Skip to content

(test)Retina Ebpf Windows e2e tests #1658

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 57 commits into
base: dev/v0.0.33-windows
Choose a base branch
from
Open

(test)Retina Ebpf Windows e2e tests #1658

wants to merge 57 commits into from

Conversation

kumarvin123
Copy link

@kumarvin123 kumarvin123 commented Jun 3, 2025
edited
Loading

Description

This PR adds E2E test automation for retina eBPF windows integration
Please provide a brief description of the changes made in this pull request.

Related Issue

If this pull request is related to any issue, please mention it here. Additionally, make sure that the issue is assigned to you before submitting this pull request.

Checklist

  • I have read the contributing documentation.
  • I signed and signed-off the commits (git commit -S -s ...). See this documentation on signing commits.
  • I have correctly attributed the author(s) of the code.
  • I have tested the changes locally.
  • I have followed the project's style guidelines.
  • I have updated the documentation, if necessary.
  • I have added tests, if applicable.

Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes made.

Additional Notes

Add any additional notes or context about the pull request here.

Please refer to the CONTRIBUTING.md file for more information on how to contribute to this project.

kumarvin123 and others added 30 commits December 16, 2024 13:23
@kumarvin123
Draft Version of Retina Windows eBPF Plugin
6d77a79
@kumarvin123
feat(Plugin): Windows eBPF Plugin for retina
a5fc4ab
@kumarvin123
Added suppoprt for cilium_events_map
2bc6a55
@kumarvin123
Added Support for Parsing CILIUM_NOTIFY_DROP,CILIUM_NOTIFY_TRACE,CILI…
d5bd668 
…UM_NOTIFY_TRACE_SOCK events
@kumarvin123
Some Bug Fixes
e4b54f5
@kumarvin123
Added code to instantiate the hubble parser, enricher and construct a…
99b0307 
… dummy flow object to send it to enricher
@kumarvin123
Added the enricher loop to the test code
2703bff
@kumarvin123
Added basic packet metrics from metrics map
193a921
@kumarvin123
Merge branch 'microsoft:main' into main
15be14b
@kumarvin123
Initialized Metrics in the test code
be9bd9a
@kumarvin123
Added the NoOpGetters for Hubble Parser
fcc625d
@kumarvin123
Merge branch 'microsoft:main' into main
0f4b15a
@kumarvin123
Fixed the golint errors
e69de9c
@kumarvin123
Merge branch 'microsoft:main' into main
2824ebd
@kumarvin123
Updated the RetinaEbpfApi function names
153e13b
@kumarvin123
removed references to Cilium
443831e
@kumarvin123
Merge branch 'microsoft:main' into main
4620ae9
@kumarvin123
Merge branch 'microsoft:main' into main
3949e01
@dependabot
deps: bump sigs.k8s.io/cloud-provider-azure/pkg/azclient from 0.6.2 t…
487b6f0 
…o 0.7.0 (microsoft#1584)

Bumps
[sigs.k8s.io/cloud-provider-azure/pkg/azclient](https://github.com/kubernetes-sigs/cloud-provider-azure)
from 0.6.2 to 0.7.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/20e0e1d7a3a23b5956fb3a73350d7b318d67a133"><code>20e0e1d</code></a>
Merge pull request <a
href="https://redirect.github.com/kubernetes-sigs/cloud-provider-azure/issues/458">#458</a>
from feiskyer/prepare-0.7.0</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/8f1df22be94fda9571a518be37bcc601d1ce5ef3"><code>8f1df22</code></a>
Update document links to Cloud Provider Azure website</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/5053a9f37f9ddefb7584e4b0d48483f83c85274f"><code>5053a9f</code></a>
Release Cloud Provider Azure v0.7.0</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/9e049a331b20e924984be292ce735bcc1f6e48b9"><code>9e049a3</code></a>
Merge pull request <a
href="https://redirect.github.com/kubernetes-sigs/cloud-provider-azure/issues/451">#451</a>
from ialidzhikov/cleanup/network-apiversion</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/7e37c2c97661a581547b327b518f0741784f5816"><code>7e37c2c</code></a>
Merge pull request <a
href="https://redirect.github.com/kubernetes-sigs/cloud-provider-azure/issues/453">#453</a>
from andyzhangx/disk-batch-operation</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/ffabb16994bd57719dbd07d6baca97e35a81ae09"><code>ffabb16</code></a>
Merge pull request <a
href="https://redirect.github.com/kubernetes-sigs/cloud-provider-azure/issues/455">#455</a>
from nilo19/failing-test/skip-multi-pool</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/bcb98816f29fc71dfaeaaebc65685b27f5431ff2"><code>bcb9881</code></a>
Merge pull request <a
href="https://redirect.github.com/kubernetes-sigs/cloud-provider-azure/issues/457">#457</a>
from nilo19/bug/fix-dep</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/67975b245d7e3732b921d03349d3de66052b095e"><code>67975b2</code></a>
Explicitly set mod=mod in go list</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/3c9b40f5c5c456b81b41f99bf9344dfba6383618"><code>3c9b40f</code></a>
use batch operation for azure disk attach/detach</li>
<li><a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/commit/d574dd5ee95e38692a2a3a8b8cfaf7859a32a64f"><code>d574dd5</code></a>
Skip the exclude LB test on multi node pool cluster</li>
<li>Additional commits viewable in <a
href="https://github.com/kubernetes-sigs/cloud-provider-azure/compare/pkg/azclient/v0.6.2...v0.7.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigs.k8s.io/cloud-provider-azure/pkg/azclient&package-manager=go_modules&previous-version=0.6.2&new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
deps: bump github.com/Microsoft/hcsshim from 0.12.9 to 0.13.0 (micros…
f639dd0 
…oft#1587)

