Skip to content

[sdn_tests]: Adding binding infra to pins_ondatra.#12662

Merged
vamsipunati merged 2 commits intosonic-net:masterfrom
VSuryaprasad-HCL:Branch2
May 13, 2024
Merged

[sdn_tests]: Adding binding infra to pins_ondatra.#12662
vamsipunati merged 2 commits intosonic-net:masterfrom
VSuryaprasad-HCL:Branch2

Conversation

@VSuryaprasad-HCL
Copy link
Contributor

@VSuryaprasad-HCL VSuryaprasad-HCL commented Apr 30, 2024
edited
Loading

Description of PR

  • [sdn_tests]: Adding binding infra to pins_ondatra.

Summary:

  • Adding binding infra to pins_ondatra.

Build Results:

      INFO: From Generating Descriptor Set proto_library @com_github_openconfig_gnsi//pathz:pathz_proto:
      github.com/openconfig/gnsi/pathz/authorization.proto:43:1: warning: Import 
      github.com/openconfig/gnsi/version/version.proto is unused.
      github.com/openconfig/gnsi/pathz/pathz.proto:25:1:
      warning: Import github.com/openconfig/gnsi/version/version.proto is unused.
      INFO: Elapsed time: 625.193s, Critical Path: 105.81s
      INFO: 882 processes: 251 internal, 631 linux-sandbox.
      INFO: Build completed successfully, 882 total actions

Type of change

  • Bug fix
  • Testbed and Framework(new/improvement)
  • [-] Test case(new/improvement)

Back port request

  • 201911
  • 202012
  • 202205
  • 202305
  • 202311

Approach

What is the motivation for this PR?

How did you do it?

How did you verify/test it?

Any platform specific information?

Supported testbed topology if it's a new test case?

Documentation

@kishanps
Copy link
Contributor

kishanps commented May 3, 2024

@vamsipunati Can you pls review and merge.

@kishanps
Copy link
Contributor

kishanps commented May 6, 2024

@vamsipunati For review and merge.

vamsipunati
vamsipunati previously approved these changes May 6, 2024
View reviewed changes
@VSuryaprasad-HCL VSuryaprasad-HCL force-pushed the Branch2 branch 4 times, most recently from 5bccd77 to 0c00006 Compare May 7, 2024 10:40
@VSuryaprasad-HCL
Copy link
Contributor Author

VSuryaprasad-HCL commented May 7, 2024
edited
Loading

Build Results:

  $ bazel build ...

  INFO: From Generating Descriptor Set proto_library @com_github_openconfig_gnsi//pathz:pathz_proto:
  github.com/openconfig/gnsi/pathz/authorization.proto:43:1: warning: Import 
  github.com/openconfig/gnsi/version/version.proto is unused.
  github.com/openconfig/gnsi/pathz/pathz.proto:25:1:
  warning: Import github.com/openconfig/gnsi/version/version.proto is unused.
  INFO: Elapsed time: 625.193s, Critical Path: 105.81s
  INFO: 882 processes: 251 internal, 631 linux-sandbox.
  INFO: Build completed successfully, 882 total actions

vamsipunati
vamsipunati previously approved these changes May 7, 2024
View reviewed changes
@vamsipunati
Copy link
Contributor

vamsipunati commented May 7, 2024

VSuryaprasad-HCL Can you address the following failure?

sdn_tests/pins_ondatra/infrastructure/binding/pins_backend.go
❯❱ go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion
MinVersion is missing from this TLS configuration. By default, TLS 1.2 is currently used as the
minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web
applications should default to TLS 1.3 with all other protocols disabled. Only where it is known
that a web server must support legacy clients with unsupported an insecure browsers (such as
Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion:
tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.
Details: https://sg.run/oxEN

       ▶▶┆ Autofix ▶ tls.Config{ Certificates: []tls.Certificate{clientCert},RootCAs:      certPool,ServerName:
          serverName, MinVersion: tls.VersionTLS13 }                                                           
       [54](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:55)┆ b.configs[service] = &tls.Config{
       [55](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:56)┆    Certificates: []tls.Certificate{clientCert},
       [56](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:57)┆    RootCAs:      certPool,
       [57](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:58)┆    ServerName:   serverName,
       [58](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:59)┆ }

BLOCKING CODE RULES FIRED:
go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion

@VSuryaprasad-HCL
Copy link
Contributor Author

VSuryaprasad-HCL commented May 8, 2024

VSuryaprasad-HCL Can you address the following failure?

sdn_tests/pins_ondatra/infrastructure/binding/pins_backend.go ❯❱ go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion MinVersion is missing from this TLS configuration. By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled. Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3. Details: https://sg.run/oxEN

       ▶▶┆ Autofix ▶ tls.Config{ Certificates: []tls.Certificate{clientCert},RootCAs:      certPool,ServerName:
          serverName, MinVersion: tls.VersionTLS13 }                                                           
       [54](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:55)┆ b.configs[service] = &tls.Config{
       [55](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:56)┆    Certificates: []tls.Certificate{clientCert},
       [56](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:57)┆    RootCAs:      certPool,
       [57](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:58)┆    ServerName:   serverName,
       [58](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:59)┆ }

BLOCKING CODE RULES FIRED: go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion

@vamsipunati I've addressed the failure and tried resloving it by adding MinVersion: tls.VersionTLS13 to the TLS in pins_backend.go, Also attaching the build info here.

