Why I did it
[FIPS] Upgrade Open-SymCrypt version to 0.6
Improve the SymCrypt performance
Support to download the debug packages from storage account in version 0.6.
How I did it
Upgrade to symcrypt-openssl from version 0.4 to version 0.6
Changes in https://github.com/sonic-net/sonic-fips:
0c29b23 Upgrade the submodules: SymCrypt and SymCrypt-OpenSSL #40
80022f3 Fix the ARM64 build failure
2e76a3d Disable the unsupported tests
Other changes will be added as well:
55b8e0a Merge pull request #35 from xumia/change-license
120c1a7 Upgrade SymCrypt and SymCrypt-OpenSSL
2f9c084 Merge pull request #39 from liuh-80/dev/liuh/update-openssh-version
a3be6c5 Revert openssh version
e02fa1e Update fips version
How to verify it
backport of #12946
- Why I did it
There's a slowdown in bootup related to the execution of a show command during startup of swss service. show is a pretty heavy command and takes long time to execute ~2 sec.
- How I did it
I replaced show with sonic-db-cli which takes a ms to run.
- How to verify it
Boot the switch and verify swss is active.
Signed-off-by: Stepan Blyschak <stepanb@nvidia.com>
d0e1ccf - [syseeprom] Remove the trailing space in the value of VENDOR_EXT field in the eepromTlvInfo decode (Add Ingrasys S9100 platform submodule #333) (8 minutes ago)
b662bf1 - add SOP ROC in bulk status (Add default dhcp_relay.yml file to OneImage build #341) (17 minutes ago)
cdc887c - Don't read AUX_MON_TYPE if memory model is flat ([kernel]: update linux kernel to support z9100 #339) (17 minutes ago)
2236776 - Fix TODO comment ([boardcom]: update saibcm to 2.1.3.1-3 #336) (18 minutes ago)
56397d2 - Removing null characters while decoding from syseeprom ([Makefile]: Automatically rebuild sonic-slave #338) (18 minutes ago)
4651bb0 - [Ci] Upgrade to bullseye and fix the branch reference issue ([platform]: add z9100 platform modules #331) (18 minutes ago)
caed733 - Add get_transceiver_status and get_transceiver_pm to API interface (configurations are re-generated across reboots #315) (19 minutes ago)
75d7664 - Use github code scanning instead of LGTM ([platform]: add port_config.ini for dell z9100 #328) (4 weeks ago)
94595a8 - Add warning/critical thresholds for PSU power (Combine alias_map.json with port_config.ini #304) (6 weeks ago)
The main issue is the pip/pip3 command cannot be found when the package is being installed by apt-get.
When using the dpkg install, the searching path is PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
When using the apt-get install, the searching path is PATH=/usr/sbin:/usr/bin:/sbin:/bin
But the pip/pip3 default path is at /usr/local/bin, so dpkg works, but apt-get not work.
How I did it
Export the path /usr/local/bin for pip/pip3.
Make the deb packages can be installed by apt-get.
4a2ef996 Avoid printing message in error level when DEVICE_METADATA|localhost updates (25)
6c131c42 Use github code scanning instead of LGTM(26)
c55f5d18 Use github code scanning instead of LGTM
Signed-off-by: Stephen Sun <stephens@nvidia.com>
Why I did it
Cherry pick from #13097
[Build] Support Debian snapshot mirror to improve build stability
It is to enhance the reproducible build, supports the Debian snapshot mirror. It guarantees all the docker images using the same Debian mirror snapshot and fixes the temporary build failure which is caused by remote Debain mirror indexes changed during the build. It is also to fix the version conflict issue caused by no fixed versions of some of the Debian packages.
How I did it
Add a new feature to support the Debian snapshot mirror.
