Skip to content

Commit

Permalink
Merge changes from master to release-1.18 branch for 1.18.3 release. (#…
Browse files Browse the repository at this point in the history
…2989)

* Mount /run/xtables.lock as FileOrCreate (#2841)

Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state.

Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (#2864)

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.14.0...v2.17.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#2863)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (#2866)

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.48.0...v0.52.2)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (#2862)

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.14.2...v3.14.3)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (#2859)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0.
- [Commits](golang/sys@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (#2860)

Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/containernetworking/plugins/releases)
- [Commits](containernetworking/plugins@v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* remove unused Dockerfile (#2869)

* remove unused Dockerfile

* update golang and dependencies to fix CVE

* Update Kops test for 1.30 (#2868)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update .go-version to 1.22.2 to fix CVE reports. (#2870)

* CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (#2876)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update changelogs and charts for v1.18.0 release (#2858) (#2881)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Improve "cni-metrics-helper" setup experience (#2874)

Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Add correct labels to CNI metrics chart. (#2889)

* Added information on the build troubleshooting. (#2890)

* Remove unused code in vpc cni init and vpc cni binary. (#2891)

* Bump golang.org/x/sys from 0.18.0 to 0.19.0 in /test/agent (#2898)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.18.0 to 0.19.0.
- [Commits](golang/sys@v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Filter Managed ENI. (#2895)

If the SG reconcile loop runs before the ENI/IP reconcile loop it will modify the security groups as the ENI/IP reconcile hasn't had a chance to check the tags on the ENI yet.

Without relying on cache, when the SG reconcile is run, it will not update the ENI with the node.k8s.amazonaws.com/no_manage: true tag

* Merge release-1.18 to master after v1.18.1 release (#2914)

* Update changelogs and charts for v1.18.0 release (#2858)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Resolve merge conflicts from master to release 1.18 (#2885)

* Mount /run/xtables.lock as FileOrCreate (#2841)

Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state.

Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (#2864)

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.14.0...v2.17.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#2863)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (#2866)

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.48.0...v0.52.2)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (#2862)

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.14.2...v3.14.3)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (#2859)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0.
- [Commits](golang/sys@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (#2860)

Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/containernetworking/plugins/releases)
- [Commits](containernetworking/plugins@v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* remove unused Dockerfile (#2869)

* remove unused Dockerfile

* update golang and dependencies to fix CVE

* Update Kops test for 1.30 (#2868)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update .go-version to 1.22.2 to fix CVE reports. (#2870)

* CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (#2876)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update changelogs and charts for v1.18.0 release (#2858) (#2881)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com>
Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com>
Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Merge master to release-1.18 for v1.18.1 release (#2882)

* Mount /run/xtables.lock as FileOrCreate (#2841)

Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state.

Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (#2864)

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.14.0...v2.17.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#2863)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (#2866)

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.48.0...v0.52.2)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (#2862)

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.14.2...v3.14.3)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (#2859)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0.
- [Commits](golang/sys@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (#2860)

Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/containernetworking/plugins/releases)
- [Commits](containernetworking/plugins@v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* remove unused Dockerfile (#2869)

* remove unused Dockerfile

* update golang and dependencies to fix CVE

* Update Kops test for 1.30 (#2868)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update .go-version to 1.22.2 to fix CVE reports. (#2870)

* CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (#2876)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update changelogs and charts for v1.18.0 release (#2858) (#2881)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com>
Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* CHANGELOG, chart, and manifest updates for v1.18.1 release (#2894)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Fix metrics readme

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Joseph Chen <chenjoez@amazon.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com>

* Update .go-version to fix GO-2024-2824 (#2911)

* Soak Test for CNI. (#2915)

* Soak Test for CNI.

Soak Test runs a fundamental test, like connectivity across pods
launched in both primary and secondary eni interfaces.

It launches pods, tests connectivity, tears them down, and repeats this
process for 1 hour. The run time configurable with how long we want to
run the soak test.

