Merged
Conversation
[ upstream commit 0f58e5c ] conformance-ipsec.yaml needs to be tested on a scheduled basis on stable branches, therefore it should be added to this list since GitHub doesn't trigger schedule events for non-default branches. Signed-off-by: André Martins <andre@cilium.io> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
[ upstream commit 2a3bb63 ] This shorter timeout seems to be too short for the tests to be successful. We should increase them and see if the flakiness decreases. Signed-off-by: André Martins <andre@cilium.io> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
[ upstream commit e014ca0 ] Since introduction of base-SHA as required dispatch argument, triggering that workflow started failing on branch 1.19 as we were not providing it. Signed-off-by: Marcel Zieba <marcel.zieba@isovalent.com> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
[ upstream commit 0c24f26 ] Signed-off-by: Joe Stringer <joe@cilium.io> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
[ upstream commit 2c72678 ] The CiliumEndpointSlice migration workflow is currently run on schedule on the main branch. However, it is not being triggered for stable branches, because it is not part of the test suite triggered via /test. Let's get this divergence fixed adding it to the list of nightly workflows, so that it gets periodically run on stable branches as well. Reported-by: André Martins <andre@cilium.io> Signed-off-by: Marco Iorio <marco.iorio@isovalent.com> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
….TCP) [ upstream commit 3b0defb ] When multiple oneof variants are specified in a field mask (e.g., both TCP and UDP), the previous implementation would copy all variants, creating spurious structures for inactive ones. This caused identical flows to generate different aggregation keys. Added oneof-aware copying using WhichOneof() to only copy the active variant, preventing spurious structures and ensuring consistent keys. Signed-off-by: mereta <mereta.degutyte@hotmail.co.uk> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
…ontext [ upstream commit 4549ee8 ] Aggregation only keeps and aggregates on the fields specified in the fieldAggregate. There is no way to preserve a timestamp, and specifying time in fieldAggregate defeats aggregation. The solution is to preserve the 1st occurring timestamp in the processedFlow after the aggregation key is generated. The aggregation logic is not affected and temporal context is preserved. Signed-off-by: mereta <mereta.degutyte@hotmail.co.uk> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
[ upstream commit 063e40c ] Add support for configuring Hubble Relay log format and level through Helm values, similar to the existing logOptions support in cilium-agent and cilium-operator. This allows users to enable JSON logging for Hubble Relay, which is useful for log aggregation tools in environments like AWS EKS. New Helm values: - hubble.relay.logOptions.format: text, text-ts, json, json-ts - hubble.relay.logOptions.level: debug, info, warn, error Fixes: #43009 Signed-off-by: Pavan More <pavansmore05@gmail.com> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
Member
Author
|
/test |
giorio94
approved these changes
Jan 26, 2026
Member
giorio94
left a comment
There was a problem hiding this comment.
Thanks, my commit looks good.
marseel
approved these changes
Jan 26, 2026
aanm
approved these changes
Jan 26, 2026
3775810 to
3adf8c5
Compare
Member
Author
|
@christarazi i changed the underlying |
Member
Author
|
/test |
3adf8c5 to
302bdbd
Compare
Member
Author
|
/test |
[ upstream commit a4bcb54 ] Due to the way the pkg/signal manager is implemented, it requires at least one handler to be registered. Because the authmanager used to be a default handler that was always registered, the code assumes there is always one handler. Instead of reworking the signalmanager, set up a no-op handler when auth is disabled. When the auth code is eventually removed, the expected auth handler can be removed from the signalmanager side. Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
[ upstream commit c3b621c ] This commit will update the status of a policy if it contains auth rules when the feature is disabled, so that the user is warned about the fact that the auth rule is ineffective. Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
[ upstream commit 8ea193f ] This feature is still in beta and has seen limited adoption. Its control plane implementation has reliability problems. Although the authentication feature is only active when explicitly set in a network policy, the feature's control plane is enabled by default. This default-on state causes it to interact with and disrupt other core Cilium subsystems. Therefore, disabling it by default for now. Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
[ upstream commit 9927bda ] The grep output being printed here added noise to the build process without any actionable outcomes. Hide it by using "grep -q". Fixes: 0b0cfc7 ("chore: Add a linter for non-idempotent secrets") Signed-off-by: Joe Stringer <joe@cilium.io> Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
302bdbd to
5b2ee5d
Compare
Member
Author
|
/test |
Member
Author
joestringer
approved these changes
Jan 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Once this PR is merged, a GitHub action will update the labels of these PRs: