Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
devel:kubic
cilium-cli
cilium-cli.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cilium-cli.changes of Package cilium-cli
------------------------------------------------------------------- Wed Oct 02 05:30:16 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.19: * Prepare for v0.16.19 release * chore(deps): update dependency go to v1.23.2 * chore(deps): update docker/build-push-action action to v6.9.0 * go.mod: pick up github.com/cilium/cilium v1.17.0-pre.1 * Change default entrypoint for both usecases * Prepare for #2755 - Dockerfile only * chore(deps): update dependency cilium/cilium to v1.16.2 * chore(deps): update all github action dependencies * github: Add a workflow to close stale issues and PRs * chore(deps): update dependency ubuntu to v24 * github: Increase hubble-event-queue-size * multicluster: correctly specify the dst context to clustermes connect * Update stable release to v0.16.18 ------------------------------------------------------------------- Sat Sep 28 11:06:00 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de> - fix version output to fix broken 'cilium upgrade' ------------------------------------------------------------------- Sat Sep 21 16:57:45 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.18: * Prepare for v0.16.18 release * chore(deps): update azure/login action to v2.2.0 * release: Install curl * chore(deps): update ubuntu:24.04 docker digest to dfc1087 * github: Remove unused files * vendor: Remove gops dependency * chore(deps): update ubuntu:24.04 docker digest to 56a8952 * action: Run version command with --client flag * Update stable release to v0.16.17 ------------------------------------------------------------------- Sat Sep 14 07:29:15 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.17: * Prepare for v0.16.17 release * chore(deps): update docker.io/library/golang:1.23.1-alpine3.19 docker digest to e0ea2a1 * chore(deps): update docker/dockerfile docker tag to v1.10 * chore(deps): update golang:1.23.1-alpine3.19 docker digest to e0ea2a1 * vendor: Pick up github.com/cilium/cilium v1.17.0-pre.0 * chore(deps): update golangci/golangci-lint docker tag to v1.61.0 * chore(deps): update golang docker tag to v1.23.1 * chore(deps): update go to v1.23.1 * chore(deps): update actions/upload-artifact action to v4.4.0 * github: Remove "Push to Loki" workflow * make: set set latest stable version based on stable.txt * chore(deps): update golangci/golangci-lint docker tag to v1.60.3 * chore(deps): update google-github-actions/auth action to v2.1.5 * build: fix CLIVersion ldflag ref * chore(deps): update golangci/golangci-lint docker tag to v1.60.2 * chore(deps): update go to v1.23.0 * CODEOWNERS: Assign vendor/ to cilium-cli-maintainers ------------------------------------------------------------------- Tue Aug 20 11:08:56 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.16: * Prepare for v0.16.16 release * chore(deps): update all github action dependencies * chore(deps): update all github action dependencies * chore(deps): update golang-images * chore(deps): update golangci/golangci-lint docker tag to v1.60.1 * chore(deps): update dependency cilium/cilium to v1.16.1 * chore(deps): update go to v1.22.6 * chore(deps): update docker/build-push-action action to v6.6.0 * chore(deps): update actions/upload-artifact action to v4.3.5 * Unlock the repo * Remove unused files * Use CLI from cilium/cilium repo * Pick up the latest cilium from main branch * Update CODEOWNERS * chore(deps): update golang docker tag to v1.22.6 * Update stable release to v0.16.15 ------------------------------------------------------------------- Wed Aug 07 15:26:21 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.15: * Prepare for v0.16.15 release * action: Handle multiple cilium-cli directories * Lock cilium-cli repo * Update stable release to v0.16.14 ------------------------------------------------------------------- Thu Aug 01 07:19:44 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.14: * Prepare for v0.16.14 release * externalworkloads: Set cluster.id * {externalworkloads,multicluster}: Shorten cluster names * chore(deps): update dependency cilium/cilium to v1.16.0 * chore(deps): update docker/setup-buildx-action action to v3.6.1 * chore(deps): update golangci/golangci-lint-action action to v6.1.0 * connectivity: use TestNamespace and ExternalDeploymentPort params * connectivity: Support multiple conditions * chore(deps): update docker.io/coredns/coredns docker tag to v1.11.3 * chore(deps): update docker/setup-buildx-action action to v3.6.0 * kind: Pick up the latest kindest/node image * Adding multicast subcommand * sysdump: Gather gops from cilium-operator * junit: collector fix * Pick up kindest/node:v1.21.10 * fix(deps): update github.com/cilium/charts digest to 2a1e5b8 * fix(deps): update module github.com/cilium/cilium to v1.16.0 * chore(deps): update all github action dependencies * chore(deps): update golang:1.22.5-alpine3.19 docker digest to 48aac60 * chore(deps): update docker.io/library/golang:1.22.5-alpine3.19 docker digest to 48aac60 * connectivity: Fix ineffective version check in BGP tests * Assign release-related files to cilium-cli-maintainers * connectivity: single JUnit report * chore(deps): update golang:1.22.5-alpine3.19 docker digest to 653cab0 * chore(deps): update softprops/action-gh-release action to v2.0.8 * Update CONTRIBUTING.md * sysdump: fix file separator * chore(deps): update docker/build-push-action action to v6.4.1 * fix(deps): update github.com/cilium/charts digest to 2c16e87 * fix(deps): update module github.com/cilium/cilium to v1.16.0-rc.2 * connectivity: Assert BGP timer intervals in BGP connectivity tests * connectivity: skip local-redirect-policy-with-node-dns * connectivity: add local-redirect-policy-with-node-dns test * connectivity: add LRP with node-local-dns test scenario * connectivity: add node local DNS feature detection * connectivity: use ExternalDeploymentPort for echoExternalNode headless svc * connectivity: run LRP test with 1.16.0 or higher * connectivity: skip LRP test resources creation if already exists * ci: Set up node local DNS in the kind workflow * connectivity: test namespace suffix * connectivity: perf deployment improved * chore(deps): update docker/build-push-action action to v6.4.0 * golangci-lint: Add errorlint * Replace io.ReadAll with safeio.ReadAllLimit * Replace timer.After with inctimer.After * Replace sync with github.com/cilium/cilium/pkg/lock * chore(deps): update docker/dockerfile docker tag to v1.9 * flags: Use option.NewNamedMapOptions * connectivity: echo-ingress-l7-via-hostport-with-encryption only runs with cilium 1.16.0 or newer. * vendor: Remove gopkg.in/check.v1 dependency * connectivity: disrupt deployment improved * connectivity: Add echo-ingress-l7-via-hostport-with-encryption * connectivity/echo-ingress-l7: Make expectation a function * chore(deps): update dependency cilium/cilium to v1.15.7 * fix(deps): update github.com/cilium/charts digest to 3eef298 * Update stable release to v0.16.13 ------------------------------------------------------------------- Thu Jul 11 18:44:15 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.13: * Prepare for v0.16.13 release * chore(deps): update actions/setup-go action to v5.0.2 * fix(deps): update module helm.sh/helm/v3 to v3.15.3 * clustermesh: fix deprecated cloud internal LoadBalancer annotations * clustermesh: explicitly validate service type, and forbid ClusterIP * clustermesh: fix remote clusters configuration reset upon deactivation * Add --disable-check flag to upgrade command * connectivity: Add Port Range Tests * Update stable release to v0.16.12 ------------------------------------------------------------------- Wed Jul 10 07:11:49 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.12: * Prepare for v0.16.12 release * CODEOWNERS: Assign BGP/FRR source files to sig-bgp * connectivity: Introduce BGP CP connectivity tests * chore(deps): update all github action dependencies * chore(deps): update go to v1.22.5 * kvstoremesh: don't disable by default * chore(deps): update docker/setup-buildx-action action to v3.4.0 * chore(deps): update golang:1.22.5-alpine3.19 docker digest to 0642d4f * fix(deps): update all go dependencies main * chore(deps): update golang docker tag to v1.22.5 * chore(deps): update docker/build-push-action action to v6.3.0 * Add --disable-check flag back * action: Use github.action_path when accessing cilium.sh * connectivity: Label test namespaces * fix(deps): update module github.com/cilium/cilium to v1.16.0-rc.1 * Update stable release to v0.16.11 * Dockerfile: Fix a warning * Simplify Kind workflow ------------------------------------------------------------------- Wed Jul 03 16:10:01 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.11: * Prepare for v0.16.11 release * ci: speedup workflows * sysdump: derive operator namespace from agent namespace if specified * sysdump: fix no Cilium output if operator was not detected * fix(deps): update all go dependencies main * image: Push Docker image on tag push * Remove cilium-cli-test-job-chart * aks: Temporarily disable Hubble Relay * fix(deps): update module github.com/cilium/cilium to v1.16.0-rc.0 * multicluster: Run cilium-cli inside a container * chore(deps): update docker/build-push-action action to v6.2.0 * fix: ExternalTargetCANamespace name * eks: Run cilium-cli inside a container * connectivity: Ensure Hubble Relay is connected to all the nodes * external-workloads: Run cilium-cli inside a container * gke: Run cilium-cli inside a container * gha: fix cluster names in kind workflow * autodetect: try to sanitize autodetected cluster name * azure: directly retrieve cluster name from kubeconfig * action: Add an option to run cilium-cli inside a container * connectivity: Add pod-to-pod-no-frag * connectivity: Extend PingCommand to accept extra args * chore(deps): pin ubuntu docker tag to 2e863c4 * connectivity: refactor initClients * connectivity: introduce detectSingleNode method * Dockerfile: Install aws / azure / gcloud CLIs * chore(deps): update docker/build-push-action action to v6.1.0 * chore(deps): update all github action dependencies * chore(deps): update golang:1.22.4-alpine3.19 docker digest to c46c460 * chore(deps): update docker.io/library/golang:1.22.4-alpine3.19 docker digest to c46c460 * chore(deps): update quay.io/cilium/alpine-curl docker tag to v1.10.0 * chore(deps): update docker.io/library/golang:1.22.4-alpine3.19 docker digest to e43a04e * chore(deps): update golang-images * gh/workflows: Fix display img digest step * connectivity: Display last assertion error on failure * connectivity: Extend pod-to-pod encryption tests * chore(deps): update docker/build-push-action action to v6 * fix(deps): update all go dependencies main * chore(deps): update docker.io/library/golang:1.22.4-alpine3.19 docker digest to d9b1f00 * chore(deps): update docker/build-push-action action to v5.4.0 * chore(deps): update golangci/golangci-lint docker tag to v1.59.1 * chore(deps): update golang-images * Pick up the latest cilium/cilium from main branch * chore(deps): update dependency cilium/cilium to v1.15.6 * chore(deps): update actions/checkout action to v4.1.7 * gha: increase disk size for GKE clusters * fix(deps): update github.com/cilium/charts digest to 4be5659 * Update stable release to v0.16.10 ------------------------------------------------------------------- Sat Jun 08 09:57:49 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.10: * Prepare for v0.16.10 release * fix(deps): update module golang.org/x/term to v0.21.0 * fix(deps): update all go dependencies main * connectivity: Introduce local redirect policy tests * connectivity: Add ResultCurlTimeout * connectivity: Add a scenario getter * features: Add LocalRedirectPolicy * connectivity: add egress-gateway-with-l7-policy test * connectivity: add pod to external with DNS case in EGW scenario * chore(deps): update golang docker tag to v1.22.4 * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 25e9fcb * Update go.mod * fix: properly count wrapped lines in status output in --wait mode * chore(deps): update go to v1.22.4 * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 082a03d * fix: conn tests JUnit file name * Update stable release to v0.16.9 ------------------------------------------------------------------- Sat Jun 01 09:11:49 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.9: * Prepare for v0.16.9 release * fix(deps): update github.com/cilium/charts digest to f365292 * clustermesh: fix status retrieval on v1.14 with kvstoremesh enabled * Update stable release to v0.16.8 ------------------------------------------------------------------- Thu May 30 09:00:08 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.8: * Update stable release to v0.16.7 by @michi-covalent in #2532 * RELEASE.md: make sure to push correct release branch by @tklauser in #2534 * Remove cilium/hubble dependency by @michi-covalent in #2528 * golangci: remove deprecated go version properties by @tklauser in #2536 * chore(deps): update softprops/action-gh-release action to v2.0.5 by @renovate in #2535 * chore(deps): update golangci/golangci-lint-action action to v5.3.0 by @renovate in #2527 * Display stderr when ExecInPod action fails. by @marseel in #2508 * chore(deps): update golang docker tag to v1.22.3 by @renovate in #2537 * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 9bc27a7 by @renovate in #2538 * fix: Azure BYOCNI workflow by @viktor-kurchenko in #2546 * Capture additional clustermesh-related troubleshooting information as part of sysdumps by @giorio94 in #2531 * Improve ClusterMesh status reporting to include KVStoreMesh information and troubleshooting tips by @giorio94 in #2541 * chore(deps): update go to v1.22.3 (patch) by @renovate in #2542 * fix(deps): update module github.com/cilium/charts to v0.0.0-20240507142034-8e0b9125ca4a by @renovate in #2543 * clustermesh: reset remote clusters configuration upon disconnection by @giorio94 in #2544 * chore(deps): update dependency cilium/cilium to v1.15.5 by @renovate in #2551 * Connectivity test concurrent run by @viktor-kurchenko in #2496 * chore(deps): update golang:1.22.3-alpine3.19 docker digest to f1fe698 by @renovate in #2550 * chore(deps): update dependency kubernetes-sigs/kind to v0.23.0 by @renovate in #2547 * chore(deps): update docker.io/library/golang:1.22.3-alpine3.19 docker digest to f1fe698 by @renovate in #2554 * chore(deps): update all github action dependencies (patch) by @renovate in #2539 * chore(deps): update golangci/golangci-lint-action action to v6 by @renovate in #2533 * chore(deps): update golangci/golangci-lint docker tag to v1.58.1 by @renovate in #2525 * fix(deps): update all go dependencies