    $ bazel build ...

     INFO: From Generating Descriptor Set proto_library @com_github_openconfig_gnsi//pathz:pathz_proto:
     github.com/openconfig/gnsi/pathz/authorization.proto:43:1: 
     warning: Import github.com/openconfig/gnsi/version/version.proto is unused.
     github.com/openconfig/gnsi/pathz/pathz.proto:25:1: 
     warning: Import github.com/openconfig/gnsi/version/version.proto is unused.
     INFO: Elapsed time: 392.027s, Critical Path: 82.05s
     INFO: 882 processes: 251 internal, 631 linux-sandbox.
     INFO: Build completed successfully, 882 total actions

@kishanps
Copy link
Contributor

kishanps commented May 8, 2024

VSuryaprasad-HCL Can you address the following failure?
sdn_tests/pins_ondatra/infrastructure/binding/pins_backend.go ❯❱ go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion MinVersion is missing from this TLS configuration. By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled. Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3. Details: https://sg.run/oxEN

       ▶▶┆ Autofix ▶ tls.Config{ Certificates: []tls.Certificate{clientCert},RootCAs:      certPool,ServerName:
          serverName, MinVersion: tls.VersionTLS13 }                                                           
       [54](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:55)┆ b.configs[service] = &tls.Config{
       [55](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:56)┆    Certificates: []tls.Certificate{clientCert},
       [56](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:57)┆    RootCAs:      certPool,
       [57](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:58)┆    ServerName:   serverName,
       [58](https://github.com/sonic-net/sonic-mgmt/actions/runs/8983943613/job/24693677157?pr=12662#step:4:59)┆ }

BLOCKING CODE RULES FIRED: go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion

@vamsipunati I've addressed the failure and tried resloving it by adding MinVersion: tls.VersionTLS13 to the TLS in pins_backend.go, Also attaching the build info here.

    $ bazel build ...

     INFO: From Generating Descriptor Set proto_library @com_github_openconfig_gnsi//pathz:pathz_proto:
     github.com/openconfig/gnsi/pathz/authorization.proto:43:1: 
     warning: Import github.com/openconfig/gnsi/version/version.proto is unused.
     github.com/openconfig/gnsi/pathz/pathz.proto:25:1: 
     warning: Import github.com/openconfig/gnsi/version/version.proto is unused.
     INFO: Elapsed time: 392.027s, Critical Path: 82.05s
     INFO: 882 processes: 251 internal, 631 linux-sandbox.
     INFO: Build completed successfully, 882 total actions

What is the current working dir of the bazel build cmd ? Can you make sure all targets are being built and tested where applicable. (check bazel build options here - https://bazel.build/run/build)
cc: @rkavitha-hcl

vamsipunati
vamsipunati previously approved these changes May 8, 2024
View reviewed changes
@VSuryaprasad-HCL VSuryaprasad-HCL force-pushed the Branch2 branch 2 times, most recently from 90af52a to f0c16ee Compare May 9, 2024 10:01
@mssonicbld
Copy link
Collaborator

mssonicbld commented May 9, 2024

The pre-commit check detected issues in the files touched by this pull request.
The pre-commit check is a mandatory check, please fix detected issues.

Detailed pre-commit check results:
trim trailing whitespace.................................................Failed
- hook id: trailing-whitespace
- exit code: 1
- files were modified by this hook

Fixing sdn_tests/pins_ondatra/bazel/patches/p4lang.patch

fix end of files.........................................................Failed
- hook id: end-of-file-fixer
- exit code: 1
- files were modified by this hook

Fixing sdn_tests/pins_ondatra/bazel/patches/gnmi-001-fix_virtual_proto_import.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/ygnmi.patch

check yaml...........................................(no files to check)Skipped
check for added large files..............................................Passed
check python ast.....................................(no files to check)Skipped
flake8...............................................(no files to check)Skipped
flake8...............................................(no files to check)Skipped
...
[truncated extra lines, please run pre-commit locally to view full check results]

To run the pre-commit checks locally, you can follow below steps:

