[code sync] Merge code from sonic-net/sonic-buildimage:master to kubesonic#2282
Merged
mssonicbld merged 25 commits intoMay 12, 2026
Merged
Conversation
Collaborator
mssonicbld
commented
May 12, 2026
mssonicbld
commented
…tomatically (#27262) Signed-off-by: mssonicbld <sonicbld@microsoft.com>
…utomatically (#27260) Signed-off-by: mssonicbld <sonicbld@microsoft.com>
…atically (#27221) Signed-off-by: mssonicbld <sonicbld@microsoft.com>
…lly (#27285) Signed-off-by: mssonicbld <sonicbld@microsoft.com>
…lly (#27289) Signed-off-by: mssonicbld <sonicbld@microsoft.com>
…tically (#27288) Signed-off-by: mssonicbld <sonicbld@microsoft.com>
…ically (#27287) Signed-off-by: mssonicbld <sonicbld@microsoft.com>
Why I did it The console-monitor feature in sonic-host-services requires socat to create PTY pairs for console port bridging. This PR adds socat as a host system dependency to ensure console-monitor can function properly. Work item tracking Microsoft ADO (number only): How I did it Added $(SOCAT) to the installer build dependencies in slave.mk to ensure the socat deb package is built Added $(SOCAT) to installer_debs export variable in slave.mk so socat gets installed to the host filesystem How to verify it Install SONiC Image Check socat is installed Signed-off-by: cliffchen <t-cliffchen+github@microsoft.com>
Why I did it This PR supports [HLD](sonic-net/SONiC#2178) To support controlled_device attribute in CONSOLE_SWITCH table to enable/disable the controlled device feature on SONiC console switch. Sample config: "CONSOLE_SWITCH": { "console_mgmt": { "enabled": "yes" }, "controlled_device": { "enabled": "yes" } } How I did it Update Yang model for sonic-console and add corresponding unit tests: - Added controlled_device container in CONSOLE_SWITCH - Added test cases for default value verification - Added test cases for valid configuration - Added test cases for invalid pattern detection How to verify it Verified by unit test. Signed-off-by: cliffchen <t-cliffchen+github@microsoft.com>
What: Upgrades docker-sonic-otel base image from Bookworm to Trixie — changes Dockerfile.j2 base to docker-config-engine-trixie and updates docker-otel.mk references (DBG_DEPENDS, LOAD_DOCKERS, DBG_IMAGE_PACKAGES, SONIC_TRIXIE_DOCKERS). Why: Part of the SONiC Trixie migration effort (sonic-net/SONiC#2169). How: Replaced all bookworm references with trixie equivalents in Dockerfile.j2 and rules/docker-otel.mk, moved docker registration from SONIC_BOOKWORM_DOCKERS to SONIC_TRIXIE_DOCKERS. Testing: All CI checks passed (27/27). VS image builds successfully, pretest passes on KVM T0 testbed (10 passed, 3 skipped), containers verified running Debian 13 (trixie). Signed-off-by: Ying Xie <ying.xie@microsoft.com>
What: Upgrades docker-sysmgr base image from Bookworm to Trixie — changes Dockerfile.j2 base to docker-config-engine-trixie and updates .mk references (DBG_DEPENDS, LOAD_DOCKERS, DBG_IMAGE_PACKAGES, SONIC_TRIXIE_DOCKERS). Why: Part of the SONiC Trixie migration effort (sonic-net/SONiC#2169). How: Replaced all bookworm references with trixie equivalents in Dockerfile.j2 and rules .mk file, moved docker registration from SONIC_BOOKWORM_DOCKERS to SONIC_TRIXIE_DOCKERS. Testing: All CI checks passed (27/27). VS image builds successfully, pretest passes on KVM T0 testbed (10 passed, 3 skipped), containers verified running Debian 13 (trixie). Signed-off-by: Ying Xie <ying.xie@microsoft.com>
What: Upgrades docker-bmp-watchdog base image from Bookworm to Trixie — changes Dockerfile.j2 base to docker-config-engine-trixie and updates .mk references (DBG_DEPENDS, LOAD_DOCKERS, DBG_IMAGE_PACKAGES, SONIC_TRIXIE_DOCKERS). Why: Part of the SONiC Trixie migration effort (sonic-net/SONiC#2169). How: Replaced all bookworm references with trixie equivalents in Dockerfile.j2 and rules .mk file, moved docker registration from SONIC_BOOKWORM_DOCKERS to SONIC_TRIXIE_DOCKERS. Testing: All CI checks passed (27/27). VS image builds successfully, pretest passes on KVM T0 testbed (10 passed, 3 skipped), containers verified running Debian 13 (trixie). Signed-off-by: Ying Xie <ying.xie@microsoft.com>
