Conversation
|
@blueorangutan package |
|
@kiranchavala a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #8464 +/- ##
============================================
- Coverage 30.80% 29.02% -1.78%
+ Complexity 33981 31784 -2197
============================================
Files 5341 5341
Lines 374864 374900 +36
Branches 54518 54530 +12
============================================
- Hits 115485 108829 -6656
- Misses 244114 251489 +7375
+ Partials 15265 14582 -683
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
kiranchavala
left a comment
kiranchavala
left a comment
There was a problem hiding this comment.
LGTM, tested manually
Before the fix
List networkacls api call
{
"aclid": "e79f3198-62a8-43f7-96c1-02f02c44766d",
"aclname": "test",
"action": "Allow",
"cidrlist": "10.0.0.0/24",
"fordisplay": true,
"icmpcode": -1,
"icmptype": -1,
"id": "a30c97a1-4548-49a4-9b65-b45f9719cfd0",
"number": 1,
"protocol": "icmp",
"reason": "",
"state": "Active",
"tags": [],
"traffictype": "Ingress"
},
After the api call (update networkaclitem ) is called
update networkaclitem protocol=icmp partialupgrade=false cidrlist="" traffictype=ingress id=a30c97a1-4548-49a4-9b65-b45f9719cfd0
The network acl is set with a null ICMP code and type
{
"aclid": "e79f3198-62a8-43f7-96c1-02f02c44766d",
"aclname": "test",
"action": "Allow",
"cidrlist": "",
"fordisplay": true,
"id": "a30c97a1-4548-49a4-9b65-b45f9719cfd0",
"number": 1,
"protocol": "icmp",
"state": "Active",
"tags": [],
"traffictype": "Ingress"
},
After fix , the acl id is not changed
{
"aclid": "e79f3198-62a8-43f7-96c1-02f02c44766d",
"aclname": "test",
"action": "Allow",
"cidrlist": "10.0.0.0/24",
"fordisplay": true,
"icmpcode": -1,
"icmptype": -1,
"id": "a30c97a1-4548-49a4-9b65-b45f9719cfd0",
"number": 1,
"protocol": "icmp",
"reason": "",
"state": "Active",
"tags": [],
"traffictype": "Ingress"
},
|
@blueorangutan package |
|
@rohityadavcloud a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
|
@blueorangutan test alma9 kvm-alma9 |
|
@DaanHoogland a [SL] Trillian-Jenkins test job (alma9 mgmt + kvm-alma9) has been kicked to run smoke tests |
|
[SF] Trillian test result (tid-9165)
|
|
if everything fails apply insanity: |
|
@DaanHoogland a [SL] Trillian-Jenkins test job (alma9 mgmt + kvm-alma9) has been kicked to run smoke tests |
|
[SF] Trillian test result (tid-9188)
|
6 participants
Description
An ICMP ACL rule should not be able to have code and type null. This PR fixes an edge case, that can be reproduced by:
updateNetworkACLItemand parametersprotocol=icmp,partialupgrade=false,cidrlist=""andtraffictype=ingress.It will then set the rule with null ICMP code and type and the VR will face problems.
This PR just extends the validation made when
partialupgradeis false.Types of changes
Feature/Enhancement Scale or Bug Severity
Bug Severity
Screenshots (if appropriate):
How Has This Been Tested?
By following the steps mentioned in the description:
protocol=icmp, code and type became -1.protocol=tcpandprotocol=all, the rule was changed and the attributes were reset accordingly.