilize c++ string

How I did it
Code change

How to verify it
Which release branch to backport (provide reason below if selected)
 201811
 201911
 202006
 202012
 202106
 202111
 202205
Description for the changelog
Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)
2022-10-20 10:23:11 +08:00
kellyyeh
041d50224e
Advance dhcprelay submodule head (#12214) 2022-10-19 14:18:43 -07:00
Mariusz Stachura
9f88d03c2b
[QoS] Support dynamic headroom calculation for Barefoot platforms (#11708)
Signed-off-by: Mariusz Stachura <mariusz.stachura@intel.com>

What I did
Adding the dynamic headroom calculation support for Barefoot platforms.

Why I did it
Enabling dynamic mode for barefoot case.

How I verified it
The community tests are adjusted and pass.
2022-10-19 09:36:56 -07:00
Mai Bui
6f67a3ac6a
[device/quanta] Mitigation for security vulnerability (#11867)
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [https://github.com/sonic-net/sonic-buildimage/pull/12065](https://github.com/sonic-net/sonic-buildimage/pull/12065)
#### Why I did it
`shell=True` is dangerous because this call will spawn the command using a shell process
`os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content.
#### How I did it
`os` - use with `subprocess`
Use `shell=False` with shell features
- redirection: [https://stackoverflow.com/questions/4965159/how-to-redirect-output-with-subprocess-in-python/6482200#6482200?newreg=53afb91b3ebd47c5930be627fcdf2930](https://stackoverflow.com/questions/4965159/how-to-redirect-output-with-subprocess-in-python/6482200#6482200?newreg=53afb91b3ebd47c5930be627fcdf2930)
- `|` operator: [https://docs.python.org/2/library/subprocess.html#replacing-shell-pipeline](https://docs.python.org/2/library/subprocess.html#replacing-shell-pipeline)
2022-10-19 10:05:36 -04:00
Ye Jianquan
ef0559c030
[TestbedV2]Migrate t0 and t1-lag to TestbedV2 (#12383)
co-authorized by: jianquanye@microsoft.com

Migrate the t0 and t1-lag test jobs in buildimage repo to TestbedV2.

Why I did it
Migrate the t0 and t1-lag test jobs in buildimage repo to TestbedV2.

How I did it
Migrate the t0 and t1-lag test jobs in buildimage repo to TestbedV2.
2022-10-19 13:33:17 +08:00
Ye Jianquan
2bf2e02719
Enable to cancel pipeline jobs during checkout code and tests (#12436)
co-authorized by: jianquanye@microsoft.com

Why I did it
Now, checkout code step and KVM test job can't be cancelled even though the whole build is cancelled.
That's because by using Azure Pipeline Conditions, we customized the running condition, and we need to react to the Cancel action explicitly by asserting 'succeeded'
https://learn.microsoft.com/en-us/azure/devops/pipelines/process/expressions?view=azure-devops#succeeded
https://learn.microsoft.com/en-us/azure/devops/pipelines/process/conditions?view=azure-devops&tabs=yaml#ive-got-a-conditional-step-that-runs-even-when-a-job-is-canceled-how-do-i-manage-to-cancel-all-jobs-at-once

How I did it
Assert 'succeeded' condition explicitly.

How to verify it
Verified by cancelling and rerunning the azure pipeline.
2022-10-19 12:26:50 +08:00
andywongarista
34b6cc0de2
[Arista] Fix content of platform.json for DCS-7050CX3-32S (#12082)
* Fix platform.json for 7050cx3

* Add platform_components.json

* Mark thermals as not controllable
2022-10-18 18:38:28 -07:00
vmittal-msft
cca17ce104
Updated config files to disable DLR_INIT capability (#12401) 2022-10-18 10:13:07 -07:00
Vivek
bc8ee7a105
[Mellanox] [SKU] Mellanox-SN4700-V48C32 SKU added (#12250)
A new SKU for MSN4700 Platform i.e. Mellanox-SN4700-V48C32

Requirements:
Breakout:
Port 1-24: 2x200G
Port 25-32: 4x100G
Downlinks: 48 (1-24)
Uplinks: 32 (25-32)
Shared Headroom: Enabled
Over Subscribe Ratio: 1:8
Default Topology: T1
Default Cable Length for T1: 300m
VxLAN source port range set: No
Static Policy Based Hashing Supported: No
Additional Details:
QoS params: The default ones defined in qos_config.j2 will be applied
Small Packet Percentage: Used 50% for traditional buffer model Note: For dynamic model, the value defined in LOSSLESS_TRAFFIC_PATTERN|AZURE|small_packet_percentage is used
Cable Lengths used for generating buffer_defaults_{t0,t1}.j2 values