What: Upgrades docker-telemetry-sidecar base image from Bookworm to Trixie — changes Dockerfile.j2 base to docker-config-engine-trixie and updates .mk references (DBG_DEPENDS, LOAD_DOCKERS, DBG_IMAGE_PACKAGES, SONIC_TRIXIE_DOCKERS). Why: Part of the SONiC Trixie migration effort (sonic-net/SONiC#2169). How: Replaced all bookworm references with trixie equivalents in Dockerfile.j2 and rules .mk file, moved docker registration from SONIC_BOOKWORM_DOCKERS to SONIC_TRIXIE_DOCKERS. Testing: All CI checks passed (27/27). VS image builds successfully, pretest passes on KVM T0 testbed (10 passed, 3 skipped), containers verified running Debian 13 (trixie). Signed-off-by: Ying Xie <ying.xie@microsoft.com>
…#27176) What: Removes LOAD_DOCKERS (config-engine-bookworm) and SONIC_BOOKWORM_DOCKERS registration from platform/vs/docker-dash-engine.mk. Why: dash-engine uses p4lang/behavioral-model (Ubuntu) as its base image, not docker-config-engine-bookworm. The dependency was unnecessary and the SONIC_BOOKWORM_DOCKERS registration was misleading. Part of Trixie migration cleanup (sonic-net/SONiC#2169). How: Removed two lines from docker-dash-engine.mk: the LOAD_DOCKERS config-engine reference and the SONIC_BOOKWORM_DOCKERS registration. Testing: All CI checks passed (27/27). VS image builds successfully, dash-engine container loads and runs correctly on KVM T0 testbed. Signed-off-by: Ying Xie <ying.xie@microsoft.com>
What: Upgrades Broadcom-related containers (docker-pde and docker-syncd-brcm) from Bookworm to Trixie — updates Dockerfile.j2 base images, .mk files, and pip/apt flags for PEP 668 compliance. Why: Part of the SONiC Trixie migration effort. BRCM containers need to move to Debian 13 (Trixie) for continued support. How: Updated Dockerfile.j2 base images to docker-config-engine-trixie, added --break-system-packages to pip3 install for PEP 668 compliance, added --no-install-recommends to apt-get, moved docker registrations from SONIC_BOOKWORM_DOCKERS to SONIC_TRIXIE_DOCKERS. Testing: All CI checks passed (27/27). Successfully built docker-pde.gz and docker-syncd-brcm.gz. PDE validated jsonschema version override (2.6.0). SYNCD-BRCM validated all shared libraries resolved including libsai.so.1 and Trixie-specific glibc/boost. Signed-off-by: Geans Pin <geans.pin@broadcom.com>
- Why I did it Update FW/SDK to xx.2016.3442/4.8.3442 - How I did it Updated related makefiles with the new version numbers. - How to verify it Run full sonic-mgmt regression. Signed-off-by: Kebo Liu <kebol@nvidia.com>
… to 2.6.6 (#27206) - Why I did it Update FW to 48.1000, BFSoC to 4.14.0-13938, RSHIM to 2.6.6 - How I did it Updated versions in relevant makefiles - How to verify it Build an image and run tests from "sonic-mgmt". Signed-off-by: Volodymyr Samotiy <volodymyrs@nvidia.com>
- Why I did it This PR introduces two changes: Updated Chassis.get_num_sfps() to account for the number of ASICs in multi-ASIC systems. Updated the get_transceiver_info() implementation for CPO ports to handle EEPROM read failures gracefully. - How I did it Invoked the relevant API to retrieve the number of ASICs. Updated get_transceiver_info() for CPO modules to immediately return None when an EEPROM read fails. - How to verify it Manual testing. Signed-off-by: tshalvi <tshalvi@nvidia.com>
…27211)
Why I did it
os.system() is unsafe as it invokes a shell and is vulnerable to shell injection. Replace with subprocess.call() or direct file writes per Python docs recommendation.