This test helps in discoverying race condition issues, compatiblity
issues with underlying AMI.

* Fix for make check.

* Bump github.com/aws/amazon-vpc-resource-controller-k8s (#2910)

Bumps [github.com/aws/amazon-vpc-resource-controller-k8s](https://github.com/aws/amazon-vpc-resource-controller-k8s) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/aws/amazon-vpc-resource-controller-k8s/releases)
- [Commits](aws/amazon-vpc-resource-controller-k8s@v1.4.1...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-resource-controller-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update ENI Limits. (#2920)

* Skip Soak Test while running other tests. (#2922)

* Update golang to go1.22.3 (#2924)

* Bump k8s.io/api from 0.29.3 to 0.30.1 (#2918)

Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.3 to 0.30.1.
- [Commits](kubernetes/api@v0.29.3...v0.30.1)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Switch to counter for awscni_no_available_ip_addresses (#2919)

Co-authored-by: Liptan Biswas <lbiswas@slack-corp.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Expose network policy log file location to be configured using helm (#2925)

* Expose network policy log file location to be configured using helm
chart values.

* Updated log file location name.

* Merge release branch release_1.18 (#2929)

* Update changelogs and charts for v1.18.0 release (#2858)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Resolve merge conflicts from master to release 1.18 (#2885)

* Mount /run/xtables.lock as FileOrCreate (#2841)

Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state.

Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (#2864)

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.14.0...v2.17.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#2863)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (#2866)

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.48.0...v0.52.2)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (#2862)

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.14.2...v3.14.3)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (#2859)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0.
- [Commits](golang/sys@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (#2860)

Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/containernetworking/plugins/releases)
- [Commits](containernetworking/plugins@v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* remove unused Dockerfile (#2869)

* remove unused Dockerfile

* update golang and dependencies to fix CVE

* Update Kops test for 1.30 (#2868)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update .go-version to 1.22.2 to fix CVE reports. (#2870)

* CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (#2876)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update changelogs and charts for v1.18.0 release (#2858) (#2881)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com>
Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com>
Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Merge master to release-1.18 for v1.18.1 release (#2882)

* Mount /run/xtables.lock as FileOrCreate (#2841)

Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state.

Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (#2864)

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.14.0...v2.17.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#2863)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (#2866)

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.48.0...v0.52.2)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (#2862)

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.14.2...v3.14.3)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (#2859)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0.
- [Commits](golang/sys@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (#2860)

Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/containernetworking/plugins/releases)
- [Commits](containernetworking/plugins@v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* remove unused Dockerfile (#2869)

* remove unused Dockerfile

* update golang and dependencies to fix CVE

* Update Kops test for 1.30 (#2868)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update .go-version to 1.22.2 to fix CVE reports. (#2870)

* CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (#2876)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Update changelogs and charts for v1.18.0 release (#2858) (#2881)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com>
Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* CHANGELOG, chart, and manifest updates for v1.18.1 release (#2894)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com>
Co-authored-by: Joseph Chen <chenjoez@amazon.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com>

* Helpful Make target to login to public ECR. (#2934)

* Skip Static Canary in run-integration-test in Github. (#2935)

* Run Kops Test Separately to triage failures. (#2936)

* Bump go.uber.org/zap from 1.26.0 to 1.27.0 (#2938)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump golang.org/x/sys from 0.19.0 to 0.20.0 in /test/agent (#2937)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.19.0 to 0.20.0.
- [Commits](golang/sys@v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Merge Changes from release-1.18 to master (#2944)

* Changelog and Updated CNI Charts for v1.18.2 Release (#2942)

* Update charts, config for Release v1.18.2.

* Updated CNI and Metrics Helper Yaml file.