Bumps
[github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim)
from 0.12.9 to 0.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Microsoft/hcsshim/releases">github.com/Microsoft/hcsshim's
releases</a>.</em></p>
<blockquote>
<h2>v0.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Enable Windows UVM functional tests by <a
href="https://github.com/jiechen0826"><code>@​jiechen0826</code></a> in
<a
href="https://redirect.github.com/microsoft/hcsshim/pull/2338">microsoft/hcsshim#2338</a></li>
<li>Add support for HCN v2 endpoint and add unit tests by <a
href="https://github.com/katiewasnothere"><code>@​katiewasnothere</code></a>
in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2343">microsoft/hcsshim#2343</a></li>
<li>Skip HVSock_* flaky tests until they are fixed by <a
href="https://github.com/jiechen0826"><code>@​jiechen0826</code></a> in
<a
href="https://redirect.github.com/microsoft/hcsshim/pull/2365">microsoft/hcsshim#2365</a></li>
<li>Fix duplicate artifact name in github CI by <a
href="https://github.com/jiechen0826"><code>@​jiechen0826</code></a> in
<a
href="https://redirect.github.com/microsoft/hcsshim/pull/2366">microsoft/hcsshim#2366</a></li>
<li>Fix TestLCOW_IPv6_Assignment functional test by <a
href="https://github.com/katiewasnothere"><code>@​katiewasnothere</code></a>
in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2359">microsoft/hcsshim#2359</a></li>
<li>Enabled Linux UVM tests to run on 1ES github runner pool by <a
href="https://github.com/jiechen0826"><code>@​jiechen0826</code></a> in
<a
href="https://redirect.github.com/microsoft/hcsshim/pull/2357">microsoft/hcsshim#2357</a></li>
<li>Revert &quot;Enabled Linux UVM tests to run on 1ES github runner
pool&quot; by <a
href="https://github.com/jiechen0826"><code>@​jiechen0826</code></a> in
<a
href="https://redirect.github.com/microsoft/hcsshim/pull/2378">microsoft/hcsshim#2378</a></li>
<li>github-actions: update lint action by <a
href="https://github.com/anmaxvl"><code>@​anmaxvl</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2379">microsoft/hcsshim#2379</a></li>
<li>fix golangci-lint config by <a
href="https://github.com/anmaxvl"><code>@​anmaxvl</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2387">microsoft/hcsshim#2387</a></li>
<li>HvSocket support for containers by <a
href="https://github.com/anmaxvl"><code>@​anmaxvl</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2353">microsoft/hcsshim#2353</a></li>
<li>feature: cross-container named pipes by <a
href="https://github.com/anmaxvl"><code>@​anmaxvl</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2358">microsoft/hcsshim#2358</a></li>
<li>tooling: allow pause container to be run in privileged mode by <a
href="https://github.com/anmaxvl"><code>@​anmaxvl</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2406">microsoft/hcsshim#2406</a></li>
<li>Initial support for creating confidential windows UtilityVMs by <a
href="https://github.com/ambarve"><code>@​ambarve</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2388">microsoft/hcsshim#2388</a></li>
<li>Deps/crypto vulnFix golang.org/x/crypto vulnerability by <a
href="https://github.com/helsaawy"><code>@​helsaawy</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2416">microsoft/hcsshim#2416</a></li>
<li>rego policy enforcer should use the same user parsing logic as GCS
by <a href="https://github.com/anmaxvl"><code>@​anmaxvl</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2405">microsoft/hcsshim#2405</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/jiechen0826"><code>@​jiechen0826</code></a>
made their first contribution in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2338">microsoft/hcsshim#2338</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/microsoft/hcsshim/compare/v0.13.0-rc.3...v0.13.0">https://github.com/microsoft/hcsshim/compare/v0.13.0-rc.3...v0.13.0</a></p>
<h2>v0.13.0-rc.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update go version + Switch to using containerd/errdefs/pkg/errgrpc
for grpc translation by <a
href="https://github.com/kiashok"><code>@​kiashok</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2300">microsoft/hcsshim#2300</a></li>
<li>add <code>longPathAware</code> to shim manifest by <a
href="https://github.com/anmaxvl"><code>@​anmaxvl</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2303">microsoft/hcsshim#2303</a></li>
<li>Fix issue with mask length of gateway addresses by <a
href="https://github.com/katiewasnothere"><code>@​katiewasnothere</code></a>
in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2305">microsoft/hcsshim#2305</a></li>
<li>remove dmverity-vhd code and release pipeline by <a
href="https://github.com/anmaxvl"><code>@​anmaxvl</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2318">microsoft/hcsshim#2318</a></li>
<li>Add build version block for pod CPU limits updating by <a
href="https://github.com/katiewasnothere"><code>@​katiewasnothere</code></a>
in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2321">microsoft/hcsshim#2321</a></li>
<li>Fix go.mod to have the correct Go version by <a
href="https://github.com/kevpar"><code>@​kevpar</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2326">microsoft/hcsshim#2326</a></li>
<li>Fix path in security <code>policyenginesimulator</code> sample by <a
href="https://github.com/MahatiC"><code>@​MahatiC</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2329">microsoft/hcsshim#2329</a></li>
<li>octtrpc: Fix span status defer, add tests by <a
href="https://github.com/kevpar"><code>@​kevpar</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2330">microsoft/hcsshim#2330</a></li>
<li>Support for Block CIMs by <a
href="https://github.com/ambarve"><code>@​ambarve</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2261">microsoft/hcsshim#2261</a></li>
<li>osversion: Add new versions, fix compat bug, improve tests by <a
href="https://github.com/kevpar"><code>@​kevpar</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2327">microsoft/hcsshim#2327</a></li>
<li>Use abs path to testing binary by <a
href="https://github.com/helsaawy"><code>@​helsaawy</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2344">microsoft/hcsshim#2344</a></li>
<li>Omnibus dependabot update by <a
href="https://github.com/helsaawy"><code>@​helsaawy</code></a> in <a
href="https://redirect.github.com/microsoft/hcsshim/pull/2347">microsoft/hcsshim#2347</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/microsoft/hcsshim/compare/v0.13.0-rc.2...v0.13.0-rc.3">https://github.com/microsoft/hcsshim/compare/v0.13.0-rc.2...v0.13.0-rc.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/microsoft/hcsshim/commit/7084bd2fa445d83629a67a91ff4e072517a11f04"><code>7084bd2</code></a>
rego policy enforcer should use the same user parsing logic as GCS (<a
href="https://redirect.github.com/Microsoft/hcsshim/issues/2405">#2405</a>)</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/a5c5b4c46f51ec5481421b2ebf824cea2bc66ba0"><code>a5c5b4c</code></a>
Deps/crypto vulnFix golang.org/x/crypto vulnerability (<a
href="https://redirect.github.com/Microsoft/hcsshim/issues/2416">#2416</a>)</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/a00144a51864f1068148efbe9bb89516ea4934b6"><code>a00144a</code></a>
Add support for running confidential WCOW UVMs</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/5def1d7e26fee3525c1842221e265a40efabded2"><code>5def1d7</code></a>
Allow different types of boot configurations for WCOW UVM</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/b4e07445e062c54f4c0a08682cec322135a92613"><code>b4e0744</code></a>
Merge pull request <a
href="https://redirect.github.com/Microsoft/hcsshim/issues/2406">#2406</a>
from anmaxvl/privileged-pause</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/e5f8fd83592962bf2a089cc5ca949224eaf88480"><code>e5f8fd8</code></a>
tooling: allow pause container to be run in privileged mode</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/d7e384230944f153215473fa6c715b8723d1ba47"><code>d7e3842</code></a>
feature: cross-container named pipes (<a
href="https://redirect.github.com/Microsoft/hcsshim/issues/2358">#2358</a>)</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/62ddb129f044a01c4938e64c741ba243fea89fc6"><code>62ddb12</code></a>
HvSocket support for containers (<a
href="https://redirect.github.com/Microsoft/hcsshim/issues/2353">#2353</a>)</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/fa9d402bce734aa3031fd7db1c9c997c3448cb78"><code>fa9d402</code></a>
ci: fix golangci-lint config (<a
href="https://redirect.github.com/Microsoft/hcsshim/issues/2387">#2387</a>)</li>
<li><a
href="https://github.com/microsoft/hcsshim/commit/a3c0edf1b6bea7b95f96680c88108a56e41f11b6"><code>a3c0edf</code></a>
github-actions: update lint action (<a
href="https://redirect.github.com/Microsoft/hcsshim/issues/2379">#2379</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Microsoft/hcsshim/compare/v0.12.9...v0.13.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/Microsoft/hcsshim&package-manager=go_modules&previous-version=0.12.9&new-version=0.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@hown3d
feat: additional apiserver IPs from service and endpoint (microsoft#1573
3cfeac4 
)

# Description

In some cases the flows incorrectly assumed APIServer IPs as world.
This PR adds functionality to the watcher to extract IPs from the
Kubernetes service and endpoints. In some managed Kubernetes offerings
these IPs are used to establish connections from and to the
kube-apiserver.


## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [ ] I have followed the project's style guidelines.
- [ ] I have updated the documentation, if necessary.
- [ ] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed



![image](https://github.com/user-attachments/assets/47319020-c030-4f33-9cdd-1cded2daccd6)

Before:

![image](https://github.com/user-attachments/assets/8e7a80f7-8715-47ba-9728-fc9d18cd550f)

After:

![image](https://github.com/user-attachments/assets/d9ba7efa-3eac-4506-9467-fa1ba8063549)

## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Lukas Hoehl <lukas.hoehl@stackit.cloud>
@dependabot
deps: bump actions/setup-go from 5.4.0 to 5.5.0 (microsoft#1586)
ff85608 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.4.0
to 5.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v5.5.0</h2>
<h2>What's Changed</h2>
<h3>Bug fixes:</h3>
<ul>
<li>Update self-hosted environment validation by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/556">actions/setup-go#556</a></li>
<li>Add manifest validation and improve error handling by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/586">actions/setup-go#586</a></li>
<li>Update template link by <a
href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/527">actions/setup-go#527</a></li>
</ul>
<h3>Dependency  updates:</h3>
<ul>
<li>Upgrade <code>@​action/cache</code> from 4.0.2 to 4.0.3 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/574">actions/setup-go#574</a></li>
<li>Upgrade <code>@​actions/glob</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/573">actions/setup-go#573</a></li>
<li>Upgrade ts-jest from 29.1.2 to 29.3.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/582">actions/setup-go#582</a></li>
<li>Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/537">actions/setup-go#537</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jsoref"><code>@​jsoref</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/527">actions/setup-go#527</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v5...v5.5.0">https://github.com/actions/setup-go/compare/v5...v5.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-go/commit/d35c59abb061a4a6fb18e82ac0862c26744d6ab5"><code>d35c59a</code></a>
chore: update discussions url (<a
href="https://redirect.github.com/actions/setup-go/issues/527">#527</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/29694d72cd5e7ef3b09496b39f28a942af47737e"><code>29694d7</code></a>
Add manifest validation and improve error handling (<a
href="https://redirect.github.com/actions/setup-go/issues/586">#586</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/78535dd5f299baffe8c7a20903d46f69f967f55b"><code>78535dd</code></a>
Bump eslint-plugin-jest from 27.9.0 to 28.11.0 (<a
href="https://redirect.github.com/actions/setup-go/issues/537">#537</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/bb65d8857b81c74a671e81f935d3362a5d718e2f"><code>bb65d88</code></a>
Bump ts-jest from 29.1.2 to 29.3.2 (<a
href="https://redirect.github.com/actions/setup-go/issues/582">#582</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/7f17e836c0800bfdfa49811f9ddaa7608881dffc"><code>7f17e83</code></a>
Bump <code>@​actions/glob</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/setup-go/issues/573">#573</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/dca8468d37b6d090cde2c7b97b738a37134f5ffb"><code>dca8468</code></a>
Update self-hosted environment validation and bump undici version (<a
href="https://redirect.github.com/actions/setup-go/issues/556">#556</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/691cc3533f9e01982f216a98ecdd9fd81c27fd5b"><code>691cc35</code></a>
upgrade actions/cache to 4.0.3 (<a
href="https://redirect.github.com/actions/setup-go/issues/574">#574</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-go/compare/0aaccfd150d50ccaeb58ebd88d36e91967a5f35b...d35c59abb061a4a6fb18e82ac0862c26744d6ab5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=5.4.0&new-version=5.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@SRodi
feat(conntrack-metrics): legacy control plane basic mode (microsoft#1253
7e2fc33 
)

# Description

Initial implementation of conntrack metrics for the legacy control plane
in basic mode. The aggregation is at the node level, which makes the
metric bounded.

