Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

.github: Test IPsec with high value for keyID #16113

Merged
merged 1 commit into from
Jun 28, 2021
Merged

.github: Test IPsec with high value for keyID #16113

merged 1 commit into from
Jun 28, 2021

Conversation

pchaigno
Copy link
Member

@pchaigno pchaigno commented May 12, 2021
edited
Loading

We want to use the highest possible value for the key ID in end-to-end tests to be sure to catch packet mark conflicts if any arises. By using the value corresponding to all bits set to 1, any conflict will be caught.

This change was tested with a previous version of this pull request:
image

The workflows were modified to collect a sysdump even in case of success and those sysdumps are attached here:
keyid-sysdump-gke.zip
keyid-sysdump-eks.zip
keyid-sysdump-aks.zip

@pchaigno pchaigno added area/CI Continuous Integration testing issue or flake release-note/ci This PR makes changes to the CI. labels May 12, 2021
@pchaigno pchaigno force-pushed the pr/pchaigno/test-ipsec-with-high-keyid branch 2 times, most recently from b809919 to db061df Compare May 12, 2021 09:50
@pchaigno pchaigno mentioned this pull request May 12, 2021
Closed
2 tasks
@pchaigno pchaigno added the area/encryption Impacts encryption support such as IPSec, WireGuard, or kTLS. label May 12, 2021
@pchaigno pchaigno closed this Jun 17, 2021
@pchaigno pchaigno reopened this Jun 24, 2021
@pchaigno pchaigno force-pushed the pr/pchaigno/test-ipsec-with-high-keyid branch 5 times, most recently from ed9ae6f to e73cd17 Compare June 25, 2021 12:44
@pchaigno
.github: Test IPsec with high value for keyID
8a439e7 
We want to use the highest possible value for the key ID in end-to-end
tests to be sure to catch packet mark conflicts if any arises. By using
the value corresponding to all bits set to 1, any conflict will be
caught.

Signed-off-by: Paul Chaignon <paul@cilium.io>
@pchaigno pchaigno force-pushed the pr/pchaigno/test-ipsec-with-high-keyid branch from e73cd17 to 8a439e7 Compare June 25, 2021 21:19
@pchaigno pchaigno marked this pull request as ready for review June 25, 2021 21:19
@pchaigno pchaigno requested review from a team as code owners June 25, 2021 21:19
@pchaigno pchaigno added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jun 26, 2021
@errordeveloper errordeveloper merged commit 8162de8 into master Jun 28, 2021
@errordeveloper errordeveloper deleted the pr/pchaigno/test-ipsec-with-high-keyid branch June 28, 2021 12:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joestringer joestringer joestringer approved these changes

@christarazi christarazi christarazi approved these changes

Assignees
No one assigned
Labels
area/CI Continuous Integration testing issue or flake area/encryption Impacts encryption support such as IPSec, WireGuard, or kTLS. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/ci This PR makes changes to the CI.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@pchaigno @joestringer @christarazi @errordeveloper