    ```
    make generate-cni-yaml
    /local/home/senthilx/go/src/github.com/aws/amazon-vpc-cni-k8s//scripts/generate-cni-yaml.sh
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    100 15.3M  100 15.3M    0     0  28.4M      0 --:--:-- --:--:-- --:--:-- 28.3M
    Generated aws-vpc-cni and cni-metrics-helper manifest resources files in:
        - /local/home/senthilx/go/src/github.com/aws/amazon-vpc-cni-k8s/scripts/../build/cni-rel-yamls/v1.18.2/aws-k8s-cni
        - /local/home/senthilx/go/src/github.com/aws/amazon-vpc-cni-k8s/scripts/../build/cni-rel-yamls/v1.18.2/cni-metrics-helper
    ```

* Updated Changelog.

* Fix the Charts Version for v1.18.2 (#2943)

Helm Charts are fixed in eks-charts.

aws/eks-charts#1115
aws/eks-charts#1115

* Update .go-version to 1.22.4 (#2950)

* disable leaked eni cleanup routine when vpc-resource-controller is deployed (#2854)

* disable leaked ENI cleanup routine when vpc-resource-controller is deployed

* update helm version

---------

Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Bump github.com/containernetworking/cni from 1.1.2 to 1.2.0 (#2901)

Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.1.2 to 1.2.0.
- [Release notes](https://github.com/containernetworking/cni/releases)
- [Commits](containernetworking/cni@v1.1.2...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/cni
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Update test options default value and help. (#2955)

* Bump sigs.k8s.io/controller-runtime from 0.17.0 to 0.18.4 (#2962)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.17.0 to 0.18.4.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.17.0...v0.18.4)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/cli-runtime from 0.29.0 to 0.30.2 (#2965)

Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.29.0 to 0.30.2.
- [Commits](kubernetes/cli-runtime@v0.29.0...v0.30.2)

---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump helm.sh/helm/v3 from 3.14.3 to 3.15.2 (#2964)

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.3 to 3.15.2.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.14.3...v3.15.2)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* [cni-metrics-helper] Expose container port when enabling prometheus metrics (#2957)

To scrape Prometheus metrics using the Prometheus Operator's PodMonitor,
container ports must be exposed via PodSpec.

Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* Subnet Discovery - Unfilled ENI fix (#2954)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* Refactor static canary tests. (#2966)

- Remove any config changes to aws-node pod in BeforeSuite.
- Remove dependency on multiple EC2 apis.

* Upgrade to latest versions of GitHub actions (#2952)

* Upgrade to latest versions of GitHub actions
* Enable GH action updater

* Update the APISpec Schema definition for ENIConfig. (#2969)

* Update the APISpec Schema definition for ENIConfig.
* removed the required property for security groups.

* Use ECR Mirror for Curl Test Image. (#2956)

* misc/10-aws.conflist: use __MTU__ variable for IPv4 egress-cni too (#2951)

* Bump github.com/aws/aws-sdk-go from 1.51.32 to 1.54.11 (#2976)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.51.32 to 1.54.11.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.51.32...v1.54.11)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/go-logr/logr from 1.4.1 to 1.4.2 (#2975)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.4.1...v1.4.2)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 (#2972)

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.19.0...v1.19.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump golang.org/x/sys from 0.20.0 to 0.21.0 in /test/agent (#2977)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.20.0 to 0.21.0.
- [Commits](golang/sys@v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/containernetworking/plugins from 1.4.1 to 1.5.1 (#2974)

Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.1 to 1.5.1.
- [Release notes](https://github.com/containernetworking/plugins/releases)
- [Commits](containernetworking/plugins@v1.4.1...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add unit test and readme update for POD_MTU/ AWS_VPC_ENI_MTU for Egress plugin behavior. (#2979)

* Add unit test and readme update for AWS_VPC_ENI_MTU for Egress plugin behavior.

* Added Coverage for IPV6 Egress Env Var.

* Addressed review comment.