How to verify it
advance sonic-utilities submodule for 202211 branch
34428157 - (HEAD, origin/202211) Revert "Optimize the execution time of the 'show techsupport' script to 5-10%, (Qos config change #2504)" (6 days ago) [stormliang]
c3bd01f6 - Revert "[generate_dump] Optimize the execution time of 'show techsupport' CLI by parallel function execution ([201811][Devices] Add new device CIG CS6436-56P #2512)" (6 days ago) [stormliang]
5a326d8b - [Mellanox] Change severity to NOTICE in Mellanox buffer migrator when unable to fetch DEVICE_METADATA due to empty CONFIG_DB during initialization ([warm boot] cherry-pick PR #2538 and advance related sub-modules in 201811 branch #2569) (2 weeks ago) [Stephen Sun]
50b36ef3 - Fix issue: unconfigured PGs are displayed in watermarkstat ([docker-lldp]: fix several issues in lldpd docker #2556) (2 weeks ago) [Stephen Sun]
a9fd2a79 - [Command Ref] Add doc for syslog rate limit ([sub module] move sairedis and swss to 201811 branch #2508) (2 weeks ago) [Junchao-Mellanox]
80546ff3 - [generate_dump] Optimize the execution time of 'show techsupport' CLI by parallel function execution ([201811][Devices] Add new device CIG CS6436-56P #2512) (2 weeks ago) [Vadym Hlushko]
6649ca8a - [timer.unit.j2] use wanted-by in timer unit ([201803] [services] Restart SwSS service upon unexpected critical process exit #2546) (2 weeks ago) [Stepan Blyshchak]
dd23d0ef - Fixes [Sub-If|VRF] Unbind sub-interface from VRF is failed #12170: Delete subinterface and recreate the subinterface in ([VLAN] "show mac" doesn't work when interface added to vlan as tagged member #2513) (2 weeks ago) [Preetham]
236749d3 - [db_migrator] Fix migration of Loopback data: handle all Loopback interfaces (DellEMC S6000 xcvrd support #2560) (2 weeks ago) [Vaibhav Hemant Dixit]
5762d814 - Optimize the execution time of the 'show techsupport' script to 5-10%, (Qos config change #2504) (2 weeks ago) [Vadym Hlushko]
d3c3e368 - [muxcable][show] update show mux tunnel-route to separate ASIC and kernel into two columns (build errors on branch 201811 for centec platform #2553) (2 weeks ago) [Jing Zhang]
c98648a1 - [show]Fix show route return code on error (Dell SMF driver hwmon number reorder fix for Dell S6100/Z9100 #2542) (2 weeks ago) [Sudharsan Dhamal Gopalarathnam]
01374673 - [route_check]: Ignore ASIC only SOC IPs (Added new SN3700/SN3700C Mellanox platforms #2548) (2 weeks ago) [Lawrence Lee]
d2967805 - YANG Validation for ConfigDB Updates: WARM_RESTART, SFLOW_SESSION, SFLOW, VXLAN_TUNNEL, VXLAN_EVPN_NVO, VXLAN_TUNNEL_MAP, MGMT_VRF_CONFIG, CABLE_LENGTH, VRF tables ([submodule 201811] advance sairedis and swss submodule for 201811 branch #2526) (2 weeks ago) [isabelmsft]
88b01ffd - [db_migrator] Remove import of swsssdk as it is not supported in master ([build]: apply proxy setting to curl. #2544) (2 weeks ago) [Vaibhav Hemant Dixit]
4ae970c6 - Support syslog rate limit configuration for containers and host (Move FRR from 4.0 to 6.0.2 and make new frr version and pkg compile #2454) (2 weeks ago) [Junchao-Mellanox]
608ed147 - [generate_dump] [Mellanox] Fix the duplicate dfw dump collection problem by adding symlinks ('show vlan config' is not displaying the VLAN members, after the clear config and reload with default l2 configuration. #2536) (2 weeks ago) [Vivek]