  1. Ensure that default python is python3. In sonic-mgmt docker container, default python is python2. You can run
    the check by activating the python3 virtual environment in sonic-mgmt docker container or outside of sonic-mgmt
    docker container.
  2. Ensure that the pre-commit package is installed:
sudo pip install pre-commit
  1. Go to repository root folder
  2. Install the pre-commit hooks:
pre-commit install
  1. Use pre-commit to check staged file:
pre-commit
  1. Alternatively, you can check committed files using:
pre-commit run --from-ref <commit_id> --to-ref <commit_id>

@mssonicbld
Copy link
Collaborator

mssonicbld commented May 9, 2024

The pre-commit check detected issues in the files touched by this pull request.
The pre-commit check is a mandatory check, please fix detected issues.

Detailed pre-commit check results:
trim trailing whitespace.................................................Failed
- hook id: trailing-whitespace
- exit code: 1
- files were modified by this hook

Fixing sdn_tests/pins_ondatra/bazel/patches/gnoi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/ondatra.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/gnmi-001-fix_virtual_proto_import.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/snappi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/gnmi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/gribi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/ygot.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/grpc-003-fix_go_gazelle_register_toolchain.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/gnsi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/p4lang.patch

fix end of files.........................................................Failed
- hook id: end-of-file-fixer
- exit code: 1
- files were modified by this hook
...
[truncated extra lines, please run pre-commit locally to view full check results]

To run the pre-commit checks locally, you can follow below steps:

  1. Ensure that default python is python3. In sonic-mgmt docker container, default python is python2. You can run
    the check by activating the python3 virtual environment in sonic-mgmt docker container or outside of sonic-mgmt
    docker container.
  2. Ensure that the pre-commit package is installed:
sudo pip install pre-commit
  1. Go to repository root folder
  2. Install the pre-commit hooks:
pre-commit install
  1. Use pre-commit to check staged file:
pre-commit
  1. Alternatively, you can check committed files using:
pre-commit run --from-ref <commit_id> --to-ref <commit_id>

@mssonicbld
Copy link
Collaborator

mssonicbld commented May 9, 2024

The pre-commit check detected issues in the files touched by this pull request.
The pre-commit check is a mandatory check, please fix detected issues.

Detailed pre-commit check results:
trim trailing whitespace.................................................Failed
- hook id: trailing-whitespace
- exit code: 1
- files were modified by this hook

Fixing sdn_tests/pins_ondatra/bazel/patches/gnoi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/ondatra.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/gnmi-001-fix_virtual_proto_import.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/snappi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/gnmi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/gribi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/ygot.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/grpc-003-fix_go_gazelle_register_toolchain.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/gnsi.patch
Fixing sdn_tests/pins_ondatra/bazel/patches/p4lang.patch

fix end of files.........................................................Failed
- hook id: end-of-file-fixer
- exit code: 1
- files were modified by this hook
...
[truncated extra lines, please run pre-commit locally to view full check results]

To run the pre-commit checks locally, you can follow below steps:

  1. Ensure that default python is python3. In sonic-mgmt docker container, default python is python2. You can run
    the check by activating the python3 virtual environment in sonic-mgmt docker container or outside of sonic-mgmt
    docker container.
  2. Ensure that the pre-commit package is installed:
sudo pip install pre-commit
  1. Go to repository root folder
  2. Install the pre-commit hooks:
pre-commit install
  1. Use pre-commit to check staged file:
pre-commit
  1. Alternatively, you can check committed files using:
pre-commit run --from-ref <commit_id> --to-ref <commit_id>

@VSuryaprasad-HCL VSuryaprasad-HCL force-pushed the Branch2 branch 2 times, most recently from 687468b to 3bb2951 Compare May 10, 2024 12:09
@vamsipunati vamsipunati merged commit 1d5991a into sonic-net:master May 13, 2024
@VSuryaprasad-HCL
Copy link
Contributor Author

VSuryaprasad-HCL commented May 19, 2024

#11771

mrkcmo pushed a commit to Azarack/sonic-mgmt that referenced this pull request Jul 17, 2024
@VSuryaprasad-HCL @parmarkj
[sdn_tests]: Adding binding infra to pins_ondatra. (sonic-net#12662)
a558bf2 
* [sdn_tests]: Adding Build support for pins_ondatra

* [sdn_tests]: Adding binding infra to pins_ondatra.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vamsipunati vamsipunati vamsipunati approved these changes

+2 more reviewers

@parth-opensrc parth-opensrc parth-opensrc approved these changes

@rkavitha-hcl rkavitha-hcl rkavitha-hcl approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@VSuryaprasad-HCL @kishanps @vamsipunati @mssonicbld @parth-opensrc @rkavitha-hcl