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
2022-10-18 12:11:02 +03:00
Liu Shilong
05b1e06012
[action] Add debug info for automerge github action. (#12389) 2022-10-18 13:53:29 +08:00
Xin Wang
a07aaca831
[docker-sonic-mgmt] Cleanup and upgrade some packages (#12218)
Why I did it
The Dockerfile of docker-sonic-mgmt became a little bit messy over time. Some packages are also a little bit too old. It would be better to do some cleanup and upgrade some important packages.

How I did it
Updated the dockerfile template for building docker-sonic-mgmt.

How to verify it
Locally built the docker-sonic-mgmt image and used it to run some test scripts.

Description for the changelog:
The build-essential package contains gcc and make. It's unnecessary to install them again.
The python-is-python2 package is included in the python package for Ubuntu 20.04. It's unnecessary to install it again.
Sort the apt and pip packages by alphabetic order.
Cleanup get-pip.py after installation.
Cleanup the python-scapy deb package after installation.
Ensure that the python pip, setuptools and wheel packages are up to date.
Install pytest-ansible from pip instead of from source code.
While installing docker-ce-cli, it's unnecessary to install curl and software-properties-common again.
Merged some pip install steps into one step.
Upgrade ansible from 2.8.12 to 2.9.27 for env-python3.
Upgrade pytest to 7.1.3 for env-python3.
Add ncclient package to evn-python3.
2022-10-18 10:02:30 +08:00
vmittal-msft
dc2cc9d507
Updated BRCM SAI to version 7.1.10.4 (#12423) 2022-10-17 15:22:53 -07:00
cytsao1
9ef8464964
[pmon] Add smartmontools to pmon docker (#11837)
* Add smartmontools to pmon docker

* Set smartmontools to install version 7.2-1 in pmon to match host; clean up smartmontools build files

* Add comments on smartmontools version for both host and pmon
2022-10-17 13:26:31 -07:00
Sambath Kumar Balasubramanian
7ba1d25757
Add 36 port 100g sku for x86_64-arista_7800r3a_36d series of linecards. (#11813)
Add 36 port 100g sku for x86_64-arista_7800r3a_36d series of linecards.
2022-10-17 11:15:19 -07:00
Renuka Manavalan
a750930ba9
* 176c385 (HEAD, origin/master, origin/HEAD, master) Streaming events URL support "not to use cac (#12394)
he" (#45)
* 4f45e3a Update gnmi_cli (#5) (#44)
2022-10-17 09:01:38 -07:00
lixiaoyuner
51eac0b335
Add k8s master table yang model (#12331)
* Add k8s master table yang model

Signed-off-by: Yun Li <yunli1@microsoft.com>
2022-10-17 15:58:09 +08:00
pettershao-ragilenetworks
094646c6bc
[yang]Update port yang model, change MTU range to [68,9216] (#12223)
What I did
Filter port invalid MTU configuration

How I did it
Adjust the MTU value to the range of [68,9216]

How to verify it
Use "config interface mtu Ethernet1 40" command to configure the port MTU. The following error will occur in SWSS.
2022-10-17 08:02:31 +08:00
Ying Xie
e2ae965fdd
[FRR] import FRR patch: zebra: Note when the netlink DUMP command is interrupted (#12412)
Why I did it
There is an outstanding FRR issue #12380. This seems to be a known issue but without good fix so far. The root cause is around zebra and kernel netlink interaction. The failure was previously not noticed by zebra.

How I did it
Port the patch that would make the issue obvious.

