From e8f1cc328027f603fe7de03df777a192ee425573 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Tue, 12 Apr 2022 14:36:40 +0000 Subject: [PATCH 1/9] Add macsec yang model Signed-off-by: Ze Gan --- .../yang-models/sonic-macsec.yang | 107 ++++++++++++++++++ .../yang-models/sonic-port.yang | 10 ++ 2 files changed, 117 insertions(+) create mode 100644 src/sonic-yang-models/yang-models/sonic-macsec.yang diff --git a/src/sonic-yang-models/yang-models/sonic-macsec.yang b/src/sonic-yang-models/yang-models/sonic-macsec.yang new file mode 100644 index 000000000000..5a365d53e55b --- /dev/null +++ b/src/sonic-yang-models/yang-models/sonic-macsec.yang @@ -0,0 +1,107 @@ +module sonic-macsec { + + yang-version 1.1; + + namespace "http://github.com/Azure/sonic-macsec"; + + prefix macsec; + + description "MACsec yang Module for SONiC OS"; + + revision 2022-04-12 { + description "First Revision"; + } + + + container sonic-macsec { + + container MACSEC_PROFILE { + + description "MACsec profile of config_db.json"; + + list MACSEC_PROFILE_LIST { + + key "name"; + + leaf name { + type string; + } + + leaf priority { + type uint8; + default 255; + } + + leaf cipher_suite { + type string { + pattern "GCM-AES-128|GCM-AES-256|GCM-AES-XPN-128|GCM-AES-XPN-256"; + } + default "GCM-AES-128"; + } + + leaf primary_cak { + type string { + pattern "[0-9a-fA-F]{32,64}"; + } + mandatory true; + } + + leaf primary_ckn { + type string { + pattern "[0-9a-fA-F]{64}"; + } + mandatory true; + } + + leaf fallback_cak { + type string { + pattern "[0-9a-fA-F]{32,64}"; + } + } + + leaf fallback_ckn { + type string { + pattern "[0-9a-fA-F]{64}"; + } + } + + leaf policy { + type string { + pattern "integrity_only|security"; + } + default "security"; + } + + leaf enable_replay_protect { + type string { + pattern "true|false"; + } + default "false"; + } + + leaf replay_window { + when "current()/../enable_replay_protect = 'true'"; + type uint32; + } + + leaf send_sci { + type string { + pattern "true|false"; + } + default "true"; + } + + leaf rekey_period { + description "The period of proactively refresh (Unit second). + If the value is 0, which means never proactive refresh SAK."; + type uint32; + default 0; + } + + } /* end of list MACSEC_PROFILE_LIST */ + + } /* end of container MACSEC_PROFILE */ + + } /* end of container sonic-macsec */ + +} /* end of module sonic-macsec */ \ No newline at end of file diff --git a/src/sonic-yang-models/yang-models/sonic-port.yang b/src/sonic-yang-models/yang-models/sonic-port.yang index d296eaa05c39..add4de25ce0a 100644 --- a/src/sonic-yang-models/yang-models/sonic-port.yang +++ b/src/sonic-yang-models/yang-models/sonic-port.yang @@ -13,6 +13,10 @@ module sonic-port{ prefix ext; } + import sonic-macsec { + prefix macsec; + } + description "PORT yang Module for SONiC OS"; revision 2019-07-01 { @@ -153,6 +157,12 @@ module sonic-port{ type boolean; } + leaf macsec { + type leafref { + path "/macsec:sonic-macsec/macsec:MACSEC_PROFILE/macsec:MACSEC_PROFILE_LIST/macsec:name"; + } + } + } /* end of list PORT_LIST */ } /* end of container PORT */ From b255215c708afae3f91257501d7b9dd5a3b87b2b Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Tue, 12 Apr 2022 15:39:47 +0000 Subject: [PATCH 2/9] Add regular testcase Signed-off-by: Ze Gan --- .../tests/yang_model_tests/tests/macsec.json | 5 +++ .../yang_model_tests/tests_config/macsec.json | 43 +++++++++++++++++++ .../yang-models/sonic-macsec.yang | 9 +++- 3 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json create mode 100644 src/sonic-yang-models/tests/yang_model_tests/tests_config/macsec.json diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json b/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json new file mode 100644 index 000000000000..aceff5861a41 --- /dev/null +++ b/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json @@ -0,0 +1,5 @@ +{ + "PROFILE_TEST": { + "desc": "Profile test" + } +} \ No newline at end of file diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/macsec.