From 3453280165e4c8185947e9416a867a7ce719a90d Mon Sep 17 00:00:00 2001 From: liuh-80 Date: Sat, 11 May 2024 06:26:29 +0000 Subject: [PATCH 1/4] Improve TACACS run command on IPV6 failed issue --- tests/tacacs/test_ro_user.py | 30 +++++++++++++++++++++++++----- tests/tacacs/test_rw_user.py | 10 ++++++---- tests/tacacs/utils.py | 7 +++---- 3 files changed, 34 insertions(+), 13 deletions(-) diff --git a/tests/tacacs/test_ro_user.py b/tests/tacacs/test_ro_user.py index f555a5963a6..c14cc0e23df 100644 --- a/tests/tacacs/test_ro_user.py +++ b/tests/tacacs/test_ro_user.py @@ -1,7 +1,7 @@ import pytest import time from tests.common.helpers.assertions import pytest_assert -from .utils import check_output +from .utils import check_output, tacacs_running, start_tacacs_server import logging @@ -15,6 +15,7 @@ SLEEP_TIME = 10 TIMEOUT_LIMIT = 120 +RETRY_COUNT = 3 def ssh_remote_run(localhost, remote_ip, username, password, cmd): @@ -77,6 +78,22 @@ def wait_for_tacacs(localhost, remote_ip, username, password): current_attempt += 1 +def ssh_remote_run_with_ipv6(localhost, dutip, ptfhost, user, password, command): + retry_count = RETRY_COUNT + while retry_count > 0: + res = ssh_remote_run(localhost, dutip, user, + password, command) + + # TACACS server randomly crash after receive authorization request from IPV6 + if not tacacs_running(ptfhost): + start_tacacs_server(ptfhost) + retry_count -= 1 + else: + return res + + pytest_assert(False, "cat command failed because TACACS server not running") + + def test_ro_user(localhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_creds, check_tacacs): duthost = duthosts[enum_rand_one_per_hwsku_hostname] dutip = duthost.mgmt_ip @@ -86,13 +103,16 @@ def test_ro_user(localhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_c check_output(res, 'test', 'remote_user') -def test_ro_user_ipv6(localhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_creds, check_tacacs_v6): +def test_ro_user_ipv6(localhost, ptfhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_creds, check_tacacs_v6): duthost = duthosts[enum_rand_one_per_hwsku_hostname] dutip = duthost.mgmt_ip - res = ssh_remote_run(localhost, dutip, tacacs_creds['tacacs_ro_user'], - tacacs_creds['tacacs_ro_user_passwd'], 'cat /etc/passwd') - check_output(res, 'test', 'remote_user') + res = ssh_remote_run_with_ipv6(localhost, dutip, ptfhost, + tacacs_creds['tacacs_rw_user'], + tacacs_creds['tacacs_rw_user_passwd'], + "cat /etc/passwd") + + check_output(res, 'testadmin', 'remote_user_su') def test_ro_user_allowed_command(localhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_creds, check_tacacs): diff --git a/tests/tacacs/test_rw_user.py b/tests/tacacs/test_rw_user.py index 7cfbaf2b003..0785f1a0c0e 100644 --- a/tests/tacacs/test_rw_user.py +++ b/tests/tacacs/test_rw_user.py @@ -1,6 +1,6 @@ import pytest -from .test_ro_user import ssh_remote_run +from .test_ro_user import ssh_remote_run, ssh_remote_run_with_ipv6 from .utils import check_output pytestmark = [ @@ -21,12 +21,14 @@ def test_rw_user(localhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_c check_output(res, 'testadmin', 'remote_user_su') -def test_rw_user_ipv6(localhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_creds, check_tacacs_v6): +def test_rw_user_ipv6(localhost, duthosts, ptfhost, enum_rand_one_per_hwsku_hostname, tacacs_creds, check_tacacs_v6): """test tacacs rw user """ duthost = duthosts[enum_rand_one_per_hwsku_hostname] dutip = duthost.mgmt_ip - res = ssh_remote_run(localhost, dutip, tacacs_creds['tacacs_rw_user'], - tacacs_creds['tacacs_rw_user_passwd'], "cat /etc/passwd") + res = ssh_remote_run_with_ipv6(localhost, dutip, ptfhost, + tacacs_creds['tacacs_rw_user'], + tacacs_creds['tacacs_rw_user_passwd'], + "cat /etc/passwd") check_output(res, 