Signed-off-by: Ying Xie ying.xie@microsoft.com
2022-10-16 09:37:45 -07:00
Prince Sunny
1f2ee7b729
add Restapi Yang model (#12379)
#### Why I did it

Reverting PR https://github.com/sonic-net/sonic-buildimage/pull/12374

Fix build issues

This PR fixed https://github.com/sonic-net/sonic-buildimage/issues/10548
2022-10-14 22:27:06 -07:00
Sudharsan Dhamal Gopalarathnam
629343e0b7
[Mellanox]Adding SKU Mellanox-SN2700-D44C10 (#12396)
#### Why I did it
To add new SKU Mellanox-SN2700-D44C10 with following requirements:

| Port configuration | Value |
| ------  |--------- |
 | Breakout mode for each port  |**Defined in port mapping** |
| Speed of the port |  **Defined in Port mapping** |
| Auto-negotiation enable/disable | **No setting required** |
| FEC mode | **No setting required** |
|Type of transceiver used | **Not needed**|

 Buffer configuration | Value
------  |---------
 Shared headroom | **Enabled**
 Shared headroom pool factor  |  **2**
 Dynamic Buffer | **Disable**
 In static buffer scenario how many uplinks and downlinks? | **44 x50G and 2x100G Downlinks 8x100G uplinks**
 2km cable support required? | **No**

Switch configuration | Value
------  |---------
 Warmboot enabled? | **yes**
 Should warmboot be added to SAI profile when enabled? | **yes**
 Is VxLAN source port range set? | **No**
 Should Vxlan source port range be added to SAI profile when set. | **No**
 Is Static Policy Based Hashing enabled? | **No**

Port Mapping

| Ports  | Mode      |
| ------  |--------- |
| 1,2      | 1x100G |
|  3-6    | 2x50G   | 
| 7-10   | 1x100G |
| 11-22 | 2x50G   |
| 23-26 | 1x100G | 
| 27-32 | 2x50G   |

Number of Uplinks / Downlinks:
TO topology: **44 x50G and 2x100G Downlinks 8x100G uplinks**.

#### How I did it
Defined the SKU as per requirements

#### How to verify it
Load the SKU and verify if all links come up and traffic passes.
2022-10-14 22:12:28 -07:00
Mai Bui
92d25be08f
[inventec] Replace os.system and remove subprocess with shell=True (#12108)
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [https://github.com/sonic-net/sonic-buildimage/pull/12065](https://github.com/sonic-net/sonic-buildimage/pull/12065)
#### Why I did it
1. `getstatusoutput` is used without a static string and it uses `shell=True`
2. `subprocess()` - when using with `shell=True` is dangerous. Using subprocess function without a static string can lead to command injection.
3. `os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content.
#### How I did it
1. use `getstatusoutput` without shell=True
2. `subprocess()` - use `shell=False` instead. use an array string. Ref: [https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation](https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation)
3. `os` - use with `subprocess`
2022-10-14 10:21:44 -04:00
Mai Bui
ea101a90d5
[device/delta] Mitigation for command injection vulnerability (#11865)
#### Why I did it
`os` execution functions are not secure against maliciously constructed input.
#### How I did it
Use `subprocess` module
2022-10-13 21:11:51 -07:00
Bohan Yang
fad4034000
Add 36 port 400g SKU for x86_64-arista_7800r3a_36d series of Linecards. (#11872)
Add 36 port 400g SKU for x86_64-arista_7800r3a_36d series of Linecards.
2022-10-13 20:36:44 -07:00
tjchadaga
0c68a43712
Add yang model definition for VOQ_INBAND_INTERFACE (#12306) 2022-10-13 10:18:53 -07:00
Praveen Chaudhary
56d2c81f26
[sonic-dhcp-server.yang]: yang model for dhcp_server table. (#12175)
changes:
  -- yang model for dhcp_server table.
  -- tests.

Why I did it
yang model for dhcp_server table.

How I did it

-- yang model for dhcp_server table.
-- yang model tests.

How to verify it

-- yang model build time tests.
2022-10-13 10:14:11 -07:00
Praveen Chaudhary
86fec08928
[sonic-mpls-tc-map.yang]: yang model for mpls_tc_to_tc_map table. (#12176)
changes:
  -- yang model for mpls_tc_to_tc_map table.
  -- tests.

#### Why I did it
yang model for mpls_tc_to_tc_map table.

#### How I did it
-- yang model for mpls_tc_to_tc_map table.
-- yang model tests.

#### How to verify it
-- yang model build time tests.
2022-10-13 10:12:35 -07:00
Ying Xie
bc684fef0b
[BGP] starting BGP service after swss (#12381)
Why I did it
BGP service has always been starting after interface-config. However, recently we discovered an issue where some BGP sessions are unable to establish due to BGP daemon not able to read the interface IP.

