Skip to content

Create pytest version of control plane ACL test#1672

Merged
jleveque merged 5 commits intosonic-net:masterfrom
jleveque:ctrl_plne_acl_pytest
May 19, 2020
Merged

Create pytest version of control plane ACL test#1672
jleveque merged 5 commits intosonic-net:masterfrom
jleveque:ctrl_plne_acl_pytest

Conversation

@jleveque
Copy link
Contributor

@jleveque jleveque commented May 13, 2020

Create pytest version of control plane ACL test.

@jleveque jleveque requested a review from lguohan May 13, 2020 23:05
@jleveque jleveque self-assigned this May 13, 2020
@lgtm-com
Copy link

lgtm-com bot commented May 13, 2020

This pull request introduces 1 alert when merging 26934f0 into f11d076 - view on LGTM.com

new alerts:

  • 1 for Variable defined multiple times

lguohan
lguohan reviewed May 19, 2020
View reviewed changes
lguohan
lguohan reviewed May 19, 2020
View reviewed changes
@lguohan
Copy link
Contributor

lguohan commented May 19, 2020

I do not remember if this test was developed in the service acl stage where we can have different implementation of the control plane acl. Now, since we have been using iptables to manage the control plane acl, and you have added many different rules. I would suggest to develop a new test which is comparing the iptables actual and expected output.

people trust iptables implementation nowadays. as long as you have correct iptable rules, we believe it will behave correctly.

@jleveque
Copy link
Contributor Author

jleveque commented May 19, 2020
edited
Loading

I do not remember if this test was developed in the service acl stage where we can have different implementation of the control plane acl.

Yes, you are correct, it was.

Now, since we have been using iptables to manage the control plane acl, and you have added many different rules. I would suggest to develop a new test which is comparing the iptables actual and expected output.

people trust iptables implementation nowadays. as long as you have correct iptable rules, we believe it will behave correctly.

OK. So we should merge this PR as-is to retain the same functionality, then I can later update the test to simply verify the iptables rules are as expected.

@jleveque jleveque merged commit 9c9c74c into sonic-net:master May 19, 2020
@jleveque jleveque deleted the ctrl_plne_acl_pytest branch May 19, 2020 19:38
@jleveque jleveque mentioned this pull request May 20, 2020
Merged
kazinator-arista pushed a commit to kazinator-arista/sonic-mgmt that referenced this pull request Mar 4, 2026
@daall
[202012][submodule] Update sonic-swss and sonic-utilites submodules f…
1201ca6 
…or 202012 (sonic-net#7105)

sonic-swss
* [nbrmgrd] added function to parse IP address from APP_DB (sonic-net#1672)
* [MUX/PFCWD] Use in_ports for acls instead of seperate ACL table (sonic-net#1670)
* [mux] VS test for neigh, route and fdb (sonic-net#1656)
* [Dynamic buffer calc] Bug fix: Remove PGs from an administratively down port. (sonic-net#1652)
* spell check fixes (sonic-net#1630)

sonic-utilities
* [reboot]: Stop mux before reboot on dual ToR (sonic-net#1500)
* [config] Disable/enable container monitoring when stopping/starting services (sonic-net#1499)
* Add 'show' and 'clear' command for PG drop (sonic-net#1461)
* [CLI][techsupport] Add NOOP option for commands that did not have that option (sonic-net#1445)
* [202012][reload] Improve reload by using sonic.target (sonic-net#1509)

Signed-off-by: Danny Allen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@msosyak msosyak msosyak left review comments

@lguohan lguohan lguohan approved these changes

Assignees

@jleveque jleveque

Labels

Control Plane ACL Enhancement Pytest 🐍

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jleveque @lguohan @msosyak