bdc2599f - [config] Add check in config interface ip command to block if the interface is portchannel member ([sub module] advance sonic-swss sub module #2539) (2 weeks ago) [Sudharsan Dhamal Gopalarathnam]
cff4fed5 - [system-health] Improve code structure of system health CLIs ([sub-module] advance sonic-swss sub-module #2453) (2 weeks ago) [Junchao-Mellanox]
488e5714 - Transceiver eeprom dom CLI modification to show output from TRANSCEIVER_DOM_THRESHOLD table (Fix for KeyError: 'DEVICE_NEIGHBOR' when executing 'show interfaces neighbor expected' command #2535) (2 weeks ago) [mihirpat1]
07ca5def - sonic-utilities: Update config reload() to verify formatting of an input file ([ntp]: Do not disable reader for error ENOBUFS #2529) (2 weeks ago) [Caitlin Choate]
f0f083a2 - [GCU] Add RemoveCreateOnlyDependency Validator/Generator (Enabling Fast-reboot command in s6100 loaded with T0 topo getting Failed unmounting /host error #2500) (2 weeks ago) [jingwenxie]
eca0253c - [QoS] Introduce delay to the qos reload flow (Config reload/load_minigraph not clearing State DB #2503) (2 weeks ago) [DavidZagury]
35158ee0 - Use github code scanning instead of LGTM ([sub module] sub module sonic-swss-common tracking 201811 branch #2530) (2 weeks ago) [Liu Shilong]
682b5cee - Change show kube command default value of insecure key to True ([submodule] update sonic-snmpagent #2517) (2 weeks ago) [lixiaoyuner]
ce19e631 - Add db_migrator_constants.py script to setup.py (Add device data for Arista 7060PX/DX4-32 #2534) (2 weeks ago) [Vaibhav Hemant Dixit]
0d0c2693 - [drop counters] Fix CLI script for unconfigured PGs ([config] Do not fail for minigraphs which do not have neighbors listed in <Devices> section #2518) (2 weeks ago) [Lior Avramov]
2c69d0fd - Update vrf add, del commands for duplicate/non-existing VRFs (solve package build dependency issue #2467) (2 weeks ago) [Muhammad Danish]
efc09280 - Port 202012 DB migration changes to newer branches ([vs]: Force10-S6000 buffer settings for virtual switch #2515) (2 weeks ago) [Vaibhav Hemant Dixit]
70a15aaa - [VXLAN]Fixing traceback in show remotemac when mac moves during command execution ([build] When generating image version, handle case where current commit has no reachable tags #2506) (2 weeks ago) [Sudharsan Dhamal Gopalarathnam]
Why I did it
sonic_host_services depends on deepdiff.
But latest deepdiff version has error.
How I did it
pin deepdiff to previous version.
How to verify it
Why I did it
Provide a Fan driver framework that complies with s3ip sysfs specification
How I did it
1、 The framework module provides register and unregister interface and implementation.
2、 The framework will help you create the sysfs node
How to verify it
A demo driver base on this framework will display the sysfs node wich conform to the s3ip sysfs specification
Co-authored-by: tianshangfei <31125751+tianshangfei@users.noreply.github.com>
Why I did it
Add two platform that support s3IP framework
How I did it
Add two platforms supporting S3IP SYSFS (TCS8400, TCS9400)
How to verify it
Manual test
Co-authored-by: tianshangfei <31125751+tianshangfei@users.noreply.github.com>
Why I did it
To keep 'Request for xxx branch' label when finished auto-cherry-pick.
How I did it
Change logic in post cherry pick action.
