Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

With catchALL honor "except" #58

Merged
merged 8 commits into from
Sep 21, 2023
Merged

With catchALL honor "except" #58

merged 8 commits into from
Sep 21, 2023

Conversation

jayanthvn
Copy link
Contributor

Issue #, if available: N/A

Description of changes:

A network policy can allow catchALL i.e, 0.0.0.0/0 and block certain cidr which was getting ignored for catch all entries.

Sample policy

kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
  name: test-np
  namespace: default
spec:
  podSelector:
    matchLabels:
      app: nginx
  egress:
  - to:
    - ipBlock:
        cidr: 0.0.0.0/0
        except:
          - 172.31.54.64/32
  policyTypes:
    - Egress

Verdict is Accept ->

{"level":"info","timestamp":"2023-09-12T17:36:37.991Z","logger":"ebpf-client","msg":"Flow Info:  ","Src IP":"192.168.21.79","Src Port":0,"Dest IP":"172.31.54.64","Dest Port":0,"Proto":"ICMP","Verdict":"ACCEPT"}

After fix...

Except is honored ->

{"level":"info","timestamp":"2023-09-12T17:41:30.922Z","logger":"ebpf-client","msg":"Total L4 entry count for catch all entry: ","count: ":0}
{"level":"info","timestamp":"2023-09-12T17:41:30.922Z","logger":"ebpf-client","msg":"L4 values: ","protocol: ":254,"startPort: ":0,"endPort: ":0}
{"level":"info","timestamp":"2023-09-12T17:41:30.922Z","logger":"ebpf-client","msg":"Parsed Except CIDR","IP Key: ":"172.31.54.64/32"}
{"level":"info","timestamp":"2023-09-12T17:41:30.922Z","logger":"ebpf-client","msg":"L4 values: ","protocol: ":255,"startPort: ":0,"endPort: ":0}

Verdict is Deny ->

{"level":"info","timestamp":"2023-09-12T17:44:04.821Z","logger":"ebpf-client","msg":"Flow Info:  ","Src IP":"192.168.21.79","Src Port":0,"Dest IP":"172.31.54.64","Dest Port":0,"Proto":"ICMP","Verdict":"DENY"}
{"level":"info","timestamp":"2023-09-12T17:44:04.821Z","logger":"ebpf-client","msg":"Sending logs to CW"}
{"level":"info","timestamp":"2023-09-12T17:44:05.822Z","logger":"ebpf-client","msg":"Flow Info:  ","Src IP":"192.168.21.79","Src Port":0,"Dest IP":"172.31.54.64","Dest Port":0,"Proto":"ICMP","Verdict":"DENY"}

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@jayanthvn jayanthvn requested a review from achevuru September 12, 2023 17:49
@jayanthvn jayanthvn added this to the v1.0.3 milestone Sep 12, 2023
@jayanthvn jayanthvn mentioned this pull request Sep 14, 2023
Merged
@wedge-jarrad
Copy link

For anyone else hitting this bug, I was able to work around by splitting it into two /1's. E.g.

kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
  name: test-np
  namespace: default
spec:
  podSelector:
    matchLabels:
      app: nginx
  egress:
  - to:
    - ipBlock:
        cidr: 0.0.0.0/1
        except:
          - 10.1.2.3/32
    - ipBlock:
        cidr: 128.0.0.0/1
        except:
          - 172.31.54.64/32
  policyTypes:
    - Egress