'testadmin', 'remote_user_su') diff --git a/tests/tacacs/utils.py b/tests/tacacs/utils.py index 9138fc5c813..10e3722f8f5 100644 --- a/tests/tacacs/utils.py +++ b/tests/tacacs/utils.py @@ -33,12 +33,11 @@ def check_all_services_status(ptfhost): res = ptfhost.command("service --status-all") logger.info(res["stdout_lines"]) +def tacacs_running(ptfhost): + out = ptfhost.command("service tacacs_plus status", module_ignore_errors=True)["stdout"] + return "tacacs+ running" in out def start_tacacs_server(ptfhost): - def tacacs_running(ptfhost): - out = ptfhost.command("service tacacs_plus status", module_ignore_errors=True)["stdout"] - return "tacacs+ running" in out - ptfhost.command("service tacacs_plus restart", module_ignore_errors=True) return wait_until(5, 1, 0, tacacs_running, ptfhost) From 97aeb273a423ba2336c4c5aa299c5ca06b89f513 Mon Sep 17 00:00:00 2001 From: liuh-80 Date: Sat, 11 May 2024 06:39:47 +0000 Subject: [PATCH 2/4] Improve code format --- tests/tacacs/test_ro_user.py | 5 +++-- tests/tacacs/test_rw_user.py | 3 ++- tests/tacacs/utils.py | 2 ++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/tests/tacacs/test_ro_user.py b/tests/tacacs/test_ro_user.py index c14cc0e23df..458ec740fa6 100644 --- a/tests/tacacs/test_ro_user.py +++ b/tests/tacacs/test_ro_user.py @@ -82,7 +82,7 @@ def ssh_remote_run_with_ipv6(localhost, dutip, ptfhost, user, password, command) retry_count = RETRY_COUNT while retry_count > 0: res = ssh_remote_run(localhost, dutip, user, - password, command) + password, command) # TACACS server randomly crash after receive authorization request from IPV6 if not tacacs_running(ptfhost): @@ -193,7 +193,8 @@ def test_ro_user_allowed_command(localhost, duthosts, enum_rand_one_per_hwsku_ho " 'sudo sonic-installer list' is banned") -def test_ro_user_banned_by_sudoers_command(localhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_creds, check_tacacs): +def test_ro_user_banned_by_sudoers_command(localhost, duthosts, enum_rand_one_per_hwsku_hostname, + tacacs_creds, check_tacacs): duthost = duthosts[enum_rand_one_per_hwsku_hostname] dutip = duthost.mgmt_ip diff --git a/tests/tacacs/test_rw_user.py b/tests/tacacs/test_rw_user.py index 0785f1a0c0e..01ccfe7840b 100644 --- a/tests/tacacs/test_rw_user.py +++ b/tests/tacacs/test_rw_user.py @@ -21,7 +21,8 @@ def test_rw_user(localhost, duthosts, enum_rand_one_per_hwsku_hostname, tacacs_c check_output(res, 'testadmin', 'remote_user_su') -def test_rw_user_ipv6(localhost, duthosts, ptfhost, enum_rand_one_per_hwsku_hostname, tacacs_creds, check_tacacs_v6): +def test_rw_user_ipv6(localhost, duthosts, ptfhost, enum_rand_one_per_hwsku_hostname, + tacacs_creds, check_tacacs_v6): """test tacacs rw user """ duthost = duthosts[enum_rand_one_per_hwsku_hostname] diff --git a/tests/tacacs/utils.py b/tests/tacacs/utils.py index 10e3722f8f5..306f88f8925 100644 --- a/tests/tacacs/utils.py +++ b/tests/tacacs/utils.py @@ -33,10 +33,12 @@ def check_all_services_status(ptfhost): res = ptfhost.command("service --status-all") logger.info(res["stdout_lines"]) + def tacacs_running(ptfhost): out = ptfhost.command("service tacacs_plus status", module_ignore_errors=True)["stdout"] return "tacacs+ running" in out + def start_tacacs_server(ptfhost): ptfhost.command("service tacacs_plus restart", module_ignore_errors=True) return wait_until(5, 1, 0, tacacs_running, ptfhost) From 8459ede93b12dd902deee53fb4e988b0d68605d4 Mon Sep 17 00:00:00 2001 From: liuh-80 Date: Fri, 17 May 2024 06:39:09 +0000 Subject: [PATCH 3/4] Improve code by PR comments --- tests/tacacs/test_ro_user.py | 10 ++++------ tests/tacacs/test_rw_user.py | 4 ++-- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/tests/tacacs/test_ro_user.py b/tests/tacacs/test_ro_user.py index 458ec740fa6..20d9e59393a 100644 --- a/tests/tacacs/test_ro_user.py +++ b/tests/tacacs/test_ro_user.py @@ -15,7 +15,6 @@ SLEEP_TIME = 10 TIMEOUT_LIMIT = 120 -RETRY_COUNT = 3 def ssh_remote_run(localhost, remote_ip, username, password, cmd): @@ -78,8 +77,7 @@ def wait_for_tacacs(localhost, remote_ip, username, password): current_attempt += 1 -def ssh_remote_run_with_ipv6(localhost, dutip, ptfhost, user, password, command): - retry_count = RETRY_COUNT +def ssh_remote_run_retry(localhost, dutip, ptfhost, user, password, command, retry_count = 3): while retry_count > 0: res = ssh_remote_run(localhost, dutip, user, password, command) @@ -107,9 +105,9 @@ def test_ro_user_ipv6(localhost, ptfhost, duthosts, enum_rand_one_per_hwsku_host duthost = duthosts[enum_rand_one_per_hwsku_hostname] dutip = duthost.mgmt_ip - res = ssh_remote_run_with_ipv6(localhost, dutip, ptfhost, - tacacs_creds['tacacs_rw_user'], - tacacs_creds['tacacs_rw_user_passwd'], + res = ssh_remote_run_retry(localhost, dutip, ptfhost, + tacacs_creds['tacacs_ro_user'], + tacacs_creds['tacacs_ro_user_passwd'], "cat /etc/passwd") check_output(res, 'testadmin', 'remote_user_su') diff --git a/tests/tacacs/test_rw_user.py b/tests/tacacs/test_rw_user.py index 01ccfe7840b..953831a3c33 100644 --- a/tests/tacacs/test_rw_user.py +++ b/tests/tacacs/test_rw_user.py @@ -1,6 +1,6 @@ import pytest -from .test_ro_user import ssh_remote_run, ssh_remote_run_with_ipv6 +from .test_ro_user import ssh_remote_run, ssh_remote_run_retry from .utils import check_output pytestmark = [ @@ -27,7 +27,7 @@ def test_rw_user_ipv6(localhost, duthosts, ptfhost, enum_rand_one_per_hwsku_host """ duthost = duthosts[enum_rand_one_per_hwsku_hostname] dutip = duthost.mgmt_ip - res = ssh_remote_run_with_ipv6(localhost, dutip, ptfhost, + res = ssh_remote_run_retry(localhost, dutip, ptfhost, tacacs_creds['tacacs_rw_user'], tacacs_creds['tacacs_rw_user_passwd'], "cat /etc/passwd") From a7537daccbfdf78d03b7070accbb9b93e9a163c4 Mon Sep 17 00:00:00 2001 From: liuh-80 Date: Fri, 17 May 2024 06:42:49 +0000 Subject: [PATCH 4/4] Fix warning --- tests/tacacs/test_ro_user.py | 8 ++++---- tests/tacacs/test_rw_user.py | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/tacacs/test_ro_user.py b/tests/tacacs/test_ro_user.py index 20d9e59393a..63ee2c48564 100644 --- a/tests/tacacs/test_ro_user.py +++ b/tests/tacacs/test_ro_user.py @@ -77,7 +77,7 @@ def wait_for_tacacs(localhost, remote_ip, username, password): current_attempt += 1 -def ssh_remote_run_retry(localhost, dutip, ptfhost, user, password, command, retry_count = 3): +def ssh_remote_run_retry(localhost, dutip, ptfhost, user, password, command, retry_count=3): while retry_count > 0: res = ssh_remote_run(localhost, dutip, user, password, command) @@ -106,9 +106,9 @@ def test_ro_user_ipv6(localhost, ptfhost, duthosts, enum_rand_one_per_hwsku_host dutip = duthost.mgmt_ip res = ssh_remote_run_retry(localhost, dutip, ptfhost, - tacacs_creds['tacacs_ro_user'], - tacacs_creds['tacacs_ro_user_passwd'], - "cat /etc/passwd") + tacacs_creds['tacacs_ro_user'], + tacacs_creds['tacacs_ro_user_passwd'], + "cat /etc/passwd") check_output(res, 'testadmin', 'remote_user_su') diff --git a/tests/tacacs/test_rw_user.py b/tests/tacacs/test_rw_user.py index 953831a3c33..c934ea65943 100644 --- a/tests/tacacs/test_rw_user.py +++ b/tests/tacacs/test_rw_user.py @@ -28,8 +28,8 @@ def test_rw_user_ipv6(localhost, duthosts, ptfhost, enum_rand_one_per_hwsku_host duthost = duthosts[enum_rand_one_per_hwsku_hostname] dutip = duthost.mgmt_ip res = ssh_remote_run_retry(localhost, dutip, ptfhost, - tacacs_creds['tacacs_rw_user'], - tacacs_creds['tacacs_rw_user_passwd'], - "cat /etc/passwd") + tacacs_creds['tacacs_rw_user'], + tacacs_creds['tacacs_rw_user_passwd'], + "cat /etc/passwd") check_output(res, 'testadmin', 'remote_user_su')