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/macsec.json new file mode 100644 index 000000000000..545c38336d87 --- /dev/null +++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/macsec.json @@ -0,0 +1,43 @@ +{ + "PROFILE_TEST": { + "sonic-macsec:sonic-macsec": { + "sonic-macsec:MACSEC_PROFILE": { + "MACSEC_PROFILE_LIST": [ + { + "name": "test", + "priority": 64, + "cipher_suite": "GCM-AES-XPN-256", + "primary_cak": "0123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "6162636465666768696A6B6C6D6E6F70", + "fallback_cak": "0123456789ABCDEF0123456789ABCDE0", + "fallback_ckn": "6162636465666768696A6B6C6D6E6F7071", + "policy": "security", + "enable_replay_protect": "true", + "replay_window": 64, + "send_sci": "true", + "rekey_period": 3600 + } + ] + } + }, + "sonic-port:sonic-port": { + "sonic-port:PORT": { + "PORT_LIST": [ + { + "admin_status": "up", + "alias": "eth8", + "description": "Ethernet8", + "fec": "rs", + "lanes": "65", + "mtu": 9000, + "pfc_asym": "on", + "name": "Ethernet8", + "tpid": "0x8100", + "speed": 25000, + "macsec": "test" + } + ] + } + } + } +} diff --git a/src/sonic-yang-models/yang-models/sonic-macsec.yang b/src/sonic-yang-models/yang-models/sonic-macsec.yang index 5a365d53e55b..5e2c6f5cd8e2 100644 --- a/src/sonic-yang-models/yang-models/sonic-macsec.yang +++ b/src/sonic-yang-models/yang-models/sonic-macsec.yang @@ -48,11 +48,13 @@ module sonic-macsec { leaf primary_ckn { type string { - pattern "[0-9a-fA-F]{64}"; + pattern "[0-9a-fA-F]{32,64}"; } mandatory true; } + must "count(primary_cak) = count(primary_ckn)"; + leaf fallback_cak { type string { pattern "[0-9a-fA-F]{32,64}"; @@ -61,10 +63,13 @@ module sonic-macsec { leaf fallback_ckn { type string { - pattern "[0-9a-fA-F]{64}"; + pattern "[0-9a-fA-F]{32,64}"; } } + must "count(fallback_cak) = count(fallback_ckn)"; + must "primary_ckn != fallback_ckn"; + leaf policy { type string { pattern "integrity_only|security"; From 41c0296860b5867a8ea25af48902f6f3a536de76 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Wed, 13 Apr 2022 02:56:50 +0000 Subject: [PATCH 3/9] Add more testcases Signed-off-by: Ze Gan --- .../tests/yang_model_tests/tests/macsec.json | 28 ++++- .../yang_model_tests/tests_config/macsec.json | 110 +++++++++++++++++- .../yang-models/sonic-macsec.yang | 17 +-- 3 files changed, 140 insertions(+), 15 deletions(-) diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json b/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json index aceff5861a41..dfe479abdcee 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json @@ -1,5 +1,29 @@ { - "PROFILE_TEST": { - "desc": "Profile test" + "VALID_PROFILE": { + "desc": "Valid MACsec profile test" + }, + "DUPLICATE_CKN": { + "desc": "Primary CKN equals than fallback CKN", + "eStrKey": "Must" + }, + "INVALID_CAK_LENGTH": { + "desc": "Invalid CAK length", + "eStrKey": "Pattern" + }, + "INVALID_CAK_CHARACTER": { + "desc": "Invalid CAK character", + "eStrKey": "Pattern" + }, + "INVALID_CIPHER_LOWERCASE": { + "desc": "Invalid