achevuru
achevuru reviewed Sep 15, 2023
View reviewed changes
pkg/ebpf/bpf_client.go Outdated Show resolved Hide resolved
@jayanthvn jayanthvn mentioned this pull request Sep 16, 2023
Open
@jayanthvn jayanthvn merged commit fb7bac9 into aws:main Sep 21, 2023
1 of 2 checks passed
@jayanthvn jayanthvn deleted the exclude branch September 21, 2023 21:37
@achevuru achevuru mentioned this pull request Sep 22, 2023
Closed
achevuru added a commit that referenced this pull request Sep 26, 2023
@achevuru @jayanthvn
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot
Merge from main (#76)
a58f148 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Sep 29, 2023
Closed
Closed
achevuru added a commit that referenced this pull request Oct 4, 2023
@achevuru @jayanthvn
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot
Merge main to release-1.0 (#88)
0546aac 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Oct 8, 2023
Closed
Closed
@achevuru achevuru mentioned this pull request Oct 23, 2023
Closed
achevuru added a commit that referenced this pull request Oct 25, 2023
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126
Sync Main with Release 1.0 (#111)
af760b7 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
jayanthvn added a commit that referenced this pull request Nov 13, 2023
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126 @haouc
Release 1.0 merge from main (#136)
9467d83 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

* Handle for controller not adding prefix lens (#113)

* Update pr-tests.yaml

* Minor fix for missing prefixlens

* Refactor

* Minor refactor (#116)

* Update pr-tests.yaml

* Minor refactor

* README Update (#117)

* Update issue templates (#121)

* add more checks in pr actions

* Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#126)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.5 (#134)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.45.19 to 1.47.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.45.19...v1.47.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#123)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.2 to 0.28.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.2...v0.28.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#122)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack cleanup issue with v1.0.5 (#133)

* Conntrack cleanup issue with v1.0.5

* Minor changes

* Index with owner

* Add padding for v6

* Upgrade SDK

* CLI update

* minor change

* Update mod

* Remove print

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Hao Zhou <haouc@users.noreply.github.com>
jayanthvn added a commit that referenced this pull request Nov 24, 2023
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126 @haouc
Merge main to Release 1.0 (#147)
c1913d6 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

* Handle for controller not adding prefix lens (#113)

* Update pr-tests.yaml

* Minor fix for missing prefixlens

* Refactor

* Minor refactor (#116)

* Update pr-tests.yaml

* Minor refactor

* README Update (#117)

* Update issue templates (#121)

* add more checks in pr actions

* Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#126)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.5 (#134)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.45.19 to 1.47.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.45.19...v1.47.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#123)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.2 to 0.28.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.2...v0.28.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#122)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack cleanup issue with v1.0.5 (#133)

* Conntrack cleanup issue with v1.0.5

* Minor changes

* Index with owner

* Add padding for v6

* Upgrade SDK

* CLI update

* minor change

* force vulns check to use specified go patch version (#137)

* Updating the expected results for known flaky test cases

* Memory corruption (#142)

* Merge extra call

* remove unwanted prints

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Hao Zhou <haouc@users.noreply.github.com>
achevuru added a commit that referenced this pull request Dec 6, 2023
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126 @haouc
Merge Main to Release 1.0 (#161)
65468e0 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

* Handle for controller not adding prefix lens (#113)

* Update pr-tests.yaml

* Minor fix for missing prefixlens

* Refactor

* Minor refactor (#116)

* Update pr-tests.yaml

* Minor refactor

* README Update (#117)

* Update issue templates (#121)

* add more checks in pr actions

* Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#126)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.5 (#134)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.45.19 to 1.47.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.45.19...v1.47.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#123)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.2 to 0.28.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.2...v0.28.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#122)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack cleanup issue with v1.0.5 (#133)

* Conntrack cleanup issue with v1.0.5

* Minor changes

* Index with owner

* Add padding for v6

* Upgrade SDK

* CLI update

* minor change

* force vulns check to use specified go patch version (#137)

* Updating the expected results for known flaky test cases

* Memory corruption (#142)

* Bump github.com/google/uuid from 1.3.1 to 1.4.0 (#157)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#156)

Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.9 to 0.6.0.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.5.9...v0.6.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#154)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 (#153)

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.3 to 0.28.4 (#155)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.3 to 0.28.4.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.3...v0.28.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack enhancements (#151)

* Env fix

* Move to flag

* Cleanup

* Log line for debugs

* minor update

* Ignore PE slices tied to same NP during Clean up flow (#159)