Metrics:
- conntrack_bytes_tx
- conntrack_bytes_rx
- conntrack_packets_tx
- conntrack_packets_rx
- conntrack_total_connections

## Related Issue

fixes microsoft#1190

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/contributing).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Bytes RX


![image](https://github.com/user-attachments/assets/4e79109c-406c-47b7-b426-95003ecfdc64)


Total connections metric


![image](https://github.com/user-attachments/assets/f3759fd8-6d8f-4301-b4e0-c8f01a74d539)


## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.
@ritwikranjan
deps: bump github.com/safchain/ethtool from v0.5.10 to v0.6.0 (micros…
76f74c6 
…oft#1594)

# Description

This pull request updates the version of the `ethtool` dependency in the
`go.mod` file to ensure compatibility with the latest fixes. With go
version upgrade from 1.23 to 1.24, certain behavior of go with relation
memory management got changed (see
golang/go#73536) which effected out linuxutil
plugin leading to a jump in memory usage. With the help of pprof
profiling we identified the root cause in ethtool library (see
golang/go#73536). The ethtool lib owners
implemented a change to address the issue which was released with tag
`v0.6.0`.

Dependency update:

*
[`go.mod`](diffhunk://#diff-33ef32bf6c23acb95f5902d7097b7a1d5128ca061167ec0716715b0b9eeaa5f6L300-R300):
Updated the `github.com/safchain/ethtool` dependency from version
`v0.5.10` to `v0.6.0`.

## Screenshots (if applicable) or Testing Completed

I ran retina with a workload that was utilizing following network at
around ~30% cpu:

![image](https://github.com/user-attachments/assets/e8c74fe5-3317-4872-9543-46bd8486296b)

Here is the memory profile while running different versions of retina,
the last one is this commit.

![image](https://github.com/user-attachments/assets/bfd399e0-1ded-44d6-95e6-8830c6181c05)

While we don't come back to original level, we do see an improvement in
memory usage of around ~10%
@rectified95
fix: include Mariner check for Hubble scenario (microsoft#1588)
9510b04 
Fixes microsoft#1458

In the PR above, I only added the `/etc/host-os-release` volumeMount in 

`deploy/standard/manifests/controller/helm/retina/templates/daemonset.yaml`
but not in 

`deploy/hubble/manifests/controller/helm/retina/templates/agent/daemonset.yaml`

The omission was because in the former we iterate over the volume mount
list defined in values.yaml, while the latter defines them explicitly in
the daemonset.
@selenehyun
fix(controller): add warning for nodes with no addresses in reconcili…
9e89dd9 
…ation (microsoft#1569)

# Description

This PR improves the `NodeReconciler` logic in `controller.go` by adding
a safeguard for nodes with no addresses.
Specifically, it ensures that if a node has an empty `Status.Addresses`
field, a warning is logged, and the reconciliation process exits
gracefully without further processing.

This prevents potential runtime errors when attempting to access an
address that does not exist.

## Related Issue

resolve microsoft#1541

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [ ] I have updated the documentation, if necessary.
- [ ] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

The following scenarios were tested:
1. **Node with no addresses**: Verified that a warning is logged, and
the reconciliation exits without errors.
2. **Node with valid addresses**: Verified that the `RetinaNode` is
created and updated in the cache correctly.
3. **Node being deleted**: Verified that the `RetinaNode` is removed
from the cache as expected.

All tests passed successfully.

## Additional Notes

This change ensures that the `NodeReconciler` handles edge cases more
robustly, improving the stability of the controller. The added safeguard
prevents potential issues when interacting with nodes that lack address
information.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.
@dependabot
deps: bump github.com/vishvananda/netlink from 1.3.1-0.20250328051554…
6a89100 
…-cb48698f2590 to 1.3.1 (microsoft#1592)

Bumps
[github.com/vishvananda/netlink](https://github.com/vishvananda/netlink)
from 1.3.1-0.20250328051554-cb48698f2590 to 1.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vishvananda/netlink/releases">github.com/vishvananda/netlink's
releases</a>.</em></p>
<blockquote>
<h2>v1.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix deprecated comments by <a
href="https://github.com/champtar"><code>@​champtar</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1011">vishvananda/netlink#1011</a></li>
<li>Fix: Do not crash when enumerating tc filters with unknown
actionType by <a
href="https://github.com/Matus-p"><code>@​Matus-p</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1013">vishvananda/netlink#1013</a></li>
<li>Fix SetSendTimeout/SetReceiveTimeout by <a
href="https://github.com/robmry"><code>@​robmry</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1012">vishvananda/netlink#1012</a></li>
<li>capture and return errors in ConntrackDeleteFilters by <a
href="https://github.com/aroradaman"><code>@​aroradaman</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1014">vishvananda/netlink#1014</a></li>
<li>Fix FouList attribute body truncated error with kernel 5.2+ by <a
href="https://github.com/chanfung032"><code>@​chanfung032</code></a> in
<a
href="https://redirect.github.com/vishvananda/netlink/pull/1017">vishvananda/netlink#1017</a></li>
<li>Preserve results when NLM_F_DUMP_INTR is set by <a
href="https://github.com/robmry"><code>@​robmry</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1018">vishvananda/netlink#1018</a></li>
<li>netkit: Add support for IFLA_NETKIT_SCRUB and IFLA_NETKIT_PEER_SCRUB
by <a href="https://github.com/jrife"><code>@​jrife</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1022">vishvananda/netlink#1022</a></li>
<li>fix CI failed Incidental in TestRuleListFiltered by <a
href="https://github.com/wangling94"><code>@​wangling94</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1043">vishvananda/netlink#1043</a></li>
<li>disable broadcast if broadcast is set to net.IPv4zero by <a
href="https://github.com/WeidiDeng"><code>@​WeidiDeng</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1037">vishvananda/netlink#1037</a></li>
<li>.github/workflows: Bump CI Go version to v1.22 by <a
href="https://github.com/dylandreimerink"><code>@​dylandreimerink</code></a>
in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1049">vishvananda/netlink#1049</a></li>
<li>TC FLOWER enrich match field and action about vlan by <a
href="https://github.com/wangling94"><code>@​wangling94</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1045">vishvananda/netlink#1045</a></li>
<li>link_linux: Add deserialization of <code>IFF_RUNNING</code> flag by
<a
href="https://github.com/dylandreimerink"><code>@​dylandreimerink</code></a>
in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1038">vishvananda/netlink#1038</a></li>
<li>Preserve results when NLM_F_DUMP_INTR is set by <a
href="https://github.com/adrianmoisey"><code>@​adrianmoisey</code></a>
in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1050">vishvananda/netlink#1050</a></li>
<li>Add IFLA_PARENT_DEV_NAME / IFLA_PARENT_DEV_BUS_NAME to links by <a
href="https://github.com/akerouanton"><code>@​akerouanton</code></a> in
<a
href="https://redirect.github.com/vishvananda/netlink/pull/1051">vishvananda/netlink#1051</a></li>
<li>conntrack: prevent potential memory leak by <a
href="https://github.com/aroradaman"><code>@​aroradaman</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1058">vishvananda/netlink#1058</a></li>
<li>Fix parsing 4-bytes attribute by <a
href="https://github.com/Asphaltt"><code>@​Asphaltt</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1034">vishvananda/netlink#1034</a></li>
<li>fix: Use correct offset for unix socket diagnosis by <a
href="https://github.com/srebhan"><code>@​srebhan</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1061">vishvananda/netlink#1061</a></li>
<li>vxlan: Fix parseVxlanData for source port range by <a
href="https://github.com/borkmann"><code>@​borkmann</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1062">vishvananda/netlink#1062</a></li>
<li>netkit: Allow setting MAC address in L2 mode by <a
href="https://github.com/jrife"><code>@​jrife</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1063">vishvananda/netlink#1063</a></li>
<li>Add support for MTU Lock by <a
href="https://github.com/trozet"><code>@​trozet</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1067">vishvananda/netlink#1067</a></li>
<li>pedit: Fix EncodeActions to add TcGen for pedit action by <a
href="https://github.com/chent1996"><code>@​chent1996</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1065">vishvananda/netlink#1065</a></li>
<li>go.mod: github.com/vishvananda/netns v0.0.5 by <a
href="https://github.com/thaJeztah"><code>@​thaJeztah</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1056">vishvananda/netlink#1056</a></li>
<li>Add <code>OifIndex</code> option for
<code>RouteGetWithOptions</code> by <a
href="https://github.com/dylandreimerink"><code>@​dylandreimerink</code></a>
in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1060">vishvananda/netlink#1060</a></li>
<li>Support TC &quot;sample&quot; filter action by <a
href="https://github.com/lorenz"><code>@​lorenz</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1042">vishvananda/netlink#1042</a></li>
<li>Add support for XFRMA_SA_DIR and XFRMA_SA_PCPU attributes for XFRM
by <a
href="https://github.com/ChinmayaSharma-hue"><code>@​ChinmayaSharma-hue</code></a>
in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1044">vishvananda/netlink#1044</a></li>
<li>Add support for ARP/ND Timestamps when retriving neighbors by <a
href="https://github.com/jlamanna"><code>@​jlamanna</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1039">vishvananda/netlink#1039</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Matus-p"><code>@​Matus-p</code></a> made
their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1013">vishvananda/netlink#1013</a></li>
<li><a href="https://github.com/robmry"><code>@​robmry</code></a> made
their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1012">vishvananda/netlink#1012</a></li>
<li><a
href="https://github.com/chanfung032"><code>@​chanfung032</code></a>
made their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1017">vishvananda/netlink#1017</a></li>
<li><a href="https://github.com/jrife"><code>@​jrife</code></a> made
their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1022">vishvananda/netlink#1022</a></li>
<li><a
href="https://github.com/wangling94"><code>@​wangling94</code></a> made
their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1043">vishvananda/netlink#1043</a></li>
<li><a href="https://github.com/WeidiDeng"><code>@​WeidiDeng</code></a>
made their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1037">vishvananda/netlink#1037</a></li>
<li><a
href="https://github.com/dylandreimerink"><code>@​dylandreimerink</code></a>
made their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1049">vishvananda/netlink#1049</a></li>
<li><a
href="https://github.com/adrianmoisey"><code>@​adrianmoisey</code></a>
made their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1050">vishvananda/netlink#1050</a></li>
<li><a
href="https://github.com/akerouanton"><code>@​akerouanton</code></a>
made their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1051">vishvananda/netlink#1051</a></li>
<li><a href="https://github.com/Asphaltt"><code>@​Asphaltt</code></a>
made their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1034">vishvananda/netlink#1034</a></li>
<li><a href="https://github.com/trozet"><code>@​trozet</code></a> made
their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1067">vishvananda/netlink#1067</a></li>
<li><a
href="https://github.com/ChinmayaSharma-hue"><code>@​ChinmayaSharma-hue</code></a>
made their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1044">vishvananda/netlink#1044</a></li>
<li><a href="https://github.com/jlamanna"><code>@​jlamanna</code></a>
made their first contribution in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1039">vishvananda/netlink#1039</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/vishvananda/netlink/compare/v1.3.0...v1.3.1">https://github.com/vishvananda/netlink/compare/v1.3.0...v1.3.1</a></p>
<h2>What's Changed</h2>
<ul>
<li>Fix deprecated comments by <a
href="https://github.com/champtar"><code>@​champtar</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1011">vishvananda/netlink#1011</a></li>
<li>Fix: Do not crash when enumerating tc filters with unknown
actionType by <a
href="https://github.com/Matus-p"><code>@​Matus-p</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1013">vishvananda/netlink#1013</a></li>
<li>Fix SetSendTimeout/SetReceiveTimeout by <a
href="https://github.com/robmry"><code>@​robmry</code></a> in <a
href="https://redirect.github.com/vishvananda/netlink/pull/1012">vishvananda/netlink#1012</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/vishvananda/netlink/commits/v1.3.1">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| github.com/vishvananda/netlink | [< 1.3, >
1.2.1-beta.2.0.20240524165444-4d4ba1473f21] |
</details>


