Fix show acl table for masic (#2937)

What I did Fixes sonic-net/sonic-buildimage#16012 The show acl table command currently get the ports from host config_db on multi asic platforms. This host config_db will not the phyiscal ports in the binding ports because the host doesnt have any front panel ports on the host. This causes the show acl table not to display the phyiscal ports in the output on multi asic devices/linecards. The test iface_namingmode/test_iface_namingmode.py::test_show_acl_table fails because of this issue.
sonic-net · Sep 6, 2023 · 03292ff · 03292ff
1 parent 627a2f5
commit 03292ff
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 6 deletions.
diff --git a/acl_loader/main.py b/acl_loader/main.py
@@ -173,7 +173,31 @@ def read_tables_info(self):
         Read ACL_TABLE table from configuration database
         :return:
         """
-        self.tables_db_info = self.configdb.get_table(self.ACL_TABLE)
+        # get the acl table info from host config_db
+        host_acl_table = self.configdb.get_table(self.ACL_TABLE)
+        # For multi asic get only the control plane acls from the host config_db
+        if self.per_npu_configdb:
+            for table, entry in host_acl_table.items():
+                if entry.get('type', None) != self.ACL_TABLE_TYPE_CTRLPLANE:
+                    continue
+
+                self.tables_db_info[table] = entry
+        else:
+            self.tables_db_info.update(host_acl_table)
+
+        # for DATAACL, EVERFLOW acls.
+        # update the ports from all the namespaces
+        if self.per_npu_configdb:
+            for ns, config_db in self.per_npu_configdb.items():
+                acl_table = config_db.get_table(self.ACL_TABLE)
+                for table, entry in acl_table.items():
+                    if entry.get('type', None) == self.ACL_TABLE_TYPE_CTRLPLANE:
+                        continue
+                    if table not in self.tables_db_info:
+                        self.tables_db_info[table] = entry
+                    else:
+                        self.tables_db_info[table]['ports'] += entry.get(
+                            'ports', [])
 
     def get_tables_db_info(self):
         return self.tables_db_info

diff --git a/tests/mock_tables/asic2/config_db.json b/tests/mock_tables/asic2/config_db.json
@@ -132,7 +132,7 @@
     },
     "ACL_TABLE|DATAACL_5": {
         "policy_desc": "DATAACL_5",
-        "ports@": "Ethernet124",
+        "ports@": "Ethernet20",
         "type": "L3",
         "stage": "ingress"
     }

diff --git a/tests/show_acl_test.py b/tests/show_acl_test.py
@@ -11,6 +11,11 @@
 modules_path = os.path.dirname(root_path)
 scripts_path = os.path.join(modules_path, "scripts")
 
+MASIC_SHOW_ACL_OUTPUT = """Name       Type    Binding      Description    Stage    Status
+---------  ------  -----------  -------------  -------  --------------------------------------
+DATAACL_5  L3      Ethernet20   DATAACL_5      ingress  {'asic0': 'Active', 'asic2': 'Active'}
+                   Ethernet124
+"""
 
 @pytest.fixture()
 def setup_teardown_single_asic():
@@ -74,10 +79,7 @@ def test_show_acl_table(self, setup_teardown_multi_asic):
         }
         result = runner.invoke(acl_loader_show.cli.commands['show'].commands['table'], ['DATAACL_5'], obj=context)
         assert result.exit_code == 0
-        # We only care about the third line, which contains the 'Active'
-        result_top = result.output.split('\n')[2]
-        expected_output = "DATAACL_5  L3      Ethernet124  DATAACL_5      ingress  {'asic0': 'Active', 'asic2': 'Active'}"
-        assert result_top == expected_output
+        assert result.output == MASIC_SHOW_ACL_OUTPUT
 
     def test_show_acl_rule(self, setup_teardown_multi_asic):
         runner = CliRunner()