* Update .go-version (#2981)

* Add extraEnv for add additional env from configmap or secrets to daemonset (#2946)

Co-authored-by: Senthil Kumaran <senthilx@amazon.com>

* bpr: fix templating bug on helm when cniconfig is enabled (#2983)

Co-authored-by: bpramanick <bpramanick@slack-corp.com>

* Update vpc_ip_resource_limit.go link in README.md (#2986)

* Revert "disable leaked eni cleanup routine when vpc-resource-controller is deployed (#2854)" (#2987)

* Revert "disable leaked eni cleanup routine when vpc-resource-controller is deployed (#2854)"

This reverts commit 9fdcb5f.

* Fix go.mod dependencies.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Tsubasa Nagasawa <toversus2357@gmail.com>
Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com>
Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com>
Co-authored-by: Joseph Chen <chenjoez@amazon.com>
Co-authored-by: guessi <guessi@gmail.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: Liptan Biswas <liptanbiswas@gmail.com>
Co-authored-by: Liptan Biswas <lbiswas@slack-corp.com>
Co-authored-by: Tsubasa Nagasawa <toversus2357@gmail.com>
Co-authored-by: Victor Morales <chipahuac@hotmail.com>
Co-authored-by: Benjamin Knofe <benben@users.noreply.github.com>
Co-authored-by: Gawsoft <75686400+gawsoftpl@users.noreply.github.com>
Co-authored-by: B Pramanick <tech2mobi@gmail.com>
Co-authored-by: bpramanick <bpramanick@slack-corp.com>
Co-authored-by: hayden <sktpghks138@gmail.com>
  • Loading branch information
17 people authored Jul 18, 2024
1 parent dbd4aa0 commit 7f137be
Show file tree
Hide file tree
Showing 41 changed files with 516 additions and 267 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/deps.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,16 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: "Checkout Repository"
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
with:
show-progress: false
- name: "Dependency Review"
uses: actions/dependency-review-action@v3
uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # refs/tags/v4.3.3
govulncheck:
runs-on: ubuntu-latest
steps:
- name: "Checkout Repository"
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
with:
show-progress: false
- name: Setup Go Version
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/integration-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout latest commit in the PR
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
- name: Set up Docker QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # refs/tags/v3.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # refs/tags/v3.3.0
- name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # refs/tags/v5.0.1
with:
go-version: "1.22"
- name: Set up tools
Expand All @@ -31,7 +31,7 @@ jobs:
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin/
- name: Set up AWS credentials
uses: aws-actions/configure-aws-credentials@v1
uses: aws-actions/configure-aws-credentials@5579c002bb4778aa43395ef1df492868a9a1c83f # refs/tags/v4.0.2
with:
role-to-assume: ${{ secrets.OSS_TEST_ROLE_ARN }}
role-duration-seconds: 14400 # 4 hours
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/issue-closed-message.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
auto_comment:
runs-on: ubuntu-latest
steps:
- uses: aws-actions/closed-issue-message@v1
- uses: aws-actions/closed-issue-message@3c30436c76e381c567524ba630f169f2fc0d175a # refs/tags/v1
with:
# These inputs are both required
repo-token: "${{ secrets.GITHUB_TOKEN }}"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/issue-stale-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@main
- uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # refs/tags/v9.0.0
id: stale
with:
ascending: true
Expand Down
51 changes: 51 additions & 0 deletions .github/workflows/kops-test.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
name: Kops tests

