Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v1.14] ci/ipsec: Re-enable node-to-node-encryption check #30401

Merged
merged 1 commit into from
Jan 24, 2024
Merged

[v1.14] ci/ipsec: Re-enable node-to-node-encryption check #30401

merged 1 commit into from
Jan 24, 2024

Conversation

qmonnet
Copy link
Member

@qmonnet qmonnet commented Jan 24, 2024

We disabled the check in commit 6896a4f ("ci: In conn-disrupt-test action, disable node-to-node-encryption check") because we used to observe flakes. As far as we understand, these flakes were due to an issue in branch v1.13, to which we downgrade as part as the IPsec upgrade/downgrade workflow.

The issue has been fixed in v1.13 with commit 3a4deb3 ("node: Fix IP removal from ipset on node updates"). With the recent patch release v1.13.11 that contains the fix, we can now re-enable the check.

Link: #29351
Link: #29898

@qmonnet
ci/ipsec: Re-enable node-to-node-encryption check
154d40d 
We disabled the check in commit 6896a4f ("ci: In conn-disrupt-test
action, disable node-to-node-encryption check") because we used to
observe flakes. As far as we understand, these flakes were due to an
issue in branch v1.13, to which we downgrade as part as the IPsec
upgrade/downgrade workflow.

The issue has been fixed in v1.13 with commit 3a4deb3 ("node: Fix
IP removal from ipset on node updates"). With the recent patch release
v1.13.11 that contains the fix, we can now re-enable the check.

Link: #29351
Link: #29898
Signed-off-by: Quentin Monnet <quentin@isovalent.com>
@qmonnet qmonnet added area/CI Continuous Integration testing issue or flake release-note/ci This PR makes changes to the CI. feature/ipsec Relates to Cilium's IPsec feature labels Jan 24, 2024
@qmonnet qmonnet requested a review from a team as a code owner January 24, 2024 10:22
@maintainer-s-little-helper maintainer-s-little-helper bot added backport/1.14 This PR represents a backport for Cilium 1.14.x of a PR that was merged to main. kind/backports This PR provides functionality previously merged into master. labels Jan 24, 2024
@qmonnet qmonnet removed the release-note/ci This PR makes changes to the CI. label Jan 24, 2024
@qmonnet
Copy link
Member Author

qmonnet commented Jan 24, 2024

/test-backport-1.14

julianwiedmann
julianwiedmann approved these changes Jan 24, 2024
View reviewed changes
Copy link
Member

@julianwiedmann julianwiedmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ty!

@qmonnet qmonnet added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 24, 2024
@squeed squeed merged commit a6c3719 into v1.14 Jan 24, 2024
207 checks passed
@squeed squeed deleted the pr/qmonnet/ipsec/1.14-n2ne-on branch January 24, 2024 13:46
@michi-covalent michi-covalent mentioned this pull request Feb 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@squeed squeed squeed approved these changes

@julianwiedmann julianwiedmann julianwiedmann approved these changes

Assignees
No one assigned
Labels
area/CI Continuous Integration testing issue or flake backport/1.14 This PR represents a backport for Cilium 1.14.x of a PR that was merged to main. feature/ipsec Relates to Cilium's IPsec feature kind/backports This PR provides functionality previously merged into master. ready-to-merge This PR has passed all tests and received consensus from code owners to merge.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@qmonnet @squeed @julianwiedmann