main (minor) by @renovate in #2556 * encrypt: broken IPsec algo removed by @viktor-kurchenko in #2552 * sysdump: don't write extension twice in clustermesh debug files by @giorio94 in #2557 * fix(deps): update module github.com/cilium/charts to v0.0.0-20240517144447-a8ec8771aab8 by @renovate in #2555 * chore(deps): update golangci/golangci-lint docker tag to v1.58.2 by @renovate in #2558 * fix(deps): update module helm.sh/helm/v3 to v3.15.1 by @renovate in #2560 * Connectivity tests concurrent logger. by @viktor-kurchenko in #2562 * chore(deps): update golangci/golangci-lint docker tag to v1.59.0 by @renovate in #2563 * chore(deps): update docker/login-action action to v3.2.0 by @renovate in #2564 * chore(deps): update azure/login action to v2.1.1 by @renovate in #2561 * Prepare for v0.16.8 release by @michi-covalent in #2566 ------------------------------------------------------------------- Wed May 08 11:09:12 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.7: * Prepare for v0.16.7 release * connectivity: cover echo-{same,other}-node services in ingress tests * chore(deps): update golangci/golangci-lint-action action to v5.2.0 * fix(deps): update all go dependencies main * chore(deps): update actions/setup-go action to v5.0.1 * Update stable release to v0.16.6 ------------------------------------------------------------------- Tue Apr 30 19:21:50 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.6: * Update stable release to v0.16.5 by @michi-covalent in #2510 * fix(deps): update github.com/cilium/charts digest to d93188b by @renovate in #2506 * chore(deps): update golangci/golangci-lint-action action to v5 by @renovate in #2504 * chore(deps): update actions/download-artifact action to v4.1.7 by @renovate in #2500 * chore(deps): update docker/dockerfile:1.7 docker digest to a57df69 by @renovate in #2505 * Pin test-connection-disruption using multi-platform image SHA by @michi-covalent in #2513 * k8s: remove unused filter functionality from k8sclient.CiliumLogs by @mhofstetter in #2501 * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 735f3e2 by @renovate in #2517 * chore(deps): update golangci/golangci-lint-action action to v5.1.0 by @renovate in #2515 * chore(deps): update actions/checkout action to v4.1.4 by @renovate in #2514 * connectivity: Delete test-conn-disrupt pods immediately after test run by @brb in #2511 * Prepare for v0.16.6 release by @michi-covalent in #2516 ------------------------------------------------------------------- Fri Apr 26 18:51:16 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.5: * Lock the connectivity command by @michi-covalent in #2448 * fix(deps): update module github.com/prometheus/common to v0.51.1 by @renovate in #2459 * Update stable release to v0.16.4 by @michi-covalent in #2456 * fix(deps): update github.com/cilium/charts digest to 7ea270c by @renovate in #2458 * Pin github.com/osrg/gobgp/v3 to v3.23.0 by @michi-covalent in #2462 * k8s: Remove Tetragon client by @michi-covalent in #2463 * chore(deps): update golangci/golangci-lint docker tag to v1.57.2 by @renovate in #2457 * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to cb6aeb5 by @renovate in #2460 * fix(deps): update module github.com/cilium/cilium to v1.16.0-pre.1 by @renovate in #2466 * chore(deps): update golang docker tag to v1.22.2 by @renovate in #2467 * Use connectivity package from cilium/cilium by @michi-covalent in #2355 * sysdump: Collect helm metadata by @chancez in #2442 * chore(deps): update go to v1.22.2 (patch) by @renovate in #2468 * fix(deps): update github.com/cilium/charts digest to 7815d99 by @renovate in #2465 * Encryption status output enriched with IPsec details by @viktor-kurchenko in #2454 * Revert #2355 by @michi-covalent in #2477 * connectivity: introduce host firewall tests by @viktor-kurchenko in #2464 * fix(deps): update all go dependencies main by @renovate in #2480 * connectivity: misc conn-disrupt-test improvements by @giorio94 in #2474 * connectivity: configure endpoint selector for entity-cluster CNP by @giorio94 in #2483 * sysdump: Capture hubble auto TLS related resources by @chancez in #2475 * connectivity: add endpointslice clustermesh sync test by @MrFreezeex in #2267 * connectivity test: avoid segfault if no agent pods are found by @multi-io in #2470 * chore(deps): update docker/setup-buildx-action action to v3.3.0 by @renovate in #2473 * chore(deps): update azure/login action to v2.1.0 by @renovate in #2487 * fix(deps): update all go dependencies main (patch) by @renovate in #2471 * fix(deps): update module github.com/cilium/hubble to v0.13.3 by @renovate in #2491 * fix(deps): update module github.com/prometheus/common to v0.53.0 by @renovate in #2492 * ci: Use zip output for windows releases by @jbpaux in #2472 * sysdump: Clarify sysdump worker-count defaults to the number of available CPUs. by @chancez in #2482 * Split conn tests into chunks by @viktor-kurchenko in #2481 * chore(deps): update all github action dependencies (patch) by @renovate in #2489 * Move the test namespace deletion logic to the install package by @michi-covalent in #2498 * chore(deps): update module golang.org/x/net to v0.23.0 [security] by @renovate in #2493 * chore(deps): update dependency cilium/cilium to v1.15.4 by @renovate in #2494 * chore(deps): update all github action dependencies (patch) by @renovate in #2495 * sysdump: Check --namespace flag for cilium-operator by @michi-covalent in #2502 * chore(deps): update helm/kind-action action to v1.10.0 by @renovate in #2499 * Prepare for v0.16.5 release by @michi-covalent in #2507 ------------------------------------------------------------------- Sat Mar 30 10:36:50 UTC 2024 - opensuse_buildservice@ojkastl.de - rename executable to 'cilium' to match upstream docs * keep a link to `cilium-cli` around for backwards compatibility - add completion subpackages - Update to version 0.16.4: * Prepare for v0.16.4 release * chore(deps): update golangci/golangci-lint docker tag to v1.57.1 * helm: fix KPR autodetection value * errors: add [no-error-logs] exception for issue caused by fqdn bug. * connectivity: add support for regex based log exceptions. * chore(deps): update dependency cilium/cilium to v1.15.3 * refactor: Remove unused constants in defaults.go. * refactor: Move default Helm release name to sysdump package. * style: Reorganize parameters struct to enhance readability. * fix: Add WaitDuration from defaults for hubble enable|disable for cilium install|uninstall --wait. * feat: Add helmReleaseName to Hubble uninstall pre-phase of the core uninstall. * feat: Add helmReleaseName to hubble disable parameters. * style: Improve log message formatting. Make consistent/conventional. * feat: Add customizable Helm release name for Cilium * ci: fix installation on AKS * ci: avoid overlapping pod and service CIDRs on AKS * chore(deps): update docker.io/library/golang:1.22.1-alpine3.19 docker digest to 0466223 * status: Add --interactive flag * connectivity: explicitly wait for ingress service creation * connectivity: don't pre-populate the ingress service map * renovate:: Pick up github.com/cilium/cilium prereleases * connectivity: fix flow validation with fully-qualified DNS names * Ignore "Unsupported L2 protocol" to known drops * Improve Makefile * defaults: Move Version and HelmRepository from const to var * gha: configure fully-qualified DNS names as external targets * connectivity: configure fully-qualified DNS names as external targets * connectivity: configure Host header for fully-qualified DNS names * connectivity: fix invalid CNP name with fully-qualified DNS names * connectivity: remove domain references from FQDN policy name * chore(deps): update module github.com/docker/docker to v25.0.5+incompatible [security] * fix(deps): update module github.com/prometheus/common to v0.51.0 * connectivity: don't hard-code ingress service NodePorts * tests: Add exceptions for error logs check * Update stable release to v0.16.3 ------------------------------------------------------------------- Tue Mar 19 06:55:32 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.3: * Prepare for v0.16.3 release * chore(deps): update golang:1.22.1-alpine3.19 docker digest to 0466223 * install: convert --nodes-without-cilium flag to boolean * helm: configure nodes without cilium affinity on install and upgrade * chore(deps): update golang:1.22.1-alpine3.19 docker digest to fa4add5 * refactor: Move logging outside internal ------------------------------------------------------------------- Sat Mar 16 08:13:11 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.2: * Prepare for v0.16.2 release * chore(deps): update all github action dependencies * fix(deps): update github.com/cilium/charts digest to a5bec49 * fix(deps): update module helm.sh/helm/v3 to v3.14.3 * Revert "ingress: Update backend service for Ingress" * gha: increase Multicluster timeout * renovate: Don't pick up new Go patch versions in go.mod * Revert "chore(deps): update dependency go to v1.22.1" ------------------------------------------------------------------- Sat Mar 16 08:00:29 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.1: * Prepare for v0.16.1 release * fix(deps): update github.com/cilium/charts digest to 724231f * chore(deps): update dependency cilium/cilium to v1.15.2 * fix(deps): update module github.com/cilium/hubble to v0.13.2 * chore(deps): update docker/login-action action to v3.1.0 * chore(deps): update dependency go to v1.22.1 * refactor: Move Hooks to the api package * refactor: Move sniff under connectivity * Store namespace and k8sClient in the command context * Add InitializeCommand hook * chore(deps): update softprops/action-gh-release action to v2.0.4 * connectivity: collect sysdump from all clusters on failure * gha: replace remaining references to deprecated KPR settings * connectivity: fix KPR feature probing * helm: improve KPR autodetection logic * helm: uniform retrieval of nested helm value * helm: remove bpf.masquerade autodetection logic * helm: do not care for unsupported Cilium versions in values generation * helm: remove unused fields/parameters from getHelmValues logic * chore(deps): update go to v1.22.1 * chore(deps): update softprops/action-gh-release action to v2 * fix(deps): update all go dependencies main * fix(deps): update all go dependencies main * Don't depend on github.com/mholt/archiver * chore(deps): update azure/login action to v2 * ingress: Update backend service for Ingress * tetragon: remove tetragon CR code * tetragon: use ListUnstructured for tetragon CRs * sysdump: gather tetragon pod logs and configmap * chore(deps): update docker/build-push-action action to v5.2.0 * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 8425131 * Update stable release to v0.16.0 * chore(deps): update golang docker tag to v1.22.1 * chore(deps): update golang-images * fix: update ldflags for local-release * refactor: Move internal/cli to cli/ ------------------------------------------------------------------- Fri Mar 15 22:15:32 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.16.0: * fix(deps): update module helm.sh/helm/v3 to v3.14.1 [security] by @renovate in #2308 * GCP OIDC instead of SA creds. by @viktor-kurchenko in #2313 * fix(deps): update all go dependencies main (patch) by @renovate in #2312 * Hide key-per-node flag. by @viktor-kurchenko in #2316 * Update stable release to v0.15.23 by @michi-covalent in #2310 * Use encryption models from Cilium dependency. by @viktor-kurchenko in #2318 * renovate: additionally manage updates for action.yaml by @giorio94 in #2299 * fix(deps): update all go dependencies main by @renovate in #2311 * chore(deps): update dependency cilium/cilium to v1.15.1 - autoclosed by @renovate in #2305 * chore(deps): update actions/setup-go action to v5 by @renovate in #2323 * chore(deps): update golangci/golangci-lint docker tag to v1.56.2 by @renovate in #2309 * chore(deps): update dependency kubernetes-sigs/kind to v0.22.0 by @renovate in #2304 * connectivity: add forbidden ICMPv6 message as expected drop reason by @giorio94 in #2317 * Introduce host firewall connectivity tests by @giorio94 in #2306 * fix(deps): update all go dependencies main (minor) by @renovate in #2325 * fix(deps): update module helm.sh/helm/v3 to v3.14.2 [security] by @renovate in #2324 * Add sig/encryption as owner of /encrypt/ in CODEOWNERS by @margamanterola in #2300 * connectivity: improve reporting for no-unexpected-packet-drops check by @giorio94 in #2315 * cilium status: additionally check for endpoints readiness by @giorio94 in #2298 * Refactor: Move junit package under connectivity package by @michi-covalent in #2331 * Status check error message improved. by @viktor-kurchenko in #2319 * sniffer: improve handling of tcpdump termination by @giorio94 in #2321 * Ignore Cilium endpoints not found error for the status command. by @viktor-kurchenko in #2320 * Delete classic mode install/uninstall/upgrade commands by @michi-covalent in #2328 * Delete classic mode hubble commands by @michi-covalent in #2335 * k8s: don't drop stdout of kubectl exec by @bimmlerd in #2332 * connectivity: fix encryption validation with wireguard encap + host fw by @giorio94 in #2333 * chore(deps): update docker/setup-buildx-action action to v3.1.0 by @renovate in #2338 * Delete classic mode clustermesh commands to get ready for v0.16 release by @michi-covalent in #2340 * connectivity: Remove --delete-cilium-pod-on-nodes flag by @michi-covalent in #2336 * Display formatted status during status wait by @raphink in #2261 * docs: Update version matrix by @sayboras in #2337 * Remove unused things by @michi-covalent in #2345 * uninstall: when --wait is specified, use foreground deletion. by @tommyp1ckles in #2344 * helm: Remove Get and GetParameter by @michi-covalent in #2349 * Remove golang.org/x/mod/semver dependency by @michi-covalent in #2347 * chore(deps): update all github action dependencies (patch) by @renovate in #2330 * refactor: Remove internal/utils/utils.go by @michi-covalent in #2348 * Remove --cluster-name flag by @michi-covalent in #2351 * fix(deps): update module github.com/prometheus/common to v0.49.0 by @renovate in #2354 * fix(deps): update module github.com/go-openapi/strfmt to v0.22.1 by @renovate in #2353 * refactor: Move ctrlcreader.go under /k8s/internal/ by @michi-covalent in #2346 * fix(deps): update module github.com/stretchr/testify to v1.9.0 by @renovate in #2358 * action: Add go-mod-directory parameter by @michi-covalent in #2359 * vendor: Pick up cilium/cilium v1.16.0-pre.0 by @michi-covalent in #2360 * sniffer: always dump captured packets in assert mode by @giorio94 in #2350 * sysdump: Export Hooks and InitSysdumpFlags by @michi-covalent in #2361 * chore(deps): update actions/download-artifact action to v4.1.4 by @renovate in #2357 * Move