This issue was clearly observed after upgrading to FRR 8.2.2. See more details in #12380.

How I did it
Delaying starting BGP seems to be a workaround for this issue.

However, caution is that this delay might impact warm reboot timing and other timing sequences.

This workaround is reducing the probability of hitting the issue by close to 100X. However, this workaround is not bulletproof as test shows. It is still preferrable to have a proper FRR fix and revert this change in the future.

How to verify it
Continuously issuing config reload and check BGP session status afterwards.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2022-10-13 09:24:06 -07:00
Kalimuthu-Velappan
50b77a5d44
Fixes the exit status of slave build. (#12369)
This PR fixes the issue reported in PR#12367
https://github.com/sonic-net/sonic-buildimage/pull/12367

The issue is that exit code always being 0 for the builds that are failed.

Fix is added in the Makefile.work to return the error code
when the slave build is failed with an error.
2022-10-13 22:59:09 +08:00
Saikrishna Arcot
7087763af4
Revert "[Yang model] add Restapi yang file (#12287)" (#12374)
This is causing a build failure for all builds. The PR build was incorrectly marked as passing due to a different build issue.

libyang[0]: Regular expression "(/[a-zA-Z0-9_-.]+)*/([a-zA-Z0-9_-.]+)./[a-z]{3}" is not valid (".]+)*/([a-zA-Z0-9_-.]+)./[a-z]{3})$": range out of order in character class).
libyang[0]: Module "sonic-restapi" parsing failed.
ERROR:YANG-TEST: Exception >Module "sonic-restapi" parsing failed.< in /sonic/src/sonic-yang-models/tests/yang_model_tests/test_yang_model.py:114
ERROR:YANG-TEST: Exception >Module "sonic-restapi" parsing failed.< in /sonic/src/sonic-yang-models/tests/yang_model_test

This reverts commit e1765121b2.
2022-10-12 08:44:50 -07:00
Vivek
34f9a642dd
[DHCP_RELAY] Updated wait_for_intf.sh to wait for ipv6 global and link local addr (#12273)
- Why I did it
Fixes #11431

- How I did it
dhcp6relay binds to ipv6 addresses configured on these vlan interfaces
Thus check if they are ready before launching dhcp6relay

- How to verify it
Unit Tests
Tested on a live device

Signed-off-by: Vivek Reddy Karri <vkarri@nvidia.com>
2022-10-12 11:46:20 +03:00
Hua Liu
257cc96d7c
Remove swsssdk from sonic OS image and docker container image (#12323)
Remove swsssdk from sonic OS image and docker image

#### Why I did it
swsssdk is deprecated, so need remove from image.

#### How I did it
Update config file to remove swsssdk from image.

#### How to verify it
Pass all test case.

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
- [ ] 202111
- [ ] 202205

#### Description for the changelog
Remove swsssdk from sonic OS image and docker image

#### Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.

#### Link to config_db schema for YANG module changes
<!--
Provide a link to config_db schema for the table for which YANG model
is defined
Link should point to correct section on https://github.com/Azure/sonic-buildimage/blob/master/src/sonic-yang-models/doc/Configuration.md
-->

#### A picture of a cute animal (not mandatory but encouraged)
2022-10-12 13:04:14 +08:00
Renuka Manavalan
aee1466a83
sonic-swss-common submodule update (#12356)
| * cb707b7 fixed nokia platform m0 asic mismatch (fixed nokia platform m0 asic mismatch #12148)
| * c75dfe8 [build] Fix dpkg front lock issue with apt-get ([build] Fix dpkg front lock issue caused by apt-get install #12332)
| * 247bd78 [action] Fix PR pre-cherry-pick action wrong author issue. ([action] Fix PR pre-cherry-pick action wrong author issue. #12339)
| * fc99265 [Nokia] Update the nokia platform submodule for Nokia-IXR7250E platform ([Nokia] Update the nokia platform submodule for Nokia-IXR7250E platform #12305)
| * 9d37b63 [Nokia] Update Nokia platform IXR7250E device data ([Nokia] Update Nokia platform IXR7250E device data #11611)
| * 304c6c8 [BFN] Reworked BFN platform thermals plugin ([BFN] Reworked BFN platform thermals plugin #11723)
| * df93a1b [Build][Bug] Fix apt-get remove version not lock issue ([Build][Bug] Fix apt-get remove version not locked issue #12193)
| * 9b2b8e3 Add gearbox taps to vs gearbox_config.json (Add gearbox taps to vs gearbox_config.json #11480)
2022-10-11 20:35:42 -07:00
Prince Sunny
e1765121b2
[Yang model] add Restapi yang file (#12287)
* add Restapi Yang model
2022-10-11 10:53:52 -07:00
Mai Bui
f1826586b0
Replace eval (#12103)
Signed-off-by: maipbui <maibui@microsoft.com>
#### Why I did it
`eval()` - not secure against maliciously constructed input, can be dangerous if used to evaluate dynamic content. This may be a code injection vulnerability.
#### How I did it
`eval()` - use `literal_eval()`
2022-10-11 10:17:09 -04:00
henry huang
cb707b7969
fixed nokia platform m0 asic mismatch (#12148)
changed the platform device name under nokia directory; we now need to specify marvell armhf/arm64 to provide more accurate platform identity. otherwise onie discovery won't recognize the asic being installed.

