Skip to content

gke: lower scope of ESP firewall rule#43691

Merged
marseel merged 1 commit intomainfrom
pr/marseel/test_esp_rule
Jan 16, 2026
Merged

gke: lower scope of ESP firewall rule#43691
marseel merged 1 commit intomainfrom
pr/marseel/test_esp_rule

Conversation

@marseel
Copy link
Copy Markdown
Member

@marseel marseel commented Jan 12, 2026
edited
Loading

See commit message.

Related: #43410

@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Jan 12, 2026
@marseel
Copy link
Copy Markdown
Member Author

marseel commented Jan 12, 2026

/ci-ipsec

@marseel marseel force-pushed the pr/marseel/test_esp_rule branch from b7d0024 to cd9075f Compare January 12, 2026 13:00
@marseel
Copy link
Copy Markdown
Member Author

marseel commented Jan 12, 2026

/ci-ipsec

joestringer
joestringer requested changes Jan 12, 2026
View reviewed changes
@joestringer joestringer added the release-note/ci This PR makes changes to the CI. label Jan 12, 2026
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Jan 12, 2026
@marseel marseel force-pushed the pr/marseel/test_esp_rule branch from cd9075f to 312e465 Compare January 15, 2026 13:15
@marseel
Copy link
Copy Markdown
Member Author

marseel commented Jan 15, 2026

/net-perf-gke

@marseel
Copy link
Copy Markdown
Member Author

marseel commented Jan 15, 2026

/ci-gke

@marseel
Copy link
Copy Markdown
Member Author

marseel commented Jan 15, 2026

/ci-ipsec

@marseel marseel changed the title Pr/marseel/test esp rule gke: lower scope of ESP firewall rule Jan 15, 2026
@marseel
gke: lower scope of ESP firewall rule
c643003 
Previously, ESP rule was too broad and automation was deleting firewall
rule. Let's switch to only allowing ESP traffic between nodes.

Signed-off-by: Marcel Zieba <marcel.zieba@isovalent.com>
@marseel marseel force-pushed the pr/marseel/test_esp_rule branch from 312e465 to c643003 Compare January 15, 2026 14:40
@marseel
Copy link
Copy Markdown
Member Author

marseel commented Jan 15, 2026

/test

1 similar comment
@marseel
Copy link
Copy Markdown
Member Author

marseel commented Jan 15, 2026

/test

@marseel
Copy link
Copy Markdown
Member Author

marseel commented Jan 15, 2026

/net-perf-gke

@maintainer-s-little-helper maintainer-s-little-helper bot added ready-to-merge This PR has passed all tests and received consensus from code owners to merge. labels Jan 15, 2026
@julianwiedmann julianwiedmann added needs-backport/1.18 This PR / issue needs backporting to the v1.18 branch needs-backport/1.19 This PR / issue needs backporting to the v1.19 branch feature/ipsec Relates to Cilium's IPsec feature labels Jan 15, 2026
@marseel marseel marked this pull request as ready for review January 16, 2026 09:41
@marseel marseel requested review from a team as code owners January 16, 2026 09:41
@marseel marseel added this pull request to the merge queue Jan 16, 2026
Merged via the queue into main with commit bf0dca5 Jan 16, 2026
485 of 522 checks passed
@marseel marseel deleted the pr/marseel/test_esp_rule branch January 16, 2026 09:53
@maintainer-s-little-helper maintainer-s-little-helper bot removed the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 16, 2026
@marseel marseel mentioned this pull request Jan 16, 2026
Closed
@yushoyamaguchi yushoyamaguchi mentioned this pull request Jan 18, 2026
Merged
1 task
@giorio94 giorio94 mentioned this pull request Jan 19, 2026
Merged
2 tasks
@giorio94 giorio94 added backport-pending/1.18 The backport for Cilium 1.18.x for this PR is in progress. and removed needs-backport/1.18 This PR / issue needs backporting to the v1.18 branch labels Jan 19, 2026
@giorio94 giorio94 mentioned this pull request Jan 19, 2026
Merged
8 tasks
@giorio94 giorio94 added backport-pending/1.19 The backport for Cilium 1.19.x for this PR is in progress. and removed needs-backport/1.19 This PR / issue needs backporting to the v1.19 branch labels Jan 19, 2026
@github-actions github-actions bot added backport-done/1.19 The backport for Cilium 1.19.x for this PR is done. backport-done/1.18 The backport for Cilium 1.18.x for this PR is done. and removed backport-pending/1.19 The backport for Cilium 1.19.x for this PR is in progress. backport-pending/1.18 The backport for Cilium 1.18.x for this PR is in progress. labels Jan 19, 2026
@cilium-release-bot cilium-release-bot bot moved this to Released in cilium v1.19.0 Feb 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joestringer joestringer joestringer approved these changes

@viktor-kurchenko viktor-kurchenko Awaiting requested review from viktor-kurchenko viktor-kurchenko is a code owner automatically assigned from cilium/github-sec

Assignees

No one assigned

Labels

backport-done/1.18 The backport for Cilium 1.18.x for this PR is done. backport-done/1.19 The backport for Cilium 1.19.x for this PR is done. feature/ipsec Relates to Cilium's IPsec feature release-note/ci This PR makes changes to the CI.

Projects

No open projects
cilium v1.19.0
Status: Released

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@marseel @joestringer @msune @julianwiedmann @giorio94