Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No config validation in config load cli #3502

Open
ashish12pant opened this issue Aug 26, 2024 · 0 comments
Open

No config validation in config load cli #3502

ashish12pant opened this issue Aug 26, 2024 · 0 comments

Comments

@ashish12pant
Copy link

ashish12pant commented Aug 26, 2024
edited
Loading

Description

config load <json_data> does not have any config validation which may result in inconsistent data in CONFIG_DB especially for feature like CACL or CoPP which do not have sonic-cli to configure.
This in itself may not result in issue but once such configuration is used for checkpoint, replace or rollback will result in YaNG validation errors

Steps to reproduce the issue

  1. Create an CACL Rule without creating CACL table using config load /tmp/acl.json
{
    "ACL_RULE": {
        "control-plane-v4|30-SNMP": {
            "IP_PROTOCOL": "17",
            "SRC_IP": "172.168.158.0/24",
            "PACKET_ACTION": "ACCEPT",
            "L4_DST_PORT_RANGE": "161-162",
            "PRIORITY": "9999"
        }
}
  1. sudo config save /tmp/config_data.json
  2. sudo config replace /tmp/config_data.json

Describe the results you received

In step 3 Error:

sudo config replace /tmp/config_data.json -d
** DRY RUN EXECUTION **
Config Replacer: Config replacement starting.
Config Replacer: Target config length: 23849.
Config Replacer: Getting current config db.
Config Replacer: Generating patch between target config and current config db.
Config Replacer: Applying patch using 'Patch Applier'.
Patch Applier: localhost: Patch application starting.
Patch Applier: localhost: Patch: []
Patch Applier: localhost getting current config db.
Patch Applier: localhost: simulating the target full config after applying the patch.
Patch Applier: localhost: validating all JsonPatch operations are permitted on the specified fields
Patch Applier: localhost: validating target config does not have empty tables,
                               since they do not show up in ConfigDb.
Patch Applier: localhost: sorting patch updates.
Failed to replace config
Usage: config replace [OPTIONS] TARGET_FILE_PATH
Try "config replace -h" for help.

Error: Given patch will produce invalid config. Error: Data Loading Failed
Leafref "/sonic-acl:sonic-acl/sonic-acl:ACL_TABLE/sonic-acl:ACL_TABLE_LIST/sonic-acl:ACL_TABLE_NAME" of value "control-plane-v4" points to a non-existing leaf.

Describe the results you expected

Configuration should fail in Step 1 itself with error as below:

Leafref "/sonic-acl:sonic-acl/sonic-acl:ACL_TABLE/sonic-acl:ACL_TABLE_LIST/sonic-acl:ACL_TABLE_NAME" of value "control-plane-v4" points to a non-existing leaf.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ashish12pant