on:
workflow_dispatch: {}
schedule:
- cron: "0 15 * * *" # every day

permissions:
id-token: write
contents: read

jobs:
daily-kops:
if: github.repository == 'aws/amazon-vpc-cni-k8s'
runs-on: ubuntu-latest
steps:
- name: Checkout latest commit in the PR
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
- name: Set up Docker QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # refs/tags/v3.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # refs/tags/v3.3.0
- name: Set up Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # refs/tags/v5.0.1
with:
go-version: "1.22"
- name: Set up tools
run: |
# Install ginkgo version from go.mod
go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin/
- name: Set up AWS credentials
uses: aws-actions/configure-aws-credentials@5579c002bb4778aa43395ef1df492868a9a1c83f # refs/tags/v4.0.2
with:
role-to-assume: ${{ secrets.OSS_TEST_ROLE_ARN }}
role-duration-seconds: 28800 # 8 hours
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Run kops tests
env:
DISABLE_PROMPT: true
ROLE_CREATE: false
ROLE_ARN: ${{ secrets.EKS_CLUSTER_ROLE_ARN }}
RUN_CNI_INTEGRATION_TESTS: false
RUN_KOPS_TEST: true
K8S_VERSION: 1.30.0-beta.0
KOPS_VERSION: v1.29.0
KOPS_RUN_TOO_NEW_VERSION: 1
run: |
./scripts/run-integration-tests.sh
if: always()
10 changes: 5 additions & 5 deletions .github/workflows/nightly-cron-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout latest commit in the PR
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
- name: Set up Docker QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # refs/tags/v3.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # refs/tags/v3.3.0
- name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # refs/tags/v5.0.1
with:
go-version: "1.22"
- name: Set up tools
Expand All @@ -30,7 +30,7 @@ jobs:
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin/
- name: Set up AWS credentials
uses: aws-actions/configure-aws-credentials@v1
uses: aws-actions/configure-aws-credentials@5579c002bb4778aa43395ef1df492868a9a1c83f # refs/tags/v4.0.2
with:
role-to-assume: ${{ secrets.OSS_TEST_ROLE_ARN }}
role-duration-seconds: 14400 # 4 hours
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/pr-automated-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout latest commit in the PR
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
- name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # refs/tags/v5.0.1
with:
go-version: "1.22"
- name: Set up tools
Expand All @@ -36,19 +36,19 @@ jobs:
- name: Unit test
run: make unit-test
- name: Upload code coverage
uses: codecov/codecov-action@v3
uses: codecov/codecov-action@79066c46f8dcdf8d7355f820dbac958c5b4cb9d3 # refs/tags/v4.5.0
docker-build:
name: Build Docker images
runs-on: ubuntu-latest
steps:
- name: Checkout latest commit in the PR
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # refs/tags/v3.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # refs/tags/v3.3.0
- name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # refs/tags/v5.0.1
with:
go-version: "1.22"
- name: Build CNI images
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/pr-manual-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,15 +19,15 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout latest commit in the PR
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
with:
ref: "refs/pull/${{ github.event.inputs.pull_request_number }}/merge"
- name: Set up Docker QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # refs/tags/v3.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # refs/tags/v3.3.0
- name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # refs/tags/v5.0.1
with:
go-version: "1.22"
- name: Set up tools
