Merged
Conversation
b85d451 to
bbaac4f
Compare
In the context of Conformance KPR, the AKS, GKE, and EKS workflows are run in the same KPR workflow. We should therefore add a prefix to the sysdump names to clarify to which job each sysdump belongs. Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
This commit is similar to 726967c ("workflows/eks: Allow multiple parallel runs from same PR ") but for GKE. Quoting: > We're now running the EKS workflow multiple times in parallel with > configs that can be reduced to the same value tuple. This commit adds > a UID number to the workflow runs so they can be easily > distinguished. This number can then be used to differentiate the > cluster names or the concurrency groups. Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
164cdc4 to
3477dc4
Compare
In future commits, we will add more complex Helm configs. If we keep passing them via the matrix directly, it will break the workflow because the serialized matrix will be too long to be used in filenames. Instead, let's follow what is done for the EKS workflow and set a single 'ipsec' field in the matrix from which we deduce Helm configs. Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
Coverage for Ingress will be replaced by coverage for Gateway API in a later pull request. In the meantime, we need to disable it because we will be disabling KPR in the default setup and Ingress requires KPR. Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
This commit implements the same change as was done for EKS in caafe28 ("workflows/kpr: Move KPR tests to their own workflow for EKS"), but for GKE instead. Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
We want to cover a set of advanced features with KPR, including egress gateway, LRP, and BPF masquerading. This commit enables those under the common test flag "advanced-features". Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
Both WireGuard and IPsec are covered. Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
3477dc4 to
d71f6e4
Compare
aanm
approved these changes
Feb 18, 2026
antonipp
approved these changes
Feb 18, 2026
YutaroHayakawa
added a commit
that referenced
this pull request
Feb 27, 2026
The Cilium's cluster name cluster name must be 32 character or less. With the current naming convention, it will exceed 32 characters in certain condition (e.g when the workflow is running in the fork that has a longer name). The change we introduced in #44406 increased the risk further. To reduce the risk of exceeding 32 characters, use sha256 hash of the run identifier part (trimmed down to the 7 character like Git short hash) for the clusterName. Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
YutaroHayakawa
added a commit
that referenced
this pull request
Mar 2, 2026
The Cilium's cluster name cluster name must be 32 character or less. With the current naming convention, it will exceed 32 characters in certain condition (e.g when the workflow is running in the fork that has a longer name). The change we introduced in #44406 increased the risk further. To reduce the risk of exceeding 32 characters, remove repository_owner and UID from the clusterName. This gives the sufficient entropy to avoid name collision. Fixes: #44406 Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
github-merge-queue bot
pushed a commit
that referenced
this pull request
Mar 2, 2026
The Cilium's cluster name cluster name must be 32 character or less. With the current naming convention, it will exceed 32 characters in certain condition (e.g when the workflow is running in the fork that has a longer name). The change we introduced in #44406 increased the risk further. To reduce the risk of exceeding 32 characters, remove repository_owner and UID from the clusterName. This gives the sufficient entropy to avoid name collision. Fixes: #44406 Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
javiercardona-work
pushed a commit
to javiercardona-work/cilium
that referenced
this pull request
Mar 18, 2026
The Cilium's cluster name cluster name must be 32 character or less. With the current naming convention, it will exceed 32 characters in certain condition (e.g when the workflow is running in the fork that has a longer name). The change we introduced in cilium#44406 increased the risk further. To reduce the risk of exceeding 32 characters, remove repository_owner and UID from the clusterName. This gives the sufficient entropy to avoid name collision. Fixes: cilium#44406 Signed-off-by: Yutaro Hayakawa <yutaro.hayakawa@isovalent.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request extends the Conformance KPR workflow to cover GKE in addition to EKS. As for EKS, several advanced features are also covered with three configs for IPsec encryption, WireGuard encryption, and no encryption. Gateway API coverage will be added in a subsequent pull request (ongoing for EKS).