the CLI version string to the default package by @michi-covalent in #2362 * Connectivity test factory component. by @viktor-kurchenko in #2322 * Remove duplicate imports and enable stylecheck linter to prevent them by @tklauser in #2364 * Add error log check exception for leader election errors. by @tommyp1ckles in #2363 * Prepare for v0.16.0 release by @michi-covalent in #2366 ------------------------------------------------------------------- Mon Feb 19 09:12:22 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.15.23: * Prepare for v0.15.23 release * gha: increase GKE disk size in external workloads workflow to 15GB * gha: increase GKE and AKS timeouts * chore: Amend connectivity tests for OpenShift * IPsec key rotation with algorithm change support. * chore(deps): update golangci/golangci-lint docker tag to v1.56.1 * chore(deps): update all github action dependencies * chore(deps): update go to v1.22.0 * fix(deps): update module golang.org/x/mod to v0.15.0 * chore(deps): update golang docker tag to v1.22.0 * chore(deps): update helm/kind-action action to v1.9.0 * chore(deps): update golangci/golangci-lint-action action to v4 * connectivity: don't collect multiple sysdump in no-errors-in-logs * connectivity: ignore timestamps in no-errors-in-logs * connectivity: extend no-errors-in-logs check to other Cilium containers * connectivity: print log errors only once * connectivity: always check for log errors in newer Cilium versions * external workloads: drop Cilium version retrieval for script generation * AWS OIDC instead of access key. * IPsec key status command implementation. * Status struct renamed to Encrypt. * Cipher IPsec key support added. * IPsec key id renamed to spi. SPI suffix added to support SPI with `+` sign. Tests added. * `encrypt rotate-key` command implementation. * chore(deps): update dependency kubernetes-sigs/kind to v0.21.0 * gateway: Upgrade API version ------------------------------------------------------------------- Fri Feb 02 08:53:58 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.15.22: * Prepare for v0.15.22 release * fix: Remove check function validateInfoForConnect for DisconnectWithHelm function * README.md: Update the title * fix(deps): update all go dependencies main * chore(deps): update docker.io/library/golang:1.21.6-alpine3.19 docker digest to a6a7f1f * fix(deps): update module github.com/cilium/cilium to v1.15.0 * chore(deps): update dependency cilium/cilium to v1.15.0 * fix(deps): update module github.com/evanphx/json-patch to v5.9.0+incompatible * chore(deps): update nick-invision/retry action to v3 * connectivity: fix panic if the cilium-health test fails * Encryption status models and JSON output parsing support added. * Encryption status sub command implemented. * Update stable release to v0.15.21 ------------------------------------------------------------------- Wed Jan 31 14:01:44 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.15.21: * Prepare for v0.15.21 release * hooks: split feature detection from setup and validation * Revert "gha: cleanup stale AWS-CNI iptables rules in EKS tunnel workflow" * fix(deps): update module google.golang.org/grpc to v1.61.0 * chore(deps): update actions/upload-artifact action to v4.3.0 * chore(deps): update dependency cilium/cilium to v1.14.6 * chore(deps): update golang:1.21.6-alpine3.19 docker digest to a6a7f1f * chore(deps): update golang:1.21.6-alpine3.19 docker digest to 29fd37e * chore(deps): update docker.io/library/golang:1.21.6-alpine3.19 docker digest to 51a7800 * bgp: enhance defaulting of `bgp routes` command * connectivity: determine Pod CIDRs from CiliumNodes * connectivity: retrieve CiliumNode information * fix(deps): update all go dependencies main * test: allow to tune sysdump collection policy on a per test basis * action: introduce the NewGenericAction method * action: do not attempt to capture hubble flows if given nil source pod * connectivity: add unknown ICMPv4 code as expected drop reason * fix(status): correct exit code * features: improve tunnel feature determination * features: extract tunnel feature determination in separate function * chore(deps): update all github action dependencies to v2.1.0 * Go workflow: Add merge_group trigger * Go workflow: Remove Cross-build step * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to e046063 * make: allow building with debug symbols * sysdump: don't specify --follow while collecting hubble flows * chore(deps): update actions/upload-artifact action to v4.2.0 * bgp: routes CLI - update min. cilium version, use `cilium` binary * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 83fc333 * connectivity: extract the encapsulated packets tcpdump filter * connectivity: fix broken tcpdump filter matching encapsulated packets * connectivity: generalize the sniffer logic * connectivity: extract the sniffer logic into a separate package * connectivity: extract safeBuffer into a separate package * logging: add DebugEnabled method to Action * fix(deps): update module github.com/cilium/cilium to v1.15.0-rc.1 * chore(deps): update azure/login action to v1.6.1 * connectivity: only wait for daemonsets if needed * chore(deps): update actions/upload-artifact action to v4.1.0 * connectivity: add host to pod check * bgp: Make `bgp neighbors` an alias for `bgp peers` command * bgp: Add command for retrieving bgp routes * refactor: improve error messaging for version command * clustermesh: fix hardcode at service type * Bump alpine images to 3.19 * Update stable release to v0.15.20 ------------------------------------------------------------------- Mon Jan 15 16:54:11 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 0.15.20: * Prepare for v0.15.20 release * chore(deps): update actions/download-artifact action to v4.1.1 * ci: remove unnecessary steps unlabeling nodes in kind workflow * ci: unique artifact name for junit reports in kind workflow * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 51d373b * chore(deps): update quay.io/cilium/json-mock docker tag to v1.3.8 * chore(deps): update go to v1.21.6 * defaults: Ignore XfrmInStateInvalid errors if rare * chore(deps): update golang docker tag to v1.21.6 * chore(deps): update actions/download-artifact action to v4.1.0 * chore(deps): update google-github-actions/auth action to v2.0.1 * connectivity: configure pause as entrypoint * fix(deps): update all go dependencies main * chore(deps): update all github action dependencies to v4 * chore(deps): update docker.io/library/golang:1.21.5-alpine3.18 docker digest to d8b9994 * chore(deps): update google-github-actions/setup-gcloud action to v2.0.1 * chore(deps): update golang:1.21.5-alpine3.18 docker digest to c157305 * chore(deps): update quay.io/cilium/alpine-curl docker tag to v1.9.0 * chore(deps): update azure/login action to v1.6.0 * gha: enable node without cilium tests for clustermesh * gha: switch to kubeadm.k8s.io/v1beta3 API * gha: don't wait for kind clusters to become ready * connectivity: explicitly wait for daemonsets to become ready * connectivity: make from external to pod tests ipv6 friendly * connectivity: make ingress target echo-other-node deployment * connectivity: skip more nodeport tests with clustermesh + KPR disabled * connectivity: detect PodCIDR for both local and remote nodes * connectivity: fix wait for external deployment with clustermesh * fix(deps): update all go dependencies main * fixed spelling mistake in help output * clustermesh: make status command compatible with external kvstore * clustermesh: make status command ignore the local cluster entry * clustermesh: print last status when status --wait fails * connectivity: don't configure pod port information when unused * WaitForCiliumEndpoint function removed as unneeded. * DisableEndpointCRD feature implemented to Cilium endpoint checks if it's disabled. * check: rename ExcludedCIDRs to ExcludedCIDRsConf * tests: egressgw: export WatiForEgressGatewayBpfPolicyEntries * check: don't pass policy YAML to WithCiliumEgressPolicy() * check: allow to configure pod selector in WithCiliumEgressPolicy() * check: add ExcludedCIDRsKind enum * defaults: add 'Host datapath not ready' to expected drop reasons * chore(deps): update module github.com/containerd/containerd to v1.7.11 [security] * internal: export MustUnmarshalYAML/MustUnmarshalYAMLMulti methods * internal: export EscapeJSONPatchString method * chore(deps): update module golang.org/x/crypto to v0.17.0 [security] * chore(deps): update dependency cilium/cilium to v1.14.5 * fix(deps): update all go dependencies main * fix(deps): update module helm.sh/helm/v3 to v3.13.3 ------------------------------------------------------------------- Mon Dec 18 14:24:58 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.19: * Prepare for v0.15.19 release * chore(deps): update docker.io/library/busybox:stable-glibc * docker digest to ee22a58 * connectivity: Flag for expected XFRM errors * connectivity, utils: Refactor computeExpectedDropReasons * github: eks: bump timeout to 30m * check: add third client scheduled on a different node * Move perf tests to separate connectivity subcommand * Update stable release to v0.15.18 ------------------------------------------------------------------- Wed Dec 13 13:50:03 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.18: * Prepare for v0.15.18 release * connectivity: Bump test-connection-disruption img to v0.0.13 * fix(deps): update github.com/cilium/charts digest to 64e4ab4 * fix(deps): update all go dependencies main * install: don't make changes to running cluster in dry-run mode * install/upgrade: introduce IsDryRun method on parameters * kind: Set conn-disrupt-test-setup * chore(deps): update go to v1.21.5 * chore(deps): update golang-images * Remove classic mode tests from the main branch * chore(deps): update google-github-actions/setup-gcloud action to v2 * Assign unique names to connectivity test jobs * defaults: Add expected drop reasons * connectivity: Add flag --expected-drop-reasons * connectivity: Check for unexpected packet drops * Remove Cilium v1.11 from the version list * chore(deps): update actions/setup-go action to v5 * connectivity: Set test-conn-disrupt dispatch interval to 0ms * Update stable release to v0.15.17 * chore(deps): update golang docker tag to v1.21.5 * connectivity: Add more tests for Ingress Controller ------------------------------------------------------------------- Wed Dec 06 12:03:25 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.17: * Prepare for v0.15.17 release * connectivity test: introduce connectivity test suite timeout flag * Remove outdated image digests * fix(deps): update github.com/cilium/charts digest to 3de0b7a * connectivity test: check for deleted cilium agent pod in health probe * chore(deps): update golang:1.21.4-alpine3.18 docker digest to 70afe55 * chore(deps): update docker.io/library/golang:1.21.4-alpine3.18 docker digest to 70afe55 * fix(deps): update all go dependencies main * chore(deps): update golang:1.21.4-alpine3.18 docker digest to ff7d5e6 * chore(deps): update azure/login action to v1.5.1 * chore(deps): update docker.io/library/golang:1.21.4-alpine3.18 docker digest to ff7d5e6 * clustermesh: fix pattern to match IPv4 address * install action: Ignore .git and vendor directories * renovate: exclude tetragon pkg/k8s updates * chore(deps): update google-github-actions/auth action to v2 * release: Only build 64-bit binaries * Build release binaries on pull requests * chore(deps): update google-github-actions/auth action to v1.3.0 * Fix: format type %d->%f * Update stable release to v0.15.16 ------------------------------------------------------------------- Wed Nov 29 05:47:19 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.16: * Prepare for v0.15.16 release * Set operator key correct in SpireAgentScheduleAffinity * Update stable release to v0.15.15 * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to c97da4b ------------------------------------------------------------------- Tue Nov 28 05:40:26 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.15: * Prepare for v0.15.15 release * Make --nodes-without-cilium work with SPIRE * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 19e4885 * chore(deps): update all github action dependencies * e2e: add pod/container info in error form exec in pod. * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 19b2000 * chore(deps): update docker/build-push-action action to v5.1.0 * chore(deps): update dependency cilium/cilium to v1.14.4 * connectivity/check: remove stray newline in (*Action).ValidateFlows * Add connectivity tests counter * connectivity: Add latency measurement * action: allow to specify release repository * clustermesh: add support for max-connected-clusters * Update stable release to v0.15.14 ------------------------------------------------------------------- Fri Nov 17 05:46:32 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.14: * Prepare for v0.15.14 release * chore(deps): update docker/dockerfile docker tag to v1.6 * connectivity: fix encryption validation if net.ipv4.conf.lo.rp_filter=1 * connectivity: Add exception to policy map recreation * fix(deps): update all go dependencies main * chore(deps): update go to v1.21.4 * connectivity: Add IPFamily() to Action * connectivity: Add more tests for Ingress Controller * chore(deps): update docker.io/library/golang:1.21.3-alpine3.18 docker digest to 96a8a70 * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to b896eb5 * Add node addr type to pod to host test * chore(deps): update quay.io/cilium/alpine-curl docker tag to v1.8.0 * chore(deps): update quay.io/cilium/json-mock docker tag to v1.3.6 * fix(deps): update module helm.sh/helm/v3 to v3.13.2 * Rename GetTestOrDie to MustGetTest * chore(deps): update golang docker tag to v1.21.4 * connectivity: Add GetTestOrDie() * connectivity: Add Control Plane Node Connectivity Tests * fix(connectivity): add dns rules and change protocol to ANY * Add SPIRE entries to sysdump * chore(deps): update golangci/golangci-lint docker tag to v1.55.2 * sysdump: Add gops trace data * sysdump: Add support for serial tasks * sysdump: ignore node filter for non daemonset pods * misc: drop custom implementations of slices.Contains * k8s/copy: check file size * fix(deps): update all go dependencies main * Update stable release to v0.15.12 ------------------------------------------------------------------- Tue Nov 07 07:38:48 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.13: * Prepare for v0.15.13 release * connectivity: Detect WG encap on >= 1.15 * chore(deps): update actions/checkout action to v4.1.1 * chore(deps): update golang:1.21.3-alpine3.18 docker digest to 96a8a70 ------------------------------------------------------------------- Fri Nov 03 05:21:50 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.12: * Prepare for v0.15.12 release * connectivity: Add feature detection for WG encapsulation * connectivity: Add special case to test WG w/ tunneling * connectivity: Change iface derivation for WG w/ tunnel * connectivity: Move dstFilter derivation to getFilter * connecitivity: Set proto filter in getFilter * connectivity: Derive dstFilter by calling getFilter * connectivity: Rename getSourceAddressFilter to getFilter * chore(deps): update golang:1.21.3-alpine3.18 docker digest to 99bec74 * chore(deps): update module github.com/docker/docker to v24.0.7+incompatible [security] * Revert "chore(deps): update dependency cilium/cilium to v1.14.3" * connectivity: don't use an ephemeral port for the echo server * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 0fd246f * README.md: remove v0.10.x from release table * fix(deps): update all go dependencies main * chore(deps): update golangci/golangci-lint docker tag to v1.55.1 * k8s: outdent else block to please golangci-lint * go.mod, vendor: update cilium/cilium to latest * fix(deps): update all go dependencies main * action: Allow users to skip building CLI * chore(deps): update dependency cilium/cilium to v1.14.3 * sysdump: Check if enable-envoy-config is set * connectivity: don't run encryption tests on single node * connectivity: extend encryption tests to validate both directions * connectivity: add sanity checks for encryption tests * connectivity: fix encryption validation when host firewall is enabled * connectivity: fix encryption validation when running in ENI mode * connectivity: fix pod-to-pod encryption validation * connectivity: fix host-netns daemonset creation with clustermesh * gha: cleanup stale AWS-CNI iptables rules in EKS tunnel workflow * check: turn CurlClientIPCommand into more generic CurlCommandWithOutput * check: add CurlCommandParallelWithOutput helper * check: simplify NodeportService peer implementation * check: add PodEchoIP peer implementation * action: Do not install released vsn if CI vsn is specified * Replace --helm-set with --set * echo-external-node: Check if NodeWithoutCilium is enabled * Update stable release to v0.15.11 ------------------------------------------------------------------- Thu Oct 19 05:48:29 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.11: * Prepare for v0.15.11 release * fix(deps): update all go dependencies main * vendor: Remove "replace github.com/docker/docker" * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 2ebcd9a * chore(deps): update go to v1.21.3 * chore(deps): update module golang.org/x/net to v0.17.0 [security] * chore(deps): update golang docker tag to v1.21.3 * check: Support SIGTERM with --pause-on-fail * check: Fix pause on failure for test fail/fatal * check: Refactor common failure paths * sysdump feature detection: Don't depend on Cilium version * sysdump: Detect if Gateway API support is enabled * Update stable release to v0.15.10 * Check Auth Cert Provider status * dep: Bump cilium/cilium to v1.15.0-pre.1+ ------------------------------------------------------------------- Sun Oct 08 16:00:48 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.10: * Prepare for v0.15.10 release * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to b3c6e53 * chore(deps): update golang docker tag to v1.21.2 * sysdump: Detect features from cilium-config ConfigMap * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to e2eb1d5 * chore(deps): update docker.io/library/golang:1.21.2-alpine3.18 docker digest to a76f153 * renovate: update Go image version used to build releases * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to a2251c1 * chore(deps): update docker.io/library/golang docker tag to v1.21.2 * connectivity test: Fix detectFeatures() logic * chore(deps): update docker.io/library/golang:1.21.1-alpine3.18 docker digest to 1c9cc94 * fix(deps): update all go dependencies main * chore(deps): update dependency go to v1.21.2 * helm-upgrade-clustermesh: Free up some disk space * chore(deps): update nick-invision/retry action to v2.9.0 * clustermesh: Make cilium symlink install idempotent ------------------------------------------------------------------- Thu Oct 05 04:36:35 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.9: * Prepare for v0.15.9 release * clustermesh: Adapt clustermesh script to install cilium-dbg * chore(deps): update aws-actions/configure-aws-credentials action to v4.0.1 * refactor: Move FeatureSet to a separate package * chore(deps): update docker.io/library/golang:1.21.1-alpine3.18 docker digest to d101f4e * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to e718668 * Move IPFamily to a separate "features" package * sysdump: Specify default selectors for log collection tasks * install: Avoid using deprecated "tunnel" flag * sysdump: Cache Cilium pods and cilium-config ConfigMap * chore(deps): update module github.com/docker/docker to v23.0.7+incompatible * fix(deps): update all go dependencies main * golangci-lint: enable goheader check * Refactor extractFeaturesFromConfigMap() * utils: export WaitObserver methods into wait package * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 0bc2fda * Clean up the node feature detection logic * connectivity: test referencing nodes by CIDR * sysdump: Collect Tetragon PodInfo custom resources * chore(deps): update actions/checkout action to v4.1.0 * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 84f7fcb * fix(deps): update module google.golang.org/grpc to v1.58.2 * check: export label prefixes constants * fix(deps): update module google.golang.org/grpc to v1.58.1 * check: export ciliumLogs method * chore(deps): update dependency cilium/cilium to v1.14.2 * fix(deps): update all go dependencies main * make: use short golangci-lint version format when comparing versions * clustermesh: Add support for service annotations * Update stable release to v0.15.8 ------------------------------------------------------------------- Wed Sep 13 04:53:29 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.8: * Prepare for v0.15.8 release * connectivity: convert conn-disrupt-dispatch-interval to duration * chore(deps): update docker/build-push-action action to v5 * chore(deps): update docker/setup-buildx-action action to v3 * chore(deps): update docker/build-push-action action to v4.2.1 * chore(deps): update docker/login-action action to v3 * connectivity: Expose test-conn-disrupt dispatch period * chore(deps): update module github.com/cyphar/filepath-securejoin to v0.2.4 [security] * fix(deps): update all go dependencies main * chore(deps): update aws-actions/configure-aws-credentials action to v4 * chore(deps): update aws-actions/configure-aws-credentials action to v3.0.2 * chore(deps): update docker/build-push-action action to v4.2.0 * chore(deps): update actions/upload-artifact action to v3.1.3 * chore(deps): update go to v1.21.1 * connectivity: Reduce test-conn-disrupt-client interval to 10ms * connectivity: Delete test-conn-disrupt pods after running tests * Add operator and clustermesh metrics to sysdump * Scrape Kubernetes metrics in sysdump * fix(deps): update all go dependencies main * chore(deps): update actions/checkout action to v4 * external-workloads: explicitly configure ClusterID/Name * Update stable release to v0.15.7 ------------------------------------------------------------------- Tue Sep 05 13:08:58 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.7: * Prepare for v0.15.7 release * connectivity: Use slices.Clone * connectivity: Add secondary network NodePort tests * chore(deps): update aws-actions/configure-aws-credentials action to v3.0.1 * chore(deps): update docker/setup-buildx-action action to v2.10.0 * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to ba1b914 * Update bgp.go#2 * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 171ecc4 * fix(deps): update module github.com/cilium/cilium to v1.14.1 * chore(deps): update aws-actions/configure-aws-credentials action to v3 * chore(deps): update actions/checkout action to v3.6.0 * connectivity: add and complete a few missing comments * connectivity: display reason for skipping Tests and Scenarios * Clarify classic / helm mode incompatibilities * install: remove deprecated kube-proxy-replacement CLI flag * chore(deps): update golangci/golangci-lint docker tag to v1.54.2 * implement helm get values with sysdump * go.mod: bump Go to 1.21 * connectivity: print all captured packets * connectivity: fix node-to-node encryption tests * connectivity: document feature detection order * connectivity: fix tunnel feature defaults * Fine tune CODEOWNERS file * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 196c2d0 * install: Remove some auto-detection log messages * fix(deps): update all go dependencies main * chore(deps): update golangci/golangci-lint-action action to v3.7.0 * chore(deps): update docker.io/coredns/coredns docker tag to v1.11.1 * chore(deps): update dependency cilium/cilium to v1.14.1 ------------------------------------------------------------------- Tue Sep 05 11:06:20 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.6: * Prepare for v0.15.6 release * fix(deps): update all go dependencies main * chore(deps): update actions/setup-go action to v4.1.0 * Update missing dependencies to Go 1.21 * Bump k8s to 1.28 * chore(deps): update golangci/golangci-lint docker tag to v1.54.1 * chore(deps): update dependency go to v1.21.0 * Expand warning about big sysdump * fix(deps): update all go dependencies main * gha: exercise connectivity disruption tests * disruption tests: check restart counts from both clusters * disruption tests: fix wait for deployments * disruption tests: create svc in both clusters and mark as global * connectivity tests: anticipate namespace creation in remote cluster * chore(deps): update dependency ubuntu to v22 * chore(deps): update golangci/golangci-lint docker tag to v1.54.0 * connectivity: get nodename on which a pod is running via PodStatus * chore(deps): update docker.io/coredns/coredns docker tag to v1.11.0 * clustermesh: fix failure during CA certificate retrieval * chore(deps): update dependency go to v1.20.7 * Update stable release to v0.15.5 * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to c62ce11 ------------------------------------------------------------------- Thu Aug 03 17:42:29 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.5: * Prepare for v0.15.5 release * Update stable release to v0.15.4 * fix(deps): update all go dependencies main * renovate: Don't update golang.org/x/exp * fix: Changed regex to include capital letters. * clustermesh status: improve error reporting when not ready * clustermesh status: validate expected number of clusters * clustermesh status: consistent output order * clustermesh status: fix not ready message * clustermesh status: drop wait logic from ClusterMeshConnectivity * clustermesh status: always check deployment status * clustermesh status: remove redundant service check * clustermesh status: drop skip service check parameter * wait: always log error upon the first failure * Update the error log exceptions * gha: configure routing mode in external-workloads workflow * dockerfile: include CA certificates * fix(deps): update module github.com/cilium/cilium to v1.14.0 * chore(deps): update dependency cilium/cilium to v1.14.0 * metrics: Set first retrieved metrics to 0 if absent * kind: Run every 2 hours * kind: Upload all the sysdumps * connectivity: Hide --flush-ct * fix(cli-example): optimize the example of the 'install' command line. * connectivity: Special inconclusive result treatment for ping command * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to d51b96d * connectivity: Fix fetching of XFRM counters * fix(deps): update all go dependencies main * fix(deps): update module github.com/cilium/cilium to v1.14.0-snapshot.6 ------------------------------------------------------------------- Fri Jul 21 06:07:38 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.4: * Prepare for v0.15.4 release * connectivity: add xfrm error check for IPsec conn disrupt test * connectivity: generalize upgrade test * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 7338d0c * kind: Configure external targets inside the cluster * connectivity: Add an error log exception * connectivity: Add flags to override CA bundle secret * connectivity: Bump test-conn-disrupt img to v0.0.4 * Update stable release to v0.15.3 ------------------------------------------------------------------- Tue Jul 18 04:50:17 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.3: * Prepare for v0.15.3 release * Update README.md * k8s.NewClient: Initialize Helm action configuration * Revert "Create a separate RESTClientGetter for Helm client" * Partly revert "connectivity: enable IPv6 test fort per-endpoint routing" * chore(deps): update dependency kubernetes-sigs/kind to v0.20.0 * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 6f694cf * connectivity: Wait for test-conn-disrupt-server deployment * connectivity: Fix usage of src/dst clients in test-conn-disrupt * connectivity: Use readiness probe for test-conn-disrupt-server * fix(deps): update module helm.sh/helm/v3 to v3.12.2 * fix(deps): update all go dependencies main * .github/workflows: let renovate update kind version * chore(deps): update docker/setup-buildx-action action to v2.9.1 * Update stable release to v0.15.2 ------------------------------------------------------------------- Thu Jul 13 04:46:17 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.2: * Prepare for v0.15.2 release * chore(deps): update dependency go to v1.20.6 * fix(deps): update all go dependencies main * metrics: Fix format error log in validateMetric * peer: Add a method on service to return the name without the namespace * hooks: Add a setup and validate a new hook for extras * fixup! sysdump: Collect node init Pod logs and DaemonSet * sysdump: Collect node init Pod logs and DaemonSet * sysdump: do not fail if cilium is not installed * Update stable release to v0.15.1 * Fix pod summary for large numbers of pods * GHA: fix 'install-cilium-cli' issue when building from source ------------------------------------------------------------------- Wed Jul 12 06:38:38 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.1: * Prepare for v0.15.1 release * chore(deps): update helm/kind-action action to v1.8.0 * Eksctl version pinned. * connectivity: Remove test-conn-disrupt tolerations * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 8a837d8 * connectivity: Ignore failedToListCRDs error * connectivity: enable IPv6 test for per-endpoint routing * Create a separate RESTClientGetter for Helm client * fix(deps): update all go dependencies main * chore(deps): update docker/setup-buildx-action action to v2.9.0 * fix(deps): update all go dependencies