Add a check for ensuring mirror session ACLs are programmed to ASIC (#3333)

Description
Add a check for ensuring mirror session ACLs are programmed to ASIC

What is the issue?
This fix is to address an issue where an ACL is added to CONFIG_DB, but before it could be programmed to ASIC, Orchagent is paused.
This leads to APPLY_VIEW failure when base image OA could not process this ACL entry and target image's OA still creates it.
The issue has an image fix available at sonic-net/sonic-sairedis#1240
This issue is very rare, and has been caught by upgrade path tests only once in thousands of iterations.

What is this fix?
A new logic is added to check if mirror session ACLs for arp and nd are added to ASIC..
ACLs are looked into ASIC_DB and matched using SAI_ACL_ENTRY_ATTR_PRIORITY attribute.
SAI_ACL_ENTRY_ATTR_PRIORITY for arp ACL is 8888 and for nd is 8887
If one of the ACLs is found missing then warmboot is aborted.

Tested on physical testbed running 202311 and master

Author: ryanzhu706

scripts/fast-reboot

@@ -50,6 +50,7 @@ EXIT_NO_CONTROL_PLANE_ASSISTANT=20
 EXIT_SONIC_INSTALLER_VERIFY_REBOOT=21
 EXIT_PLATFORM_FW_AU_FAILURE=22
 EXIT_TEAMD_RETRY_COUNT_FAILURE=23
+EXIT_NO_MIRROR_SESSION_ACLS=24
 
 function error()
 {
@@ -283,13 +284,55 @@ function backup_database()
     fi
 }
 
+function check_mirror_session_acls()
+{
+    debug "Checking if mirror session ACLs (arp, nd) programmed to ASIC successfully"
+    ACL_ARP="missing"
+    ACL_ND="missing"
+    start_time=${SECONDS}
+    elapsed_time=$((${SECONDS} - ${start_time}))
+    while [[ ${elapsed_time} -lt 10 ]]; do
+	CHECK_ACL_ENTRIES=0
+        ACL_OUTPUT=$(sonic-db-cli ASIC_DB KEYS "*" | grep SAI_OBJECT_TYPE_ACL_ENTRY) || CHECK_ACL_ENTRIES=$?
+	if [[ ${CHECK_ACL_ENTRIES} -ne 0 ]]; then
+	    error "Failed to retrieve SAI_OBJECT_TYPE_ACL_ENTRY from redis"
+	    exit ${EXIT_NO_MIRROR_SESSION_ACLS}
+	fi
+	ACL_ENTRIES=( ${ACL_OUTPUT} )
+	if [[ ${#ACL_ENTRIES[@]} -eq 0 ]]; then
+	    error "NO SAI_OBJECT_TYPE_ACL_ENTRY objects found"
+	    exit ${EXIT_NO_MIRROR_SESSION_ACLS}
+	fi
+        for ACL_ENTRY in ${ACL_ENTRIES[@]}; do
+            ACL_PRIORITY=$(sonic-db-cli ASIC_DB HGET ${ACL_ENTRY} SAI_ACL_ENTRY_ATTR_PRIORITY)
+            if [[ ${ACL_PRIORITY} -eq 8888 ]]; then
+                ACL_ARP="found"
+            fi
+            if [[ ${ACL_PRIORITY} -eq 8887 ]]; then
+                ACL_ND="found"
+            fi
+        done
+        if [[ "${ACL_ARP}" = "found" && "${ACL_ND}" = "found" ]]; then
+            break
+        fi
+        sleep 0.1
+        elapsed_time=$((${SECONDS} - ${start_time}))
+    done
+    if [[ "${ACL_ARP}" != "found" || "${ACL_ND}" != "found" ]]; then
+        debug "Failed to program mirror session ACLs on ASIC. ACLs: ARP=${ACL_ARP} ND=${ACL_ND}"
+        exit ${EXIT_NO_MIRROR_SESSION_ACLS}
+    fi
+    debug "Mirror session ACLs (arp, nd) programmed to ASIC successfully"
+}
+
 function setup_control_plane_assistant()
 {
     if [[ -n "${ASSISTANT_IP_LIST}" && -x ${ASSISTANT_SCRIPT} ]]; then
         # TH3 HW is not capable of VxLAN programming thus skipping TH3 platforms
         if [[ "${HWSKU}" != "DellEMC-Z9332f-M-O16C64" && "${HWSKU}" != "DellEMC-Z9332f-M-O16C64-lab" ]]; then
             debug "Setting up control plane assistant: ${ASSISTANT_IP_LIST} ..."
             ${ASSISTANT_SCRIPT} -s ${ASSISTANT_IP_LIST} -m set
+	    check_mirror_session_acls
         else
             debug "${HWSKU} Not capable to support CPA. Skipping gracefully ..."
         fi