openconfig / ondatra

58 stars 37 forks source link

User replace operation password node as state leaf in Request #50

Closed agvarghe-cisco closed 1 year ago

agvarghe-cisco commented 2 years ago

Doing a replace operation on User with below test https://github.com/openconfig/featureprofiles/blob/00a6330e677c649b0c7a1fb869411905312b9812/feature/experimental/security/aaa/kne_tests/tls_authentication_over_grpc_test/tls_authentication_over_grpc_test.go#L79 In replace operation password node is coming as state leaf

I1107 11:03:25.292024  493966 genutil.go:687] SetRequest:
prefix:  {
  origin:  "openconfig"
}
replace:  {
  path:  {
    elem:  {
      name:  "system"
    }
    elem:  {
      name:  "aaa"
    }
    elem:  {
      name:  "authentication"
    }
    elem:  {
      name:  "users"
    }
    elem:  {
      name:  "user"
      key:  {
        key:  "username"
        value:  "cisco"
      }
    }
  }
  val:  {
    json_ietf_val:  "{\n  \"openconfig-system:config\": {\n    \"username\": \"cisco\"\n  },\n  \"openconfig-system:state\": {\n    \"password\": \"cisco123\"\n  },\n  \"openconfig-system:username\": \"cisco\"\n}"
  }
}

-------replace path/value pair #0------
/system/aaa/authentication/users/user[username=cisco]
{
  "openconfig-system:config": {
    "username": "cisco"
  },
  "openconfig-system:state": {
    "password": "cisco123"
  },
  "openconfig-system:username": "cisco"
}

Both user and password nodes should be config

Not seeing a shadow path for Password in System_Aaa_Authentication_User for config https://github.com/openconfig/ondatra/blob/d07fe7fc95393607f4ffe6f276a6d61e002b9dd3/telemetry/structs-9.go#L6929

type System_Aaa_Authentication_User struct {
                AuthorizedKeysListCreatedOn  *uint64                                   `path:"state/authorized-keys-list-created-on" module:"openconfig-system/gnsi-ssh"`
                AuthorizedKeysListVersion    *string                                   `path:"state/authorized-keys-list-version" module:"openconfig-system/gnsi-ssh"`
                AuthorizedUsersListCreatedOn *uint64                                   `path:"state/authorized-users-list-created-on" module:"openconfig-system/gnsi-ssh"`
                AuthorizedUsersListVersion   *string                                   `path:"state/authorized-users-list-version" module:"openconfig-system/gnsi-ssh"`
                Password                     *string                                   `path:"state/password" module:"openconfig-system/openconfig-system"`
                PasswordCreatedOn            *uint64                                   `path:"state/password-created-on" module:"openconfig-system/gnsi-console"`
                PasswordHashed               *string                                   `path:"state/password-hashed" module:"openconfig-system/openconfig-system"`
                PasswordVersion              *string                                   `path:"state/password-version" module:"openconfig-system/gnsi-console"`
                Role                         System_Aaa_Authentication_User_Role_Union `path:"state/role" module:"openconfig-system/openconfig-system" shadow-path:"config/role" shadow-module:"openconfig-system/openconfig-system"`
                Username                     *string                                   `path:"state/username|username" module:"openconfig-system/openconfig-system|openconfig-system" shadow-path:"config/username|username" shadow-module:"openconfig-system/openconfig-system|openconfig-system"`
}
greg-dennis commented 2 years ago

@DanG100, can you take a look? If there is a problem that would be fixed by conversion to ygnmi, that would be the better fix

DanG100 commented 2 years ago

It looks like something with ygot, Wen's going to take a look

DanG100 commented 2 years ago

This leaf is set as not-supported by a YANG file in gNSI https://github.com/openconfig/gnsi/blob/main/credentialz/gnsi-credentialz.yang#L171. It is thus not generated in the telemetry library.

agvarghe-cisco commented 2 years ago

@DanG100 , This is the openconfig model/leaf in context .Is this not supported model/leaf ? https://github.com/openconfig/public/blob/ddfeaf5deb4c195b32287dc2e6d48034faa19473/release/models/system/openconfig-aaa.yang#L376

DanG100 commented 2 years ago

That is where the leaf is original defined, however Ondatra also generates the telemetry library using the gNSI yang located here https://github.com/openconfig/gnsi. (see https://github.com/openconfig/ondatra/blob/main/internal/gnmigen/generate.sh). In the gNSI yang there is a deviation that marks the config leaf as not supported https://github.com/openconfig/gnsi/blob/c2ebf3eb57aa7fe9f5671920d5986dc86836168b/console/gnsi-console.yang#L80

greg-dennis commented 2 years ago

@agvarghe-cisco, we'll discuss this some more and get back to you

greg-dennis commented 1 year ago

This should be fixed with the latest commit. Let us know if you are still having issues.