How to verify it
Why I did it
advance sonic-platform-daemons submodule for 202211 branch
a35b57d - (HEAD, origin/202211) Remove TODO comments which are no longer needed (Support centec platform #325) (3 days ago) [Junchao-Mellanox]
3a3726b - [thermalctld] fix some redundant removal of state DB tables (configurations are re-generated across reboots #315) (3 days ago) [vdahiya12]
c5afac0 - Add new fields to status/dom_sensor/pm tables in STATE_DB for CMIS/C-CMIS (Combine alias_map.json with port_config.ini #304) (3 days ago) [longhuan-cisco]
1a338d4 - Create TRANSCEIVER_DOM_THRESHOLD table in state DB (Fix the reference in docker-snmp-sv2 to deprecated alias_map.json #320) (3 days ago) [mihirpat1]
7c77907 - Remove the argument that is causing the xcvrd to crash (ingrasys-s9100: Add ingrasys switch s9100 #318) (3 days ago) [Vivek]
5a70e7f - [ycabled] fix minor appl_db retrieving logic for update (dockers/docker-snmp-sv2/config.sh still references deprecated alias_map.json file #319) (3 days ago) [vdahiya12]
b669533 - Use github code scanning instead of LGTM (Consolidate device-specific files; install as a Debian package #316) (3 days ago) [Liu Shilong]
d3c6739 - Pass grid parameter while calling set_laser_freq ([swss]: update sonic-swss to fix buffer configuration on mlnx platform #317) (3 days ago) [mihirpat1]
778f843 - [PSU daemon] Support PSU power threshold checking (Add get_graph service to fetch minigraph automatically #288) (9 days ago) [Stephen Sun]
707a720 - [chassisd] update chassisd to write fabric and lc asics on sep erate table (ingrasys-s9100: Add ingrasys switch s9100 #311) (8 weeks ago) [arlakshm]
e8c5657 - [ycabled] fix exception-handling logic for ycabled (Move sysDescription to /etc/snmp #306) (8 weeks ago) [vdahiya12]
905874d - [ycabled] move swsscommon API's from subroutines to call them exactly once per task_worker/thread (Disable BCM54616S MII isolate mode #303) (9 weeks ago) [vdahiya12]
510d330 - Fix typo in xcvrd ([platform] Add support configurations files for DCS-7060CX-32S #313) (9 weeks ago) [Junchao-Mellanox]
9ae551f - [ycabled] add support for detach mode in 'active-active' topology (minigraph.py crashed when no png is in the minigraph #309) (2 months ago) [vdahiya12]
How I did it
How to verify it
#### Why I did it
Timestamp formatter inside UT was failing due to new year change
#### How I did it
Use a const stored year that will used as expected value
#### How to verify it
Run UT
The display of azure pipeline is not specific now, such as when the step Run test fails, the display of itself shows successful, but the display of step Kvmdump shows fails, but actually, the step Kvmdump doesn't fail. I improve the display of azure pipeline in this pr, each step has its own success or failure, and is shown in azure pipeline.
Why I did it
The display of azure pipeline is not specific now, such as when the step Run test fails, the display of itself shows successful, but the display of step Kvmdump shows fails, but actually, the step Kvmdump doesn't fail. I improve the display of azure pipeline in this pr, each step has its own success or failure, and is shown in azure pipeline.
How I did it
Each step has its own signature of success or failure.
Using the chain of responsibility pattern to manage all status.
Modify the expected-state in each step.
Why I did it
why
In order to apply different config across different platform, and use the code with a unified format, reuse syncd init script to init saiserver.
How I did it
how
Reuse syncd init script
How to verify it
Test
Test in DUT s6000 and dx010 with sonic 202205
Why I did it
advance sonic-platform-common submodule for 202211 branch
75d7664 - (HEAD, origin/202211) Use github code scanning instead of LGTM ([platform]: add port_config.ini for dell z9100 #328) (4 hours ago) [Liu Shilong]
How I did it
How to verify it
Why I did it
Currently sonic-slave-* tag is confusing. Set correct tag on sonic-slave-* image.
Fix job name to fit the build.