main * Fix link in reference to helm mode * connectivity: fix service propagation check with mismatching IP families * .github/workflows: remove master mirror * kind multi cluster: Use a dot in cluster names * Helm mode: Handle "cluster.name" Helm value * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 95101b8 * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to 6e47916 * Helm mode: don't suggest removed Azure flag * sysdump: Use intermediate import package for supported envoy resources * dep: Bump cilium/cilium to v1.14.0-rc0 * chore(deps): update docker/setup-buildx-action action to v2.8.0 * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 7f1b8b8 * connectivity: Fix trailing newline in tail call drop counts * fix(deps): update all go dependencies main * connectivity: Add op=Exists toleration for test-conn-disrupt * Update stable release to v0.15.0 ------------------------------------------------------------------- Thu Jun 29 08:32:32 UTC 2023 - kastl@b1-systems.de - Update to version 0.15.0: * Prepare for v0.15.0 release * connectivity: wait for service propagation in agents * connectivity: extract and uniform wait functions * connectivity: add Logger interface * Use Helm mode by default * eks-uninstall: Set CILIUM_CLI_MODE environment variable * uninstall: Remove io.cilium/aws-node-enabled node selector * defaults: update connectivity test alpine curl image version * connectivity: Expose Features on ConnectivityTest * GHA: extend 'install-cilium-cli' to build from source * Update stable release to v0.14.8 * chore(deps): update dependency cilium/cilium to v1.13.4 ------------------------------------------------------------------- Mon Jun 26 04:59:38 UTC 2023 - kastl@b1-systems.de - Update to version 0.14.8: * Prepare for v0.14.8 release * renovate: let renovate update default Cilium version * sysdump: Add more envoy resource types * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to a1bca94 * chore(deps): update all go dependencies main * Using direnv to set CLI env vars * Refactor cilium cluster version detection * Add Helm Clustermesh disconnect command * connectivity: Address migrate-svc changes * fix(deps): update github.com/cilium/tetragon/pkg/k8s digest to dbf8f0c * .github/workflows: don't error out if pkill finds no processes * internal/cli/cmd: Fix error displayed on failure to disable Hubble * internal/cli/cmd: Add line breaks after error messages * install: Normalize --helm-* flags * connectivity: Add checks for drops due to missed tail calls * connectivity: Check for Cilium agent errors * while applying policies, wait for all expected policy revisions. * chore(deps): update aws-actions/configure-aws-credentials action to v2.2.0 * clustermesh enable: add enable-kvstoremesh flag * chore(deps): update docker/setup-buildx-action action to v2.7.0 * sysdump: collect spire server and agent configuration * sysdump: collect spire server statefulset & agent daemonset * sysdump: collect SPIRE agent and server Pod logs * fix(deps): update all go dependencies main * chore(deps): update docker/build-push-action action to v4.1.1 * chore(deps): update golangci/golangci-lint docker tag to v1.53.3 * sysdump: collect CiliumPodIPPools * bgp: minor fix to bgp command help output * fix(deps): update module github.com/cilium/cilium to v1.14.0-snapshot.4 * sysdump: Fix wrong CiliumLoadBalancerIPPools collector * connectivity: Add upgrade tests * connectivity: Add --flush-ct * fix(deps): update all go dependencies main * Update stable release to v0.14.7 ------------------------------------------------------------------- Wed Jun 14 17:37:46 UTC 2023 - kastl@b1-systems.de - Update to version 0.14.7: * Prepare for v0.14.7 release * helm mode: Handle azure.resourceGroup Helm value * chore(deps): update golangci/golangci-lint-action action to v3.6.0 * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to 2a6835e * chore(deps): update actions/checkout action to v3.5.3 * chore(deps): update docker/build-push-action action to v4.1.0 * chore(deps): update dependency go to v1.20.5 * sysdump: gather tetragon namespaced policies * External workloads CI fixed. * fix(deps): update module github.com/cilium/hubble to v0.11.6 * install: Add node affinity for Operator * clustermesh connect: configure PKI upon CA mismatch * helm mode: add implementation for clustermesh connect * Helm mode: Use Helm chart version as running version * Make CI test resources unique for retries. * fix(deps): pin dependencies * status: Print Helm chart version in Helm mode * chore(deps): update all github action dependencies * mutual-auth: Update the terminology/wording * connectivity: Ability to add custom annotations to test deployment * connectivity: Add annotations map helper type * k8s: Add ability to specify namespace metadata * Update stable release to v0.14.6 * chore(deps): update golangci/golangci-lint-action action to v3.5.0 * chore(deps): update golangci/golangci-lint docker tag to v1.53.2 * install: Skip version validation in Helm mode * uninstall: Skip version detection / validation in Helm mode * chore(deps): update golangci/golangci-lint docker tag to v1.53.1 * renovate: ignore pflag Go mod updates * fix(deps): update module github.com/cilium/cilium to v1.14.0-snapshot.3 ------------------------------------------------------------------- Fri Jun 02 04:49:49 UTC 2023 - kastl@b1-systems.de - Update to version 0.14.6: * README.md: update Cilium version in examples to latest stable releases * ci: update Cilium version to v1.13.3 * defaults: install Cilium v1.13.3 by default * multicluster tests: simplify secret rename logic * chore(deps): update aws-actions/configure-aws-credentials action to v2.1.0 * fix(deps): pin dependencies * ci/workflow: simplify junit uploads * gh/workflow: change multicluster provisioning to none blocking mode * fix(deps): update module github.com/stretchr/testify to v1.8.4 * connectivity/check: store metrics by pointer in TestMetricsIncrease * install: Do not use individual HelmOpts * install: Add native datapath mode * connectivity: Add sanity check for IP routes w/o --include-unsafe-tests * connectivity: add full egress gateway test suite * check: delete CiliumEgressGatewayPolicies after test run * check: add NodeportService wrapper * chore(deps): update docker.io/coredns/coredns docker tag to v1.10.1 * Makefile: fix golangci-lint renovate datasource tag annotation ------------------------------------------------------------------- Sat May 27 10:46:49 UTC 2023 - kastl@b1-systems.de - Update to version 0.14.5: * Prepare for v0.14.5 release * renovate: add annotations for connectivity test images * sysdump: refactor submitTetragonBugtoolTasks to take defaults as parameters * connectivity/check: pass metrics to metricsIncrease by pointer * renovate: add renovate/stop-updating label on renovate's PRs * Update stable release to v0.14.4 * connectivity: Skip north-south-loadbalancing-with-l7-policy w/o L7 * connectivity: Fix installing IP routes to nodes w/o Cilium * connectivity: Fix FeatureTunnel.Mode ------------------------------------------------------------------- Thu May 25 12:26:13 UTC 2023 - kastl@b1-systems.de - Update to version 0.14.4: * Prepare for v0.14.4 release * connectivity: add property flag fot junit * Makefile: bump Go to v1.20.4 for release target * chore(deps): update docker.io/library/busybox:stable-glibc docker digest to bf30051 * docs: Add an example for setting image.override * Add GatewayAPI resources to sysdump * Allow to pass --insecure to curl * upgrade: Check for error before accessing release * connectivity: Split host-netns daemonset into two * connectity: Deploy host netns pods by default * connectivity: Remove --datapath and add --include-unsafe-tests * gh/workflows: Bump timeout in kind.yaml * connectivity: Skip L7 N/S test on < v1.13.3 * connectivity: Add WithCiliumVersion * connectivity: Disable flow validation for N/S with KP * connectivity: Fix feature detection of KPR friends * connectivity: Add FlowFilters() method for TestPeer * connectivity: Install podCIDR => nodeIP on non-Cilium nodes * connectivity/check: Add CAP_NET_ADMIN for host-netns ds * check: update tunneling detection logic * check: make (Service)Address() return an IP address * cli: Export Version var to be set externally * ci: Add prometheus enabled in kind config * Add metrics increase validation and a simple test to check metrics on total request * Add metrics validation in tests * Collect metrics in Action * Extract Result from policy.go into its own file * Add metrics collector logic * Add k8s dialer to port foward properly * status: provide additional context for disabled Envoy DaemonSet * readme.md: updated status section with updated envoy output * sysdump: collect cilium envoy daemonset & configmap * sysdump: collect logs from cilium envoy pods * status: add cilium envoy daemonset * ci: fix gke network starvation * helm mode: autodetect service parameters for clustermesh * fix(deps): update module github.com/stretchr/testify to v1.8.3 * fix(deps): pin dependencies * helm mode: Add external workloads test coverage * clustermesh enable: Add a flag to set externalWorkloads.enabled * connectivity: Skip IPv6 requests in north-south-loadbalancing-with-l7-policy when running on < 1.14.0 Cilium * sysdump: Don't save cilium-etcd-secrets * connectivity: Add GetTest method * connectivity: Move template utils from internal * connectivity: Add WithFinalizer to register test finalizers * connectivity: Expose connectivity test k8s clients * connectivity: Add WithSetupFunc to register setup callbacks * cli: Add hooks and exported NewCiliumCommand * helm mode: Add EKS tunnel mode test coverage * sysdump: Add support for CiliumCIDRGroup CRD * install: Move the logic to unschedule aws-node to preinstall * helm mode: Add EKS test coverage ------------------------------------------------------------------- Thu May 18 07:47:00 UTC 2023 - kastl@b1-systems.de - Update to version 0.14.3: * Prepare for v0.14.3 release * chore(deps): update helm/kind-action action to v1.7.0 * build(deps): bump github.com/docker/distribution * chore(deps): update actions/setup-go action to v4.0.1 * Remove last-applied-configuration from etcd-secret in sysdump * fix(deps): pin dependencies * helm mode: Clarify upgrade command * fix(deps): pin dependencies * fix(deps): pin dependencies * chore(deps): update google/mirror-branch-action digest to 30c52ee * renovate: schedule Go module updates once a week * uninstall: allow ciliumVersion to start with "v" * install: fix TestK8sInstaller_getHelmValuesKind after update to yaml.v3 * fix(deps): update module gopkg.in/yaml.v2 to v3 * connectivity: Improve the logic to wait for Hubble Relay * Add helm mode test coverage for AKS BYOCNI * unit test: Restore the original env variable using defer * fix(deps): pin dependencies * fix(deps): update all go dependencies main * chore(deps): update google/mirror-branch-action digest to 884625c * .github/workflows: add missing GH action version annotations * chore(deps): update google-github-actions/setup-gcloud action to v1.1.1 * chore(deps): update dependency go to v1.20.4 * chore(deps): update all github action dependencies * Add a function to check if the CLI is in Helm mode * Farewell dependabot 👋 * connectivity test: add junit output * Remove az-binary check * Don't enable nodeinit on EKS when not needed * Update stable release to v0.14.2 * .github/workflows: add GH action version annotations * renovate: exclude Cilium forks and k8s from automatic updates * renovate: fix invalid whitespace characters * renovate: fix invalid JSON syntax * .github/workflows: bump AKS BYOCNI workflow timeout * Add renovate configuration * helm mode: add recursive deprecated secret logic ------------------------------------------------------------------- Tue May 09 05:17:51 UTC 2023 - kastl@b1-systems.de - Update to version 0.14.2: * Prepare for v0.14.2 release * Revert "suite: disable KNP tests when endpoint routes and IPv6 are enabled" * connectivity: Fix IPv6 skipping when EP routes are on * connectivity: enable outside to nodeport via IPv6 when IPsec is enabled * Remove AKS Azure IPAM test coverage * suite: disable KNP tests when endpoint routes and IPv6 are enabled * features: add RequireFeatureDisabled helper * workflows: kind: run IPSec connectivity test in test-namespace * connectivity: derive egress gateway node name instead of hardcoding it * connectivity: add basic egress gateway test * connectivity: add support for CiliumEgressGatewayPolicy resources * connectivity: add echo-external deployment * features: add support for probing the egress gateway feature * go.mod, vendor: bump google.golang.org/grpc from 1.54.0 to 1.55.0 * Handle OCI repositories * README.md: Add upgrade command samples * Update stable release to v0.14.1 ------------------------------------------------------------------- Thu May 04 04:39:49 UTC 2023 - kastl@b1-systems.de - Update to version 0.14.1: * Prepare for v0.14.1 release * connectivity: report peer name in "no flows recorded" log message * connectivity: Add tests for egress rule with SA * connectivity: Rename existing SA tests * connectivity: add retry to external targets * Dockerfile: Bump library/golang * Replace versioncheck.Version with semver.ParseTolerant * sysdump: replace deprecated methods * connectivity/check: use existing label constants from corev1 * go.mod, vendor: update k8s deps to v1.27.1 * connectivity: test accessing NodePort from outside with L7 policy * helm mode: Make Helm chart repository configurable * Add GHA to install Cilium CLI executable * Add CI workflow for clustermesh via helm * multicluster CI: Use LoadBalancer for GKE etcd * Address wording an style nits of #1550 * golangci-lint: fix warnings * golangci-lint: fix unused parameter warnings * build: update golangci-lint to v1.52.2 * connectivity: Retry on inconclusive results * sysdump: Fix writing to absolute path * helm mode: Set default clustermesh service type to NodePort * helm: add unit tests for ParseVals * Enable Helm mode matrix for multicluster tests * Add cilium clustermesh {enable,disable} using Helm * Allow the Helm timeout to be set on uninstall * connectivity/tests: omit IPs and vendor names from test names * connectivity: Retry getting the policy revision * fixes versioncheck for l7 proxy disabling with wireguard encryption * connectivity: Add Ingress related tests * connectivity: Add Ingress resource for echo service * Remove "Release Date" column from the release table * Update stable release to v0.14.0 ------------------------------------------------------------------- Mon Apr 24 18:27:39 UTC 2023 - kastl@b1-systems.de - BuildRequire go1.20 - Update to version 0.14.0: * Prepare for v0.14.0 release * go.mod, vendor: bump github.com/docker/docker * defaults: bump