Fetch capability of mirror before configuring it

[stephenxs]

What I did

Fetch capability of ingress/egress mirror before configuring it and avoid configuring ingress/egress mirror on a platform that does not support it.

How I did it

Check the capability in PORT_INGRESS_MIRROR_CAPABLE and PORT_EGRESS_MIRROR_CAPABLE in STATE_DB table SWITCH_CAPABILITY.
The capability of ingress/egress mirror is inserted to STATE_DB by orchagent during initialization.

How to verify it

Manual test and unit test

Previous command output (if the output of a command-line utility has changed)

New command output (if the output of a command-line utility has changed)

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[stephenxs]

Failure is caused by rebasing the commit to the latest master. Investigating.

[stephenxs]

Failure is caused by rebasing the commit to the latest master. Investigating.

Depends on sonic-net/sonic-swss#3934

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[bingwang-ms]

Depends on sonic-net/sonic-swss#3934

[bingwang-ms]

@qiluo-msft Can you help review this change? Thanks

[qiluo-msft]

Could you use unix socket which has better performance?

[stephenxs]

Fixed

[qiluo-msft]

Could you use more specific exception type?

[stephenxs]

Removed as we do not expect any exception here.

[Copilot]

Pull Request Overview

This PR adds ASIC capability checking for port mirror direction support before allowing mirror session configuration. The change prevents users from configuring mirror sessions with directions (rx/tx/both) that are not supported by the underlying ASIC hardware.

• Added is_port_mirror_capability_supported() function to query STATE_DB for ASIC capabilities
• Integrated capability validation into validate_mirror_session_config()
• Added comprehensive test coverage for capability checking functionality

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
config/main.py	Added capability checking function and validation logic to prevent unsupported mirror directions
tests/config_mirror_session_test.py	Added test cases for capability checking and removed trailing whitespace

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The function accepts a namespace parameter but never uses it. Based on other functions in the codebase (e.g., lines 6188-6190), the namespace should be used when initializing SonicV2Connector. Either use the namespace parameter to create the connector with use_unix_socket_path=True and the appropriate namespace, or remove the unused parameter.

Suggested change

	state_db = SonicV2Connector(host='127.0.0.1')
	if namespace is not None:
	state_db = SonicV2Connector(use_unix_socket_path=True, namespace=namespace)
	else:
	state_db = SonicV2Connector(host='127.0.0.1')

[Copilot]

The state_db connection is never explicitly closed. Based on patterns elsewhere in the codebase (e.g., line 6195), the connection should be closed after use with state_db.close(state_db.STATE_DB) to prevent resource leaks.

Suggested change

	# If no direction is specified, check both ingress and egress capabilities
	if not direction:
	ingress_supported = state_db.get(state_db.STATE_DB, entry_name, "PORT_INGRESS_MIRROR_CAPABLE")
	egress_supported = state_db.get(state_db.STATE_DB, entry_name, "PORT_EGRESS_MIRROR_CAPABLE")
	return ingress_supported == "true" and egress_supported == "true"
	if direction in ['rx', 'both']:
	ingress_supported = state_db.get(state_db.STATE_DB, entry_name, "PORT_INGRESS_MIRROR_CAPABLE")
	if ingress_supported != "true":
	return False
	if direction in ['tx', 'both']:
	egress_supported = state_db.get(state_db.STATE_DB, entry_name, "PORT_EGRESS_MIRROR_CAPABLE")
	if egress_supported != "true":
	return False
	return True
	try:
	# If no direction is specified, check both ingress and egress capabilities
	if not direction:
	ingress_supported = state_db.get(state_db.STATE_DB, entry_name, "PORT_INGRESS_MIRROR_CAPABLE")
	egress_supported = state_db.get(state_db.STATE_DB, entry_name, "PORT_EGRESS_MIRROR_CAPABLE")
	return ingress_supported == "true" and egress_supported == "true"
	if direction in ['rx', 'both']:
	ingress_supported = state_db.get(state_db.STATE_DB, entry_name, "PORT_INGRESS_MIRROR_CAPABLE")
	if ingress_supported != "true":
	return False
	if direction in ['tx', 'both']:
	egress_supported = state_db.get(state_db.STATE_DB, entry_name, "PORT_EGRESS_MIRROR_CAPABLE")
	if egress_supported != "true":
	return False
	return True
	finally:
	state_db.close(state_db.STATE_DB)

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[stephenxs]

It's weird that pretest passed locally but failed in the github

stephens@675ff3c81f2e:/sonic/src/sonic-utilities/config$ git commit -s
[INFO] Initializing environment for https://github.com/PyCQA/flake8.
[INFO] Installing environment for https://github.com/PyCQA/flake8.
[INFO] Once installed this environment will be reused.
[INFO] This may take a few minutes...
flake8...................................................................Passed
[detached HEAD 8bf2b0d7] Fix community review comments
 1 file changed, 19 insertions(+), 23 deletions(-)
stephens@675ff3c81f2e:/sonic/src/sonic-utilities/config$ git log

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mssonicbld]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[liat-grozovik]

@qiluo-msft can you please check if you are ok with comments handling and approve this PR?