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/vishvananda/netlink&package-manager=go_modules&previous-version=1.3.1-0.20250328051554-cb48698f2590&new-version=1.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@younsl
feat(helm): Add resources.requests for retina-agent (microsoft#1595)
4cc4f6b 
# Description

- In certain cases, cluster admins must be able to directly modify
resources.requests to bypass pending issues with the retina-agent
DaemonSet.
- Recommit 90a370f due to gpg-signing
PR microsoft#1589 (Requested by @nddq)

## Related Issue

Reopen from microsoft#1589

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes
made.

## Additional Notes

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: younsl <cysl@kakao.com>
@mmckeen
feat: add is_reply label to advanced packet forward metrics (microsof…
e7726ae 
…t#1556)

# Description

Adds the `is_reply` label to advanced packet forward metrics. Optional
as part of the `MetricsConfiguration`.

## Related Issue

microsoft#1426

## Checklist

- [X] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [X] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [X] I have correctly attributed the author(s) of the code.
- [X] I have tested the changes locally.
- [X] I have followed the project's style guidelines.
- [X] I have updated the documentation, if necessary.
- [X] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

<img width="1234" alt="Screenshot 2025-04-23 at 2 49 22 PM"
src="https://github.com/user-attachments/assets/973b0223-b493-42f3-9b3e-6b41dca83136"
/>

# Exported metrics without `is_reply` in the `MetricsConfiguration`

```
networkobservability_adv_forward_bytes{destination_ip="10.128.45.3",destination_namespace="unknown",destination_podname="unknown",direction="EGRESS",source_ip="172.18.7.2",source_namespace="platform-logging",source_podname="fluentd-58c5q"} 54
networkobservability_adv_forward_bytes{destination_ip="10.128.45.3",destination_namespace="unknown",destination_podname="unknown",direction="INGRESS",source_ip="172.18.7.2",source_namespace="platform-logging",source_podname="fluentd-58c5q"} 726
```

# Exported metrics with `is_reply` in the `MetricsConfiguration`
`additionalLabels`

```
networkobservability_adv_forward_bytes{destination_ip="10.128.45.3",destination_namespace="unknown",destination_podname="unknown",direction="INGRESS",is_reply="false",source_ip="172.18.7.2",source_namespace="platform-logging",source_podname="fluentd-58c5q"} 54
networkobservability_adv_forward_bytes{destination_ip="10.128.45.3",destination_namespace="unknown",destination_podname="unknown",direction="INGRESS",is_reply="true",source_ip="172.18.7.1",source_namespace="kube-system",source_podname="ebs-csi-node-5qmwq"} 950
networkobservability_adv_forward_bytes{destination_ip="10.128.45.3",destination_namespace="unknown",destination_podname="unknown",direction="INGRESS",is_reply="true",source_ip="172.18.7.2",source_namespace="platform-logging",source_podname="fluentd-58c5q"} 672
```

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Matthew McKeen <matthew.mckeen@fastly.com>
@younsl
fix(helm): Missing helper template for ingress resource (microsoft#1570)
ba60b78 
# Description

Fix ingress helm template issue due to missing helper script:

- The hubble-ui subchart of retina doesn't include the `ingress.paths`
definition from the cilium chart, so it needs to be defined instead in
the _helpers.tpl helper script of retina.
- Root cause line in `ingress.yaml` template:


https://github.com/microsoft/retina/blob/7e2fc3346eaabf3ece23c1d181a1de7dcac2bd82/deploy/hubble/manifests/controller/helm/retina/templates/hubble-ui/ingress.yaml#L38

## Related Issue

- cilium/cilium#13682

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Ingress completly created (screenshot from k9s):

<img width="859" alt="붙여넣은_이미지_2025__4__30__오후_5_27"
src="https://github.com/user-attachments/assets/cc727bf6-591f-4f88-a7a1-559210a8f3df"
/>

## Additional Notes

N/A

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: younsl <cysl@kakao.com>
rectified95 and others added 23 commits May 16, 2025 00:54
@rectified95
fix(fips): Grant permissions to support FIPS on Ubuntu (microsoft#1600)
a9b4371 
When running on the FIPS-compliant Ubuntu 20.04, Retina requires
`SYS_RESOURCE` on top of `IPC_LOCK`.

Also, skip attaching to unavailable kernel hook points.

Merge after microsoft#1601 - otherwise
the pod still fails, just at a later stage.
@rectified95
fix(DropReason): Do not load fexit programs on kernels below 5.5 (mic…
4f729e6 
…rosoft#1601)

In microsoft#1458 I added a kernel version check to only attach `fexit` programs
when they're supported.
We also need to ensure we don't even load them into the kernel.
@apontejaj
fix(image): Adding ARM64 Operator image release (microsoft#1610)
1e26c4d 
# Description

This PR is a follow up from:
https://github.com/microsoft/retina/pull/1538/files#diff-fb3f33cdd2a5865385222d244e9bdc9a7ebee2756d506f6495f83a5cff42b25a

The ARM64 Operator image was added to the test workflow, and the ADO
(Microsoft internal release) pipeline, but not to GHCR release flow.
This PR fixes that.

## Related Issue

microsoft#1582

## Checklist

- [X] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [X] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [X] I have correctly attributed the author(s) of the code.
- [ ] I have tested the changes locally.
- [X] I have followed the project's style guidelines.
- [ ] I have updated the documentation, if necessary.
- [ ] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

This flow was tested here:
https://github.com/microsoft/retina/actions/runs/15065640778/job/42350022052


![image](https://github.com/user-attachments/assets/6d74dbb0-4455-45e1-96cf-a890d9e88b78)


![image](https://github.com/user-attachments/assets/4c51ab47-2ba9-477a-910c-b2a1b0b9f849)


![image](https://github.com/user-attachments/assets/9b2da4bc-3208-4fb2-8063-430039cfff27)

## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.
@Andreagit97
fix(conntrack): improve traffic direction detection (microsoft#1562)
31cdf42 
# Description

Use only the initial SYN packet to determine the connection direction
and not also the SYN-ACK. This should only happen in very unfortunate
cases (when the agent is injected in the middle of a TCP handshake).