* Ignore PE slices tied to same NP during Clean up flow

* Format changes

* UT fix

---------

Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>

* CLI changes (#152)

* CLI changes

* Utils

* Upgrade SDK

* Upgrade sdk

* Merge main to rel-1.0

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Hao Zhou <haouc@users.noreply.github.com>
achevuru added a commit that referenced this pull request Feb 2, 2024
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126 @haouc
Merge main to Release 1.0 (#201)
c33424e 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

* Handle for controller not adding prefix lens (#113)

* Update pr-tests.yaml

* Minor fix for missing prefixlens

* Refactor

* Minor refactor (#116)

* Update pr-tests.yaml

* Minor refactor

* README Update (#117)

* Update issue templates (#121)

* add more checks in pr actions

* Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#126)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.5 (#134)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.45.19 to 1.47.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.45.19...v1.47.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#123)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.2 to 0.28.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.2...v0.28.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#122)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack cleanup issue with v1.0.5 (#133)

* Conntrack cleanup issue with v1.0.5

* Minor changes

* Index with owner

* Add padding for v6

* Upgrade SDK

* CLI update

* minor change

* force vulns check to use specified go patch version (#137)

* Updating the expected results for known flaky test cases

* Memory corruption (#142)

* Bump github.com/google/uuid from 1.3.1 to 1.4.0 (#157)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#156)

Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.9 to 0.6.0.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.5.9...v0.6.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#154)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 (#153)

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.3 to 0.28.4 (#155)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.3 to 0.28.4.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.3...v0.28.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack enhancements (#151)

* Env fix

* Move to flag

* Cleanup

* Log line for debugs

* minor update

* Ignore PE slices tied to same NP during Clean up flow (#159)

* Ignore PE slices tied to same NP during Clean up flow

* Format changes

* UT fix

---------

Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>

* CLI changes (#152)

* CLI changes

* Utils

* Upgrade SDK

* Upgrade sdk

* Update builder image to latest golang version

* fix logger error; remove version log

* Add workflow to run manual e2e tests on specific instance type (#148)

* Add region parameter to describe instances

* Add prefix to identify log stream for network policy events (#178)

* Bump github.com/go-logr/logr from 1.3.0 to 1.4.1

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.3.0 to 1.4.1.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.3.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/client-go from 0.28.4 to 0.29.0

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.4 to 0.29.0.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.4...v0.29.0)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Log the to be deleted conntrack entries in readable format

* dependabot updates

* Handle replica and VIP (#179)

* Check the new addon versions in the right regions

* Update CI scripts to the test on latest available k8s cluster

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.16.0 to 1.16.2 (#196)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.16.0 to 1.16.2.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.2/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.16.0...v1.16.2)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.49.13 to 1.50.9 (#199)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.49.13 to 1.50.9.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.49.13...v1.50.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/apimachinery from 0.29.0 to 0.29.1 (#197)

Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.29.0 to 0.29.1.
- [Commits](kubernetes/apimachinery@v0.29.0...v0.29.1)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump golang.org/x/sys from 0.15.0 to 0.16.0 (#195)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.15.0 to 0.16.0.
- [Commits](golang/sys@v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.29.0 to 0.29.1 (#194)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.29.0 to 0.29.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.29.0...v0.29.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Handle PE split cleanup and duplicate l4info (#185)

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Hao Zhou <haouc@users.noreply.github.com>
jackkleeman added a commit to restatedev/restate-operator that referenced this pull request Feb 28, 2024
@jackkleeman
Fix egress network isolation
6f7db06 
There were two issues meaning that pods had private egress when they shouldn't:
1) aws/aws-network-policy-agent#58
2) We specified the insufficiently large 172.16.0.0/20 instead of 172.16.0.0/12 - service IPs are in the missed out section.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@achevuru achevuru achevuru approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.0.4
Development

Successfully merging this pull request may close these issues.
3 participants
@jayanthvn @wedge-jarrad @achevuru