cipher with lowercase", + "eStrKey": "Pattern" + }, + "MISMATCH_LENGTH_PRIMARY_FALLBACK": { + "desc": "Mismatch length of primary and fallback", + "eStrKey": "Must" + }, + "SET_REPLAY_WINDOW_WHEN_DISABLE_REPLAY_PROTECT": { + "desc": "Set replay window when disable replay protect", + "eStrKey": "When" } } \ No newline at end of file diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests_config/macsec.json b/src/sonic-yang-models/tests/yang_model_tests/tests_config/macsec.json index 545c38336d87..cfd7c512a67a 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests_config/macsec.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests_config/macsec.json @@ -1,16 +1,30 @@ { - "PROFILE_TEST": { + "VALID_PROFILE": { "sonic-macsec:sonic-macsec": { "sonic-macsec:MACSEC_PROFILE": { "MACSEC_PROFILE_LIST": [ { - "name": "test", + "name": "test32", "priority": 64, - "cipher_suite": "GCM-AES-XPN-256", + "cipher_suite": "GCM-AES-128", "primary_cak": "0123456789ABCDEF0123456789ABCDEF", "primary_ckn": "6162636465666768696A6B6C6D6E6F70", - "fallback_cak": "0123456789ABCDEF0123456789ABCDE0", - "fallback_ckn": "6162636465666768696A6B6C6D6E6F7071", + "fallback_cak": "00000000000000000000000000000000", + "fallback_ckn": "11111111111111111111111111111111", + "policy": "security", + "enable_replay_protect": "true", + "replay_window": 64, + "send_sci": "true", + "rekey_period": 3600 + }, + { + "name": "test64", + "priority": 64, + "cipher_suite": "GCM-AES-XPN-256", + "primary_cak": "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "6162636465666768696A6B6C6D6E6F706162636465666768696A6B6C6D6E6F70", + "fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000", + "fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111", "policy": "security", "enable_replay_protect": "true", "replay_window": 64, @@ -34,7 +48,91 @@ "name": "Ethernet8", "tpid": "0x8100", "speed": 25000, - "macsec": "test" + "macsec": "test32" + } + ] + } + } + }, + "INVALID_CIPHER_LOWERCASE": { + "sonic-macsec:sonic-macsec": { + "sonic-macsec:MACSEC_PROFILE": { + "MACSEC_PROFILE_LIST": [ + { + "name": "test", + "cipher_suite": "gcm-aes-128", + "primary_cak": "0123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "6162636465666768696A6B6C6D6E6F70" + } + ] + } + } + }, + "DUPLICATE_CKN": { + "sonic-macsec:sonic-macsec": { + "sonic-macsec:MACSEC_PROFILE": { + "MACSEC_PROFILE_LIST": [ + { + "name": "test", + "primary_cak": "0123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "6162636465666768696A6B6C6D6E6F70", + "fallback_cak": "0123456789ABCDEF0123456789ABCDEF", + "fallback_ckn": "6162636465666768696A6B6C6D6E6F70" + } + ] + } + } + }, + "INVALID_CAK_LENGTH": { + "sonic-macsec:sonic-macsec": { + "sonic-macsec:MACSEC_PROFILE": { + "MACSEC_PROFILE_LIST": [ + { + "name": "test", + "primary_cak": "0123456789ABCDEF0123456789ABCDEFA", + "primary_ckn": "6162636465666768696A6B6C6D6E6F70A" + } + ] + } + } + }, + "INVALID_CAK_CHARACTER": { + "sonic-macsec:sonic-macsec": { + "sonic-macsec:MACSEC_PROFILE": { + "MACSEC_PROFILE_LIST": [ + { + "name": "test", + "primary_cak": "X123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "X162636465666768696A6B6C6D6E6F70" + } + ] + } + } + }, + "MISMATCH_LENGTH_PRIMARY_FALLBACK": { + "sonic-macsec:sonic-macsec": { + "sonic-macsec:MACSEC_PROFILE": { + "MACSEC_PROFILE_LIST": [ + { + "name": "test", + "primary_cak": "0123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "6162636465666768696A6B6C6D6E6F70", + "fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000", + "fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111" + } + ] + } + } + }, + "SET_REPLAY_WINDOW_WHEN_DISABLE_REPLAY_PROTECT": { + "sonic-macsec:sonic-macsec": { + "sonic-macsec:MACSEC_PROFILE": { + "MACSEC_PROFILE_LIST": [ + { + "name": "test", + "primary_cak": "0123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "6162636465666768696A6B6C6D6E6F70", + "replay_window": 64 } ] } diff --git a/src/sonic-yang-models/yang-models/sonic-macsec.yang b/src/sonic-yang-models/yang-models/sonic-macsec.yang index 5e2c6f5cd8e2..402e84c4e59e 100644 --- a/src/sonic-yang-models/yang-models/sonic-macsec.yang +++ b/src/sonic-yang-models/yang-models/sonic-macsec.yang @@ -41,33 +41,36 @@ module sonic-macsec { leaf primary_cak { type string { - pattern "[0-9a-fA-F]{32,64}"; + pattern "[0-9a-fA-F]{32}|[0-9a-fA-F]{64}"; } mandatory true; } leaf primary_ckn { type string { - pattern "[0-9a-fA-F]{32,64}"; + pattern "[0-9a-fA-F]{32}|[0-9a-fA-F]{64}"; } mandatory true; } - must "count(primary_cak) = count(primary_ckn)"; - leaf fallback_cak { type string { - pattern "[0-9a-fA-F]{32,64}"; + pattern "[0-9a-fA-F]{32}|[0-9a-fA-F]{64}"; } } leaf fallback_ckn { type string { - pattern "[0-9a-fA-F]{32,64}"; + pattern "[0-9a-fA-F]{32}|[0-9a-fA-F]{64}"; } } - must "count(fallback_cak) = count(fallback_ckn)"; + must "string-length(primary_cak) = string-length(primary_ckn)"; + + must "string-length(fallback_cak) = string-length(fallback_ckn)"; + + must "string-length(fallback_cak) = string-length(primary_cak)"; + must "primary_ckn != fallback_ckn"; leaf policy { From 0caac8a9a7b99b90dd0b0cbab5a9dd333509be04 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Wed, 13 Apr 2022 02:58:21 +0000 Subject: [PATCH 4/9] Add newline at the end of files Signed-off-by: Ze Gan --- src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json | 2 +- src/sonic-yang-models/yang-models/sonic-macsec.yang | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json b/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json index dfe479abdcee..9d4329e8d7f2 100644 --- a/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json +++ b/src/sonic-yang-models/tests/yang_model_tests/tests/macsec.json @@ -26,4 +26,4 @@ "desc": "Set replay window when disable replay protect", "eStrKey": "When" } -} \ No newline at end of file +} diff --git a/src/sonic-yang-models/yang-models/sonic-macsec.yang b/src/sonic-yang-models/yang-models/sonic-macsec.yang index 402e84c4e59e..b1518ed0ecec 100644 --- a/src/sonic-yang-models/yang-models/sonic-macsec.yang +++ b/src/sonic-yang-models/yang-models/sonic-macsec.yang @@ -112,4 +112,4 @@ module sonic-macsec { } /* end of container sonic-macsec */ -} /* end of module sonic-macsec */ \ No newline at end of file +} /* end of module sonic-macsec */ From ee0de5603d35b51c3a84782cb900d409f3c8a29c Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Wed, 13 Apr 2022 09:54:55 +0000 Subject: [PATCH 5/9] add sample Signed-off-by: Ze Gan --- .../tests/files/sample_config_db.json | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/src/sonic-yang-models/tests/files/sample_config_db.json b/src/sonic-yang-models/tests/files/sample_config_db.json index 6618ed8232b7..94fdf826629e 100644 --- a/src/sonic-yang-models/tests/files/sample_config_db.json +++ b/src/sonic-yang-models/tests/files/sample_config_db.json @@ -426,7 +426,8 @@ "admin_status": "up", "index": "0", "asic_port_name": "Eth0-ASIC1", - "role": "Ext" + "role": "Ext", + "macsec": "test" }, "Ethernet1": { "alias": "Eth1/2", @@ -1700,5 +1701,21 @@ "global": { } } + }, + + "MACSEC_PROFILE": { + "test": { + "priority": 64, + "cipher_suite": "GCM-AES-128", + "primary_cak": "0123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "6162636465666768696A6B6C6D6E6F70", + "fallback_cak": "00000000000000000000000000000000", + "fallback_ckn": "11111111111111111111111111111111", + "policy": "security", + "enable_replay_protect": "true", + "replay_window": 64, + "send_sci": "true", + "rekey_period": 3600 + } } } From 753b7fb8919609a9cf94183033235973db03ad85 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Wed, 13 Apr 2022 14:22:37 +0000 Subject: [PATCH 6/9] Fix bug Signed-off-by: Ze Gan --- src/sonic-yang-models/setup.py | 6 ++-- .../tests/files/sample_config_db.json | 35 ++++++++++--------- .../yang-models/sonic-macsec.yang | 4 ++- 3 files changed, 25 insertions(+), 20 deletions(-) diff --git a/src/sonic-yang-models/setup.py b/src/sonic-yang-models/setup.py index 429549255824..3afe74b38d91 100644 --- a/src/sonic-yang-models/setup.py +++ b/src/sonic-yang-models/setup.py @@ -143,7 +143,8 @@ def run(self): './yang-models/sonic-tc-queue-map.yang', './yang-models/sonic-pfc-priority-queue-map.yang', './yang-models/sonic-pfc-priority-priority-group-map.yang', - './yang-models/sonic-port-qos-map.yang']), + './yang-models/sonic-port-qos-map.yang', + './yang-models/sonic-macsec.yang',]), ('cvlyang-models', ['./cvlyang-models/sonic-acl.yang', './cvlyang-models/sonic-bgp-common.yang', './cvlyang-models/sonic-bgp-global.yang', @@ -194,7 +195,8 @@ def run(self): './cvlyang-models/sonic-tc-queue-map.yang', './cvlyang-models/sonic-pfc-priority-queue-map.yang', './cvlyang-models/sonic-pfc-priority-priority-group-map.yang', - './cvlyang-models/sonic-port-qos-map.yang']), + './cvlyang-models/sonic-port-qos-map.yang', + './cvlyang-models/sonic-macsec.yang']), ], zip_safe=False, ) diff --git a/src/sonic-yang-models/tests/files/sample_config_db.json b/src/sonic-yang-models/tests/files/sample_config_db.json index 94fdf826629e..5a43e3a984d4 100644 --- a/src/sonic-yang-models/tests/files/sample_config_db.json +++ b/src/sonic-yang-models/tests/files/sample_config_db.json @@ -1682,14 +1682,31 @@ "src_ip": "10.0.0.1" } }, + + "NVGRE_TUNNEL_MAP": { "tunnel_1|Vlan111": { "vlan_id": "111", "vsid": "5000" } - } + }, + "MACSEC_PROFILE": { + "test": { + "priority": "64", + "cipher_suite": "GCM-AES-128", + "primary_cak": "0123456789ABCDEF0123456789ABCDEF", + "primary_ckn": "6162636465666768696A6B6C6D6E6F70", + "fallback_cak": "00000000000000000000000000000000", + "fallback_ckn": "11111111111111111111111111111111", + "policy": "security", + "enable_replay_protect": "true", + "replay_window": "64", + "send_sci": "true", + "rekey_period": "3600" + } + } }, "SAMPLE_CONFIG_DB_UNKNOWN": { "UNKNOWN_TABLE": { @@ -1701,21 +1718,5 @@ "global": { } } - }, - - "MACSEC_PROFILE": { - "test": { - "priority": 64, - "cipher_suite": "GCM-AES-128", - "primary_cak": "0123456789ABCDEF0123456789ABCDEF", - "primary_ckn": "6162636465666768696A6B6C6D6E6F70", - "fallback_cak": "00000000000000000000000000000000", - "fallback_ckn": "11111111111111111111111111111111", - "policy": "security", - "enable_replay_protect": "true", - "replay_window": 64, - "send_sci": "true", - "rekey_period": 3600 - } } } diff --git a/src/sonic-yang-models/yang-models/sonic-macsec.yang b/src/sonic-yang-models/yang-models/sonic-macsec.yang index b1518ed0ecec..346198b15c57 100644 --- a/src/sonic-yang-models/yang-models/sonic-macsec.yang +++ b/src/sonic-yang-models/yang-models/sonic-macsec.yang @@ -24,7 +24,9 @@ module sonic-macsec { key "name"; leaf name { - type string; + type string { + length 1..128; + } } leaf priority { From 2a28135cfcced52dac0c920b97057f943e60d8b5 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Wed, 13 Apr 2022 14:35:24 +0000 Subject: [PATCH 7/9] remove useless newlines Signed-off-by: Ze Gan --- src/sonic-yang-models/tests/files/sample_config_db.