json-mock to 1.3.5 * cli: adapt helm chart cleanup of deprecated hubble values * .github: add mirror from main -> master * docs: update references to the main branch * ci: rename master -> main * Adjust cilium/cilium URLs after primary branch rename to `main` * Add documentation for helm installation mode * ci: bump google-github-actions/auth from 1.0.0 to 1.1.0 * ci: update Cilium version to v1.13.2 * defaults: install Cilium v1.13.2 by default * go.mod, vendor: pull in latest cilium charts * misc: replace label goto with extracted method or for loops * misc: replace label breaks with extracted method * Default Helm Upgrade to not reuse values * Clean up signature and usage of helm Upgrade func * Add chart version as parameter for upgrade * Expose helm reset/reuse values as flags for upgrade * Add upgrade implementation using Helm * Factor out ListVersions from preinstall * .github: Prepare workflows for tests with a 3rd node * connectivity: Implement FromCIDR tests * connectivity: Refactor scenarios passed to tests * Rename current CIDR tests to to-cidr.go * connectivity/check: Validate --external-from-cidrs * .github/workflows: Install static routes for nodes without Cilium * .github/workflows: Label nodes for --nodes-without-cilium * internal/cli/cmd: Clarify --nodes-without-cilium * connectivity/check: Deploy host-netns daemonset by default * ci: bump actions/checkout from 3.5.1 to 3.5.2 * BGP: Introduce new cli to get bgp state * Add connectivity tests for auth * go.mod, vendor: bump helm.sh/helm/v3 from 3.11.2 to 3.11.3 * connectivity: Make detected Cilium Agent version available for feature detection * ci: bump actions/checkout from 3.5.0 to 3.5.1 * Refactor generic policy to Cilium policy * Add KNPs tests scenarios * Add KNPs utils methods * Add KNP feature * Add CRD feature and CNP enabled requirement * helm mode install: Add --dry-run / --dry-run-helm-values flags * Use --set-string for node affinity * go.mod, vendor: bump github.com/cloudflare/cfssl from 1.6.3 to 1.6.4 * vendor: get latest cilium * install: Support --nodes-without-cilium in Helm install mode * Fix quotation for Cilium schedule affinity * Dockerfile: Bump library/golang * go.mod, vendor: bump github.com/spf13/cobra from 1.6.1 to 1.7.0 * go.mod, vendor: bump golang.org/x/mod from 0.9.0 to 0.10.0 * helm mode: Test with GKE * helm mode: Add hubble enable / disable commands * Add Helm-based install / uninstall commands * Refactor for Helm-based Cilium installation management * Dockerfile: Bump library/golang from `08bd1aa` to `1d7fec2` * Dockerfile: Bump library/golang from `b1f83bc` to `08bd1aa` * go.mod, vendor: bump github.com/go-openapi/strfmt from 0.21.5 to 0.21.7 * Dockerfile: Bump library/golang from `50e46c1` to `b1f83bc` * go.mod, vendor: bump google.golang.org/grpc from 1.53.0 to 1.54.0 * Sysdump: Add missing Cilium CRDs * ci: bump actions/checkout from 3.4.0 to 3.5.0 * Replace deprecated flags with --helm-set * Tetragon Tracing Policies * Add a l7 header replace test * Update stable release to v0.13.2 ------------------------------------------------------------------- Tue Mar 21 08:19:39 UTC 2023 - kastl@b1-systems.de - Update to version 0.13.2: * Prepare for v0.13.2 release * vendor: Pick up the latest cilium * go.mod, vendor: bump github.com/go-openapi/strfmt from 0.21.3 to 0.21.5 * report IP families that are being tested * Change the default Cilium version to v1.13.1 * vendor: Pick up the latest github.com/cilium/charts * uninstall: set "cni.uninstall" to true * ci: bump actions/checkout from 3.3.0 to 3.4.0 * ci: bump actions/setup-go from 3.5.0 to 4.0.0 * clustermesh: correctly mount the etcd data dir in the init container * Update Go to 1.20.2 * refactor: Break generateManifests() into smaller functions * internal/utils: match new snapshot release version format * internal/utils: refactor CheckVersion to return an error * go.mod, vendor: update cilium to latest master to pull in versioncheck fix * Dockerfile: Bump library/golang from `0848e98` to `50e46c1` * connectivity: allow to restrict connectivity test pods using nodeSelector * install: Generate resource quotas from Helm chart * ci: bump docker/setup-buildx-action from 2.4.1 to 2.5.0 * helm: fix incorrect log error formatting directive. * Dockerfile: Bump library/golang * go.mod, vendor: bump helm.sh/helm/v3 from 3.11.1 to 3.11.2 * ci: bump aws-actions/configure-aws-credentials from 1.7.0 to 2.0.0 * Enable L7 and k8s secrets in tests * Adds a test case for L7 policy with TLS * ingress: Clean-up Ingress related resources * ingress: Create Ingress Endpoint * Update Go to 1.20.1 * Update stable release to v0.13.1 * go.mod, vendor: bump golang.org/x/mod from 0.8.0 to 0.9.0 * RELEASE.md: adjust release instructions after change to new release action * .github/workflows: use tag name instead of fully-formed ref in release name ------------------------------------------------------------------- Fri Mar 03 13:20:25 UTC 2023 - kastl@b1-systems.de - Update to version 0.13.1: * .github/workflows: use softprops/action-gh-release in release workflow * Dockerfile: Bump library/golang from `9266e89` to `bf83658` * Prepare for v0.13.1 release * Add profiling data(cpu/heap) of cilium agent to sysdump. * go.mod, vendor: pull in latest cilium charts for v1.14.0-snapshot.0 * hubble: Patch Cilium DaemonSet with hubble-metrics port * clustermesh: update etcd version to v3.5.4 * enabled l7Proxy & removed err.log message for WireGuard * Update stable release to v0.13.0 * connectivity: switch "waitForPodDNS" check to use any IP address family * connectivity: rename IPFamilyNone to IPFamilyAny * go.mod, vendor: bump github.com/stretchr/testify from 1.8.1 to 1.8.2 ------------------------------------------------------------------- Fri Feb 24 11:11:17 UTC 2023 - kastl@b1-systems.de - Update to version 0.13.0: * Prepare for v0.13.0 release * connectivity: Use InternalIP for NodePort requests on GKE * connectivity: Disable IPsec NodePort from outside via IPv6 * connectivity: Disable IPv6 with EP feat when netpols exist * connectivity: Add IPv6 tests * connectivity: Extend IPCache check to search for all addrs * connectivity: Store Cilium nodes * connectivity: Add v4/v6 and endpoint-routes features * connectivity: Add IPFamily * ci: update Cilium version to v1.13.0 * defaults: install Cilium v1.13.0 by default * sysdump: distil events in to a nice filterable HTML table * go.mod, vendor: bump github.com/google/gops from 0.3.26 to 0.3.27 * status: detect when DaemonSets and Deployments are rolling out * test: Wait for policy change if any policy changed * defaults: Lower connectivity timeouts * Wait for deletion of agent DaemonSet before deleting other resources. * ingress: Create Ingress Service if required * ingress: Correct Ingress Class name * connectivity: skip nodeport tests with clustermesh if KPR is disabled * Dockerfile: Bump library/golang * connectivity tests: support IPv6 in ICMP-related netpols * Update stable release to v0.12.13 ------------------------------------------------------------------- Wed Feb 15 18:53:39 UTC 2023 - kastl@b1-systems.de - Update to version 0.12.13: * Prepare for v0.12.13 release * vendor: Pick up github.com/cilium/cilium v1.13.0 * install: fix support for multi-object files * uninstall: remove cilium-config-agent role/rolebinding * feat: add json output for status and clustermesh status * go.mod, vendor: bump github.com/cilium/workerpool from 1.1.3 to 1.2.0 * go.mod, vendor: bump golang.org/x/mod from 0.7.0 to 0.8.0 * go.mod, vendor: bump helm.sh/helm/v3 from 3.11.0 to 3.11.1 (bsc#1208090, CVE-2023-25165) * go.mod, vendor: bump google.golang.org/grpc from 1.52.3 to 1.53.0 * ci: bump docker/setup-buildx-action from 2.4.0 to 2.4.1 * ci, make: update golangci-lint to v1.51.1 * k8s: don't append to non-zero slice with zero entries in (*Client).ListAPIResources * ci: bump google-github-actions/setup-gcloud from 1.0.1 to 1.1.0 * ci: use cloud provider specific external target for pod-to-world tests * go.mod, vendor: update github.com/cilium/hubble to v0.11.1 * Update Go to 1.20 * ci, make: update golangci-lint to v1.51.0 * Dockerfile: Bump library/golang * connectivity: drop pre-1.11 allow-except-world test * clustermesh: adapt global service annotations * clustermesh: Add missing brackets of etcd option * Check if context is cancelled before next iteration * ci: bump docker/setup-buildx-action from 2.2.1 to 2.4.0 * ci: bump docker/build-push-action from 3.3.0 to 4.0.0 * ci: update Cilium version to v1.12.6 * defaults: update default Cilium version to v1.12.6 * go.mod, vendor: pull in latest cilium charts for v1.10.19, v1.11.13, v1.12.6 * status: rename Hubble status to Hubble Relay * [connectivity] add container name for health tests * go.mod, vendor: bump google.golang.org/grpc from 1.52.0 to 1.52.3 * dependabot: bump open pull request limit for Go module updates * dependabot: label dependabot PRs as release blocker * dependabot: add custom prefixes to dependabot commit subjects * sysdump: Collect new CR introduced as part of 1.13 * vendor: Bump cilium to v1.13.x version * sysdump: always log used namespaces * Honor global namespace flag in sysdump command * fix(connectivity): Add node-local-dns entitiy match for local ip usage case * build(deps): bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 * build(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.0 * connectivity: Make pod to world test more configurable * connectivity: Set PreferDualStack for test services * build(deps): bump docker/build-push-action from 3.2.0 to 3.3.0 * install: Do not enable BPF masq if ipv6 is enabled * Update cilium vendoring * install: Auto-enable BPF masquerade * Update Go to 1.19.5 * build(deps): bump google.golang.org/grpc from 1.51.0 to 1.52.0 * build(deps): bump library/golang * RELEASE.md: check and merge PRs before the release * connectivity: Display last error after waiting k8s resources timeouts * Update stable release to v0.12.12 ------------------------------------------------------------------- Wed Jan 11 11:53:53 UTC 2023 - kastl@b1-systems.de - Update to version 0.12.12: * Prepare for v0.12.12 release * connectivity: Fix node2node test case feat requirement * Add copy-retry-limit flag * Fix Typo [valye -> value] * ci: update Cilium version to v1.12.5 * defaults: update default Cilium version to v1.12.5 * go.mod, vendor: pull in latest cilium charts for v1.10.18, v1.11.12, v1.12.5 and v1.13-rc4 * connectivity: Add node-to-node encryption tests * connectivity: Make pod to world test configurable * introduce --open-browser flag on cilium hubble UI * hubble: port-forward only on IPv4 * cli: Support client only in version sub-command * build(deps): bump library/busybox from `898fba6` to `5289a46` * build(deps): bump actions/checkout from 3.2.0 to 3.3.0 * all: fix spacing with ℹ️ logs * hubble: port-forward only to localhost * build(deps): bump actions/download-artifact from 3.0.1 to 3.0.2 * build(deps): bump nick-invision/retry from 2.8.2 to 2.8.3 * connectivity: allow to specify connect and request timeout * connectivity: convert curl/ping command construction *ConnectivityTest methods * connectivity: make curlEndpoints a (*podToPodWithEndpoints) method * build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2 * connectivity: Fix iface derivation in encrypt tests * build(deps): bump helm.sh/helm/v3 from 3.10.2 to 3.10.3 * k8s: Bring back TTY to Exec * .github: replace deprecated set-output commands * build(deps): bump actions/setup-go from 3.4.0 to 3.5.0 * Use the newly extracted GetCiliumVersion method * Extract GetCiliumVersion to the k8s package * sysdump: exclude endpoint object files by default * build(deps): bump helm/kind-action from 1.4.0 to 1.5.0 * connectivity: Fix tunnel feature detection * .github: pin ubuntu runners to 22.04 * build(deps): bump azure/setup-helm from 3.4 to 3.5 * build(deps): bump actions/checkout from 3.1.0 to 3.2.0 * connectivity, k8s, internal/utils: drop ExecInPodWithTTY and CtrlCReader * k8s: use exec.StreamWithContext * go.mod, vendor: update client-go to v0.26.0 * sysdump: Autodetect the cilium-operator namespace * sysdump: Fix bug that caused Cilium namespace to be empty * build(deps): bump library/busybox from `62bc224` to `898fba6` * install: update existing roles, bindings if already extant * README, dependabot: mark v0.10 branch as unmaintained * connectivity: Add encryption test * connectivity: Add feature getter * connectivity: Add feature to detect tunneling mode * k8s: Add ExecInPodWithWriters * connectivity: Add feature to detect encryption * sysdump: Log detected Cilium namespace * Update Go to 1.19.4 * workflows: Test with Cilium v1.12.4 * build(deps): bump library/golang * Update stable release to v0.12.11 * defaults: update default Cilium version to v1.12.4 * .github: update get-kubeconfig.sh for k8s 1.24 * workflows: Bump timeout for External Workload workflow * build(deps): bump library/golang from `a3cdc5a` to `3607071` * workflows: Collect sysdump immediatly after test failures * workflows: Bump timeout for EKS workflow * connectivity: Reorder L7 ingress connectivity tests * build(deps): bump library/golang from `d171aa3` to `a3cdc5a` * build(deps): bump actions/setup-go from 3.3.1 to 3.4.0 ------------------------------------------------------------------- Thu Dec 01 19:48:45 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.11: * Prepare for v0.12.11 release * go.mod, vendor: pull in latest cilium charts for v1.10.17, v1.11.11, v1.12.4 and v1.13-rc3 * workflows: add wait for no operation for cleaning up GKE * .github/workflows: remove duplicate CI Image release digest step * status: Include pending pods in total Cluster Pods count * clustermesh: use Cilium version extracted from helm secret if available * Update stable release to v0.12.10 ------------------------------------------------------------------- Wed Nov 30 13:20:51 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.10: * Makefile: Fix potential uid/gid collision by using setpriv * ci, make: allow to build release as root user * Prepare for v0.12.10 release * connectivity/check: fix logging in non-verbose mode with timestamps * defaults: update connectivity test image versions * connectivity: delete pods before deleting namespace * install: delete connectivity test k8s resources before Cilium/Hubble * .github/workflows: bump uninstall timeout on EKS * clustermesh: Fix --bpf-lb-sock on < 1.12 * status: Exclude non-running pods from PodsCount * connectivity: collect sysdump also on test setup failure * build(deps): bump github.com/google/gops from 0.3.25 to 0.3.26 ------------------------------------------------------------------- Thu Nov 24 15:58:13 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.9: * Prepare for v0.12.9 release * internal/cli: refactor sysdump