Just a couple of additional questions:
* Since we don't know the direction, shouldn't this
https://github.com/microsoft/retina/blob/7287769254ac5b1597bd617bfb206e8c7047fe3f/pkg/plugin/conntrack/_cprog/conntrack.c#L220
be `TRAFFIC_DIRECTION_UNKNOWN`?
* Is there any particular heuristic behind this ACK detection?
https://github.com/microsoft/retina/blob/7287769254ac5b1597bd617bfb206e8c7047fe3f/pkg/plugin/conntrack/_cprog/conntrack.c#L224
Almost all TCP packets should have the ACK flag, so it seems a 50%
possibility to get the right direction

## Related Issue

no 

## Checklist

- [ ] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [ ] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [ ] I have correctly attributed the author(s) of the code.
- [ ] I have tested the changes locally.
- [ ] I have followed the project's style guidelines.
- [ ] I have updated the documentation, if necessary.
- [ ] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes
made.

## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Andrea Terzolo <andreaterzolo3@gmail.com>
@rectified95
fix: e2e job skipped due to yaml syntax error (microsoft#1614)
664f12f 
Our E2e job is getting skipped in the merge queue, because of YAML
parsing errors.
We have invalid syntax in the if-statements checking for success of
prerequisite jobs that need to run for `manifests` and `E2E` to run.
Looks like this used to be ignored and those jobs just ran, while
recently Github started enforcing stricter YAML syntax validation which
is causing these jobs to get skipped!
It started about a week ago, example errors at the bottom of the page:
https://github.com/microsoft/retina/actions/runs/14842770818

![image](https://github.com/user-attachments/assets/1906d486-e581-4ed3-8c93-baa8b3f15e0d)
@mmckeen
fix: Allow RBAC for endpoints to the standard chart (microsoft#1619)
37d1566 
# Description

Adds RBAC to allow querying `endpoints` in the standard chart.

Fixes errors introduced by microsoft#1573
for failures to query for `endpoints` when the legacy control plane is
deployed.

## Checklist

- [X] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [X] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [X] I have correctly attributed the author(s) of the code.
- [X] I have tested the changes locally.
- [X] I have followed the project's style guidelines.
- [X] I have updated the documentation, if necessary.
- [X] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Deployed with new version of the chart, no longer receive errors like

```
retina ts=2025-05-20T20:23:52.758Z level=error caller=apiserver/apiserver.go:120 msg="failed to initialize new cache" error="failed to retrieve ips from kubernetes endpoint: retrieving kubernetes endpoint: endpoints \"kubernetes\" is forbidden
retina ts=2025-05-20T20:23:52.758Z level=error caller=watchermanager/watchermanager.go:76 msg="refresh failed" error="failed to retrieve ips from kubernetes endpoint: retrieving kubernetes endpoint: endpoints \"kubernetes\" is forbidden
```

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Matthew McKeen <matthew.mckeen@fastly.com>
@SRodi
chore(ciliumeventobserver): Remove warn for messageType not supported (
74ab511 
…microsoft#1629)

# Description

This warning is being logged to many times.


![image](https://github.com/user-attachments/assets/2e52935d-e3af-44d8-b88c-243f9749b425)

## Related Issue

If this pull request is related to any issue, please mention it here.
Additionally, make sure that the issue is assigned to you before
submitting this pull request.

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes
made.

## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.
@alexcastilio
docs: update control-plane and data-plane images (microsoft#1631)
7e47050 
# Description

Documentation update: Update control-plane and data-plane images in
architecture page

## Related Issue

If this pull request is related to any issue, please mention it here.
Additionally, make sure that the issue is assigned to you before
submitting this pull request.

## Checklist

- [ ] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [ ] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [ ] I have correctly attributed the author(s) of the code.
- [ ] I have tested the changes locally.
- [ ] I have followed the project's style guidelines.
- [ ] I have updated the documentation, if necessary.
- [ ] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes
made.

## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Alex Castilio dos Santos <alexsantos@microsoft.com>
@mmckeen
fix: Remove unnecessary allocations from debug log (microsoft#1623)
0de070a 
# Description

In this hot code path computing the key for the debug log does a bunch
of unnecessary string allocations.

Refactor to use `zap` lazy serialization so we only incur this cost when
debug logging is turned on.

## Checklist

- [X] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [X] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [X] I have correctly attributed the author(s) of the code.
- [X] I have tested the changes locally.
- [X] I have followed the project's style guidelines.
- [X] I have updated the documentation, if necessary.
- [X] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Deployed with debug logging turned on, logs as expected.

```
retina-agent-q9525 retina ts=2025-05-22T22:50:39.044Z level=debug caller=cache/cache.go:100 msg="pod found for IP" ip=172.26.11.226 pod=platform/thanos-rule-remote-1
retina-agent-q9525 retina ts=2025-05-22T22:50:39.044Z level=debug caller=cache/cache.go:140 msg="pod found for IP" ip=172.26.11.226 pod=platform/thanos-rule-remote-1
retina-agent-q9525 retina ts=2025-05-22T22:50:39.044Z level=debug caller=cache/cache.go:94 msg="pod not found for IP" ip=172.27.12.108
retina-agent-q9525 retina ts=2025-05-22T22:50:39.044Z level=debug caller=cache/cache.go:116 msg="service found for IP" ip=172.27.12.108 svc=platform/thanos-query
```

Signed-off-by: Matthew McKeen <matthew.mckeen@fastly.com>
@alexcastilio
docs: add information about usage of Annotations and MetricsConfigura…
ec67853 
…tion CRD (microsoft#1636)

# Description

This PR adds information about usage of Annotations and
MetricsConfiguration CRD.

## Related Issue

Fixes microsoft#1632

## Checklist

- [ ] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [ ] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [ ] I have correctly attributed the author(s) of the code.
- [ ] I have tested the changes locally.
- [ ] I have followed the project's style guidelines.
- [ ] I have updated the documentation, if necessary.
- [ ] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes
made.

## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Alex Castilio dos Santos <alexsantos@microsoft.com>
@mmckeen
feat(helm): Allow passing arbitrary env variables to the DaemonSet (m…
c626b59 
…icrosoft#1637)

# Description

Allows passing arbitrary environment variables to the DaemonSet in the
standard Helm chart.

## Checklist

- [X] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [X] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [X] I have correctly attributed the author(s) of the code.
- [X] I have tested the changes locally.
- [X] I have followed the project's style guidelines.
- [X] I have updated the documentation, if necessary.
- [X] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

No diff between `helm template` with current chart with default values
and that from this PR.

Diff with provided `env` values shows values added as expected.

```
          env:
          - name: test1
            value: test1
          - name: test2
            value: test2
          - name: POD_NAME
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.name
          - name: NODE_NAME
            valueFrom:
                fieldRef:
                  apiVersion: v1
                  fieldPath: spec.nodeName
```

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Matthew McKeen <matthew.mckeen@fastly.com>
@kamilprz
chore(docs): Capture CLI docs (microsoft#1639)
e2053f6 
# Description

Update the Setup and Capture docs to be more concise and clear.

Restructured the Setup page.

Added a `Capture with CRD` page for consistency - a little bit of
overlap with the Concepts/CRDs/Capture.

Renamed headings under Prometheus and Grafana to add "Configuration".

- The setup page had "Next steps: Prometheus & Grafana" at the bottom,
even though those were NOT the next steps according to the order of the
docs, so removed that text to avoid confusion.

## Related Issue

NA

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

### Setup page


![{9A23BD5F-AF49-4FBE-90A1-A3822BC71B3F}](https://github.com/user-attachments/assets/fb775360-3561-4dcc-95b6-0db72e859fde)

### Capture Overview page


![image](https://github.com/user-attachments/assets/85ab22e9-acec-4c4c-9a77-6c3ac3a9f3ee)

### Capture CLI page


![image](https://github.com/user-attachments/assets/5313fc57-969a-4136-822b-38b4bcc06b8e)

### Capture CRD page


![image](https://github.com/user-attachments/assets/e7d7fbc0-c731-46a8-95fd-bd82224b6772)


---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

---------

Signed-off-by: Kamil <kamil.prz@gmail.com>
@SRodi
chore(agent): Allow agent to watch endpoints on Hubble CP (microsoft#…
f525540 
…1641)

# Description

Please provide a brief description of the changes made in this pull
request.