Expand All @@ -37,7 +37,7 @@ jobs:
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin/
- name: Set up AWS credentials
uses: aws-actions/configure-aws-credentials@v1
uses: aws-actions/configure-aws-credentials@5579c002bb4778aa43395ef1df492868a9a1c83f # refs/tags/v4.0.2
with:
role-to-assume: ${{ secrets.OSS_TEST_ROLE_ARN }}
role-duration-seconds: 14400 # 4 hours
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,11 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout latest commit in the PR
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
with:
ref: "refs/tags/${{ github.event.release.tag_name }}"
- name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # refs/tags/v5.0.1
with:
go-version: "1.22"
- name: Generate CNI YAML
Expand Down
32 changes: 32 additions & 0 deletions .github/workflows/update.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
# SPDX-license-identifier: Apache-2.0
##############################################################################
# Copyright (c) 2024
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
name: Scheduled Update Versions
# yamllint disable-line rule:truthy
on:
schedule:
- cron: '0 0 * * 5'
workflow_dispatch:
jobs:
check-versions:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
- uses: technote-space/create-pr-action@91114507cf92349bec0a9a501c2edf1635427bc5 # refs/tags/v2.1.4
with:
EXECUTE_COMMANDS: |
gh_actions=$(grep -r "uses: [a-z\-]*/[\_a-z\-]*@" .github/workflows/ | sed 's/@.*//' | awk -F ': ' '{ print $3 }' | sort | uniq)
for action in $gh_actions; do
commit_hash=$(git ls-remote --tags "https://github.com/$action" | grep 'refs/tags/v[0-9][0-9\.]*$' | awk '{ print $NF,$0 }' | sort -k1,1 -V | cut -f2- -d' ' | grep -oh '.*refs/tags/[v0-9\.]*$' | tail -1 | awk '{ printf "%s # %s\n",$1,$2 }')
grep -ElRZ "uses: $action@" .github/workflows/ | xargs -0 -l sed -i -e "s|uses: $action@.*|uses: $action@$commit_hash|g"
done
COMMIT_MESSAGE: 'Upgrade versions GitHub actions'
COMMIT_NAME: 'updater bot'
PR_BRANCH_NAME: "versions-update-${PR_ID}"
PR_TITLE: 'chore: update gh versions'
22 changes: 5 additions & 17 deletions .github/workflows/weekly-cron-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout latest commit in the PR
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # refs/tags/v4.1.7
- name: Set up Docker QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # refs/tags/v3.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # refs/tags/v3.3.0
- name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # refs/tags/v5.0.1
with:
go-version: "1.22"
- name: Set up tools
Expand All @@ -31,7 +31,7 @@ jobs:
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin/
- name: Set up AWS credentials
uses: aws-actions/configure-aws-credentials@v1
uses: aws-actions/configure-aws-credentials@5579c002bb4778aa43395ef1df492868a9a1c83f # refs/tags/v4.0.2
with:
role-to-assume: ${{ secrets.OSS_TEST_ROLE_ARN }}
role-duration-seconds: 28800 # 8 hours
Expand All @@ -46,18 +46,6 @@ jobs:
RUN_PERFORMANCE_TESTS: true
run: |
./scripts/run-integration-tests.sh
- name: Run kops tests
env:
DISABLE_PROMPT: true
ROLE_CREATE: false
ROLE_ARN: ${{ secrets.EKS_CLUSTER_ROLE_ARN }}
RUN_CNI_INTEGRATION_TESTS: false
RUN_KOPS_TEST: true
K8S_VERSION: 1.30.0-beta.0
KOPS_VERSION: v1.28.4
KOPS_RUN_TOO_NEW_VERSION: 1
run: |
./scripts/run-integration-tests.sh
if: always()
- name: Run bottlerocket tests
env:
Expand Down
2 changes: 1 addition & 1 deletion .go-version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.22.3
1.22.5
3 changes: 3 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -391,6 +391,9 @@ cleanup-ec2-sdk-override:
./scripts/ec2_model_override/cleanup.sh ; \
fi

