ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction

[mihaitomaro]

Readme Location: https://github.com/openconfig/featureprofiles/blob/main/feature/gnsi/acctz/tests/AccountingAuthenFailMulti/README.md

Attached logs here: https://partnerissuetracker.corp.google.com/u/2/issues/513266214

[OpenConfigBot]

Pull Request Functional Test Report for #5476 / 7633828

Virtual Devices

Device	Test	Test Documentation	Job	Raw Log
Arista cEOS		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction
Cisco 8000E		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction
Cisco XRd		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction
Juniper ncPTX		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction
Nokia SR Linux		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction
Openconfig Lemming		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction

Hardware Devices

Device	Test	Test Documentation	Raw Log
Arista 7808		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction
Cisco 8808		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction
Juniper PTX10008		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction
Nokia 7250 IXR-10e		ACCTZ-7.1: gNSI.acctz.v1 (Accounting) Test Accounting Authentication Failure - Multi-transaction

Help

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new test suite to validate that the gNSI accounting service correctly logs authentication failures across multiple SSH attempts. It also includes a critical fix for Arista device configuration, ensuring that AAA command authorization is applied in a way that does not block the initial setup of users and roles.

Highlights

• New Test Case: Added a new test file accounting_authen_fail_multi_test.go to verify gNSI accounting records for multiple SSH authentication failure scenarios.
• Arista Configuration Fix: Updated aristaFailAuthzCliRole in acctz.go to split the AAA configuration into two steps, preventing commit failures caused by immediate enforcement of command authorization.
• Refactoring: Exported GetSSHTarget in acctz.go to allow its use in the new test suite.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new test suite for gNSI accounting, specifically verifying that records are correctly generated for multiple failed SSH authentication attempts using both passwords and keys. It also refactors the Arista-specific AAA configuration to split command authorization into two steps, preventing implicit commit failures during gNMI sessions. The review feedback correctly identified critical concurrency issues in the test's record collection loop, including a potential goroutine leak and a data race, and provided actionable suggestions to ensure thread safety and efficiency.