How I did it
Replace os.system() with subprocess.call() in generate_airflow.py and monitor_fan.py
Replace os.system("echo ... > /sys/bus/i2c/...") with direct open()/write() in dev_monitor.py and platform_driver.py
Add 94 unit tests:
generate_airflow.py: 36 tests
monitor_fan.py: 34 tests
dev_monitor.py: 7 tests
platform_driver.py: 17 tests
How to verify it
cd platform/broadcom/sonic-platform-modules-ragile/common/script
python3 -m pytest tests/ -v
cd intelligent_monitor
python3 -m pytest tests/ -v
SKU: x86_64-arista_7280r4_32qf_32df Signed-off-by: Nathan Wolfe <nwolfe@arista.com>
What: Updates headroom buffer configuration files for the NH-5010 platform, including tuned hdrm settings and a dummy entry for 800G_30m with adjusted settings for 1KB RoCE. Why: Optimizing headroom buffer configuration for the NH-5010 platform based on internal testing results. How: Updated relevant NH-5010 platform buffer configuration files with tuned headroom values (xoff, xon_offset, dynamic_th) derived from testing. Testing: All CI checks passed (27/27). Verified on router with correct buffer pool/profile values via show buffer config. Signed-off-by: venky <venky@nexthop.ai>
…or (#27029) What: Renames relay-agent-mode YANG typedef enums from long-form ISC internal names to short-form CLI aliases (append, replace, forward, discard), adds missing "forward" mode to CLI click.Choice, sets YANG default to "discard", and updates tests. Why: The mismatch between YANG long-form enums (forward_and_append, etc.) and CLI short-form values (append, etc.) caused config save/reload to fail with libyang validation errors. The "forward" mode was also missing from CLI entirely. Fixes sonic-net/sonic-mgmt#24052. How: Updated sonic-types.yang.j2 enum names to short-form, updated sonic-dhcpv4-relay.yang default to "discard", added "forward" to all four --agent-relay-mode CLI declarations in dhcp_relay.py, and added corresponding test fixtures. Testing: All CI checks passed (25/25). Verified config save/reload works without libyang errors after setting agent-relay-mode. Signed-off-by: Ashutosh Agrawal <ashu@cisco.com>
…ly (#27296) #### Why I did it src/dhcprelay ``` * d7a78ba - (HEAD -> master, origin/master, origin/HEAD) [dhcp4relay] Migrate syslog() to SWSS_LOG macros for runtime log-level control (Azure#110) (11 hours ago) [Shivashankar C R] ``` #### How I did it #### How to verify it #### Description for the changelog
…r (#27292) Why I did it Three issues in the restapi sidecar sync logic that surface during V1→V2 migration and at steady-state: The native restapi container can persist after V2 takeover because POST_COPY_ACTIONS only fires when a synced file changes. On subsequent sidecar restarts (files already in sync) or after a race with the container framework, the leftover container is never cleaned up. The first systemctl restart restapi after a fresh sync can fail with No such file or directory because the new restapi.sh is a thin wrapper that execs k8s_pod_control.sh, but the sync ordering placed k8s_pod_control.sh last. Many sidecars on the same fleet wake up and call into the host at the same instant, producing periodic load spikes. Work item tracking Microsoft ADO (number only): How I did it Add cleanup_native_container(name, is_v1_enabled) helper in sonic_py_common.sidecar_common. In V2 mode it docker inspects the named container and, if present, runs docker stop then docker rm --force. Called every sync cycle from ensure_sync() so a leftover container is eventually removed even when post-copy actions do not fire. Switch POST_COPY_ACTIONS for /usr/bin/restapi.sh from plain docker rm to docker rm --force so we never leave the container behind because it is still considered running. Reorder SYNC_ITEMS so k8s_pod_control.sh is synced before restapi.sh. This guarantees the wrapper target exists when the post-copy systemctl restart restapi runs. Add ±10% jitter to the sync loop sleep in main() to spread sidecar wake-ups across the fleet. How to verify it Unit tests added and run locally inside sonic-slave-bookworm: src/sonic-py-common/tests/test_sidecar_common.py — 11/11 pass (5 new tests for cleanup_native_container covering: running, exited, absent, V1 skip, container-name parameterization). dockers/docker-restapi-sidecar/cli-plugin-tests/test_systemd_stub.py — 74/74 pass (3 new tests covering docker rm --force in POST_COPY_ACTIONS, sync ordering of k8s_pod_control.sh before restapi.sh, and ±10% jitter on the loop interval).
Collaborator
Author
|
/azp run |
|
Azure Pipelines could not run because the pipeline triggers exclude this branch/path. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
12 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.