flags initialization logic * connectivity: add --collect-sysdump-on-failure flag * sysdump: collect CiliumEgressGatewayPolicies * Update stable release to v0.12.8 ------------------------------------------------------------------- Tue Nov 22 07:29:52 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.8: * Prepare for v0.12.8 release * build(deps): bump google.golang.org/grpc from 1.50.1 to 1.51.0 * connectivity: allow to delete Cilium pods during tests * defaults, install, utils: extract no-schedule node affinity and labels into constants * connectivity: report nodes without Cilium as part of FeatureNodeWithoutCilium * all: use defaults.AgentPodSelector * connectivity: group and reorder cli flag definitions * install: allow for multiple roles and rolebindings per file * build(deps): bump library/busybox from `c103754` to `62bc224` * build(deps): bump library/golang from `dc4f475` to `d171aa3` * Update stable release to v0.12.7 * connectivity: Send request to 1.1.1.1 over TCP/443 instead of TCP/80 ------------------------------------------------------------------- Tue Nov 15 09:38:07 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.7: * Prepare for v0.12.7 release * clustermesh: Rename host-reachable-svc opt * Get rid of kube-proxy-replacement=probe * test/connectivity: fix goroutine leak * build(deps): bump helm.sh/helm/v3 from 3.10.1 to 3.10.2 * Update stable release to v0.12.6 * build(deps): bump library/golang from `8558ae6` to `dc4f475` * build(deps): bump golangci/golangci-lint-action from 3.3.0 to 3.3.1 * build(deps): bump google-github-actions/setup-gcloud from 1.0.0 to 1.0.1 * Improvements for kube-proxy detection and replacement * test/connectivity: Add a bit more logging around Hubble connections * kpr: Improve k8s API server endpoint detection to handle Kind * build(deps): bump google-github-actions/setup-gcloud from 0.6.2 to 1.0.0 * build(deps): bump google-github-actions/auth from 0.8.3 to 1.0.0 * Update Go to 1.19.3, golangci-lint to 1.50.1 * Enable network-perf for arm64 * defaults: Update cilium/json-mock to v1.3.3 ------------------------------------------------------------------- Tue Nov 15 09:22:10 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.6: * Prepare for v0.12.6 release * vendor: Update cilium/charts * build(deps): bump library/golang * build(deps): bump azure/setup-helm from 3.3 to 3.4 * build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 * install: Add auto-filled --api-versions parameter for helm capabilities * helm: Add PrintHelmTemplateCommand to remove template log in MergeVals * k8s: Add method ListApiResources to k8s.Client * build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 * build(deps): bump library/busybox from `7b72c24` to `c103754` * build(deps): bump google.golang.org/grpc from 1.50.0 to 1.50.1 * build(deps): bump library/golang from `f3e6836` to `845f16d` * build(deps): bump actions/download-artifact from 3.0.0 to 3.0.1 * Pin gcloud CLI version * build(deps): bump docker/setup-buildx-action from 2.2.0 to 2.2.1 * build(deps): bump golangci/golangci-lint-action from 3.2.0 to 3.3.0 * build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.1 * build(deps): bump actions/setup-go from 3.3.0 to 3.3.1 ------------------------------------------------------------------- Wed Oct 19 05:04:23 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.5: * Prepare for v0.12.5 release * build(deps): bump helm.sh/helm/v3 from 3.10.0 to 3.10.1 * vendor: Pick up the latest github.com/cilium/charts * build(deps): bump nick-invision/retry from 2.8.1 to 2.8.2 * build(deps): bump docker/setup-buildx-action from 2.0.0 to 2.2.0 * build(deps): bump library/golang from `9d3bd09` to `f3e6836` * build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 * build(deps): bump docker/login-action from 2.0.0 to 2.1.0 * build(deps): bump google-github-actions/setup-gcloud from 0.6.0 to 0.6.2 * build(deps): bump google-github-actions/auth from 0.8.1 to 0.8.3 * sysdump: auto detect namespace from list of defaults. * build(deps): bump docker/build-push-action from 3.1.1 to 3.2.0 * Don't restart Cilium on cilium uninstall * build(deps): bump google.golang.org/grpc from 1.49.0 to 1.50.0 * build(deps): bump library/golang from `2baa528` to `9d3bd09` * [connectivity] Allow configuring cilium-agent pod selector * build(deps): bump library/golang * build(deps): bump library/busybox from `8946083` to `7b72c24` * build(deps): bump github.com/cloudflare/cfssl from 1.6.2 to 1.6.3 * build(deps): bump actions/checkout from 3.0.2 to 3.1.0 * build(deps): bump michi-covalent/push-to-loki from 0.2.1 to 0.2.2 * test/connectivity: Run connectivity test in non-default namespace * test/connectivity: Add length check before calls to waitForDeployments() * test/connectivity: Correct perf deploys in deploymentList() * test/connectivity: Add early return when deploying perf resources * test/connectivity: Update drop traffic direction and reason * sysdump: Collect k8s leases * test/connectivity: Add any prefix for pod namespace label * config, hubble: plumb context where available * test/connectivity: Remove explicit namespace in policy manifest * defaults: update connectivity test image versions * build(deps): bump helm/kind-action from 1.3.0 to 1.4.0 * build(deps): bump helm.sh/helm/v3 from 3.9.4 to 3.10.0 * test/connectivity: Update drop traffic direction and reason * policy: Add support for drop direction and reason * Update stable release to v0.12.4 ------------------------------------------------------------------- Sun Sep 25 06:55:40 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.4: * Prepare for v0.12.4 release * gha: Increase timeout for GKE * connectivity: Add allowed entity related tests * connectivity: Add all entities deny test * connectivity: Add all ingress and egress denied * build(deps): bump library/busybox from `b0b9ae9` to `8946083` * ci: bump Cilium version to v1.12.2 * defaults: update default Cilium version to v1.12.2 * go.mod, vendor: pull in latest cilium charts for v1.12.2, v1.11.9, v1.10.15 * go.mod, vendor: update cilium to v1.12.2 * hubble: fix enable/disable command when `cilium-cli-helm-values` does not exist * helm: Add support for remote chart version * helm: Rename newChartFromCiliumVersion function * build(deps): bump michi-covalent/push-to-loki from 0.2.0 to 0.2.1 * build(deps): bump library/busybox from `306a4bb` to `b0b9ae9` * connectivity: L7 HTTP method test * Retain labels when creating endpoint object in curlEndpoints * Add Labels() to TestPeer interface * connectivity: Add method to podToPod(endpoints) * connectivity: Assert policy denies for disallowed FQDN * build(deps): bump azure/login from 1.4.5 to 1.4.6 * eks-tunnel: Skip cilium-health check in the EKS tunnel test * connectivity: Add test for cilium-health * ci: switch to google-github-actions/auth for GKE based workflows * Update golangci-lint to v1.19.0 * Dockerfile: use golang image instead of cilium-builder * Update Go to 1.19.1 * Status: generate a more meaningful message if agent not running * build(deps): bump library/busybox from `5b1ae0b` to `306a4bb` * Bump go directive version to 1.19 in go.mod * Update stable release to v0.12.3 ------------------------------------------------------------------- Wed Sep 07 06:58:58 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.3: * Prepare for v0.12.3 release * go.mod, vendor: update for cilium charts for v1.13.0-rc0 * Clustermesh secrets inconsistency with Helm * ci: bump external workloads workflow timeouts * build(deps): bump github.com/cloudflare/cfssl from 1.6.1 to 1.6.2 * Update stable release to v0.12.2 ------------------------------------------------------------------- Wed Sep 07 06:57:21 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.2: * Prepare for v0.12.2 release * gha: Skip deny policies for multi-cluster * gha: Increase the timeout for tests * connectivity: Add policy test for service account * connectivity: Add policy test for matched expression * connectivity: Add policy test for name ports * connectivity: Add connectivity with deny policies * deployment: Add named port for all test workload * connectivity: Add service account for each deployment * scenario: Add filtering source and dest labels * Update comment for ICMP test * manifest: Remove prefix k8s in policy labels * build(deps): bump google.golang.org/grpc from 1.48.0 to 1.49.0 * build(deps): bump helm.sh/helm/v3 from 3.9.3 to 3.9.4 * Enable kube-proxy replacement if no kube-proxy is detected in a cluster * build(deps): bump actions/setup-go from 3.2.1 to 3.3.0 * ci: Remove Slack notifications * all: remove year from copyright notice * build(deps): bump library/busybox from `9526219` to `5b1ae0b` * dependabot: Monitor Dockerfile * Push workflow run results to Loki * Revert "Push workflow run results to Loki" * Push workflow run results to Loki * build(deps): bump 8398a7/action-slack from 3.13.0 to 3.13.2 * build(deps): bump azure/setup-helm from 1.1 to 3.3 * ci: bump Cilium version to v1.12.1 * defaults: update default Cilium version to v1.12.1 * go.mod, vendor: pull in latest cilium charts for v1.12.1, v1.11.8, v1.10.14 * go.mod, vendor: update cilium to v1.12.1 * sysdump: add tetragon bugtool output * sysdump: rename submitBugtoolTasks * build(deps): bump helm.sh/helm/v3 from 3.9.2 to 3.9.3 * Update stable release to v0.12.1 * sysdump: Trim ls output * connectivity: Get rid of host reachable svc * Update Go to 1.19 * ci: update golangci-lint to 1.48.0 * all: gofmt with Go 1.19 * connectivity: switch to net/netip package in ipCache.findPodID * sysdump: replace use of deprecated io/ioutil package * build(deps): bump nick-invision/retry from 2.8.0 to 2.8.1 * connectivity: Add --datapath for DP e2e conformance suite * connectivity: Add feature check for nodes w/o cilium * install: Add --nodes-without-cilium * ci: bump Cilium version to v1.12.0 * install: use aksbyocni.enabled helm option for Cilium ≥ 1.12.0 * connectivity: Fix CNI chaning feature detection on v1.12+ * connectivity: Use agent-runtime-config.json for feature detection * fix(install): exit before helm secret generation in --helm-auto-gen-values mode * build(deps): bump docker/build-push-action from 3.1.0 to 3.1.1 * connectivity: Add ICMP policy test from client to client * connectivity: trim whitespaces from `cilium version` output * connectivity: Fall back on ConfigMap for CNI chaining * workflows/kind: Enable HostPort support * connectivity: Introduce pod-to-hostport scenario * connectivity: Add AltDstIP flow requirement * connectivity: Rename FlowParameters.NodePort to AltDstPort * connectivity: Introduce conditional scenarios * connectivity: Add hostPort to deployment * connectivity: Derive HostPort feature * connectivity/feature: Add Kube-Proxy Replacement features * build(deps): bump nick-invision/retry from 2.7.0 to 2.8.0 * .github: update dependabot open PR limit for GH actions ------------------------------------------------------------------- Wed Sep 07 06:53:21 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.1: * Prepare for v0.12.1 release * build(deps): bump aws-actions/configure-aws-credentials * sysdump: Add kvstore data to dumps. * connectivity: Add -t to prefix log msg with timestamp * internal: add missing types when generating helm template command * go.mod, vendor: update Hubble to v0.10.0 * connectivity: remove unused (*ConnectivityTest).FetchCiliumPodImageTag * Update Go to 1.18.5 * connectivity: debug log detected features * connectivity: add feature detection unit tests * connectivity: Introduce feature requirements * connectivity: Use features to detect flow aggregation * connectivity: Add feature detection * connectivity: Split out cilium pod initialization * upgrade: also bump clustermesh-apiserver * connectivity: Add node-local-dns match labels * CODEOWNERS: update teams following removal of non-sig teams * RELEASE.md: bump version in stable.txt after release * [connectivity] Retry deleting namespace while waiting * Update RELEASE.md * connectivity: Detect version from cilium pods * build(deps): bump helm.sh/helm/v3 from 3.9.1 to 3.9.2 * clustermesh: Validate cluster-id value as per requirement * connectivity: Add --assume-cilium-version flag * ci: explicitly wait for cilium status after enabling Hubble relay on GKE * build(deps): bump docker/build-push-action from 3.0.0 to 3.1.0 ------------------------------------------------------------------- Tue Jul 19 16:09:04 UTC 2022 - kastl@b1-systems.de - Update to version 0.12.0: * Prepare for v0.12.0 release * defaults: update default Cilium version to v1.12.0 * go.mod, vendor: pull in latest cilium charts for v1.12.0, v1.11.7, v1.10.3, v1.9.18 * go.mod, vendor: update cilium to v1.12.0 * Dockerfile: update cilium-builder image for Go 1.18.4 * build(deps): bump github.com/go-openapi/strfmt from 0.21.2 to 0.21.3 * [connectivity] Support private coredns image locations * build(deps): bump helm.sh/helm/v3 from 3.9.0 to 3.9.1 * [connectivity tests] Support custom agent daemonset name * sysdump: run bugtool even when cilium agent is not running * sysdump: have bugtool gzip directly * build(deps): bump google.golang.org/grpc from 1.47.0 to 1.48.0 * Update Go to 1.18.4 * ci: switch to OIDC authentication for az CLI * internal/helm: pass cilium version as semver.Version instead of string * build(deps): bump actions/setup-go from 3.2.0 to 3.2.1 * hubble: fix issue for not create metrics service * ci: explicitly wait for cilium status after enabling Hubble relay on AKS * connectivity: test L7 ingress policy with HTTP headers * connectivity: unify WithExpectations block formatting * connectivity: remove unused test scenario name parameter * connectivity/check: report deployment/service name from constant in log message * connectivity/check: unexport constants * connectivity/check: report test namespace name in log message * hubble port-forward: Remove dependency on `cilium-cli-helm-values` secret * connectivity: Update coredns image for arm64 * build(deps): bump github.com/google/gops from 0.3.24 to 0.3.25 * test: Move HTTP validation to a separate flow requirement * filters: Only fix wildcarded ephemeral port on the first SYN * test: Avoid duplicate port filters ------------------------------------------------------------------- Thu Jul 07 06:35:48 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.11: * Prepare for v0.11.11 release * azure: fix BYOCNI install with Cilium >= 1.12 * build(deps): bump github.com/google/gops from 0.3.23 to 0.3.24 * clustermesh: Update cluster-name/cluster-id validation message * Fix broken link in CONTRIBUTING.md * connectivity: improve DNS validation * make: update alpine to 3.16 * make: run release build as regular user ------------------------------------------------------------------- Wed Jun 22 16:18:13 