## Related Issue

Prevent this issue when running on Cilium CNI and no operator enabled

```
ts=2025-05-30T08:34:19.360Z level=warn caller=logrus-zap-hook@v0.1.0/zap.go:51 msg="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" subsys=klog
ts=2025-05-30T08:34:19.360Z level=error caller=k8s/watcher_linux.go:51 msg="Error watching k8s resource" subsys=k8s-watcher resource=v2.CiliumEndpoint underlyingError="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: Failed to watch *v2.CiliumEndpoint: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope"
ts=2025-05-30T08:34:24.685Z level=warn caller=logrus-zap-hook@v0.1.0/zap.go:51 msg="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" subsys=klog
ts=2025-05-30T08:34:24.685Z level=error caller=k8s/watcher_linux.go:51 msg="Error watching k8s resource" resource=v2.CiliumEndpoint subsys=k8s-watcher underlyingError="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: Failed to watch *v2.CiliumEndpoint: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope"
ts=2025-05-30T08:34:27.605Z level=info caller=ciliumeventobserver/ciliumeventobserver_linux.go:146 msg="Connected to cilium monitor"
ts=2025-05-30T08:34:36.368Z level=warn caller=logrus-zap-hook@v0.1.0/zap.go:51 msg="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" subsys=klog
ts=2025-05-30T08:34:36.368Z level=error caller=k8s/watcher_linux.go:51 msg="Error watching k8s resource" underlyingError="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: Failed to watch *v2.CiliumEndpoint: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" resource=v2.CiliumEndpoint subsys=k8s-watcher
ts=2025-05-30T08:34:45.633Z level=error caller=apiserver/apiserver.go:120 msg="failed to initialize new cache" error="failed to retrieve ips from kubernetes endpoint: retrieving kubernetes endpoint: endpoints \"kubernetes\" is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot get resource \"endpoints\" in API group \"\" in the namespace \"default\""
ts=2025-05-30T08:34:45.634Z level=error caller=watchermanager/watchermanager.go:76 msg="refresh failed" error="failed to retrieve ips from kubernetes endpoint: retrieving kubernetes endpoint: endpoints \"kubernetes\" is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot get resource \"endpoints\" in API group \"\" in the namespace \"default\""
ts=2025-05-30T08:34:51.451Z level=warn caller=logrus-zap-hook@v0.1.0/zap.go:51 msg="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" subsys=klog
ts=2025-05-30T08:34:51.452Z level=error caller=k8s/watcher_linux.go:51 msg="Error watching k8s resource" underlyingError="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: Failed to watch *v2.CiliumEndpoint: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" subsys=k8s-watcher resource=v2.CiliumEndpoint
ts=2025-05-30T08:35:17.368Z level=warn caller=logrus-zap-hook@v0.1.0/zap.go:51 msg="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" subsys=klog
ts=2025-05-30T08:35:17.368Z level=error caller=k8s/watcher_linux.go:51 msg="Error watching k8s resource" resource=v2.CiliumEndpoint subsys=k8s-watcher underlyingError="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: Failed to watch *v2.CiliumEndpoint: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope"
ts=2025-05-30T08:35:48.126Z level=warn caller=logrus-zap-hook@v0.1.0/zap.go:51 msg="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" subsys=klog
ts=2025-05-30T08:35:48.126Z level=error caller=k8s/watcher_linux.go:51 msg="Error watching k8s resource" subsys=k8s-watcher underlyingError="pkg/mod/k8s.io/client-go@v0.32.4/tools/cache/reflector.go:251: Failed to watch *v2.CiliumEndpoint: failed to list *v2.CiliumEndpoint: ciliumendpoints.cilium.io is forbidden: User \"system:serviceaccount:kube-system:retina-agent\" cannot list resource \"ciliumendpoints\" in API group \"cilium.io\" at the cluster scope" resource=v2.CiliumEndpoint
ts=2025-05-30T08:36:15.604Z level=info caller=endpointmanager/manager.go:588 msg="regenerating all endpoints" subsys=endpoint-manager reason="periodic endpoint regeneration"
```

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes
made.

## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.
@carlotaarvela @SRodi
docs: Update development documentation for clarity and completeness (m…
033b986 
…icrosoft#1634)

# Description

Update documentation for development contributions

## Checklist

- [ ] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [ ] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [ ] I have correctly attributed the author(s) of the code.
- [ ] I have tested the changes locally.
- [ ] I have followed the project's style guidelines.
- [ ] I have updated the documentation, if necessary.
- [ ] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes
made.

## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

---------

Co-authored-by: Simone Rodigari <32323373+SRodi@users.noreply.github.com>
@kamilprz
docs: Fix broken links (microsoft#1643)
0fe81b8 
# Description

Fixing broken links added in
microsoft#1639

## Related Issue

NA

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Kamil <kamil.prz@gmail.com>
@kamilprz
docs: Remove duplicate docs (microsoft#1644)
0625ffc 
# Description

Removing duplicate docs from the Development page, which are already
present on the Overview.

## Related Issue

NA

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/Contributing/overview).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [] I have added tests, if applicable.

## Screenshots


![image](https://github.com/user-attachments/assets/af433140-6418-4f58-b4f1-585e0e1bb15f)
---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

Signed-off-by: Kamil <kamil.prz@gmail.com>
Co-authored-by: Kamil <kamilp@microsoft.com>
@dependabot
deps: bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.9.…
bad4dd9 
…0 to 1.10.0 (microsoft#1605)

Bumps
[github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go)
from 1.9.0 to 1.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Azure/azure-sdk-for-go/releases">github.com/Azure/azure-sdk-for-go/sdk/azidentity's
releases</a>.</em></p>
<blockquote>
<h2>sdk/azidentity/v1.10.0</h2>
<h2>1.10.0 (2025-05-14)</h2>
<h3>Features Added</h3>
<ul>
<li><code>DefaultAzureCredential</code> reads environment variable
<code>AZURE_TOKEN_CREDENTIALS</code> to enable a subset of its
credentials:
<ul>
<li><code>dev</code> selects <code>AzureCLICredential</code> and
<code>AzureDeveloperCLICredential</code></li>
<li><code>prod</code> selects <code>EnvironmentCredential</code>,
<code>WorkloadIdentityCredential</code> and
<code>ManagedIdentityCredential</code></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/91de7c609e31c70d87ecc38756669e84ce091241"><code>91de7c6</code></a>
Prep azcore for release (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22481">#22481</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/6e61c5ea1c948e54cbf69f8e0876468df7843065"><code>6e61c5e</code></a>
Updating changelog for v1.1.1 release (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22479">#22479</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/f1530dc2efe29866efbb1bb4775437bb874ddd0e"><code>f1530dc</code></a>
Updates for aztables metadata (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22472">#22472</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/fa064d66e662511f7be7ff6c349165cc21668c41"><code>fa064d6</code></a>
Updating changelog for v1.2.1 release (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22478">#22478</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/d742ee853be9f674c8854f5d894d278cc1149169"><code>d742ee8</code></a>
Add MatchConditions to azcore (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22476">#22476</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/da33ad0118e32472a25e0b96be38679b14cce285"><code>da33ad0</code></a>
azfile, azdatalake: Updating the type of number of chunks to uint64 (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22468">#22468</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/2b23e144b4c0a094a9a5c2a41d3d2b0dec8c7e7e"><code>2b23e14</code></a>
[aznamespaces] Moving to new folder site, updating readme and autorest
(<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22441">#22441</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/367d699e1eff500d6d64f6ecf90d238784aab3bd"><code>367d699</code></a>
Update azappconfig with latest code generator (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22473">#22473</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/476924417d9088bf5779517af24f8375cb567f4a"><code>4769244</code></a>
NewListEntitiesPager fix (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22469">#22469</a>)</li>
<li><a
href="https://github.com/Azure/azure-sdk-for-go/commit/471813926739baa14adc1a47a1292e48d73e9780"><code>4718139</code></a>
Increment package version after release of storage/azblob (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/22471">#22471</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Azure/azure-sdk-for-go/compare/sdk/azcore/v1.9.0...sdk/azcore/v1.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/Azure/azure-sdk-for-go/sdk/azidentity&package-manager=go_modules&previous-version=1.9.0&new-version=1.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
deps: bump github.com/prometheus/common from 0.63.0 to 0.64.0 (micros…
59014f7 
…oft#1604)

