Skip to content

gh: e2e-upgrade: don't hardcode IPsec encryption algorithm#44381

Merged
julianwiedmann merged 1 commit intomainfrom
pr/jwi/main/gh-ipsec-key
Feb 17, 2026
Merged

gh: e2e-upgrade: don't hardcode IPsec encryption algorithm#44381
julianwiedmann merged 1 commit intomainfrom
pr/jwi/main/gh-ipsec-key

Conversation

@julianwiedmann
Copy link
Copy Markdown
Member

@julianwiedmann julianwiedmann commented Feb 16, 2026

Some e2e configs specify a different encryption algorithm (cbc-aes-sha256). Have the e2e-upgrade workflow respect this.

@julianwiedmann julianwiedmann added area/CI Continuous Integration testing issue or flake release-note/ci This PR makes changes to the CI. feature/ipsec Relates to Cilium's IPsec feature needs-backport/1.18 This PR / issue needs backporting to the v1.18 branch needs-backport/1.19 This PR / issue needs backporting to the v1.19 branch labels Feb 16, 2026
@julianwiedmann
Copy link
Copy Markdown
Member Author

julianwiedmann commented Feb 16, 2026

/test

1 similar comment
@julianwiedmann
Copy link
Copy Markdown
Member Author

julianwiedmann commented Feb 16, 2026

/test

@julianwiedmann
gh: e2e-upgrade: don't hardcode IPsec encryption algorithm
21fc427 
Some e2e configs specify a different encryption algorithm (cbc-aes-sha256).
Have the e2e-upgrade workflow respect this.

Signed-off-by: Julian Wiedmann <jwi@isovalent.com>
@julianwiedmann julianwiedmann force-pushed the pr/jwi/main/gh-ipsec-key branch from 67f06ca to 8d4ea97 Compare February 16, 2026 10:42
@julianwiedmann
Copy link
Copy Markdown
Member Author

julianwiedmann commented Feb 16, 2026

/test

@julianwiedmann
Copy link
Copy Markdown
Member Author

julianwiedmann commented Feb 16, 2026

No failures in the IPsec configs (https://github.com/cilium/cilium/actions/runs/22059550432, https://github.com/cilium/cilium/actions/runs/22059551693/job/63736930942), dropping the test commit.

@julianwiedmann julianwiedmann force-pushed the pr/jwi/main/gh-ipsec-key branch from 8d4ea97 to 21fc427 Compare February 16, 2026 11:49
@julianwiedmann
Copy link
Copy Markdown
Member Author

julianwiedmann commented Feb 16, 2026

/test

@julianwiedmann julianwiedmann marked this pull request as ready for review February 16, 2026 12:10
@julianwiedmann julianwiedmann requested review from a team as code owners February 16, 2026 12:10
@julianwiedmann julianwiedmann requested review from a team and smagnani96 and removed request for a team February 16, 2026 12:10
smagnani96
smagnani96 approved these changes Feb 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@smagnani96 smagnani96 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch. I see we've hardcoded in other workflows (eks, gke, etc.), but we're not testing rotation there.
Thanks!

@julianwiedmann
Copy link
Copy Markdown
Member Author

julianwiedmann commented Feb 16, 2026

Nice catch. I see we've hardcoded in other workflows (eks, gke, etc.), but we're not testing rotation there. Thanks!

Yeah there it's more about adding additional Cilium configs (if we ever care).

But for e2e-upgrade and ipsec-e2e I'd like to see things explode in the same way, if we have any regression in the support for key types.

@julianwiedmann julianwiedmann added this pull request to the merge queue Feb 17, 2026
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Feb 17, 2026
Merged via the queue into main with commit c0d2d72 Feb 17, 2026
86 of 87 checks passed
@julianwiedmann julianwiedmann deleted the pr/jwi/main/gh-ipsec-key branch February 17, 2026 09:54
@YutaroHayakawa YutaroHayakawa mentioned this pull request Feb 24, 2026
Merged
21 tasks
@YutaroHayakawa YutaroHayakawa added backport-pending/1.19 The backport for Cilium 1.19.x for this PR is in progress. and removed needs-backport/1.19 This PR / issue needs backporting to the v1.19 branch labels Feb 24, 2026
@YutaroHayakawa YutaroHayakawa mentioned this pull request Feb 25, 2026
Merged
5 tasks
@YutaroHayakawa YutaroHayakawa added backport-pending/1.18 The backport for Cilium 1.18.x for this PR is in progress. and removed needs-backport/1.18 This PR / issue needs backporting to the v1.18 branch labels Feb 25, 2026
@github-actions github-actions bot added backport-done/1.19 The backport for Cilium 1.19.x for this PR is done. backport-done/1.18 The backport for Cilium 1.18.x for this PR is done. and removed backport-pending/1.19 The backport for Cilium 1.19.x for this PR is in progress. backport-pending/1.18 The backport for Cilium 1.18.x for this PR is in progress. labels Mar 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smagnani96 smagnani96 smagnani96 approved these changes

@viktor-kurchenko viktor-kurchenko viktor-kurchenko approved these changes

Assignees

No one assigned

Labels

area/CI Continuous Integration testing issue or flake backport-done/1.18 The backport for Cilium 1.18.x for this PR is done. backport-done/1.19 The backport for Cilium 1.19.x for this PR is done. feature/ipsec Relates to Cilium's IPsec feature ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/ci This PR makes changes to the CI.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@julianwiedmann @smagnani96 @viktor-kurchenko @msune @YutaroHayakawa