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/sonic-yang-models/tests/files/sample_config_db.json b/src/sonic-yang-models/tests/files/sample_config_db.json index 5a43e3a984d4..8c5a8c0af909 100644 --- a/src/sonic-yang-models/tests/files/sample_config_db.json +++ b/src/sonic-yang-models/tests/files/sample_config_db.json @@ -1682,8 +1682,6 @@ "src_ip": "10.0.0.1" } }, - - "NVGRE_TUNNEL_MAP": { "tunnel_1|Vlan111": { "vlan_id": "111", @@ -1707,6 +1705,7 @@ "rekey_period": "3600" } } + }, "SAMPLE_CONFIG_DB_UNKNOWN": { "UNKNOWN_TABLE": { From 515aa883bb899838c83c0396677890caf6808f24 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Thu, 14 Apr 2022 02:00:58 +0000 Subject: [PATCH 8/9] Polish code Signed-off-by: Ze Gan --- src/sonic-yang-models/setup.py | 2 +- src/sonic-yang-models/yang-models/sonic-macsec.yang | 11 +++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/src/sonic-yang-models/setup.py b/src/sonic-yang-models/setup.py index 3afe74b38d91..4ca8d065c6ec 100644 --- a/src/sonic-yang-models/setup.py +++ b/src/sonic-yang-models/setup.py @@ -144,7 +144,7 @@ def run(self): './yang-models/sonic-pfc-priority-queue-map.yang', './yang-models/sonic-pfc-priority-priority-group-map.yang', './yang-models/sonic-port-qos-map.yang', - './yang-models/sonic-macsec.yang',]), + './yang-models/sonic-macsec.yang']), ('cvlyang-models', ['./cvlyang-models/sonic-acl.yang', './cvlyang-models/sonic-bgp-common.yang', './cvlyang-models/sonic-bgp-global.yang', diff --git a/src/sonic-yang-models/yang-models/sonic-macsec.yang b/src/sonic-yang-models/yang-models/sonic-macsec.yang index 346198b15c57..1c0ca83b4cb5 100644 --- a/src/sonic-yang-models/yang-models/sonic-macsec.yang +++ b/src/sonic-yang-models/yang-models/sonic-macsec.yang @@ -12,6 +12,9 @@ module sonic-macsec { description "First Revision"; } + import sonic-types { + prefix stypes; + } container sonic-macsec { @@ -83,9 +86,7 @@ module sonic-macsec { } leaf enable_replay_protect { - type string { - pattern "true|false"; - } + type stypes:boolean_type; default "false"; } @@ -95,9 +96,7 @@ module sonic-macsec { } leaf send_sci { - type string { - pattern "true|false"; - } + type stypes:boolean_type; default "true"; } From 77695fb80dc5971df2b550d9d8b498e42ff06cf0 Mon Sep 17 00:00:00 2001 From: Ze Gan Date: Thu, 14 Apr 2022 03:34:52 +0000 Subject: [PATCH 9/9] Move import to the beggin of module Signed-off-by: Ze Gan --- src/sonic-yang-models/yang-models/sonic-macsec.yang | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/sonic-yang-models/yang-models/sonic-macsec.yang b/src/sonic-yang-models/yang-models/sonic-macsec.yang index 1c0ca83b4cb5..4e3412f86a3d 100644 --- a/src/sonic-yang-models/yang-models/sonic-macsec.yang +++ b/src/sonic-yang-models/yang-models/sonic-macsec.yang @@ -6,16 +6,16 @@ module sonic-macsec { prefix macsec; + import sonic-types { + prefix stypes; + } + description "MACsec yang Module for SONiC OS"; revision 2022-04-12 { description "First Revision"; } - import sonic-types { - prefix stypes; - } - container sonic-macsec { container MACSEC_PROFILE {