Bumps
[github.com/prometheus/common](https://github.com/prometheus/common)
from 0.63.0 to 0.64.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/common/releases">github.com/prometheus/common's
releases</a>.</em></p>
<blockquote>
<h2>v0.64.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add deprecation notice to otlptranslator by <a
href="https://github.com/ArthurSens"><code>@​ArthurSens</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/773">prometheus/common#773</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/774">prometheus/common#774</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/775">prometheus/common#775</a></li>
<li>Update Go by <a
href="https://github.com/SuperQ"><code>@​SuperQ</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/770">prometheus/common#770</a></li>
<li>chore: Upgrade golangci-lint to v2 by <a
href="https://github.com/kakkoyun"><code>@​kakkoyun</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/779">prometheus/common#779</a></li>
<li>build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/777">prometheus/common#777</a></li>
<li>build(deps): bump google.golang.org/protobuf from 1.36.5 to 1.36.6
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/prometheus/common/pull/776">prometheus/common#776</a></li>
<li>promslog: Use the default timezone (again) by <a
href="https://github.com/beorn7"><code>@​beorn7</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/739">prometheus/common#739</a></li>
<li>Synchronize common files from prometheus/prometheus by <a
href="https://github.com/prombot"><code>@​prombot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/787">prometheus/common#787</a></li>
<li>build(deps): bump github.com/prometheus/client_model from 0.6.1 to
0.6.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/784">prometheus/common#784</a></li>
<li>build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.29.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/785">prometheus/common#785</a></li>
<li>build(deps): bump golang.org/x/net from 0.38.0 to 0.39.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/786">prometheus/common#786</a></li>
<li>refactor(promslog): make <code>NewNopLogger()</code> wrapper around
<code>New()</code> by <a
href="https://github.com/tjhop"><code>@​tjhop</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/783">prometheus/common#783</a></li>
<li>build(deps): bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/prometheus/common/pull/788">prometheus/common#788</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/kakkoyun"><code>@​kakkoyun</code></a>
made their first contribution in <a
href="https://redirect.github.com/prometheus/common/pull/779">prometheus/common#779</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/common/compare/v0.63.0...v0.64.0">https://github.com/prometheus/common/compare/v0.63.0...v0.64.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/prometheus/common/commit/6a35e025c070cb79caad69d0ee61efe25f4742cb"><code>6a35e02</code></a>
build(deps): bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 (<a
href="https://redirect.github.com/prometheus/common/issues/788">#788</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/487c1803a6305728de302498dadc0cab81bed0f2"><code>487c180</code></a>
refactor(promslog): make <code>NewNopLogger()</code> wrapper around
<code>New()</code> (<a
href="https://redirect.github.com/prometheus/common/issues/783">#783</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/b8eddd7c08882601859559bd50f37717ba289807"><code>b8eddd7</code></a>
build(deps): bump golang.org/x/net from 0.38.0 to 0.39.0 (<a
href="https://redirect.github.com/prometheus/common/issues/786">#786</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/804803180a6b754f7836e3c10824167cbaafc7a2"><code>8048031</code></a>
build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.29.0 (<a
href="https://redirect.github.com/prometheus/common/issues/785">#785</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/4ca345a532a22eb32a996799d63112c7fa5bba4e"><code>4ca345a</code></a>
build(deps): bump github.com/prometheus/client_model from 0.6.1 to 0.6.2
(<a
href="https://redirect.github.com/prometheus/common/issues/784">#784</a>)</li>
<li><a
href="https://github.com/prometheus/common/commit/633961f972f8c3292a5519323d3c0deb5eba23f9"><code>633961f</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/common/issues/787">#787</a>
from prometheus/repo_sync</li>
<li><a
href="https://github.com/prometheus/common/commit/8c1fb2e840ea276dde21472d212a8f2187964946"><code>8c1fb2e</code></a>
Update common Prometheus files</li>
<li><a
href="https://github.com/prometheus/common/commit/8de85c23e0a24867586e51006eb260b57a10cc78"><code>8de85c2</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/common/issues/739">#739</a>
from prometheus/beorn7/log</li>
<li><a
href="https://github.com/prometheus/common/commit/31ee791410e1daf5df0bb760fdc3b3ab8ba44492"><code>31ee791</code></a>
promslog: Use the default timezone (again)</li>
<li><a
href="https://github.com/prometheus/common/commit/318ef65e16ea1982f0133b858bf0bdf89ddc3f91"><code>318ef65</code></a>
build(deps): bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (<a
href="https://redirect.github.com/prometheus/common/issues/776">#776</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/prometheus/common/compare/v0.63.0...v0.64.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/common&package-manager=go_modules&previous-version=0.63.0&new-version=0.64.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
deps: bump github.com/safchain/ethtool from 0.6.0 to 0.6.1 (microsoft…
1a34263 
…#1651)

Bumps [github.com/safchain/ethtool](https://github.com/safchain/ethtool)
from 0.6.0 to 0.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/safchain/ethtool/releases">github.com/safchain/ethtool's
releases</a>.</em></p>
<blockquote>
<h2>v0.6.1</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: add StatsWithBuffer method for optimized stats retrieval by <a
href="https://github.com/ritwikranjan"><code>@​ritwikranjan</code></a>
in <a
href="https://redirect.github.com/safchain/ethtool/pull/106">safchain/ethtool#106</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/ritwikranjan"><code>@​ritwikranjan</code></a>
made their first contribution in <a
href="https://redirect.github.com/safchain/ethtool/pull/106">safchain/ethtool#106</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/safchain/ethtool/compare/v0.6.0...v0.6.1">https://github.com/safchain/ethtool/compare/v0.6.0...v0.6.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/safchain/ethtool/commit/f9520b6bab4075e514291a1f7e3839e88eab35bc"><code>f9520b6</code></a>
fix: add StatsWithBuffer method for optimized stats retrieval and
maintain ba...</li>
<li>See full diff in <a
href="https://github.com/safchain/ethtool/compare/v0.6.0...v0.6.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/safchain/ethtool&package-manager=go_modules&previous-version=0.6.0&new-version=0.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump the npm_and_yarn group across 1 directory with 1 up…
086d4dc 
…date (microsoft#1653)

Bumps the npm_and_yarn group with 1 update in the /site directory:
[tar-fs](https://github.com/mafintosh/tar-fs).

Updates `tar-fs` from 2.1.2 to 3.0.9
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/2ceedf4cf807e89a071ebd585291aa785c980829"><code>2ceedf4</code></a>
3.0.9</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f"><code>647447b</code></a>
check windows tweak (<a
href="https://redirect.github.com/mafintosh/tar-fs/issues/115">#115</a>)</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/e4a7a401e80267247b8e9e39d8e5ba82c4fe2f7b"><code>e4a7a40</code></a>
3.0.8</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/504ca0fc57f27f1cfa412f46b183dadd21cdb145"><code>504ca0f</code></a>
upgrade bare packages</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/1e4cc042b7a767a69c9728412d39d588519094f6"><code>1e4cc04</code></a>
3.0.7</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed"><code>a1dd7e7</code></a>
refactor and throw on bad symlink</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/7ce355d649e47d0c79ec092bb926d325884916b0"><code>7ce355d</code></a>
Create SECURITY.md</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/3082593d8c5a6422176beb86510cd191398b3bfb"><code>3082593</code></a>
3.0.6</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/c3ad7bcaeeceb29802e0d4713169a1034cd0df4c"><code>c3ad7bc</code></a>
Add fix for early stream closure via pipeline (<a
href="https://redirect.github.com/mafintosh/tar-fs/issues/109">#109</a>)</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/8d561e6b5827a308dcebbeb77525ed10ffed9bea"><code>8d561e6</code></a>
3.0.5</li>
<li>Additional commits viewable in <a
href="https://github.com/mafintosh/tar-fs/compare/v2.1.2...v3.0.9">compare
view</a></li>
</ul>
</details>
<br />

Updates `tar-fs` from 3.0.8 to 3.0.9
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/2ceedf4cf807e89a071ebd585291aa785c980829"><code>2ceedf4</code></a>
3.0.9</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f"><code>647447b</code></a>
check windows tweak (<a
href="https://redirect.github.com/mafintosh/tar-fs/issues/115">#115</a>)</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/e4a7a401e80267247b8e9e39d8e5ba82c4fe2f7b"><code>e4a7a40</code></a>
3.0.8</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/504ca0fc57f27f1cfa412f46b183dadd21cdb145"><code>504ca0f</code></a>
upgrade bare packages</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/1e4cc042b7a767a69c9728412d39d588519094f6"><code>1e4cc04</code></a>
3.0.7</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed"><code>a1dd7e7</code></a>
refactor and throw on bad symlink</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/7ce355d649e47d0c79ec092bb926d325884916b0"><code>7ce355d</code></a>
Create SECURITY.md</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/3082593d8c5a6422176beb86510cd191398b3bfb"><code>3082593</code></a>
3.0.6</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/c3ad7bcaeeceb29802e0d4713169a1034cd0df4c"><code>c3ad7bc</code></a>
Add fix for early stream closure via pipeline (<a
href="https://redirect.github.com/mafintosh/tar-fs/issues/109">#109</a>)</li>
<li><a
href="https://github.com/mafintosh/tar-fs/commit/8d561e6b5827a308dcebbeb77525ed10ffed9bea"><code>8d561e6</code></a>
3.0.5</li>
<li>Additional commits viewable in <a
href="https://github.com/mafintosh/tar-fs/compare/v2.1.2...v3.0.9">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/retina/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
deps: bump aquasecurity/trivy-action from 0.30.0 to 0.31.0 (microsoft…
3223925 
…#1655)