How I did it
build amd image in amd64:
sonic-slave-bullseye:cfe29bff67c
sonic-slave-bullseye:latest
sonic-slave-bullseye:master
build armhf image in amd64:
sonic-slave-bullseye-march-armhf:33614806dc3
sonic-slave-bullseye-march-armhf:latest
sonic-slave-bullseye-march-armhf:master
build arm64 image in amd64:
sonic-slave-bullseye-march-arm64:f3b1b16c801
sonic-slave-bullseye-march-arm64:latest
sonic-slave-bullseye-march-arm64:master
build arm64 image in arm64:
sonic-slave-bullseye:75cb326c9a7
sonic-slave-bullseye-arm64:latest
sonic-slave-bullseye:master
build armhf image in armhf:
sonic-slave-bullseye:64d178951fc
sonic-slave-bullseye-armhf:latest
sonic-slave-bullseye:master
How to verify it
Why I did it
In PR check pipelines, there are too many duplicated warnings:
fatal: No names found, cannot describe anything.
SONIC_IMAGE_VERSION will not change in one build. We don't need to calculate in every reference. We just need calculate one time, then record it.
In Makefile, '=' will calculate again and again when it is referred.
How I did it
Fix it in Makefile.
How to verify it
Check this PR's check pipeline result.
Why I did it
Makefile needs some dependencies from the Internet. It will fail for network related issue.
Retries will fix most of these issues.
How I did it
Add retries when running commands which maybe related with networking.
How to verify it
Why I did it
It is to fix the broadcom build failure, it is caused by the build image docker-dhcp-relay:latest not found.
2022-12-14T00:09:57.5464893Z [ FAIL LOG START ] [ target/docker-dhcp-relay.gz-load ]
2022-12-14T00:09:57.5466036Z Attempting docker image lock for docker-dhcp-relay load
2022-12-14T00:09:57.5467113Z Obtained docker image lock for docker-dhcp-relay load
2022-12-14T00:09:57.5468206Z Loading docker image target/docker-dhcp-relay.gz
2022-12-14T00:09:57.5469361Z Loaded image: docker-dhcp-relay:internal.65852159-11ad82a07a
2022-12-14T00:09:57.5470686Z Tagging docker image docker-dhcp-relay:latest as docker-dhcp-relay-sonic:latest
2022-12-14T00:09:57.5471997Z Error response from daemon: No such image: docker-dhcp-relay:latest
2022-12-14T00:09:57.5473122Z [ FAIL LOG END ] [ target/docker-dhcp-relay.gz-load ]
2022-12-14T00:09:57.5539792Z make: *** [slave.mk:1180: target/docker-dhcp-relay.gz-load] Error 1
2022-12-14T00:09:57.5540958Z make: *** Waiting for unfinished jobs....
The image had been built succeeded
2022-12-13T17:01:59.9046935Z [ finished ] [ target/docker-eventd.gz ]
2022-12-13T17:02:00.4947165Z [ building ] [ target/docker-dhcp-relay.gz ]
2022-12-13T17:02:00.6688627Z /sonic/dockers/docker-dhcp-relay/cli-plugin-tests /sonic
2022-12-13T17:02:41.1123955Z /sonic
2022-12-13T17:07:04.1786069Z [ finished ] [ target/docker-dhcp-relay.gz ]
But it was tagged by another value:
Obtained docker image lock for docker-dhcp-relay save
Tagging docker image docker-dhcp-relay-sonic:latest as docker-dhcp-relay:internal.65852159-11ad82a07a
Saving docker image docker-dhcp-relay:internal.65852159-11ad82a07a
Released docker image lock for docker-dhcp-relay save
Removing docker image docker-dhcp-relay-sonic:latest
Untagged: docker-dhcp-relay-sonic:latest
target/docker-dhcp-relay.gz
File /dpkg_cache/docker-dhcp-relay.gz-2ddfa01a109ca69b7621f1a-450bae36026d9dee62646f2.tgz saved in cache
[ CACHE::SAVED ] /dpkg_cache/docker-dhcp-relay.gz-2ddfa01a109ca69b7621f1a-450bae36026d9dee62646f2.tgz
How I did it
When the feature SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD not enabled, always save as the latest tag, not use the specify version.
The version is dynamic, it is changed when a new commit checked in, but the image of docker-dhcp-relay is not necessary to change.