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.10: * Prepare for v0.11.10 release * RELEASE.md: minor fixes * go.mod, vendor: pull in latest cilium/charts for v1.12.0-rc3 * go.mod, vendor: update cilium/cilium to v1.12.0-rc3 * build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 * build(deps): bump azure/login from 1.4.4 to 1.4.5 * ci: explicitly wait for cilium status after enabling Hubble relay * README.md: update AKS test badges * Use OCI container reference parser to extract Cilium's version ------------------------------------------------------------------- Wed Jun 22 08:14:14 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.9: * Prepare for v0.11.9 release * ci: bump Cilium version to v1.11.6 * defaults: update default Cilium version to v1.11.6 * go.mod, vendor: pull in latest cilium/charts for v1.11.6, v1.10.12, v1.9.17 * hubble port-forward: Don't generate Helm manifests * connectivity: Don't fail if cilium-cli-helm-values doesn't exist * ci: re-add AKS (Azure IPAM) workflow * ci: rename AKS workflow to AKS (BYOCNI) * build(deps): bump helm/kind-action from 1.2.0 to 1.3.0 * RELEASE.md: update to reflect current release process ------------------------------------------------------------------- Wed Jun 22 08:00:10 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.8: * Prepare for v0.11.8 release * Re-add stable.txt * ci: bump kind to v0.14.0 * ci: use BYOCNI in CI * add new `aks-byocni` datapath mode * vendor: update yaml.v3 to v3.0.1 * sysdump: Use --hubble-flows-timeout flag * install: make `datapath-mode` the main flag, deprecate some flags * utils: Remove baseVersion from ParseCiliumVersion * hubble: Remove --base-version flag * connectivity: Remove --base-version flag * k8s: Add GetHelmState function * install: Remove --base-version flag * Update Go to 1.18.3 * ci, make: update golangci-lint to 1.46.2 * gha: Wait for hubble-relay in eks.sh * gha: Bump kubectl version in cilium test job * gha: Lock helm version to v3.8.2 * ci: create a new subnetwork for each new GKE cluster * install: Add --list-versions flag * build(deps): bump google.golang.org/grpc from 1.46.2 to 1.47.0 * ingress: Create ingress class if required. * build(deps): bump actions/setup-go from 3.1.0 to 3.2.0 * build(deps): bump github.com/cilium/workerpool from 1.1.2 to 1.1.3 * README.md: fix binary installation instructions * Add ctags/cscope target * sysdump: Collect hubble observe --debug and stderr * :sparkles:feat(connectivity):support private image * build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.0 * go.mod, vendor: update cilium/cilium to latest master * go.mod, vendor: update k8s deps to v1.24.0 * .github: enable GH action updates on v0.10 branch * hubble: Fix version check for generatePeerService * ci: run `cilium status` with `sudo` in external workloads post-test phase ------------------------------------------------------------------- Wed May 18 09:05:57 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.7: * ci: run `cilium service list get` with `sudo` in external workloads ping test * ci: make external workload only use global DNS server in test * ci: run `ciliun status` with `sudo` in external workloads test * ci: bump cilium version to v1.11.5 * defaults: update default Cilium version to v1.11.5 * go.mod, vendor: pick up the latest cilium/chart * build(deps): bump google.golang.org/grpc from 1.46.0 to 1.46.2 * .github: explicitly set Cilium version in workflows * build(deps): bump actions/setup-go from 3.0.0 to 3.1.0 ------------------------------------------------------------------- Sat May 14 11:38:40 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.6: * Upgrade hubble relay with cli * ci: bump golangci-lint to v1.46.0 * sysdump: Log cilium-cli version and arguments * build(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 * crds: Bump cilium version for cec v2 * Update default Cilium version to 1.11.4 * Update Go to 1.18.2 * Add friendly error message for failed service wait * Perform DNS check earlier in the tests * clustermesh: Run `cilium` with sudo in VM install script * build(deps): bump docker/setup-buildx-action from 1.7.0 to 2 * Pin kubectl version * build(deps): bump docker/login-action from 1.14.1 to 2 * improve status performance * build(deps): bump docker/build-push-action from 2.10.0 to 3 * build(deps): bump github.com/google/gops from 0.3.22 to 0.3.23 * Add doc comment to perfDeploymentNameManager * Add scenario to performance test summary outuput * Modify names of host-net perf deploys. * Rename host network related variables for clarity * Add host network scenario in pod-to-pod perf test ------------------------------------------------------------------- Thu May 05 06:36:13 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.5: * vendor: Pick up the latest cilium/chart * sysdump: Add support for Ingress, CCWEC, CEV * vendor: Add cilium/proxy package * vendor: Bump cilium version to v1.12.0-rc1 * ingress: Add steps to create role and rolebinding * ingress: Add step to create secret namespace * Add support to collect CNI config fiels from the system * build(deps): bump azure/login from 1.4.3 to 1.4.4 * install: don't repeat log message when waiting for test namespace to be deleted * k8s/client: Detect version as "latest" if image has no tag * install: Fix --image-suffix and --image-tag handling * Clean up RELEASE.md ------------------------------------------------------------------- Sat Apr 30 15:45:07 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.4: * hubble: Log Creation of Peer Service * uninstall: Add Chart Directory Opt for Uninstall and Disable * hubble: Log Deletion of Peer Service * install: Wait for test pods to be cleaned up * Extract all deamonsets of Cilium * Add option to automatically detect the pid of the gops agent * install: add encryption.enabled when encryption wireguard is used * build(deps): bump docker/setup-buildx-action from 1.6.0 to 1.7.0 ------------------------------------------------------------------- Thu Apr 28 06:27:39 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.3: * build(deps): bump google.golang.org/grpc from 1.45.0 to 1.46.0 * build(deps): bump nick-invision/retry from 2.6.0 to 2.7.0 * vendor: Update cilium/chart * bug: Correct Peer Service Filename; Create Before Relay ------------------------------------------------------------------- Tue Apr 26 06:22:57 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.2: * relay: Move Peer Service to Hubble Relay Enablement * install: add support for AWS with CNI chaining * install: Add Peer Service on Install * build(deps): bump actions/checkout from 3.0.1 to 3.0.2 * update code of conduct email * Transform flags context and namespace to be global for cilium-cli * build(deps): bump actions/checkout from 3.0.0 to 3.0.1 ------------------------------------------------------------------- Thu Apr 14 19:37:24 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.1: * install: fix AKS installation on Cilium >= 1.12.0 * helm: fix helm template output for extraConfig options * feat: collect Kubernetes Endpoints in sysdump ------------------------------------------------------------------- Thu Apr 14 19:34:08 UTC 2022 - kastl@b1-systems.de - Update to version 0.11.0: * Update Go to 1.18.1 * make: allow running `git status` during release build * hubble: redact cilium-ca certificate key when printing to terminal * hubble: fix installation of 1.10 versions * vendor: Update github.com/cilium/charts * connectivity: Make fatal errors more visible * store helm values into a Kubernetes secret * internal/helm: fix helm template output for array values * hubble: fix deployment of hubble with unreleased Cilium versions * Support operator running in a different namespace * hubble: add helm-based installation to hubble mode * internal/helm: fix bug in helm keys that had a . * refactor helm code into dedicated package * .github: partially revert flag changes * internal/cli: deprecate CLI flags in favor of helm options * refactor: Expose k8s package * install: auto-detect k3s clusters * install, internal/k8s: remove unnecessary AutodetectFlavor error return * install: add image-suffix and image-tag to keep old version behavior * install: use version SHA as image tags * go.mod, vendor: update cilium to v1.11.3 * Update default Cilium version to 1.11.3 * install: enable node-init script on AKS * defaults: add image digests for Cilium v1.9.14, v1.10.9, v1.11.3 * install: Handle rancher-desktop CNI location * use strings.HasPrefix to check cilium image * skip non cilium image when get cilium version * vendor: update cilium/chart with recent Cilium versions * install: fix helm-based installation for versions older than 1.11 * build(deps): bump github.com/cilium/workerpool from 1.1.1 to 1.1.2 * build(deps): bump helm.sh/helm/v3 from 3.8.0 to 3.8.1 * add user-defined options into Cilium ConfigMap * add helm-auto-gen-values option to write values into file * generate configmap from helm * install: allow user-defined helm options * install: allow passing a helm directory * generate manifests with helm * ci: bump golangci-lint to v1.45.0 * Moving pkill to cleanup * Update Go to 1.18 * Makefile, .github/workflows: update golangci-lint to v1.44.2 * ci: update `az` to 2.34.1 * Make CRR standalone workload * build(deps): bump docker/build-push-action from 2.9.0 to 2.10.0 * build(deps): bump google.golang.org/grpc from 1.44.0 to 1.45.0 * build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 * build(deps): bump google-github-actions/setup-gcloud from 0.5.1 to 0.6.0 * internal: clarify key=value syntax for cilium install --config * build(deps): bump golangci/golangci-lint-action from 3.0.0 to 3.1.0 * Update Go to 1.17.8 * build(deps): bump docker/login-action from 1.14.0 to 1.14.1 * Fix 'node-init' in GKE's 'cos' images. * workflows: fix AKS workflow not using the right CLI pod * build(deps): bump actions/upload-artifact from 2.3.1 to 3 * build(deps): bump actions/download-artifact from 2.1.0 to 3 * Adding Network Performance test * build(deps): bump actions/checkout from 2.4.0 to 3 * connectivity: Don't ignore errors during setup & validation * sysdump: check (*Collector).setupLogging error * build(deps): bump actions/setup-go from 2.2.0 to 3 * build(deps): bump docker/login-action from 1.13.0 to 1.14.0 * sysdump: include own log messages in sysdump * build(deps): bump golangci/golangci-lint-action from 2.5.2 to 3 - BuildRequire go1.18 ------------------------------------------------------------------- Thu Feb 24 17:09:32 UTC 2022 - kastl@b1-systems.de - Update to version 0.10.4: * connectivity: allow to specify base Cilium version * internal, utils: add ParseCiliumVersion * connectivity: use defaults.AgentContainerName * hubble: don't log to stdout/stderr when opening browser * go.mod, vendor: update github.com/pkg/browser to latest version * Update default Cilium version to v1.11.2 * go.mod, vendor: update cilium to v1.11.2 * defaults: add image digests for Cilium v1.9.13, v1.10.8, v1.11.2 * connectivity: Use specific policy depending on Cilium version * connectivity: Run setup & validation before registering tests * azure: add Contributor privileges to new Service Principals * build(deps): bump docker/login-action from 1.12.0 to 1.13.0 * build(deps): bump google-github-actions/setup-gcloud from 0.5.0 to 0.5.1 ------------------------------------------------------------------- Wed Feb 16 19:20:03 UTC 2022 - kastl@b1-systems.de - Update to version 0.10.3: * Recommend 'NoExecute' instead of 'NoSchedule'. * Prevent unmanaged pods in GKE's containerd flavors * connectivity: Remove nodeport checks from policy test * connectivity: Replace allow-all with allow-all-except-world * Update Go to 1.17.7 * build(deps): bump actions/setup-go from 2.1.5 to 2.2.0 * build(deps): bump github.com/go-openapi/strfmt from 0.21.1 to 0.21.2 * build(deps): bump google-github-actions/setup-gcloud from 0.4.0 to 0.5.0 * build(deps): bump docker/build-push-action from 2.8.0 to 2.9.0 * connectivity: include k8s-app=coredns matchLabels ------------------------------------------------------------------- Sat Jan 29 08:09:26 UTC 2022 - kastl@b1-systems.de - Update to version 0.10.2: * internal/utils: fix parsing of user versions which include suffix * build(deps): bump google.golang.org/grpc from 1.43.0 to 1.44.0 * defaults: add digests for Cilium service mesh beta images * defaults: add image digests for Cilium 1.9.12 and 1.10.7 * cmd/internal/add-image-digests: use crane to get digests without pulling * build(deps): bump google-github-actions/setup-gcloud from 0.3.0 to 0.4.0 * cilium-ca: fix the cilium-ca creation log line * RELEASE.md: use GitHub auto-generated release notes * build(deps): bump docker/build-push-action from 2.7.0 to 2.8.0 ------------------------------------------------------------------- Fri Jan 21 20:07:04 UTC 2022 - Johannes Kastl <kastl@b1-systems.de> - BuildRequire go1.17 to avoid build errors on Leap15 / SLES 15 ------------------------------------------------------------------- Fri Jan 21 19:39:20 UTC 2022 - kastl@b1-systems.de - Update to version 0.10.1: * go.mod, vendor: update cilium to 1.11.1 * Update default Cilium version to v1.11.1 * build(deps): bump azure/login from 1.4.2 to 1.4.3 * build(deps): bump aws-actions/configure-aws-credentials * install: remove deprecated --native-routing-cidr option * ci: replace deprecated --native-routing-cidr install option * build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0 * Add golangci-lint check for local imports * Sort imports according to Go conventions * connectivity/check: use insecure.NewCredentials instead of WithInsecure * build(deps): bump 8398a7/action-slack from 3.12.0 to 3.13.0 * Makefile: update release target to use alpine 3.15 * Update Go to 1.17.6 * sysdump: Support fetching DaemonSet with custom name * Make file permission more explict * Add file header with 2022 year * Add retry mechanism while copying files * Compress cilium-bugtool tar file before copy to local system * Added K3s as a supported environment * build(deps): bump actions/setup-go from 2.1.4 to 2.1.5 * install: remove deprecated cluster roles * build(deps): bump docker/login-action from 1.10.0 to 1.12.0 * images: Use well-known digests where possible * chore: Tidy up subshells in quoted script * build(deps): bump actions/upload-artifact from 2.3.0 to 2.3.1 * build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 * build(deps): bump nick-invision/retry from 2.5.1 to 2.6.0 * Update Go to 1.17.5 * ui: v0.8.5 as default * build(deps): bump azure/login from 1.4.1 to 1.4.2 ------------------------------------------------------------------- Tue Jan 4 09:04:40 UTC 2022 - Johannes Kastl <kastl@b1-systems.de> - first version of package, at version 0.10.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