Bumps
[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action)
from 0.30.0 to 0.31.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.31.0</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: add info that <code>unix:/</code> prefix is required for
<code>docker-host</code> input by <a
href="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/455">aquasecurity/trivy-action#455</a></li>
<li>Fix Trivy action inputs leaking between invocations (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/422">#422</a>)
by <a href="https://github.com/rvesse"><code>@​rvesse</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/454">aquasecurity/trivy-action#454</a></li>
<li>Pin aquasecuriy/setup-trivy to hash instead of tag by <a
href="https://github.com/lhotari"><code>@​lhotari</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/456">aquasecurity/trivy-action#456</a></li>
<li>Bump Trivy version to fix GitHub actions by <a
href="https://github.com/maximmasiutin"><code>@​maximmasiutin</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/460">aquasecurity/trivy-action#460</a></li>
<li>refactor: use ubuntu 24.04 in example code by <a
href="https://github.com/simar7"><code>@​simar7</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/465">aquasecurity/trivy-action#465</a></li>
<li>ci: fix workflow to bump Trivy by <a
href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/466">aquasecurity/trivy-action#466</a></li>
<li>chore(deps): Update trivy to v0.63.0 by <a
href="https://github.com/aqua-bot"><code>@​aqua-bot</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/467">aquasecurity/trivy-action#467</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lhotari"><code>@​lhotari</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/456">aquasecurity/trivy-action#456</a></li>
<li><a
href="https://github.com/maximmasiutin"><code>@​maximmasiutin</code></a>
made their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/460">aquasecurity/trivy-action#460</a></li>
<li><a href="https://github.com/aqua-bot"><code>@​aqua-bot</code></a>
made their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/467">aquasecurity/trivy-action#467</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/trivy-action/compare/0.30.0...0.31.0">https://github.com/aquasecurity/trivy-action/compare/0.30.0...0.31.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/76071ef0d7ec797419534a183b498b4d6366cf37"><code>76071ef</code></a>
chore(deps): Update trivy to v0.63.0 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/467">#467</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/4844d823d3541b70e147062249823a5cf735b7b8"><code>4844d82</code></a>
ci: fix workflow to bump Trivy (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/466">#466</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/26d71e622b84d103f86fb33a5a42c558e11f4ae0"><code>26d71e6</code></a>
refactor: use ubuntu 24.04 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/465">#465</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/b3dafe507ffa004210975439a1e6156b8ebb3f50"><code>b3dafe5</code></a>
Bump Trivy version to fix GitHub actions (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/460">#460</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/99baf0d8b4e787c3cfd7b602664c8ce60a43cd38"><code>99baf0d</code></a>
Pin aquasecuriy/setup-trivy to hash instead of tag (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/456">#456</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/7aca5acc9500b463826cc47a47a65ad7d404b045"><code>7aca5ac</code></a>
fix: Trivy action inputs leaking between invocations (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/422">#422</a>)
(<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/454">#454</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/ea27ac12e15e065601133e2e439657937385d5a8"><code>ea27ac1</code></a>
docs: add info that <code>unix:/</code> prefix is required (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/455">#455</a>)</li>
<li>See full diff in <a
href="https://github.com/aquasecurity/trivy-action/compare/6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5...76071ef0d7ec797419534a183b498b4d6366cf37">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aquasecurity/trivy-action&package-manager=github_actions&previous-version=0.30.0&new-version=0.31.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@kumarvin123
Merge branch 'microsoft:main' into main
431e1c7
@vpidatala94 @kumarvin123
ebpfwindows e2e tests
3dbc066
@kumarvin123 kumarvin123 requested a review from a team as a code owner June 3, 2025 17:44
matmerr
matmerr requested changes Jun 4, 2025
View reviewed changes
.github/workflows/e2e-test-event-writer.yml
shell: cmd
run: |
if "%IS_MERGE_GROUP%"=="true" (
az acr login -n ${{ vars.ACR_NAME }} && docker build --file .\Dockerfile --tag ${{ vars.ACR_NAME }}/${{ github.repository }}/e2e-test-event-writer:${{ env.TAG }} . && docker build --file .\Dockerfile --tag ${{ vars.ACR_NAME }}/${{ github.repository }}/e2e-test-event-writer:latest . && docker push ${{ vars.ACR_NAME }}/${{ github.repository }}/e2e-test-event-writer:${{ env.TAG }} && docker push ${{ vars.ACR_NAME }}/${{ github.repository }}/e2e-test-event-writer:latest
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another case of dependency on merge group unfortunately

test/e2e/scenarios/windows/validate-winbpf-metrics.go
fmt.Println("Non HPC Interface Index: ", nonHpcIfIndex)

//Attach to the non HPC pod
output, err := kubernetes.ExecCommandInWinPod(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we break these exec+validate's into their own functions, there's a lot of datapath perturbation and validating that's only identified by a comment. It's nontrivial to capture what scenarios have been covered

test/e2e/scenarios/windows/validate-winbpf-metrics.go
}

fmt.Println("Waiting for basic metrics to be updated as part of next polling cycle")
time.Sleep(60 * time.Second)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a pretty heavy sleep to delay the e2e's, can we not have a tighter polling loop?

test/e2e/scenarios/windows/validate-winbpf-metrics.go
if err != nil && strings.Contains(err.Error(), "failed to parse prometheus metrics") {
return err
}
fmt.Printf("Pre test - networkobservability_forward_bytes value %f, labels: %v\n", preTestFwdBytes, fwd_labels)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

instead of fmt.Printf can we use log or log/slog to get usable timestamps in test output

test/e2e/tools/event-writer/install-ebpf-xdp.ps1
copy "$LocalPath\bin_Release_x64\amd64fre\xdpcfg.exe" $LocalPath
CertUtil.exe -addstore Root "$LocalPath\xdp.cer"
CertUtil.exe -addstore TrustedPublisher "$LocalPath\xdp.cer"
Invoke-WebRequest -Uri "https://github.com/microsoft/xdp-for-windows/releases/download/v1.1.0%2Bbed474a/xdp-for-windows.1.1.0.msi" -OutFile "$LocalPath\xdp-for-windows.1.1.0.msi"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are things like these hardcoded versioned uri's going to cause any problems for us in the future? this event-writer is a whole sub project in itself

test/e2e/yaml/windows/install-ebpf-xdp.yaml
spec:
containers:
- name: install-ebpf-xdp-container
image: ghcr.io/microsoft/retina/e2e-test-event-writer:latest
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

above we push to an acr, I think this is missing a push to ghcr

test/e2e/yaml/windows/install-ebpf-xdp.yaml
command:
- powershell.exe
- -command
- '& .\install-ebpf-xdp.ps1 ; while ($true) { Start-Sleep -Seconds 300; }'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we have this sleep indefinitely, cluster test time may run longer than that, and some tests depend on no pod restarts

test/e2e/jobs/jobs.go
job.AddStep(&kubernetes.ApplyYamlConfig{
YamlFilePath: "yaml/windows/non-hpc-pod.yaml",
}, nil)
time.Sleep(2 * time.Minute)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is also a really long sleep in terms of our whole e2e, which currently completes in ~25min

jimassa
jimassa reviewed Jun 4, 2025
View reviewed changes
test/e2e/scenarios/windows/validate-winbpf-metrics.go

func (v *ValidateWinBpfMetric) Run() error {
ebpfLabelSelector := fmt.Sprintf("name=%s", v.EbpfXdpDeamonSetName)
promOutput, err := v.GetPromMetrics()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ran ths e2 and it's timing out here after about 5 minutes

#################### ValidateWinBpfMetric (scenario: Validate Windows BPF Basic and Advanced Metrics) ###
2025/06/04 11:59:31 executing command "C:\event-writer-helper.bat EventWriter-GetRetinaPromMetrics" on pod "retina-agent-win-zr7v5" in namespace "kube-system"...
2025/06/04 11:59:36 executing command "C:\event-writer-helper.bat EventWriter-GetRetinaPromMetrics" on pod "retina-agent-win-zr7v5" in namespace "kube-system"...
2025/06/04 11:59:41 executing command "C:\event-writer-helper.bat EventWriter-GetRetinaPromMetrics" on pod "retina-agent-win-zr7v5" in namespace "kube-system"...
----------------------------------------
2025/06/04 12:04:57 executing command "C:\event-writer-helper.bat EventWriter-GetRetinaPromMetrics" on pod "retina-agent-win-zr7v5" in namespace "kube-system"...
2025/06/04 12:05:00 executing command "C:\event-writer-helper.bat EventWriter-GetRetinaPromMetrics" on pod "retina-agent-win-zr7v5" in namespace "kube-system"...
    runner.go:38: 
                Error Trace:    /home/jacquesmassa/projects/kumar/retina/test/e2e/framework/types/runner.go:38
                                                        /home/jacquesmassa/projects/kumar/retina/test/e2e/retina_e2e_test.go:55
                Error:          Received unexpected error:
                                did not expect error from step ValidateWinBpfMetric but got error: context error: context deadline exceeded
                Test:           TestE2ERetina
DeleteResourceGroup setting stored value for parameter [SubscriptionID] set as [9b8218f9-902a-4d20-a65c-e98acec5362f]
DeleteResourceGroup setting stored value for parameter [ResourceGroupName] set as [jacquesm-e2e-netobs-1749051138]
DeleteResourceGroup setting stored value for parameter [Location] set as [eastus2]

jimassa
jimassa reviewed Jun 4, 2025
View reviewed changes
test/e2e/jobs/jobs.go
for _, arch := range common.Architectures {
for _, scenario := range dnsScenarios {
name := scenario.name + " - Arch: " + arch
job.AddScenario(dns.ValidateAdvancedDNSMetrics(name, scenario.req, scenario.resp, kubeConfigFilePath, testPodNamespace, arch))
}
}

job.AddScenario(windows.ValidateWindowsBasicMetric())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can move this under InstallAndTestRetinaBasicMetrics so that we run this with other basic metric validations.

@kumarvin123
Merge branch 'main' into retina-ebpf-windows-e2e-tests
f7b891f 
Signed-off-by: VINOD KLSWAMY <50496432+kumarvin123@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jimassa jimassa jimassa left review comments

@matmerr matmerr matmerr requested changes

@ritwikranjan ritwikranjan Awaiting requested review from ritwikranjan ritwikranjan is a code owner automatically assigned from microsoft/retina

@BeegiiK BeegiiK Awaiting requested review from BeegiiK BeegiiK is a code owner automatically assigned from microsoft/retina

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.