Why I did it
when we load images using onie discovery, the process was failing because of marvell ASIC mismatch

How I did it
replace the platform asic with marvell-armhf under 7215

How to verify it
load a new image using http server and verify that the image can be loaded successfully
2022-10-11 15:04:07 +08:00
Liu Shilong
c75dfe84ed
[build] Fix dpkg front lock issue with apt-get (#12332) 2022-10-11 11:00:51 +08:00
Liu Shilong
247bd78da3
[action] Fix PR pre-cherry-pick action wrong author issue. (#12339) 2022-10-11 09:56:48 +08:00
Marty Y. Lok
fc99265fd2
[Nokia] Update the nokia platform submodule for Nokia-IXR7250E platform (#12305)
Signed-off-by: mlok <marty.lok@nokia.com>
2022-10-10 18:49:51 -07:00
Marty Y. Lok
9d37b63824
[Nokia] Update Nokia platform IXR7250E device data (#11611)
Signed-off-by: mlok <marty.lok@nokia.com>
2022-10-10 18:49:26 -07:00
Andriy Kokhan
304c6c80c4
[BFN] Reworked BFN platform thermals plugin (#11723)
* [BFN] Updated platform.json for wedge100bf_65x

Signed-off-by: Andriy Kokhan <andriyx.kokhan@intel.com>

* Reworked BFN platform thermal logic

* Implemented PSU thermal APIs

* Updated platform.json for accton_wedge100bf_32x

Signed-off-by: Andriy Kokhan <andriyx.kokhan@intel.com>

* Updated BFN platform plugins initialization flow

Signed-off-by: Andriy Kokhan <andriyx.kokhan@intel.com>

Signed-off-by: Andriy Kokhan <andriyx.kokhan@intel.com>
2022-10-11 09:12:28 +08:00
xumia
df93a1be54
[Build][Bug] Fix apt-get remove version not lock issue (#12193)
Why I did it
Fix apt-get remove/purge version not locked issue when the apt-get options not specified.

How I did it
Add a space character before and after the command line parameters.
2022-10-11 07:59:14 +08:00
byu343
9b2b8e3e86
Add gearbox taps to vs gearbox_config.json (#11480)
Why I did it
For the change to support gearbox taps by gearbox_config.json (sonic-net/sonic-swss#2158), I need to add tests to sonic-swss/tests/test_gearbox.py to satisfy the test coverage of the change. The existing code in test_gearbox.py has already used brcm_gearbox_vs and here is to add some gearbox tap value to its gearbox_config.json, for the added tests in sonic-swss/tests/test_gearbox.py.

How I did it
How to verify it
This change itself will not affect existing code.
2022-10-10 13:35:06 -07:00
Mai Bui
94c998965c
[broadcom] Replace popen function (#12106)
Signed-off-by: maipbui <maibui@microsoft.com>
#### Why I did it
`os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content.
#### How I did it
`os` - use with `subprocess`
#### How to verify it
2022-10-10 10:12:26 -04:00
Liu Shilong
09d4d3e6e7
[action] Fix trigger issue in PR pre-cherry-pick action. (#12333) 2022-10-10 17:11:31 +08:00
Liu Shilong
019e0acd51
[actions] Add auto cherry-pick actions to release branch (#11496)
* [actions] Add github actions to auto cherry-pick prs to release branches

* Add README, fix workflow
2022-10-10 16:55:00 +08:00