ecr-public-login:
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws

##@ Cleanup

# Clean temporary files and build artifacts from the project.
Expand Down
10 changes: 7 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ It is also recommended that you set `--max-pods` equal to _(the number of ENIs f
(the number of IPs per ENI - 1)) + 2_; for details, see [vpc_ip_resource_limit.go][]. Setting `--max-pods` will prevent
scheduling that exceeds the IP address resources available to the kubelet.

[vpc_ip_resource_limit.go]: ./pkg/awsutils/vpc_ip_resource_limit.go
[vpc_ip_resource_limit.go]: ./pkg/vpc/vpc_ip_resource_limit.go

The default manifest expects `--cni-conf-dir=/etc/cni/net.d` and `--cni-bin-dir=/opt/cni/bin`.

Expand Down Expand Up @@ -117,7 +117,7 @@ Review the [Network Policy FAQ](./docs/network-policy-faq.md) for more informati
* This controller is automatically installed on the EKS Control Plane.
* [Network Policy Node Agent](https://github.com/aws/aws-network-policy-agent) implements Network Policies on nodes by creating eBPF programs.
* [AWS eBPF SDK for Go](https://github.com/aws/aws-ebpf-sdk-go) provides an interface to interact with eBPF programs on the node. This SDK allows for runtime introspection, tracing, and analysis of eBPF execution, aiding in identifying and resolving connectivity issues.
* [VPC Resource Controller](https://github.com/aws/amazon-vpc-resource-controller-k8s) manages Branch & Trunk Network Interfaces for Kubernetes Pods.
* [VPC Resource Controller](https://github.com/aws/amazon-vpc-resource-controller-k8s) manages Branch & Trunk Network Interfaces for Kubernetes Pods.

## ConfigMap

Expand Down Expand Up @@ -343,7 +343,7 @@ elasticity, but uses roughly half as many IPs as using WARM_IP_TARGET alone (32
This also improves the reliability of the EKS cluster by reducing the number of calls necessary to allocate or deallocate
private IPs, which may be throttled, especially at scaling-related times.

**NOTE!**
**NOTE!**
1. If `MINIMUM_IP_TARGET` is set, `WARM_ENI_TARGET` will be ignored. Please utilize `WARM_IP_TARGET` instead.
2. If `MINIMUM_IP_TARGET` is set and `WARM_IP_TARGET` is not set, `WARM_IP_TARGET` is assumed to be 0, which leads to the number of IPs attached to the node will be the value of `MINIMUM_IP_TARGET`. This configuration will prevent future ENIs/IPs from being allocated. It is strongly recommended that `WARM_IP_TARGET` should be set greater than 0 when `MINIMUM_IP_TARGET` is set.

Expand Down Expand Up @@ -697,6 +697,8 @@ This environment variable must be set for both the `aws-vpc-cni-init` and `aws-n

Note that enabling/disabling this feature only affects whether newly created pods have an IPv6 interface created. Therefore, it is recommended that you reboot existing nodes after enabling/disabling this feature.

The value set in `POD_MTU` / `AWS_VPC_ENI_MTU` is used to configure the MTU size of egress interface.

#### `ENABLE_V4_EGRESS` (v1.15.1+)

Type: Boolean as a String
Expand All @@ -707,6 +709,8 @@ Specifies whether PODs in an IPv6 cluster support IPv4 egress. If env is set to

Note that enabling/disabling this feature only affects whether newly created pods have an IPv4 interface created. Therefore, it is recommended that you reboot existing nodes after enabling/disabling this feature.

The value set in `POD_MTU` / `AWS_VPC_ENI_MTU` is used to configure the MTU size of egress interface.

#### `IP_COOLDOWN_PERIOD` (v1.15.0+)

Type: Integer as a String
Expand Down
1 change: 1 addition & 0 deletions charts/aws-vpc-cni/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,7 @@ The following table lists the configurable parameters for this chart and their d
| `nodeAgent.image.pullPolicy` | Container pull policy | `IfNotPresent` |
| `nodeAgent.securityContext` | Node Agent container Security context | `capabilities: add: - "NET_ADMIN" privileged: true` |
| `nodeAgent.enableCloudWatchLogs` | Enable CW logging for Node Agent | `false` |
`nodeAgent.networkPolicyAgentLogFileLocation` | Log File location of Network Policy Agent | `/var/log/aws-routed-eni/network-policy-agent.log` |
| `nodeAgent.enablePolicyEventLogs` | Enable policy decision logs for Node Agent | `false` |
| `nodeAgent.metricsBindAddr` | Node Agent port for metrics | `8162` |
| `nodeAgent.healthProbeBindAddr` | Node Agent port for health probes | `8163` |
Expand Down
Loading

0 comments on commit 7f137be

Please sign in to comment.